Analysis Overview
Threat Level: Likely malicious
The file https://google.com was found to be: Likely malicious.
Malicious Activity Summary
Downloads MZ/PE file
Loads dropped DLL
Checks computer location settings
Executes dropped EXE
Legitimate hosting services abused for malware hosting/C2
Blocklisted process makes network request
Enumerates connected drives
Looks up external IP address via web service
Drops file in System32 directory
Drops file in Program Files directory
Drops file in Windows directory
Browser Information Discovery
Enumerates physical storage devices
System Location Discovery: System Language Discovery
Suspicious behavior: EnumeratesProcesses
Suspicious use of WriteProcessMemory
Enumerates system info in registry
Modifies registry class
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of AdjustPrivilegeToken
Modifies data under HKEY_USERS
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-08-16 04:39
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-08-16 04:39
Reported
2024-08-16 04:44
Platform
win10v2004-20240802-en
Max time kernel
294s
Max time network
292s
Command Line
Signatures
Downloads MZ/PE file
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\Downloads\Bootstrapper.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\Downloads\Bootstrapper.exe | N/A |
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\Bootstrapper.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\Bootstrapper.exe | N/A |
Loads dropped DLL
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\System32\MsiExec.exe | N/A |
| N/A | N/A | C:\Windows\System32\MsiExec.exe | N/A |
| N/A | N/A | C:\Windows\syswow64\MsiExec.exe | N/A |
| N/A | N/A | C:\Windows\syswow64\MsiExec.exe | N/A |
| N/A | N/A | C:\Windows\syswow64\MsiExec.exe | N/A |
| N/A | N/A | C:\Windows\syswow64\MsiExec.exe | N/A |
| N/A | N/A | C:\Windows\syswow64\MsiExec.exe | N/A |
| N/A | N/A | C:\Windows\syswow64\MsiExec.exe | N/A |
| N/A | N/A | C:\Windows\syswow64\MsiExec.exe | N/A |
| N/A | N/A | C:\Windows\syswow64\MsiExec.exe | N/A |
| N/A | N/A | C:\Windows\System32\MsiExec.exe | N/A |
| N/A | N/A | C:\Windows\System32\MsiExec.exe | N/A |
| N/A | N/A | C:\Windows\System32\MsiExec.exe | N/A |
| N/A | N/A | C:\Windows\syswow64\MsiExec.exe | N/A |
| N/A | N/A | C:\Windows\syswow64\MsiExec.exe | N/A |
| N/A | N/A | C:\Windows\syswow64\MsiExec.exe | N/A |
| N/A | N/A | C:\Windows\syswow64\MsiExec.exe | N/A |
| N/A | N/A | C:\Windows\syswow64\MsiExec.exe | N/A |
| N/A | N/A | C:\Windows\syswow64\MsiExec.exe | N/A |
| N/A | N/A | C:\Windows\System32\MsiExec.exe | N/A |
Blocklisted process makes network request
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\msiexec.exe | N/A |
| N/A | N/A | C:\Windows\system32\msiexec.exe | N/A |
Enumerates connected drives
| Description | Indicator | Process | Target |
| File opened (read-only) | \??\L: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\M: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\Q: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\V: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\W: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\X: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\Z: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\H: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\I: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\S: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\U: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\P: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\Y: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\A: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\B: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\G: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\N: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\R: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\T: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\E: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\J: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\K: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\O: | C:\Windows\system32\msiexec.exe | N/A |
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | pastebin.com | N/A | N/A |
| N/A | pastebin.com | N/A | N/A |
| N/A | pastebin.com | N/A | N/A |
Looks up external IP address via web service
| Description | Indicator | Process | Target |
| N/A | api.ipify.org | N/A | N/A |
| N/A | api.ipify.org | N/A | N/A |
Drops file in System32 directory
| Description | Indicator | Process | Target |
| File created | C:\Windows\System32\DriverStore\FileRepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| File created | \??\c:\windows\system32\driverstore\filerepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\rimraf\node_modules\brace-expansion\package.json | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\lib\utils\config\index.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\tuf-js\dist\fetcher.d.ts | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\node-gyp\node_modules\unique-filename\lib\index.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\@npmcli\fs\lib\cp\index.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\@npmcli\config\README.md | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\sigstore\dist\util\oidc.d.ts | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\rimraf\bin.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\@colors\colors\package.json | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\corepack\shims\nodewin\npx.cmd | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\process\LICENSE | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\lib\utils\log-shim.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\socks\docs\examples\javascript\bindExample.md | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\sigstore\dist\tlog\index.d.ts | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\docs\content\commands\npm-update.md | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\treeverse\lib\breadth.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\docs\content\commands\npm-unpublish.md | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\docs\output\commands\npm-link.html | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\node-gyp\gyp\pylib\gyp\__init__.py | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\mkdirp\index.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\docs\output\commands\npm-owner.html | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\@npmcli\package-json\package.json | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\ansi-styles\index.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\cli-table3\src\cell.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\qrcode-terminal\vendor\QRCode\QRUtil.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\@npmcli\arborist\lib\can-place-dep.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\util-deprecate\History.md | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\npm-install-checks\package.json | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\node-gyp\lib\find-python.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\node-gyp\node_modules\@npmcli\fs\lib\common\get-options.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\node-gyp\node_modules\readable-stream\lib\internal\streams\from-browser.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\node-gyp\node_modules\nopt\README.md | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\node-gyp\.github\workflows\visual-studio.yml | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\man\man7\logging.7 | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\corepack\shims\npm.cmd | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\corepack\dist\yarnpkg.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\node-gyp\node_modules\are-we-there-yet\lib\tracker-stream.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\spdx-expression-parse\scan.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\@npmcli\arborist\bin\audit.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\make-fetch-happen\lib\dns.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\minipass-collect\LICENSE | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\sigstore\dist\client\rekor.d.ts | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\lib\commands\pkg.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\npm-profile\LICENSE.md | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\lib\commands\dist-tag.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\@npmcli\metavuln-calculator\package.json | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\hosted-git-info\LICENSE | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\is-cidr\index.d.ts | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\sigstore\dist\types\sigstore\serialized.d.ts | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\postcss-selector-parser\dist\selectors\container.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\columnify\width.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\node-gyp\node_modules\cacache\lib\index.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\node-gyp\node_modules\cacache\lib\content\rm.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\corepack\shims\npm.ps1 | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\@tootallnate\once\dist\overloaded-parameters.js.map | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\@npmcli\arborist\lib\arborist\load-virtual.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\node-gyp\node_modules\ssri\lib\index.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\node-gyp\node_modules\cacache\node_modules\brace-expansion\index.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\man\man1\npm-stop.1 | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\sigstore\dist\ca\verify\index.d.ts | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\tuf-js\dist\models\metadata.d.ts | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\postcss-selector-parser\package.json | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\node_modules\clean-stack\index.js | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\nodejs\node_modules\npm\docs\content\commands\npm-diff.md | C:\Windows\system32\msiexec.exe | N/A |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File created | C:\Windows\Installer\e5b734c.msi | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\ | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\SourceHash{EFA235B5-C6A1-42E6-9BC9-02A8D56F1CDC} | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIA108.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI7899.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI85AE.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIE512.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.log | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI7CE0.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSID9CE.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIDA9C.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\e5b7348.msi | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI7F44.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\{EFA235B5-C6A1-42E6-9BC9-02A8D56F1CDC}\NodeIcon | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\{EFA235B5-C6A1-42E6-9BC9-02A8D56F1CDC}\NodeIcon | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIE395.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIE484.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIE3F5.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIE4A4.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\e5b7348.msi | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI780B.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI858E.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIA03C.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIA2CE.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIDA9B.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI786A.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\inprogressinstallinfo.ipi | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI7F23.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIA82E.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIE3B6.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIE406.tmp | C:\Windows\system32\msiexec.exe | N/A |
Browser Information Discovery
Enumerates physical storage devices
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\wevtutil.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\syswow64\MsiExec.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\syswow64\MsiExec.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\syswow64\MsiExec.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\syswow64\MsiExec.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key deleted | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\27 | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\28 | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133682567664417828" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\26\52C64B7E | C:\Windows\system32\msiexec.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\26 | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\27 | C:\Windows\system32\msiexec.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\LOCAL SETTINGS\MUICACHE\27\52C64B7E | C:\Windows\system32\msiexec.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Features\5B532AFE1A6C6E24B99C208A5DF6C1CD\corepack | C:\Windows\system32\msiexec.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\5B532AFE1A6C6E24B99C208A5DF6C1CD\Version = "303038464" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\5B532AFE1A6C6E24B99C208A5DF6C1CD\AuthorizedLUAApp = "0" | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-2392887640-1187051047-2909758433-1000\{FF35F217-0369-4024-9BAB-2074D6B845A7} | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Features\5B532AFE1A6C6E24B99C208A5DF6C1CD\NodeEtwSupport = "NodeRuntime" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Features\5B532AFE1A6C6E24B99C208A5DF6C1CD\NodeRuntime | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\5B532AFE1A6C6E24B99C208A5DF6C1CD\PackageCode = "347C7A52EDBDC9A498427C0BC7ABB536" | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\5B532AFE1A6C6E24B99C208A5DF6C1CD\SourceList\Net | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Features\5B532AFE1A6C6E24B99C208A5DF6C1CD | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Features\5B532AFE1A6C6E24B99C208A5DF6C1CD\EnvironmentPathNpmModules = "EnvironmentPath" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\5B532AFE1A6C6E24B99C208A5DF6C1CD\AdvertiseFlags = "388" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\5B532AFE1A6C6E24B99C208A5DF6C1CD\Clients = 3a0000000000 | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\5B532AFE1A6C6E24B99C208A5DF6C1CD\SourceList\Media\1 = ";" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\UpgradeCodes\A3A70C74FE2431248AD5F8A59570C782\5B532AFE1A6C6E24B99C208A5DF6C1CD | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\5B532AFE1A6C6E24B99C208A5DF6C1CD\SourceList\PackageName = "node-v18.16.0-x64.msi" | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\UpgradeCodes\A3A70C74FE2431248AD5F8A59570C782 | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\5B532AFE1A6C6E24B99C208A5DF6C1CD\SourceList\Media | C:\Windows\system32\msiexec.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\5B532AFE1A6C6E24B99C208A5DF6C1CD\Assignment = "1" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Features\5B532AFE1A6C6E24B99C208A5DF6C1CD\DocumentationShortcuts | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Features\5B532AFE1A6C6E24B99C208A5DF6C1CD\EnvironmentPath | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\5B532AFE1A6C6E24B99C208A5DF6C1CD\ProductIcon = "C:\\Windows\\Installer\\{EFA235B5-C6A1-42E6-9BC9-02A8D56F1CDC}\\NodeIcon" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\5B532AFE1A6C6E24B99C208A5DF6C1CD\InstanceType = "0" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\5B532AFE1A6C6E24B99C208A5DF6C1CD\DeploymentFlags = "3" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\5B532AFE1A6C6E24B99C208A5DF6C1CD\SourceList\Net\1 = "C:\\Users\\Admin\\AppData\\Local\\Temp\\" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\5B532AFE1A6C6E24B99C208A5DF6C1CD\ProductName = "Node.js" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\5B532AFE1A6C6E24B99C208A5DF6C1CD\Language = "1033" | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\5B532AFE1A6C6E24B99C208A5DF6C1CD | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\5B532AFE1A6C6E24B99C208A5DF6C1CD\SourceList | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\5B532AFE1A6C6E24B99C208A5DF6C1CD\SourceList\LastUsedSource = "n;1;C:\\Users\\Admin\\AppData\\Local\\Temp\\" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Features\5B532AFE1A6C6E24B99C208A5DF6C1CD\EnvironmentPathNode = "EnvironmentPath" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Features\5B532AFE1A6C6E24B99C208A5DF6C1CD\npm | C:\Windows\system32\msiexec.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\Bootstrapper.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\Bootstrapper.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\Bootstrapper.exe | N/A |
| N/A | N/A | C:\Windows\system32\msiexec.exe | N/A |
| N/A | N/A | C:\Windows\system32\msiexec.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\Bootstrapper.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\Bootstrapper.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\Bootstrapper.exe | N/A |
| N/A | N/A | C:\Windows\system32\msiexec.exe | N/A |
| N/A | N/A | C:\Windows\system32\msiexec.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://google.com
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7fff8778cc40,0x7fff8778cc4c,0x7fff8778cc58
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1924,i,15691025983973283364,13630558978828079020,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1908 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2156,i,15691025983973283364,13630558978828079020,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2164 /prefetch:3
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2232,i,15691025983973283364,13630558978828079020,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2344 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3116,i,15691025983973283364,13630558978828079020,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3160 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3124,i,15691025983973283364,13630558978828079020,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3180 /prefetch:1
C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4632,i,15691025983973283364,13630558978828079020,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4644 /prefetch:8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4852,i,15691025983973283364,13630558978828079020,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=976 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=208,i,15691025983973283364,13630558978828079020,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4856 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=5012,i,15691025983973283364,13630558978828079020,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5036 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=5216,i,15691025983973283364,13630558978828079020,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5208 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=3200,i,15691025983973283364,13630558978828079020,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3160 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-appcompat-clear --field-trial-handle=3216,i,15691025983973283364,13630558978828079020,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5196 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4892,i,15691025983973283364,13630558978828079020,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4792 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=5492,i,15691025983973283364,13630558978828079020,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5468 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=5280,i,15691025983973283364,13630558978828079020,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5500 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=5416,i,15691025983973283364,13630558978828079020,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5660 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=5312,i,15691025983973283364,13630558978828079020,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5788 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=5664,i,15691025983973283364,13630558978828079020,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3228 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --field-trial-handle=5876,i,15691025983973283364,13630558978828079020,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3184 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --field-trial-handle=5640,i,15691025983973283364,13630558978828079020,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5644 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=6224,i,15691025983973283364,13630558978828079020,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=6212 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=6232,i,15691025983973283364,13630558978828079020,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=6368 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5892,i,15691025983973283364,13630558978828079020,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=6536 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=6544,i,15691025983973283364,13630558978828079020,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=6680 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=6828,i,15691025983973283364,13630558978828079020,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=6840 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5668,i,15691025983973283364,13630558978828079020,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=6260 /prefetch:8
C:\Users\Admin\Downloads\Bootstrapper.exe
"C:\Users\Admin\Downloads\Bootstrapper.exe"
C:\Windows\System32\msiexec.exe
"C:\Windows\System32\msiexec.exe" /i "C:\Users\Admin\AppData\Local\Temp\node-v18.16.0-x64.msi" /qn
C:\Windows\system32\msiexec.exe
C:\Windows\system32\msiexec.exe /V
C:\Windows\System32\MsiExec.exe
C:\Windows\System32\MsiExec.exe -Embedding 0CE2987674052AE6D23B635255B49357
C:\Windows\syswow64\MsiExec.exe
C:\Windows\syswow64\MsiExec.exe -Embedding 7E23BAAEBE945E3D6EE41FAB0A15BF0C
C:\Windows\syswow64\MsiExec.exe
C:\Windows\syswow64\MsiExec.exe -Embedding CDE320E18C8FB6ADC5086437406583D3 E Global\MSI0000
C:\Windows\SysWOW64\wevtutil.exe
"wevtutil.exe" im "C:\Program Files\nodejs\node_etw_provider.man"
C:\Windows\System32\wevtutil.exe
"wevtutil.exe" im "C:\Program Files\nodejs\node_etw_provider.man" /fromwow64
C:\Users\Admin\Downloads\Bootstrapper.exe
"C:\Users\Admin\Downloads\Bootstrapper.exe"
C:\Windows\System32\msiexec.exe
"C:\Windows\System32\msiexec.exe" /i "C:\Users\Admin\AppData\Local\Temp\node-v18.16.0-x64.msi" /qn
C:\Windows\System32\MsiExec.exe
C:\Windows\System32\MsiExec.exe -Embedding 3B0CD96D6CB29EB42CCD1A68C06E3A58
C:\Windows\syswow64\MsiExec.exe
C:\Windows\syswow64\MsiExec.exe -Embedding DF15A990B30805C9A0D2BE58E1AB32A6
C:\Windows\syswow64\MsiExec.exe
C:\Windows\syswow64\MsiExec.exe -Embedding E2133BDE542B4774326DE014674A1D6B E Global\MSI0000
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.211.185.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | google.com | udp |
| FR | 142.250.201.174:443 | google.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | 174.201.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 138.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.214.232.199.in-addr.arpa | udp |
| FR | 172.217.20.196:443 | www.google.com | udp |
| FR | 172.217.20.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| US | 13.107.21.237:443 | g.bing.com | tcp |
| US | 8.8.8.8:53 | 196.20.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 227.74.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.28.171.150.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 237.21.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.75.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.179.250.142.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 97.17.167.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 26.165.165.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 15.164.165.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 147.142.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| FR | 142.250.201.174:443 | google.com | udp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| US | 142.250.69.3:443 | beacons.gcp.gvt2.com | tcp |
| US | 142.250.69.3:443 | beacons.gcp.gvt2.com | tcp |
| FR | 142.250.201.174:443 | google.com | tcp |
| US | 142.250.69.3:443 | beacons.gcp.gvt2.com | tcp |
| US | 142.250.69.3:443 | beacons.gcp.gvt2.com | tcp |
| US | 142.250.69.3:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | 3.69.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | 43.58.199.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | google.com | udp |
| US | 142.250.69.3:443 | beacons.gcp.gvt2.com | udp |
| FR | 142.250.201.174:443 | google.com | udp |
| US | 8.8.8.8:53 | beacons2.gvt2.com | udp |
| US | 216.239.32.3:443 | beacons2.gvt2.com | tcp |
| US | 216.239.32.3:443 | beacons2.gvt2.com | udp |
| US | 8.8.8.8:53 | 3.32.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | linkvertise.com | udp |
| US | 104.22.23.72:443 | linkvertise.com | tcp |
| US | 104.22.23.72:443 | linkvertise.com | tcp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | cdn.exmarketplace.com | udp |
| IT | 95.110.204.9:443 | cdn.exmarketplace.com | tcp |
| FR | 172.217.20.162:443 | securepubads.g.doubleclick.net | tcp |
| US | 142.250.69.3:443 | beacons.gcp.gvt2.com | udp |
| US | 104.22.23.72:443 | linkvertise.com | udp |
| US | 8.8.8.8:53 | use.typekit.net | udp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 8.8.8.8:53 | maxst.icons8.com | udp |
| US | 8.8.8.8:53 | stackpath.bootstrapcdn.com | udp |
| US | 8.8.8.8:53 | p.typekit.net | udp |
| US | 8.8.8.8:53 | js.chargebee.com | udp |
| GB | 2.19.252.203:443 | p.typekit.net | tcp |
| GB | 2.19.252.211:443 | use.typekit.net | tcp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | tcp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | tcp |
| US | 104.18.10.207:443 | stackpath.bootstrapcdn.com | tcp |
| US | 104.18.10.207:443 | stackpath.bootstrapcdn.com | tcp |
| NL | 18.239.18.124:443 | js.chargebee.com | tcp |
| GB | 84.17.50.9:443 | maxst.icons8.com | tcp |
| US | 8.8.8.8:53 | 72.23.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 162.20.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.204.110.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 203.252.19.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.24.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 211.252.19.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 207.10.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.50.17.84.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 124.18.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | exmarketplace.com | udp |
| US | 8.8.8.8:53 | contextual.media.net | udp |
| GB | 95.100.244.20:443 | contextual.media.net | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| FR | 172.217.20.162:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | publisher.linkvertise.com | udp |
| US | 8.8.8.8:53 | euob.bizseasky.com | udp |
| US | 172.67.31.186:443 | publisher.linkvertise.com | tcp |
| US | 172.67.31.186:443 | publisher.linkvertise.com | tcp |
| NL | 18.65.39.110:443 | euob.bizseasky.com | tcp |
| US | 8.8.8.8:53 | www.clarity.ms | udp |
| US | 8.8.8.8:53 | lnk.thinksuggest.org | udp |
| US | 8.8.8.8:53 | api.bing.com | udp |
| US | 8.8.8.8:53 | api.ipify.org | udp |
| FR | 172.217.20.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | api.thinksuggest.org | udp |
| US | 8.8.8.8:53 | www.thinksuggest.org | udp |
| US | 8.8.8.8:53 | 20.244.100.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 168.214.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 186.31.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 110.39.65.18.in-addr.arpa | udp |
| US | 104.26.12.205:443 | api.ipify.org | tcp |
| US | 13.107.5.80:443 | api.bing.com | tcp |
| US | 13.107.246.64:443 | www.clarity.ms | tcp |
| DE | 176.9.175.232:443 | www.thinksuggest.org | tcp |
| DE | 176.9.175.232:443 | www.thinksuggest.org | tcp |
| DE | 176.9.175.232:443 | www.thinksuggest.org | tcp |
| US | 8.8.8.8:53 | obseu.bizseasky.com | udp |
| IE | 34.251.101.162:443 | obseu.bizseasky.com | tcp |
| FR | 172.217.20.162:443 | googleads.g.doubleclick.net | tcp |
| FR | 172.217.20.162:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | api.taboola.com | udp |
| US | 151.101.1.44:443 | api.taboola.com | tcp |
| US | 172.67.31.186:443 | publisher.linkvertise.com | udp |
| US | 8.8.8.8:53 | ep1.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | c.clarity.ms | udp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | udp |
| US | 104.18.10.207:443 | stackpath.bootstrapcdn.com | udp |
| US | 8.8.8.8:53 | 205.12.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.246.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 80.5.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.175.9.176.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 162.101.251.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 238.75.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 44.1.101.151.in-addr.arpa | udp |
| IE | 13.74.129.1:443 | c.clarity.ms | tcp |
| US | 8.8.8.8:53 | h.clarity.ms | udp |
| US | 8.8.8.8:53 | o1051356.ingest.sentry.io | udp |
| US | 51.8.64.151:443 | h.clarity.ms | tcp |
| US | 34.120.195.249:443 | o1051356.ingest.sentry.io | tcp |
| FR | 172.217.20.162:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | imagedelivery.net | udp |
| US | 8.8.8.8:53 | img.youtube.com | udp |
| US | 8.8.8.8:53 | 1.129.74.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.75.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 249.195.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 151.64.8.51.in-addr.arpa | udp |
| US | 104.18.3.36:443 | imagedelivery.net | tcp |
| US | 104.18.3.36:443 | imagedelivery.net | tcp |
| US | 104.18.3.36:443 | imagedelivery.net | tcp |
| US | 104.18.3.36:443 | imagedelivery.net | tcp |
| US | 104.18.3.36:443 | imagedelivery.net | tcp |
| US | 104.18.3.36:443 | imagedelivery.net | tcp |
| FR | 142.250.179.78:443 | img.youtube.com | tcp |
| FR | 142.250.179.78:443 | img.youtube.com | tcp |
| FR | 142.250.179.78:443 | img.youtube.com | tcp |
| FR | 142.250.179.78:443 | img.youtube.com | tcp |
| US | 104.18.3.36:443 | imagedelivery.net | udp |
| FR | 142.250.179.78:443 | img.youtube.com | udp |
| US | 8.8.8.8:53 | c.bing.com | udp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| US | 13.107.21.237:443 | c.bing.com | tcp |
| FR | 216.58.215.33:443 | ep2.adtrafficquality.google | tcp |
| US | 8.8.8.8:53 | 36.3.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 78.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| FR | 172.217.20.196:443 | www.google.com | tcp |
| FR | 142.250.179.65:443 | tpc.googlesyndication.com | tcp |
| FR | 142.250.179.65:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 33.215.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 65.179.250.142.in-addr.arpa | udp |
| FR | 172.217.20.196:443 | www.google.com | udp |
| US | 51.8.64.151:443 | h.clarity.ms | tcp |
| US | 8.8.8.8:53 | chrome.google.com | udp |
| FR | 172.217.20.174:443 | chrome.google.com | tcp |
| US | 8.8.8.8:53 | 174.20.217.172.in-addr.arpa | udp |
| US | 142.250.69.3:443 | beacons.gcp.gvt2.com | udp |
| US | 104.22.23.72:443 | publisher.linkvertise.com | udp |
| US | 51.8.64.151:443 | h.clarity.ms | tcp |
| US | 51.8.64.151:443 | h.clarity.ms | tcp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | udp |
| US | 104.18.10.207:443 | stackpath.bootstrapcdn.com | udp |
| GB | 95.100.244.20:443 | contextual.media.net | udp |
| FR | 172.217.20.162:443 | googleads.g.doubleclick.net | udp |
| US | 172.67.31.186:443 | publisher.linkvertise.com | udp |
| FR | 172.217.20.196:443 | www.google.com | tcp |
| FR | 142.250.179.65:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | am-api.taboola.com | udp |
| US | 8.8.8.8:53 | cdn.linkvertise.com | udp |
| US | 8.8.8.8:53 | images.taboola.com | udp |
| FR | 142.250.179.78:443 | img.youtube.com | udp |
| US | 104.18.3.36:443 | imagedelivery.net | udp |
| US | 151.101.193.44:443 | images.taboola.com | tcp |
| US | 104.22.22.72:443 | cdn.linkvertise.com | tcp |
| US | 104.22.22.72:443 | cdn.linkvertise.com | tcp |
| US | 104.22.22.72:443 | cdn.linkvertise.com | tcp |
| US | 104.22.22.72:443 | cdn.linkvertise.com | tcp |
| FR | 172.217.20.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | cms.quantserve.com | udp |
| US | 8.8.8.8:53 | ads.travelaudience.com | udp |
| US | 8.8.8.8:53 | match.adsby.bidtheatre.com | udp |
| US | 8.8.8.8:53 | bttrack.com | udp |
| US | 8.8.8.8:53 | b1sync.zemanta.com | udp |
| US | 8.8.8.8:53 | s.uuidksinc.net | udp |
| US | 8.8.8.8:53 | ums.acuityplatform.com | udp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 44.193.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 72.22.22.104.in-addr.arpa | udp |
| NL | 188.166.17.21:443 | match.adsby.bidtheatre.com | tcp |
| US | 192.132.33.67:443 | bttrack.com | tcp |
| US | 35.190.0.66:443 | ads.travelaudience.com | tcp |
| DE | 91.228.74.166:443 | cms.quantserve.com | tcp |
| NL | 185.98.54.153:443 | s.uuidksinc.net | tcp |
| US | 64.202.112.255:443 | b1sync.zemanta.com | tcp |
| NL | 154.59.122.79:443 | ums.acuityplatform.com | tcp |
| FR | 172.217.20.194:443 | cm.g.doubleclick.net | tcp |
| FR | 172.217.20.194:443 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 66.0.190.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 153.54.98.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.17.166.188.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 166.74.228.91.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.20.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 79.122.59.154.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.33.132.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 255.112.202.64.in-addr.arpa | udp |
| US | 142.250.69.3:443 | beacons.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | obseu.bizseasky.com | udp |
| US | 8.8.8.8:53 | h.clarity.ms | udp |
| US | 142.250.69.3:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | getsolara.dev | udp |
| US | 104.21.93.27:443 | getsolara.dev | tcp |
| US | 104.21.93.27:443 | getsolara.dev | tcp |
| US | 8.8.8.8:53 | 27.93.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | getsolara.dev | udp |
| US | 104.21.93.27:443 | getsolara.dev | tcp |
| US | 8.8.8.8:53 | beacons.gvt2.com | udp |
| US | 8.8.8.8:53 | a.nel.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| FR | 142.250.179.99:443 | beacons.gvt2.com | tcp |
| FR | 142.250.179.99:443 | beacons.gvt2.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | 1.80.190.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 99.179.250.142.in-addr.arpa | udp |
| N/A | 127.0.0.1:6463 | tcp | |
| US | 8.8.8.8:53 | pastebin.com | udp |
| US | 172.67.19.24:443 | pastebin.com | tcp |
| US | 8.8.8.8:53 | clientsettings.roblox.com | udp |
| DE | 128.116.44.3:443 | clientsettings.roblox.com | tcp |
| US | 8.8.8.8:53 | 24.19.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.44.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.nodejs.org | udp |
| US | 104.20.22.46:443 | www.nodejs.org | tcp |
| US | 8.8.8.8:53 | nodejs.org | udp |
| US | 104.20.22.46:443 | nodejs.org | tcp |
| US | 51.8.64.151:443 | h.clarity.ms | tcp |
| US | 8.8.8.8:53 | 46.22.20.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.149.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8366f580.solaraweb-alj.pages.dev | udp |
| US | 172.66.47.197:443 | 8366f580.solaraweb-alj.pages.dev | tcp |
| US | 8.8.8.8:53 | 197.47.66.172.in-addr.arpa | udp |
| US | 104.21.93.27:443 | getsolara.dev | tcp |
| US | 172.67.19.24:443 | pastebin.com | tcp |
| DE | 128.116.44.3:443 | clientsettings.roblox.com | tcp |
| US | 104.20.22.46:443 | nodejs.org | tcp |
| US | 104.20.22.46:443 | nodejs.org | tcp |
| US | 51.8.64.151:443 | h.clarity.ms | tcp |
| US | 51.8.64.151:443 | h.clarity.ms | tcp |
| US | 142.250.69.3:443 | beacons.gcp.gvt2.com | tcp |
| US | 142.250.69.3:443 | beacons.gcp.gvt2.com | udp |
| US | 142.250.69.3:443 | beacons.gcp.gvt2.com | tcp |
Files
\??\pipe\crashpad_1220_OQHNEQEIWENUULRG
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000001
| MD5 | 3e552d017d45f8fd93b94cfc86f842f2 |
| SHA1 | dbeebe83854328e2575ff67259e3fb6704b17a47 |
| SHA256 | 27d9c4613df7a3c04da0b79c13217aa69992b441acb7e44bf2a7578ca87d97d6 |
| SHA512 | e616436f2f15615429c7c5c37de3990c3e86c5e1da7d75a0f524fc458b75d44a5be1a3648a628d63e1cf8aa062e08b538f2f2bc9c6a0b42157beb24f82c571d9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState
| MD5 | bac617b1cfe998c39e43f53b1407ef9d |
| SHA1 | 11c03a3714c6d3d24ac5f5893f0607d9e9a6013e |
| SHA256 | 62bc67fc5c1bf9caba977288820a255f5de9959f0f6ab7ea44117b70315ed08e |
| SHA512 | 76f27d4ed6db12ed29033d3b16edcd537972b04707fc3d8a0015639d7dd33063c61f0db8c9eda940433d6f7a749fdd79bcfb83baf7ba2e9db89d92bed109b44e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 64205e80c890c049e066d4aed126cdfa |
| SHA1 | 9e2449581ef7d912d8f78417a3b168c88d08208f |
| SHA256 | a146e4c0eee5b0cde750ab721cb6f15826a146b99207ecbe97c50c2cc464441b |
| SHA512 | fc1b299090b354516850bbe10ac486069fffa49a49985ffad5e04c7b5898a1f49723cf406eac0f740a6d36f6a7aceb2db9a8a269115944d9929569ed7601a5e9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 40bdb1a4e60c0cd037636ed764602cb2 |
| SHA1 | 6c508e89a033dbea614e75ee11421555c0097cee |
| SHA256 | 435319410bf01434b26277a5dd7d2eff67eb045de546df27a2c59cd50639bcbb |
| SHA512 | 7ccfe82fbcde0d4f4f6e2450135ce2d77f47c65191b44293ab0075566b5217a1c113931596d92edc8c15c89c8cb2e4317352afb310cbac38d157e27672ec4ca5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 5f33c49d1546537f688125005871ad15 |
| SHA1 | bea747e36f3f4c2b3ee27825d4f74174f1607d4c |
| SHA256 | 2f72d3b91926a19cacf0b1a3a52b9f0925def688cf283d845d9c7642f813db3a |
| SHA512 | 71c6327b643adbd0506338fe46cb7182fbc331f7ab81f9cc5332fae58cd5b44addacc722f07baf07fcfb10d96efd22637d56fcdb0a9eced8f623119d50cd72bf |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 47f92374682ee7e295bb1ad3e4753f11 |
| SHA1 | e8a6eb4b1da3dd261740feff22a896ff0867d9f8 |
| SHA256 | bb689f1dc301aa3337cb69f9339836cdb7f5f00d89f7c4e383e83e8fb84ad82e |
| SHA512 | 7bfaa291592a9362ac78655f0c5192b8ecb3500a37f398bafc7e1a7ab6f20bc516a65e5c3638ffc1fd71d596847502a1e12a0d4e04ae241787e99b93e0f7cb3d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | c36604bff429b39a6e3120be7d4ba5ee |
| SHA1 | 4e74aa82b1f67a219ea0e9c1a8087efe6b355c5c |
| SHA256 | 0c450074f2e1c9346b03f59be299776a516dc34f6410b37db0a5d15b68a757ac |
| SHA512 | 8bf3dff03d5d6c01ad141203422742dd81fff84db1fb00dcec374b70021c6113122d1cf5f198371cf048452b8ce64c4a407602622fb078586232052f4c55da08 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 6e7b704fc049cfc4d63a8f4a38a314f0 |
| SHA1 | e8d9c6fc46663635b94ed307f9374c2e561c8be5 |
| SHA256 | 843fafd8443bc6a747fe26ca5ac7b3ce407927558477c65ae8d0817d279d59a9 |
| SHA512 | 7999580074d9aa4bb9e0e46267a1ca831a8b0d7fb966ce3b1a3351704ad271a21ba3e63b172e4a2035f2f3da957b2226009b85200f58a6683d8752cc517297d1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | bea2a036702fd32cffe8dbf3014e28b3 |
| SHA1 | 3ac8145a2a77f79b6947560cf79e5f5e57ca01ec |
| SHA256 | 140d631e20ed6ec167570ad962d6614d49d92bacbdc82a430d067ad874ae55c8 |
| SHA512 | 379f00c728c78c710b7eedb5f8790f817357aeec8f3398cf73e8af683638e4dce203192ec2e1bde9b1c19c5ff1b1953c5c82c5fc40ceec4d1d89781b60b71790 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b71630b74aea8b412bfa78998e7ce5bc |
| SHA1 | ff0b9580b8a0a38ea2cd09e684b14a874d6b8f93 |
| SHA256 | 4524baf4fa7d5c986e435a7927b5bd17e13c38ce83468f32eaefaa56344a1ce5 |
| SHA512 | b7a0f74e27b51ae760c3599cb91c9158ded0ce1115949ff0364295ad02e8d87a5881e49df028b20dc99ad1759f86ce55e06069ff9401a8eee3401cdeba0d5f44 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 18bf0dc2375f859b64ce5bda88824264 |
| SHA1 | 3aff979e6ecd6ba0481c4585f9d4c28abfc8365a |
| SHA256 | 75bb6b40aa7e22970cf2d77c834c90fbcc7e62ef536565d60b1ff183daa8569b |
| SHA512 | 8ef46e177ddcdb4c016a8b445764c83a78ba4f20da52ba69e55a9cc9f143c871bf24dadb6326ef4031ae01d2ea5a6e1c96c7ee57efd1dbc929595369593219e8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 230d5caadd489aa47a352329045dcba0 |
| SHA1 | 7e5a264a3a36eaba3a574635c0b180fdcb09c1f2 |
| SHA256 | 6b4039ec413ab67b8430bf25b3049042bca13c635037dcca482b55a735f10732 |
| SHA512 | 4b54004fe0494df4e6aa8871c55dd7f4ddf9fb84ae4610a53bea70cf3eea8b4b21b1ac2ad771ee1316d4edbd294c2a2f7dfa992fb31e493fd544f1c03dab8ed6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | c26d3f3928d90fb137bf6dda34bebc3a |
| SHA1 | ca36389e7c0600cf917d78db2437331a5fc8231b |
| SHA256 | 43815f14b51a4a32152078ee4e0c8e8516bc4e03b57261a247e50cb9ccaa469e |
| SHA512 | ed3de364786fcabd5d80ff3dbc79d3446c8d716f38243ce2da20968f9ad4041eff7c3517169a45b49927d238125dedd3c49022c7325af56c2f5dcb0be51d38df |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | cbe1331d61204bf0d7c51b3308edee53 |
| SHA1 | e551943c0586b56989d333d368c44bc90fe48500 |
| SHA256 | 2443c8295973b26d23675e98c57cfaf1fb7a5ff4a353df2c43a600f39fbf2c22 |
| SHA512 | 48af6fe1ff72f314808902c0bf54b2079ae2da5a2e4d6d7a534eca27b1adfa0987c638a35ef34bfb57a6cc4503c9c8bb1c5d5f66706c215ebde3ea6934cd3f8c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 44ead270ef2b5f06d90807340b2fd2e4 |
| SHA1 | e561f47866f1883f71e527af48b9c8e643e881fb |
| SHA256 | c453d0c3391c5ffcded424eb8e2c22d392bc85cbe5e2ddf7601597808a21f6cd |
| SHA512 | a6e9ad2ebd00238ea5dbed46337b63e62fd7b674efb83ae988d7272074a266d93bdaa60d928e11928924cc0d9840fda149199d5ba6edc1273d1c88c2efaf2837 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 42fd315ec322c1b87b6990e5b1327dfb |
| SHA1 | e5d83b2c40dc33daf8a891f5333d86bc4b4c288f |
| SHA256 | 36af2f12d813e4518891098730a409563607bcd0fa06ee9723985b2fedc2f909 |
| SHA512 | d8b2aa032b6df89981f59471b326208606692fd282367b8c34763532e99e986a02bcfdc8d506b3776be90b496f4dd99d020654abe03a9d73b8d5a7f74ba94835 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\64250982bda1bb7a_0
| MD5 | e86c42fabcb99e09eef4cabc82b71f12 |
| SHA1 | e90ee7f2a70ac32f43ea7befb7efbe00f91096da |
| SHA256 | a0e709db7c37f2c4eb3a989c7032e67f4df063e00ebbcf76fee212ddfd9237bc |
| SHA512 | 65deb4413ee63cf38ba928b832c1d9a54ff75b196bdbeaaa101e00c840718911043e81fece0628885bcb5ce667d3538f4c09fa47d4d80183deeea4be90ff050f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\6674bc23aea7868d_0
| MD5 | 41cc643a6412b571b5bdff28d062537b |
| SHA1 | eaf49231153b250e50db499d6dfd71497dd65741 |
| SHA256 | 62071ef93fa7cf397cb75afafb8254aecceae618c4e3326a383ac46dd1204c60 |
| SHA512 | 3d021de52883baa999506981805069c9adad489e289f066caf8573ca8b78e2d17d28ead9d0f5ad9880899618da1287f117dc8430a245f93b4f8d049b6f6f6078 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e9fa527087c45ac2d6e62296c6cdbded |
| SHA1 | 4e2ca4b9583a06a356658c6ba7ad0513a7a7df63 |
| SHA256 | dd83d9997725dcce13f3959e1b20408105426fc6d5d8d4ee8c2553fe978863ef |
| SHA512 | 70dfdf2ed0b4cc06384795e523d5a7e575c4157d59975b20249004a90c7730c072fb6afd4619270cf077114e90e5e391c4d6b362cff68a1426fc01d311099621 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 9f80c5c5f99120845dbbb11ea0ac0933 |
| SHA1 | 21db08c94aaddc32cc7e70f4eef6d1445b3e9f2b |
| SHA256 | 00e5dc8bae4529c9b55808de41336c793b712981547bc98c2ddb7916f161aa61 |
| SHA512 | 25ded55b9bcf2a73bb53ee6e8a7946aec7ca93a680336f2f2748d1e85e5173616a0f01c82afaa76fce04e531bf387a39cd8f7cbec2e55e99dca15ee2f629d4bc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 51f3c60caafe73ee251b0cc8c0cc085f |
| SHA1 | c445ce820997e8b4b29623918056b85c1429fafc |
| SHA256 | 70268292a2d7121bcd2902665773b2674944f76b7178d6b21a411502fce8da2c |
| SHA512 | 560962e1fc9eaf5b81e59ae39cce3e0274cae379f00d69e5612888ccfb8caf98d525a9e5accbcedc999e5824239cc646fc4be323ee0c6f22282a5c587d00d64c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | af093cf00676591917fe3e20d6720186 |
| SHA1 | 08c52c68d2fa8fd41e70d8e79cf7a397fbef902b |
| SHA256 | e18a419621369de87a526ce71a3451d1bda7eab61401c89416d6d453c1d4861e |
| SHA512 | a9952e781e64352926d42ec7b06af03af7a53eb5f5169bb9630c8b59d67e8631e5b6040edf937d8cad874c25da09bd61a3bda1ce7a0d503b36af5027a2be92f4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | a5b75aba2041a87a6cf841a7ef78b3f7 |
| SHA1 | 135b7566840be07ab4657493cf4c6c7920df4447 |
| SHA256 | 726bca41648f5cacf143619e9d421bb91255a3259f4eb9ea8b425ff1a57d31ef |
| SHA512 | 4458a28327f68543e3a0fed004ffe9f880c5e0c40304d818022c4839aae0a4ddd1bc0d649f70e4bef8a2d7518dd24acc21290b078224468aa223c28409c25379 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | c04e7579bfdf54e2b37381c8b1accdf4 |
| SHA1 | 399cede3ba5fddbe0149a9bc714aa0888bb5b5ff |
| SHA256 | 8dce0d454e208534d8c4197d17c13f0e784fb463150ba71d162afacfb27aa625 |
| SHA512 | 869d8f0ad2998d05f74bb0acee9da5f446bdb940c2e4c79a317285244175a8bc8f35014d62200d3c331ce1f4157cd0831ae7e09839e21f780f45b9cb67f48617 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 1251836ce5b132d3ca8a3304ddc279d0 |
| SHA1 | 072acc45f6365134682dd5317938dd845fc68a09 |
| SHA256 | d346d4188bcc0d77073735e92015993b05230262a58172c2ab421de16a722c50 |
| SHA512 | 7134c82e640241bb54d41dcff0fd494c7835240f5593c82b0dffcae670ecf7e17c61abc7b5294a215f638168eea9a9201a86dc91a36b1d5574b67cf4072683a0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ccfbc01feddd40f247c6ce86d5ead595 |
| SHA1 | aff44b70f8f09546e523a9dd395ea611c11ba88e |
| SHA256 | 34a49f3669fed500afb7470327475157d78109ceec5cadc41f54b0036a53f403 |
| SHA512 | 5e4e8974e6652af9e44a3ca6000161fc4d7d9105801ddc489d4245aef78c184bcdcf51bdeba1c7be3af926034b8d387fd861ffd432c4d1057317a439a15a7f8d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 6385d465a538fa2e01eab6db2f01acf8 |
| SHA1 | a0b0698a48617f06c7ca27745eb1df5df502364e |
| SHA256 | a739317ca75619a68f883fb580919a8835cc00025a13945bdb0071e1ea8561cd |
| SHA512 | b84f7d28a76c1816778172afba47a546707f14297bcc2e7a9184ed0136b1ef09f6cdd1d7726086e5f44ad2b8849ac7da6ffd4f2374c6126980bc13a949c18360 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 8550f2ad718b3071916b8ec0adf2b659 |
| SHA1 | c2af6a26424a56f7d504a218e790d3383e0c718c |
| SHA256 | c679ff8c52743c7893cab353869cc541dad9b0af1431fdcbfadce26dbac11dd4 |
| SHA512 | a1ea580dcbcb96b4e9df75c509975c1a4590e0be933ab92df06ee9955fb98b7738251b9892020f75a37bb181e0033485a634c542be093ff2e3f5a93b50283fee |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 5466e0546faebaa926b0333f210b9768 |
| SHA1 | 74b40efe96f95ea4ee8cc57357e5a3b74b24276c |
| SHA256 | 4416ba21649f1ffde3723f5c3c76c3f0788d177b86bdc4889131e2d6c3d22b12 |
| SHA512 | f7dc2f15e9554bab83bab3a015cc490c2b3f007f8001bcf5d277124fb83f25aaa170deb3643893fcdcac675bb90619c3044af0e00cbaba69da0e439ceb824959 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\52d58f18-89b3-4ceb-9e61-15a1009f1336.tmp
| MD5 | a16f102c85926a38bb6829886bca8bfd |
| SHA1 | e176730ccdb635cfdb869edd917ba29278507a80 |
| SHA256 | b3426ee0abc3bd7f771b30786b70fff209ffeb0816755ab7d3e2c150d7d28b4d |
| SHA512 | 060a03df1eafe7c77ddf241f383ce3aaf96beacaaea858a76a376fd2a102f9dfd0920d4c37fc0a57cd8da55610bbc652f52611bbc4f145a9902753fe147315e6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | f07f93e358d1ccf479711318153f1b2b |
| SHA1 | c47bc1549b4f4b1251717ddcb73341414c9972fc |
| SHA256 | 3520e4219fd443d891fefc2f63268b2cb5bed466a5016f11259ffad2e5303266 |
| SHA512 | 2617cb78b3cda33c149ef8b7c735bb7c9359b7205a900df04ed2dacb119e91d9c9c79177138c578c53e1f606eb3ed752ef920824f036664b6c36f13de3a2e34c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | cb4036a46cc2ed7b32e880ce78314c2e |
| SHA1 | c962fd712a7a32493878759c99f2b9e2e6f6a307 |
| SHA256 | 5ad89de28a43e78b34045b395b8e5da50f33c57cf0d722de21d3abac3672fa7c |
| SHA512 | 1d543fe18a90bfeb32c3ceca7031124ff733fcef97cd9d1ab52e4bfd68cd6313e52cdda8259919b210034e14d40d0c8ffe57f77cdb6f981398d52d8a35859d5f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 7e27c729adfa7617565030bea9a0f2d2 |
| SHA1 | a49947d46cab405fb6254e903de50bb0575b89df |
| SHA256 | e3fb7a2f6c9b17a1cfc9af12a36423a856a172e88cf1d6bbde20e46c04893ead |
| SHA512 | c339ff4902f2d0276da0f25d11e59263824ae9850f74cb6fc3e0e4e61405083c3c11d7d65ebf330bf1be7182717970fa132fe371772052135a8259e074dbb77c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001d
| MD5 | 6c9f24607a85011c8fa145f30be632ad |
| SHA1 | 8f130cec0d0a6579fe8d398bc7e62451e7badda0 |
| SHA256 | 7d5a1d5cc0ff324a2faa264a6d1a40115aa945a8d7c71808108da456125dc784 |
| SHA512 | 79ef710010892897b208f4b4c61c043523454ae3bc9a765057ddf0b8e9f702d4a6ee1c13317b1fdf95caeda2b9d9fd182140614eb409b5fc72cbffc6c723b48b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001a
| MD5 | 61e4576e6aa91cd435fe92f085fb0a3c |
| SHA1 | fa21a6bad3a461c8f0e27b75913c8f1cbe0b2b62 |
| SHA256 | 78d8aca4e50e6ba58890b68f8c3d6e562ff0b16516a0c3df56be18b69dca6aa9 |
| SHA512 | b250c2940f7ca24b763bfcd4d39d0022d6441bad54c415b9848ef949f8871f219289f044301de03313bf8cfa53bb2797c5590acc1b32889b0641f7a13b710bfe |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 114c3b6d22019f06ddf4eb77743032d6 |
| SHA1 | b20061cf3099be51cfbf7ad281f94f075dd3bd07 |
| SHA256 | ff8de73d7f9839ba27fd02a3880da5b2dc91b815d7196551efd945470e830666 |
| SHA512 | 2c266d480a1182c0a1137af50e132a4826543d0e3022d7b581b52ebb8cdbc4678a569ed0bc9c08407ab377244cd9a1fb935168ddeaa8c298684ef84a6b432276 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000019
| MD5 | 638a4990025383a0f83ebf29bdb84a68 |
| SHA1 | 153e8818dc42f598e47fde8cf398f1447649a4d0 |
| SHA256 | 878e34b89800bb271d3588e526eb3598eb3822e263f3bdaf53645847d39d0ad6 |
| SHA512 | 59a505fa1a3bea1511e8fed16dced733299928b4081665d3e3fa4fc71d6f0ed0b09934805f442bf190c9093937e1494ac938167f9beaca0223243703f73efe87 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000021
| MD5 | cc379cde7c0b1e297da79328df8223f1 |
| SHA1 | b6056d75b9458d57702851af3546029f3e664420 |
| SHA256 | 8ee760804be8dc944305fe935577796336088ee31bfa4f9b49e8eaf0928a88fc |
| SHA512 | 1d98ba9e55574f214c9eb8606e22e09693ceccae8a17b87ce31ebd016d3fd54f5945045f1a3066b860ae9e32653f3708d7dd108842d675695c0664a8837c7725 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001c
| MD5 | db0297317b0756af2f971beaccfc2ee2 |
| SHA1 | 5763610fc16851c0b78ce1e4489bf38a59e90233 |
| SHA256 | 5beb4eb1679e1ffbbfd21b2d0cff9e7e8c5a08e4320d709bb8b3b33059aac06d |
| SHA512 | 00232f21e7345f868e4187abb7178e6714bcba4c86bec4580a7fcf0f63e0012d42196a2e5a3324965e039e9137e9b6b26ba357bd19b9b7814fc3702aff7e8b0d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00003a
| MD5 | 24d70f57445760fa446b5b7707c769f5 |
| SHA1 | c68a2ee5ed1d6680bdc62a6c69596571dc90f37f |
| SHA256 | f3963fd42503aae6e325160f2e3b455073679f3b057b87d72043f098b41cbbfe |
| SHA512 | 6a613c37d4ba10a8dfb4317e7c8726dfcc09a5f0a3369dc0aa2a61046f56c3dd40a24ae92ca04c7f113207f39a02a033dd180b45ce0528d2b6c43aa6673c6376 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d0c3bba6c86c07d710bdc27a4c1f6aa0 |
| SHA1 | d0a1ec3b7fe38cf146ee22930b9138dcb0592f7d |
| SHA256 | b3252a08e9396939b8a5c31531ab5d1135555dc28e9884bb3c20ee462e954d5f |
| SHA512 | daf5c15e2bc6d1653a4753192e3dc56d079dd9f51df27bc26f8cb79e4ebb2fbc2708b1dfd5ef0c6e9dd523f141db0e59ed175f0624a8eaf1c3d9d58760e143c1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000048
| MD5 | dd62255c6e72b80ce88a440481d3d22f |
| SHA1 | 17758b8673c033ecf7c194e5d1190bbf9516c825 |
| SHA256 | 16921001068e64b8ac9935d54eaa1dca108647370c5987443732ecd4f0f56249 |
| SHA512 | 19cb0414fa378f59229d6296a4165e3a073fb6c6b812969c7015d3f73e7738c70893346740396986c6148ca1fcd5e7a8021aed775c808eb67ee9d1b301f0ee76 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | db56835cf55c7ba1275c1bace8c24656 |
| SHA1 | 5b806e3032ae2952b01504d05acf1ea8032f46fe |
| SHA256 | f5211a18aadb64ca08640f72be233f18141b0d7154db9eeb72754b7f2bddde03 |
| SHA512 | f7189638a57d9ebb2f162d2123864c1d7f7e8f4c2ed909b33037be054be036606aadc58444129991932d69d00ade8bd4a1bc8d47dcf5d12f7d7a39b81242b79a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 23c57e82c5efe47bf5034783145bd91b |
| SHA1 | 8b0d2eb292e7681d783b8e7bb075b5506bcf10e7 |
| SHA256 | 7ec15e0a818f814cdf9ca253564f06e7b5a54342483d1e89cbb14f2313c6be3d |
| SHA512 | e5f5cf5c25544e2660040ffae1da01cc12c074bf89e8bea26f241d9fdb83d2fb21f61c67b392f9e8ef6dbcf814cb623f13411df011fd0571dee15ce79e85c3d6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 3eeda9c787514e79527f8a1bf5cd4956 |
| SHA1 | 86b83518f0f0d2b0cd7c50c235cc30828e31a32d |
| SHA256 | a27c326952478b3264362932a6a0f109fb5dc57259c1c38d7fcf1b7914e2a528 |
| SHA512 | f272c9fae2baff177779f3bfaf5f6d851728c9bb1536df5b041165ba821ecf29fbe2b0fca66ab419b7f00dbb60d8a8ca235ede39a3a015df33e7e450a344204f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e4dab09b550eaea9e25c3d8b37b6fdc1 |
| SHA1 | 3822128ef666157e7695ea124519d791fc2f01ff |
| SHA256 | 0d0add1c46f2dc9d59ce225cb0e7117b0beb0fc143aa7bbfd1a3b8040d75673a |
| SHA512 | 01f8e109b3e36759fd547cebbd76f9c15801a24dd863b6895f9a01fe08e92f7fcda52b2de23279d7d5804bcced5767138f52eb9a3222c6e8f456837fdb7abb9c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | c0c6258ebbc7bace939477df728ef07f |
| SHA1 | 617c3644fd20e624f6e3425324b7defad137e911 |
| SHA256 | 2fd43a42b051858a60224ec056af8ea433bb307c7a4176bab63c5a054c2e6c10 |
| SHA512 | 83a1fd472aba77eb9ebbd6523e26eeaa8acd310054c21d286b918da1e37af857db6d3d5510ba4d0f8b3fb398f52e851a2e05eddcea9612b176c9a4dc34990a74 |
C:\Users\Admin\Downloads\Bootstrapper.exe
| MD5 | 76639ab92661f5c384302899934051ab |
| SHA1 | 9b33828f8ad3a686ff02b1a4569b8ae38128caed |
| SHA256 | 6bb9ad960bcc9010db1b9918369bdfc4558f19287b5b6562079c610a28320178 |
| SHA512 | 928e4374c087070f8a6786f9082f05a866751ea877edf9afa23f6941dfc4d6762e1688bbb135788d6286ec324fa117fc60b46fed2f6e3a4ab059465a00f2ebee |
memory/3500-755-0x00007FFF735B3000-0x00007FFF735B5000-memory.dmp
memory/3500-756-0x000001F4CCC10000-0x000001F4CCCDE000-memory.dmp
memory/3500-757-0x00007FFF735B0000-0x00007FFF74071000-memory.dmp
memory/3500-759-0x000001F4CE8D0000-0x000001F4CE8F2000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7fcc090db4148616e96bf75d05a405cd |
| SHA1 | e30312444969f064a02c588bb6f99122e341ef6b |
| SHA256 | ae4ee8f88a0e362bb648b692f64b4e7d7169e8177aee0e2954aa2d1ba8f77dbf |
| SHA512 | 891125344ed1e80fd7b76a06d5e8521c4c56af3c96755ebfc87dd3c405e86e5a8aa4a4b39a8bb833f1c4226aa19ec5415fb523ae046e6e38d42b2b5a600bd2aa |
C:\Users\Admin\AppData\Local\Temp\node-v18.16.0-x64.msi
| MD5 | 0e4e9aa41d24221b29b19ba96c1a64d0 |
| SHA1 | 231ade3d5a586c0eb4441c8dbfe9007dc26b2872 |
| SHA256 | 5bfb6f3ab89e198539408f7e0e8ec0b0bd5efe8898573ec05b381228efb45a5d |
| SHA512 | e6f27aecead72dffecbeaad46ebdf4b1fd3dbcddd1f6076ba183b654e4e32d30f7af1236bf2e04459186e993356fe2041840671be73612c8afed985c2c608913 |
memory/3500-771-0x00007FFF735B3000-0x00007FFF735B5000-memory.dmp
memory/3500-773-0x00007FFF735B0000-0x00007FFF74071000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | c993e92f076bead8784e0cbe17bca998 |
| SHA1 | 5d703d7d6b876f1d5930cf1ced969c5026185af2 |
| SHA256 | 14d619a8eb9c269a38989b23390da92a42d7bb98b6014d3e1376400b1e48b8ac |
| SHA512 | 40d07d9f2c9d892a1e5d170663aa58065a3f6e04f218ffc2239fbd20c81afda00a7cbdf6f9b869b77f5fe2aca786aad64233b6c6dfcb3aba6165c31c3c6c7360 |
C:\Windows\Installer\MSI786A.tmp
| MD5 | 9fe9b0ecaea0324ad99036a91db03ebb |
| SHA1 | 144068c64ec06fc08eadfcca0a014a44b95bb908 |
| SHA256 | e2cce64916e405976a1d0c522b44527d12b1cba19de25da62121cf5f41d184c9 |
| SHA512 | 906641a73d69a841218ae90b83714a05af3537eec8ad1d761f58ac365cf005bdd74ad88f71c4437aaa126ac74fa46bcad424d17c746ab197eec2caa1bd838176 |
C:\Windows\Installer\MSI7899.tmp
| MD5 | a3ae5d86ecf38db9427359ea37a5f646 |
| SHA1 | eb4cb5ff520717038adadcc5e1ef8f7c24b27a90 |
| SHA256 | c8d190d5be1efd2d52f72a72ae9dfa3940ab3faceb626405959349654fe18b74 |
| SHA512 | 96ecb3bc00848eeb2836e289ef7b7b2607d30790ffd1ae0e0acfc2e14f26a991c6e728b8dc67280426e478c70231f9e13f514e52c8ce7d956c1fad0e322d98e0 |
C:\Windows\Installer\MSI7F23.tmp
| MD5 | 7a86ce1a899262dd3c1df656bff3fb2c |
| SHA1 | 33dcbe66c0dc0a16bab852ed0a6ef71c2d9e0541 |
| SHA256 | b8f2d0909d7c2934285a8be010d37c0609c7854a36562cbfcbce547f4f4c7b0c |
| SHA512 | 421e8195c47381de4b3125ab6719eec9be7acd2c97ce9247f4b70a309d32377917c9686b245864e914448fe53df2694d5ee5f327838d029989ba7acafda302ec |
C:\Program Files\nodejs\node_modules\npm\node_modules\nopt\LICENSE
| MD5 | b020de8f88eacc104c21d6e6cacc636d |
| SHA1 | 20b35e641e3a5ea25f012e13d69fab37e3d68d6b |
| SHA256 | 3f24d692d165989cd9a00fe35ca15a2bc6859e3361fa42aa20babd435f2e4706 |
| SHA512 | 4220617e29dd755ad592295bc074d6bc14d44a1feeed5101129669f3ecf0e34eaa4c7c96bbc83da7352631fa262baab45d4a370dad7dabec52b66f1720c28e38 |
C:\Program Files\nodejs\node_modules\npm\node_modules\bin-links\LICENSE
| MD5 | d2cf52aa43e18fdc87562d4c1303f46a |
| SHA1 | 58fb4a65fffb438630351e7cafd322579817e5e1 |
| SHA256 | 45e433413760dc3ae8169be5ed9c2c77adc31ad4d1bc5a28939576df240f29a0 |
| SHA512 | 54e33d7998b5e9ba76b2c852b4d0493ebb1b1ee3db777c97e6606655325ff66124a0c0857ca4d62de96350dbaee8d20604ec22b0edc17b472086da4babbbcb16 |
C:\Program Files\nodejs\node_modules\npm\node_modules\promise-all-reject-late\LICENSE
| MD5 | 7428aa9f83c500c4a434f8848ee23851 |
| SHA1 | 166b3e1c1b7d7cb7b070108876492529f546219f |
| SHA256 | 1fccd0ad2e7e0e31ddfadeaf0660d7318947b425324645aa85afd7227cab52d7 |
| SHA512 | c7f01de85f0660560206784cdf159b2bdc5f1bc87131f5a8edf384eba47a113005491520b0a25d3cc425985b5def7b189e18ff76d7d562c434dc5d8c82e90cce |
C:\Program Files\nodejs\node_modules\npm\node_modules\aggregate-error\license
| MD5 | 5ad87d95c13094fa67f25442ff521efd |
| SHA1 | 01f1438a98e1b796e05a74131e6bb9d66c9e8542 |
| SHA256 | 67292c32894c8ac99db06ffa1cb8e9a5171ef988120723ebe673bf76712260ec |
| SHA512 | 7187720ccd335a10c9698f8493d6caa2d404e7b21731009de5f0da51ad5b9604645fbf4bc640aa94513b9eb372aa6a31df2467198989234bc2afbce87f76fbc3 |
C:\Program Files\nodejs\node_modules\npm\node_modules\minizlib\node_modules\minipass\LICENSE
| MD5 | d7c8fab641cd22d2cd30d2999cc77040 |
| SHA1 | d293601583b1454ad5415260e4378217d569538e |
| SHA256 | 04400db77d925de5b0264f6db5b44fe6f8b94f9419ad3473caaa8065c525c0be |
| SHA512 | 278ff929904be0c19ee5fb836f205e3e5b3e7cec3d26dd42bbf1e7e0ca891bf9c42d2b28fce3741ae92e4a924baf7490c7c6c59284127081015a82e2653e0764 |
C:\Program Files\nodejs\node_modules\npm\node_modules\minizlib\node_modules\minipass\index.js
| MD5 | bc0c0eeede037aa152345ab1f9774e92 |
| SHA1 | 56e0f71900f0ef8294e46757ec14c0c11ed31d4e |
| SHA256 | 7a395802fbe01bb3dc8d09586e0864f255874bf897378e546444fbaec29f54c5 |
| SHA512 | 5f31251825554bf9ed99eda282fa1973fcec4a078796a10757f4fb5592f2783c4ebdd00bdf0d7ed30f82f54a7668446a372039e9d4589db52a75060ca82186b3 |
C:\Program Files\nodejs\node_modules\npm\node_modules\tar\node_modules\fs-minipass\node_modules\minipass\index.d.ts
| MD5 | f0bd53316e08991d94586331f9c11d97 |
| SHA1 | f5a7a6dc0da46c3e077764cfb3e928c4a75d383e |
| SHA256 | dd3eda3596af30eda88b4c6c2156d3af6e7fa221f39c46e492c5e9fb697e2fef |
| SHA512 | fd6affbaed67d09cf45478f38e92b8ca6c27650a232cbbeaff36e4f7554fb731ae44cf732378641312e98221539e3d8fabe80a7814e4f425026202de44eb5839 |
C:\Program Files\nodejs\node_modules\npm\node_modules\libnpmorg\LICENSE
| MD5 | 072ac9ab0c4667f8f876becedfe10ee0 |
| SHA1 | 0227492dcdc7fb8de1d14f9d3421c333230cf8fe |
| SHA256 | 2ef361317adeda98117f14c5110182c28eae233af1f7050c83d4396961d14013 |
| SHA512 | f38fd6506bd9795bb27d31f1ce38b08c9e6f1689c34fca90e9e1d5194fa064d1f34a9c51d15941506ebbbcd6d4193055e9664892521b7e39ebcd61c3b6f25013 |
C:\Program Files\nodejs\node_modules\npm\node_modules\@npmcli\arborist\LICENSE.md
| MD5 | 2916d8b51a5cc0a350d64389bc07aef6 |
| SHA1 | c9d5ac416c1dd7945651bee712dbed4d158d09e1 |
| SHA256 | 733dcbf5b1c95dc765b76db969b998ce0cbb26f01be2e55e7bccd6c7af29cb04 |
| SHA512 | 508c5d1842968c478e6b42b94e04e0b53a342dfaf52d55882fdcfe02c98186e9701983ab5e9726259fba8336282e20126c70d04fc57964027586a40e96c56b74 |
C:\Program Files\nodejs\node_modules\npm\node_modules\minipass-pipeline\node_modules\minipass\package.json
| MD5 | d116a360376e31950428ed26eae9ffd4 |
| SHA1 | 192b8e06fb4e1f97e5c5c7bf62a9bff7704c198b |
| SHA256 | c3052bd85910be313e38ad355528d527b565e70ef15a784db3279649eee2ded5 |
| SHA512 | 5221c7648f4299234a4637c47d3f1eb5e147014704913bc6fdad91b9b6a6ccc109bced63376b82b046bb5cad708464c76fb452365b76dbf53161914acf8fb11a |
C:\Program Files\nodejs\node_modules\npm\node_modules\treeverse\LICENSE
| MD5 | 1d7c74bcd1904d125f6aff37749dc069 |
| SHA1 | 21e6dfe0fffc2f3ec97594aa261929a3ea9cf2ab |
| SHA256 | 24b8d53712087b867030d18f2bd6d1a72c78f9fb4dee0ce025374da25e4443b9 |
| SHA512 | b5ac03addd29ba82fc05eea8d8d09e0f2fa9814d0dd619c2f7b209a67d95b538c3c2ff70408641ef3704f6a14e710e56f4bf57c2bb3f8957ba164f28ee591778 |
C:\Program Files\nodejs\node_modules\npm\node_modules\libnpmhook\LICENSE.md
| MD5 | e9dc66f98e5f7ff720bf603fff36ebc5 |
| SHA1 | f2b428eead844c4bf39ca0d0cf61f6b10aeeb93b |
| SHA256 | b49c8d25a8b57fa92b2902d09c4b8a809157ee32fc10d17b7dbb43c4a8038f79 |
| SHA512 | 8027d65e1556511c884cb80d3c1b846fc9d321f3f83002664ad3805c4dee8e6b0eaf1db81c459153977bdbde9e760b0184ba6572f68d78c37bff617646bcfc3b |
C:\Program Files\nodejs\node_etw_provider.man
| MD5 | 1d51e18a7247f47245b0751f16119498 |
| SHA1 | 78f5d95dd07c0fcee43c6d4feab12d802d194d95 |
| SHA256 | 1975aa34c1050b8364491394cebf6e668e2337c3107712e3eeca311262c7c46f |
| SHA512 | 1eccbe4ddae3d941b36616a202e5bd1b21d8e181810430a1c390513060ae9e3f12cd23f5b66ae0630fd6496b3139e2cc313381b5506465040e5a7a3543444e76 |
C:\Program Files\nodejs\node_etw_provider.man
| MD5 | d3bc164e23e694c644e0b1ce3e3f9910 |
| SHA1 | 1849f8b1326111b5d4d93febc2bafb3856e601bb |
| SHA256 | 1185aaa5af804c6bc6925f5202e68bb2254016509847cd382a015907440d86b4 |
| SHA512 | 91ebff613f4c35c625bb9b450726167fb77b035666ed635acf75ca992c4846d952655a2513b4ecb8ca6f19640d57555f2a4af3538b676c3bd2ea1094c4992854 |
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Node.js\Node.js website.url
| MD5 | 35b86e177ab52108bd9fed7425a9e34a |
| SHA1 | 76a1f47a10e3ab829f676838147875d75022c70c |
| SHA256 | afaa6c6335bd3db79e46fb9d4d54d893cee9288e6bb4738294806a9751657319 |
| SHA512 | 3c8047c94b789c8496af3c2502896cef2d348ee31618893b9b71244af667ec291dcb9b840f869eb984624660086db0c848d1846aa601893e6f9955e56da19f62 |
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Node.js\Node.js documentation.url
| MD5 | db7dbbc86e432573e54dedbcc02cb4a1 |
| SHA1 | cff9cfb98cff2d86b35dc680b405e8036bbbda47 |
| SHA256 | 7cf8a9c96f9016132be81fd89f9573566b7dc70244a28eb59d573c2fdba1def9 |
| SHA512 | 8f35f2e7dac250c66b209acecab836d3ecf244857b81bacebc214f0956ec108585990f23ff3f741678e371b0bee78dd50029d0af257a3bb6ab3b43df1e39f2ec |
C:\Config.Msi\e5b734b.rbs
| MD5 | d994b1d75fcc798a8b51cfaa28ca6629 |
| SHA1 | 6706f23e34f68551cc20d7718ac3a8eaed1be14d |
| SHA256 | 66bcc609d7540f967b522a765e97812a1c26567b4b0d1e2127e0625e3ee6c7c3 |
| SHA512 | d873eb19608509381259e576f4bdb2a614b5d6d8bdb43e399e4b1620a4156744697d5c69963db37420ad6ac63e72c4fd8a6c68a34d564b74f44d9b1af93d4157 |
memory/3500-3156-0x000001F4CEAF0000-0x000001F4CEAFA000-memory.dmp
memory/3500-3158-0x000001F4E74E0000-0x000001F4E74F2000-memory.dmp
memory/3500-3562-0x00007FFF735B0000-0x00007FFF74071000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 432ecd3b6e636298691af3253cd5a285 |
| SHA1 | a652eec74c3d43f5e8acc65337a909c7cecce68e |
| SHA256 | c55578395c092f11ed07ecdfa0ea538ac3bf6aeed575816a357b5ba8e077c9e0 |
| SHA512 | f498ea94b3e89dc1ba294fdf39450204a6fe830b4533999ce8434340eee352417d3e7722253bacea9847cd7a57296f9614aac3d7725163df2e47522d3cd05f5a |
C:\Users\Admin\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\Bootstrapper.exe.log
| MD5 | 729fe1364e567b8893f837291f48ff98 |
| SHA1 | e875c41ad464ab83de0df33165d551dd2a28f10c |
| SHA256 | 565c65f30b6a25f74133ec21da782211d1510085019f3f41bfddd34bd165e153 |
| SHA512 | cb3a561dfe0e89ad68f44372a5c01a4250b6cf6df8734dd6f9301d2ef4d0bb658892ef9940273605f40cef507ff359fa104cad15ebce4485f4f8f477c3483b23 |
C:\Users\Admin\Downloads\DISCORD
| MD5 | 5aa26de003aeebae624a08de919c52b5 |
| SHA1 | ff1a4dd7673a6b604324e1363738658cc4d565c0 |
| SHA256 | 335052f362ac50a1d52e8268ebc4323f59644ef7988cb29ea485d57745667bd2 |
| SHA512 | 43220140c68668fd309ce343c06e22910dbe6b74818a9a0f07da052cd8d6020524311c6c00201fc3bceb6f18743ba07ae65e2d4900dd79fab7218bef5caf192c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8729ebd44eca87f796407132b9cfc182 |
| SHA1 | e0411befe4e8d0357a5758797a5294e93c07f992 |
| SHA256 | cb4bc213867a46bb8145b258cfdebc40451b78a0e5f099cee77f4cd358ff3eeb |
| SHA512 | decd14c562fea29e1200e95bddc3a902813a8731b53246c72283cfb38f35e2ce2888b664dd26fba8d31c8cf1041fe13a32ebaff2fe290b79cc43794db5713993 |
C:\Config.Msi\e5b734f.rbs
| MD5 | 3b69c4a2b54fe3a60b6d4f9667e2a5cb |
| SHA1 | 4450451fd7d99589adb728d17f734c1e5e381ae9 |
| SHA256 | 5a69b8d50d513d282c3031a59460254d2e95ccbb9c577aa53d209b3df7fa405b |
| SHA512 | 63e626342a99e1a92a6f934612ba0e4a3f71b65f8da6efb1d29731cc3f64fcb3343ca3e1195c650e8fb03036d672740633f3bfa344e6072709f55cd356b8e24b |