Malware Analysis Report

2025-08-05 16:50

Sample ID 240816-e927kazdkl
Target https://google.com
Tags
discovery
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

Threat Level: Likely malicious

The file https://google.com was found to be: Likely malicious.

Malicious Activity Summary

discovery

Downloads MZ/PE file

Loads dropped DLL

Checks computer location settings

Executes dropped EXE

Legitimate hosting services abused for malware hosting/C2

Blocklisted process makes network request

Enumerates connected drives

Looks up external IP address via web service

Drops file in System32 directory

Drops file in Program Files directory

Drops file in Windows directory

Browser Information Discovery

Enumerates physical storage devices

System Location Discovery: System Language Discovery

Suspicious behavior: EnumeratesProcesses

Suspicious use of WriteProcessMemory

Enumerates system info in registry

Modifies registry class

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of FindShellTrayWindow

Suspicious use of SendNotifyMessage

Suspicious use of AdjustPrivilegeToken

Modifies data under HKEY_USERS

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-08-16 04:39

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-08-16 04:39

Reported

2024-08-16 04:44

Platform

win10v2004-20240802-en

Max time kernel

294s

Max time network

292s

Command Line

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://google.com

Signatures

Downloads MZ/PE file

Checks computer location settings

Description Indicator Process Target
Key value queried \REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000\Control Panel\International\Geo\Nation C:\Users\Admin\Downloads\Bootstrapper.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-2392887640-1187051047-2909758433-1000\Control Panel\International\Geo\Nation C:\Users\Admin\Downloads\Bootstrapper.exe N/A

Executes dropped EXE

Description Indicator Process Target
N/A N/A C:\Users\Admin\Downloads\Bootstrapper.exe N/A
N/A N/A C:\Users\Admin\Downloads\Bootstrapper.exe N/A

Blocklisted process makes network request

Description Indicator Process Target
N/A N/A C:\Windows\system32\msiexec.exe N/A
N/A N/A C:\Windows\system32\msiexec.exe N/A

Enumerates connected drives

Description Indicator Process Target
File opened (read-only) \??\L: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\M: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\Q: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\V: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\W: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\X: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\Z: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\H: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\I: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\S: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\U: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\P: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\Y: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\A: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\B: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\G: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\N: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\R: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\T: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\E: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\J: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\K: C:\Windows\system32\msiexec.exe N/A
File opened (read-only) \??\O: C:\Windows\system32\msiexec.exe N/A

Legitimate hosting services abused for malware hosting/C2

Description Indicator Process Target
N/A pastebin.com N/A N/A
N/A pastebin.com N/A N/A
N/A pastebin.com N/A N/A

Looks up external IP address via web service

Description Indicator Process Target
N/A api.ipify.org N/A N/A
N/A api.ipify.org N/A N/A

Drops file in System32 directory

Description Indicator Process Target
File created C:\Windows\System32\DriverStore\FileRepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created \??\c:\windows\system32\driverstore\filerepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Drops file in Program Files directory

Description Indicator Process Target
File created C:\Program Files\nodejs\node_modules\npm\node_modules\rimraf\node_modules\brace-expansion\package.json C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\lib\utils\config\index.js C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\node_modules\tuf-js\dist\fetcher.d.ts C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\node_modules\node-gyp\node_modules\unique-filename\lib\index.js C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\node_modules\@npmcli\fs\lib\cp\index.js C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\node_modules\@npmcli\config\README.md C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\node_modules\sigstore\dist\util\oidc.d.ts C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\node_modules\rimraf\bin.js C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\node_modules\@colors\colors\package.json C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\nodejs\node_modules\corepack\shims\nodewin\npx.cmd C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\node_modules\process\LICENSE C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\lib\utils\log-shim.js C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\node_modules\socks\docs\examples\javascript\bindExample.md C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\node_modules\sigstore\dist\tlog\index.d.ts C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\docs\content\commands\npm-update.md C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\node_modules\treeverse\lib\breadth.js C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\docs\content\commands\npm-unpublish.md C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\docs\output\commands\npm-link.html C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\node_modules\node-gyp\gyp\pylib\gyp\__init__.py C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\node_modules\mkdirp\index.js C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\docs\output\commands\npm-owner.html C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\node_modules\@npmcli\package-json\package.json C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\node_modules\ansi-styles\index.js C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\node_modules\cli-table3\src\cell.js C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\node_modules\qrcode-terminal\vendor\QRCode\QRUtil.js C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\node_modules\@npmcli\arborist\lib\can-place-dep.js C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\node_modules\util-deprecate\History.md C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\node_modules\npm-install-checks\package.json C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\node_modules\node-gyp\lib\find-python.js C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\node_modules\node-gyp\node_modules\@npmcli\fs\lib\common\get-options.js C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\node_modules\node-gyp\node_modules\readable-stream\lib\internal\streams\from-browser.js C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\node_modules\node-gyp\node_modules\nopt\README.md C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\node_modules\node-gyp\.github\workflows\visual-studio.yml C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\man\man7\logging.7 C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\nodejs\node_modules\corepack\shims\npm.cmd C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\nodejs\node_modules\corepack\dist\yarnpkg.js C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\node_modules\node-gyp\node_modules\are-we-there-yet\lib\tracker-stream.js C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\node_modules\spdx-expression-parse\scan.js C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\node_modules\@npmcli\arborist\bin\audit.js C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\node_modules\make-fetch-happen\lib\dns.js C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\node_modules\minipass-collect\LICENSE C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\node_modules\sigstore\dist\client\rekor.d.ts C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\lib\commands\pkg.js C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\node_modules\npm-profile\LICENSE.md C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\lib\commands\dist-tag.js C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\node_modules\@npmcli\metavuln-calculator\package.json C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\node_modules\hosted-git-info\LICENSE C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\node_modules\is-cidr\index.d.ts C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\node_modules\sigstore\dist\types\sigstore\serialized.d.ts C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\node_modules\postcss-selector-parser\dist\selectors\container.js C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\node_modules\columnify\width.js C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\node_modules\node-gyp\node_modules\cacache\lib\index.js C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\node_modules\node-gyp\node_modules\cacache\lib\content\rm.js C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\nodejs\node_modules\corepack\shims\npm.ps1 C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\node_modules\@tootallnate\once\dist\overloaded-parameters.js.map C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\node_modules\@npmcli\arborist\lib\arborist\load-virtual.js C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\node_modules\node-gyp\node_modules\ssri\lib\index.js C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\node_modules\node-gyp\node_modules\cacache\node_modules\brace-expansion\index.js C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\man\man1\npm-stop.1 C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\node_modules\sigstore\dist\ca\verify\index.d.ts C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\node_modules\tuf-js\dist\models\metadata.d.ts C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\node_modules\postcss-selector-parser\package.json C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\node_modules\clean-stack\index.js C:\Windows\system32\msiexec.exe N/A
File created C:\Program Files\nodejs\node_modules\npm\docs\content\commands\npm-diff.md C:\Windows\system32\msiexec.exe N/A

Drops file in Windows directory

Description Indicator Process Target
File created C:\Windows\Installer\e5b734c.msi C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Installer\ C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\Installer\SourceHash{EFA235B5-C6A1-42E6-9BC9-02A8D56F1CDC} C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Installer\MSIA108.tmp C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Installer\MSI7899.tmp C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Installer\MSI85AE.tmp C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Installer\MSIE512.tmp C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.log C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Installer\MSI7CE0.tmp C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Installer\MSID9CE.tmp C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Installer\MSIDA9C.tmp C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\Installer\e5b7348.msi C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Installer\MSI7F44.tmp C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\Installer\{EFA235B5-C6A1-42E6-9BC9-02A8D56F1CDC}\NodeIcon C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Installer\{EFA235B5-C6A1-42E6-9BC9-02A8D56F1CDC}\NodeIcon C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Installer\MSIE395.tmp C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Installer\MSIE484.tmp C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Installer\MSIE3F5.tmp C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Installer\MSIE4A4.tmp C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Installer\e5b7348.msi C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Installer\MSI780B.tmp C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Installer\MSI858E.tmp C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Installer\MSIA03C.tmp C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Installer\MSIA2CE.tmp C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Installer\MSIDA9B.tmp C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Installer\MSI786A.tmp C:\Windows\system32\msiexec.exe N/A
File created C:\Windows\Installer\inprogressinstallinfo.ipi C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Installer\MSI7F23.tmp C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Installer\MSIA82E.tmp C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Installer\MSIE3B6.tmp C:\Windows\system32\msiexec.exe N/A
File opened for modification C:\Windows\Installer\MSIE406.tmp C:\Windows\system32\msiexec.exe N/A

Browser Information Discovery

discovery

Enumerates physical storage devices

System Location Discovery: System Language Discovery

discovery
Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\wevtutil.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\syswow64\MsiExec.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\syswow64\MsiExec.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\syswow64\MsiExec.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\syswow64\MsiExec.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key deleted \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\27 C:\Windows\system32\msiexec.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\28 C:\Windows\system32\msiexec.exe N/A
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133682567664417828" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key deleted \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\26\52C64B7E C:\Windows\system32\msiexec.exe N/A
Key deleted \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\26 C:\Windows\system32\msiexec.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\27 C:\Windows\system32\msiexec.exe N/A
Key deleted \REGISTRY\USER\.DEFAULT\SOFTWARE\CLASSES\LOCAL SETTINGS\MUICACHE\27\52C64B7E C:\Windows\system32\msiexec.exe N/A

Modifies registry class

Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Features\5B532AFE1A6C6E24B99C208A5DF6C1CD\corepack C:\Windows\system32\msiexec.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\5B532AFE1A6C6E24B99C208A5DF6C1CD\Version = "303038464" C:\Windows\system32\msiexec.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\5B532AFE1A6C6E24B99C208A5DF6C1CD\AuthorizedLUAApp = "0" C:\Windows\system32\msiexec.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-2392887640-1187051047-2909758433-1000\{FF35F217-0369-4024-9BAB-2074D6B845A7} C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Features\5B532AFE1A6C6E24B99C208A5DF6C1CD\NodeEtwSupport = "NodeRuntime" C:\Windows\system32\msiexec.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Features\5B532AFE1A6C6E24B99C208A5DF6C1CD\NodeRuntime C:\Windows\system32\msiexec.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\5B532AFE1A6C6E24B99C208A5DF6C1CD\PackageCode = "347C7A52EDBDC9A498427C0BC7ABB536" C:\Windows\system32\msiexec.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\5B532AFE1A6C6E24B99C208A5DF6C1CD\SourceList\Net C:\Windows\system32\msiexec.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Features\5B532AFE1A6C6E24B99C208A5DF6C1CD C:\Windows\system32\msiexec.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Features\5B532AFE1A6C6E24B99C208A5DF6C1CD\EnvironmentPathNpmModules = "EnvironmentPath" C:\Windows\system32\msiexec.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\5B532AFE1A6C6E24B99C208A5DF6C1CD\AdvertiseFlags = "388" C:\Windows\system32\msiexec.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\5B532AFE1A6C6E24B99C208A5DF6C1CD\Clients = 3a0000000000 C:\Windows\system32\msiexec.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\5B532AFE1A6C6E24B99C208A5DF6C1CD\SourceList\Media\1 = ";" C:\Windows\system32\msiexec.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\UpgradeCodes\A3A70C74FE2431248AD5F8A59570C782\5B532AFE1A6C6E24B99C208A5DF6C1CD C:\Windows\system32\msiexec.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\5B532AFE1A6C6E24B99C208A5DF6C1CD\SourceList\PackageName = "node-v18.16.0-x64.msi" C:\Windows\system32\msiexec.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\UpgradeCodes\A3A70C74FE2431248AD5F8A59570C782 C:\Windows\system32\msiexec.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\5B532AFE1A6C6E24B99C208A5DF6C1CD\SourceList\Media C:\Windows\system32\msiexec.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\5B532AFE1A6C6E24B99C208A5DF6C1CD\Assignment = "1" C:\Windows\system32\msiexec.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Features\5B532AFE1A6C6E24B99C208A5DF6C1CD\DocumentationShortcuts C:\Windows\system32\msiexec.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Features\5B532AFE1A6C6E24B99C208A5DF6C1CD\EnvironmentPath C:\Windows\system32\msiexec.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\5B532AFE1A6C6E24B99C208A5DF6C1CD\ProductIcon = "C:\\Windows\\Installer\\{EFA235B5-C6A1-42E6-9BC9-02A8D56F1CDC}\\NodeIcon" C:\Windows\system32\msiexec.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\5B532AFE1A6C6E24B99C208A5DF6C1CD\InstanceType = "0" C:\Windows\system32\msiexec.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\5B532AFE1A6C6E24B99C208A5DF6C1CD\DeploymentFlags = "3" C:\Windows\system32\msiexec.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\5B532AFE1A6C6E24B99C208A5DF6C1CD\SourceList\Net\1 = "C:\\Users\\Admin\\AppData\\Local\\Temp\\" C:\Windows\system32\msiexec.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\5B532AFE1A6C6E24B99C208A5DF6C1CD\ProductName = "Node.js" C:\Windows\system32\msiexec.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\5B532AFE1A6C6E24B99C208A5DF6C1CD\Language = "1033" C:\Windows\system32\msiexec.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\5B532AFE1A6C6E24B99C208A5DF6C1CD C:\Windows\system32\msiexec.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\5B532AFE1A6C6E24B99C208A5DF6C1CD\SourceList C:\Windows\system32\msiexec.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\5B532AFE1A6C6E24B99C208A5DF6C1CD\SourceList\LastUsedSource = "n;1;C:\\Users\\Admin\\AppData\\Local\\Temp\\" C:\Windows\system32\msiexec.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Features\5B532AFE1A6C6E24B99C208A5DF6C1CD\EnvironmentPathNode = "EnvironmentPath" C:\Windows\system32\msiexec.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Features\5B532AFE1A6C6E24B99C208A5DF6C1CD\npm C:\Windows\system32\msiexec.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 1220 wrote to memory of 4820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1220 wrote to memory of 4820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1220 wrote to memory of 2820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1220 wrote to memory of 2820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1220 wrote to memory of 2820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1220 wrote to memory of 2820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1220 wrote to memory of 2820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1220 wrote to memory of 2820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1220 wrote to memory of 2820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1220 wrote to memory of 2820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1220 wrote to memory of 2820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1220 wrote to memory of 2820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1220 wrote to memory of 2820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1220 wrote to memory of 2820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1220 wrote to memory of 2820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1220 wrote to memory of 2820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1220 wrote to memory of 2820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1220 wrote to memory of 2820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1220 wrote to memory of 2820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1220 wrote to memory of 2820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1220 wrote to memory of 2820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1220 wrote to memory of 2820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1220 wrote to memory of 2820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1220 wrote to memory of 2820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1220 wrote to memory of 2820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1220 wrote to memory of 2820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1220 wrote to memory of 2820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1220 wrote to memory of 2820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1220 wrote to memory of 2820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1220 wrote to memory of 2820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1220 wrote to memory of 2820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1220 wrote to memory of 2820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1220 wrote to memory of 1432 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1220 wrote to memory of 1432 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1220 wrote to memory of 1152 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1220 wrote to memory of 1152 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1220 wrote to memory of 1152 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1220 wrote to memory of 1152 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1220 wrote to memory of 1152 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1220 wrote to memory of 1152 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1220 wrote to memory of 1152 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1220 wrote to memory of 1152 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1220 wrote to memory of 1152 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1220 wrote to memory of 1152 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1220 wrote to memory of 1152 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1220 wrote to memory of 1152 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1220 wrote to memory of 1152 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1220 wrote to memory of 1152 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1220 wrote to memory of 1152 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1220 wrote to memory of 1152 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1220 wrote to memory of 1152 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1220 wrote to memory of 1152 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1220 wrote to memory of 1152 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1220 wrote to memory of 1152 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1220 wrote to memory of 1152 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1220 wrote to memory of 1152 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1220 wrote to memory of 1152 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1220 wrote to memory of 1152 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1220 wrote to memory of 1152 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1220 wrote to memory of 1152 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1220 wrote to memory of 1152 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1220 wrote to memory of 1152 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1220 wrote to memory of 1152 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1220 wrote to memory of 1152 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://google.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7fff8778cc40,0x7fff8778cc4c,0x7fff8778cc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1924,i,15691025983973283364,13630558978828079020,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1908 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2156,i,15691025983973283364,13630558978828079020,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2164 /prefetch:3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2232,i,15691025983973283364,13630558978828079020,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2344 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3116,i,15691025983973283364,13630558978828079020,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3160 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3124,i,15691025983973283364,13630558978828079020,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3180 /prefetch:1

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4632,i,15691025983973283364,13630558978828079020,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4644 /prefetch:8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4852,i,15691025983973283364,13630558978828079020,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=976 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=208,i,15691025983973283364,13630558978828079020,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4856 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=5012,i,15691025983973283364,13630558978828079020,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5036 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=5216,i,15691025983973283364,13630558978828079020,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5208 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=3200,i,15691025983973283364,13630558978828079020,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3160 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-appcompat-clear --field-trial-handle=3216,i,15691025983973283364,13630558978828079020,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5196 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4892,i,15691025983973283364,13630558978828079020,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4792 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=5492,i,15691025983973283364,13630558978828079020,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5468 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=5280,i,15691025983973283364,13630558978828079020,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5500 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=5416,i,15691025983973283364,13630558978828079020,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5660 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=5312,i,15691025983973283364,13630558978828079020,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5788 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=5664,i,15691025983973283364,13630558978828079020,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3228 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --field-trial-handle=5876,i,15691025983973283364,13630558978828079020,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3184 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --field-trial-handle=5640,i,15691025983973283364,13630558978828079020,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5644 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=6224,i,15691025983973283364,13630558978828079020,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=6212 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=6232,i,15691025983973283364,13630558978828079020,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=6368 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5892,i,15691025983973283364,13630558978828079020,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=6536 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=6544,i,15691025983973283364,13630558978828079020,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=6680 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=6828,i,15691025983973283364,13630558978828079020,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=6840 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5668,i,15691025983973283364,13630558978828079020,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=6260 /prefetch:8

C:\Users\Admin\Downloads\Bootstrapper.exe

"C:\Users\Admin\Downloads\Bootstrapper.exe"

C:\Windows\System32\msiexec.exe

"C:\Windows\System32\msiexec.exe" /i "C:\Users\Admin\AppData\Local\Temp\node-v18.16.0-x64.msi" /qn

C:\Windows\system32\msiexec.exe

C:\Windows\system32\msiexec.exe /V

C:\Windows\System32\MsiExec.exe

C:\Windows\System32\MsiExec.exe -Embedding 0CE2987674052AE6D23B635255B49357

C:\Windows\syswow64\MsiExec.exe

C:\Windows\syswow64\MsiExec.exe -Embedding 7E23BAAEBE945E3D6EE41FAB0A15BF0C

C:\Windows\syswow64\MsiExec.exe

C:\Windows\syswow64\MsiExec.exe -Embedding CDE320E18C8FB6ADC5086437406583D3 E Global\MSI0000

C:\Windows\SysWOW64\wevtutil.exe

"wevtutil.exe" im "C:\Program Files\nodejs\node_etw_provider.man"

C:\Windows\System32\wevtutil.exe

"wevtutil.exe" im "C:\Program Files\nodejs\node_etw_provider.man" /fromwow64

C:\Users\Admin\Downloads\Bootstrapper.exe

"C:\Users\Admin\Downloads\Bootstrapper.exe"

C:\Windows\System32\msiexec.exe

"C:\Windows\System32\msiexec.exe" /i "C:\Users\Admin\AppData\Local\Temp\node-v18.16.0-x64.msi" /qn

C:\Windows\System32\MsiExec.exe

C:\Windows\System32\MsiExec.exe -Embedding 3B0CD96D6CB29EB42CCD1A68C06E3A58

C:\Windows\syswow64\MsiExec.exe

C:\Windows\syswow64\MsiExec.exe -Embedding DF15A990B30805C9A0D2BE58E1AB32A6

C:\Windows\syswow64\MsiExec.exe

C:\Windows\syswow64\MsiExec.exe -Embedding E2133BDE542B4774326DE014674A1D6B E Global\MSI0000

Network

Country Destination Domain Proto
US 8.8.8.8:53 8.8.8.8.in-addr.arpa udp
US 8.8.8.8:53 133.211.185.52.in-addr.arpa udp
US 8.8.8.8:53 google.com udp
FR 142.250.201.174:443 google.com tcp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 174.201.250.142.in-addr.arpa udp
US 8.8.8.8:53 138.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 172.214.232.199.in-addr.arpa udp
FR 172.217.20.196:443 www.google.com udp
FR 172.217.20.196:443 www.google.com tcp
US 8.8.8.8:53 tse1.mm.bing.net udp
US 150.171.28.10:443 tse1.mm.bing.net tcp
US 8.8.8.8:53 g.bing.com udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
US 13.107.21.237:443 g.bing.com tcp
US 8.8.8.8:53 196.20.217.172.in-addr.arpa udp
US 8.8.8.8:53 23.159.190.20.in-addr.arpa udp
US 8.8.8.8:53 227.74.250.142.in-addr.arpa udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
US 8.8.8.8:53 10.28.171.150.in-addr.arpa udp
US 8.8.8.8:53 237.21.107.13.in-addr.arpa udp
US 8.8.8.8:53 234.75.250.142.in-addr.arpa udp
US 8.8.8.8:53 67.179.250.142.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 97.17.167.52.in-addr.arpa udp
US 8.8.8.8:53 26.165.165.52.in-addr.arpa udp
US 8.8.8.8:53 15.164.165.52.in-addr.arpa udp
US 8.8.8.8:53 147.142.123.92.in-addr.arpa udp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
FR 142.250.201.174:443 google.com udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
US 142.250.69.3:443 beacons.gcp.gvt2.com tcp
US 142.250.69.3:443 beacons.gcp.gvt2.com tcp
FR 142.250.201.174:443 google.com tcp
US 142.250.69.3:443 beacons.gcp.gvt2.com tcp
US 142.250.69.3:443 beacons.gcp.gvt2.com tcp
US 142.250.69.3:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 3.69.250.142.in-addr.arpa udp
US 8.8.8.8:53 tse1.mm.bing.net udp
US 150.171.27.10:443 tse1.mm.bing.net tcp
US 150.171.27.10:443 tse1.mm.bing.net tcp
US 150.171.27.10:443 tse1.mm.bing.net tcp
US 150.171.27.10:443 tse1.mm.bing.net tcp
US 150.171.27.10:443 tse1.mm.bing.net tcp
US 8.8.8.8:53 43.58.199.20.in-addr.arpa udp
US 8.8.8.8:53 google.com udp
US 142.250.69.3:443 beacons.gcp.gvt2.com udp
FR 142.250.201.174:443 google.com udp
US 8.8.8.8:53 beacons2.gvt2.com udp
US 216.239.32.3:443 beacons2.gvt2.com tcp
US 216.239.32.3:443 beacons2.gvt2.com udp
US 8.8.8.8:53 3.32.239.216.in-addr.arpa udp
US 8.8.8.8:53 linkvertise.com udp
US 104.22.23.72:443 linkvertise.com tcp
US 104.22.23.72:443 linkvertise.com tcp
US 8.8.8.8:53 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 cdn.exmarketplace.com udp
IT 95.110.204.9:443 cdn.exmarketplace.com tcp
FR 172.217.20.162:443 securepubads.g.doubleclick.net tcp
US 142.250.69.3:443 beacons.gcp.gvt2.com udp
US 104.22.23.72:443 linkvertise.com udp
US 8.8.8.8:53 use.typekit.net udp
US 8.8.8.8:53 cdnjs.cloudflare.com udp
US 8.8.8.8:53 maxst.icons8.com udp
US 8.8.8.8:53 stackpath.bootstrapcdn.com udp
US 8.8.8.8:53 p.typekit.net udp
US 8.8.8.8:53 js.chargebee.com udp
GB 2.19.252.203:443 p.typekit.net tcp
GB 2.19.252.211:443 use.typekit.net tcp
US 104.17.24.14:443 cdnjs.cloudflare.com tcp
US 104.17.24.14:443 cdnjs.cloudflare.com tcp
US 104.18.10.207:443 stackpath.bootstrapcdn.com tcp
US 104.18.10.207:443 stackpath.bootstrapcdn.com tcp
NL 18.239.18.124:443 js.chargebee.com tcp
GB 84.17.50.9:443 maxst.icons8.com tcp
US 8.8.8.8:53 72.23.22.104.in-addr.arpa udp
US 8.8.8.8:53 162.20.217.172.in-addr.arpa udp
US 8.8.8.8:53 9.204.110.95.in-addr.arpa udp
US 8.8.8.8:53 203.252.19.2.in-addr.arpa udp
US 8.8.8.8:53 14.24.17.104.in-addr.arpa udp
US 8.8.8.8:53 211.252.19.2.in-addr.arpa udp
US 8.8.8.8:53 207.10.18.104.in-addr.arpa udp
US 8.8.8.8:53 9.50.17.84.in-addr.arpa udp
US 8.8.8.8:53 124.18.239.18.in-addr.arpa udp
US 8.8.8.8:53 exmarketplace.com udp
US 8.8.8.8:53 contextual.media.net udp
GB 95.100.244.20:443 contextual.media.net tcp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
FR 172.217.20.162:443 googleads.g.doubleclick.net tcp
US 8.8.8.8:53 publisher.linkvertise.com udp
US 8.8.8.8:53 euob.bizseasky.com udp
US 172.67.31.186:443 publisher.linkvertise.com tcp
US 172.67.31.186:443 publisher.linkvertise.com tcp
NL 18.65.39.110:443 euob.bizseasky.com tcp
US 8.8.8.8:53 www.clarity.ms udp
US 8.8.8.8:53 lnk.thinksuggest.org udp
US 8.8.8.8:53 api.bing.com udp
US 8.8.8.8:53 api.ipify.org udp
FR 172.217.20.196:443 www.google.com tcp
US 8.8.8.8:53 api.thinksuggest.org udp
US 8.8.8.8:53 www.thinksuggest.org udp
US 8.8.8.8:53 20.244.100.95.in-addr.arpa udp
US 8.8.8.8:53 98.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 168.214.58.216.in-addr.arpa udp
US 8.8.8.8:53 186.31.67.172.in-addr.arpa udp
US 8.8.8.8:53 110.39.65.18.in-addr.arpa udp
US 104.26.12.205:443 api.ipify.org tcp
US 13.107.5.80:443 api.bing.com tcp
US 13.107.246.64:443 www.clarity.ms tcp
DE 176.9.175.232:443 www.thinksuggest.org tcp
DE 176.9.175.232:443 www.thinksuggest.org tcp
DE 176.9.175.232:443 www.thinksuggest.org tcp
US 8.8.8.8:53 obseu.bizseasky.com udp
IE 34.251.101.162:443 obseu.bizseasky.com tcp
FR 172.217.20.162:443 googleads.g.doubleclick.net tcp
FR 172.217.20.162:443 googleads.g.doubleclick.net tcp
US 8.8.8.8:53 api.taboola.com udp
US 151.101.1.44:443 api.taboola.com tcp
US 172.67.31.186:443 publisher.linkvertise.com udp
US 8.8.8.8:53 ep1.adtrafficquality.google udp
US 8.8.8.8:53 c.clarity.ms udp
US 104.17.24.14:443 cdnjs.cloudflare.com udp
US 104.18.10.207:443 stackpath.bootstrapcdn.com udp
US 8.8.8.8:53 205.12.26.104.in-addr.arpa udp
US 8.8.8.8:53 64.246.107.13.in-addr.arpa udp
US 8.8.8.8:53 80.5.107.13.in-addr.arpa udp
US 8.8.8.8:53 232.175.9.176.in-addr.arpa udp
US 8.8.8.8:53 162.101.251.34.in-addr.arpa udp
US 8.8.8.8:53 238.75.250.142.in-addr.arpa udp
US 8.8.8.8:53 44.1.101.151.in-addr.arpa udp
IE 13.74.129.1:443 c.clarity.ms tcp
US 8.8.8.8:53 h.clarity.ms udp
US 8.8.8.8:53 o1051356.ingest.sentry.io udp
US 51.8.64.151:443 h.clarity.ms tcp
US 34.120.195.249:443 o1051356.ingest.sentry.io tcp
FR 172.217.20.162:443 googleads.g.doubleclick.net udp
US 8.8.8.8:53 imagedelivery.net udp
US 8.8.8.8:53 img.youtube.com udp
US 8.8.8.8:53 1.129.74.13.in-addr.arpa udp
US 8.8.8.8:53 226.75.250.142.in-addr.arpa udp
US 8.8.8.8:53 249.195.120.34.in-addr.arpa udp
US 8.8.8.8:53 151.64.8.51.in-addr.arpa udp
US 104.18.3.36:443 imagedelivery.net tcp
US 104.18.3.36:443 imagedelivery.net tcp
US 104.18.3.36:443 imagedelivery.net tcp
US 104.18.3.36:443 imagedelivery.net tcp
US 104.18.3.36:443 imagedelivery.net tcp
US 104.18.3.36:443 imagedelivery.net tcp
FR 142.250.179.78:443 img.youtube.com tcp
FR 142.250.179.78:443 img.youtube.com tcp
FR 142.250.179.78:443 img.youtube.com tcp
FR 142.250.179.78:443 img.youtube.com tcp
US 104.18.3.36:443 imagedelivery.net udp
FR 142.250.179.78:443 img.youtube.com udp
US 8.8.8.8:53 c.bing.com udp
US 8.8.8.8:53 ep2.adtrafficquality.google udp
US 13.107.21.237:443 c.bing.com tcp
FR 216.58.215.33:443 ep2.adtrafficquality.google tcp
US 8.8.8.8:53 36.3.18.104.in-addr.arpa udp
US 8.8.8.8:53 78.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 tpc.googlesyndication.com udp
FR 172.217.20.196:443 www.google.com tcp
FR 142.250.179.65:443 tpc.googlesyndication.com tcp
FR 142.250.179.65:443 tpc.googlesyndication.com udp
US 8.8.8.8:53 33.215.58.216.in-addr.arpa udp
US 8.8.8.8:53 65.179.250.142.in-addr.arpa udp
FR 172.217.20.196:443 www.google.com udp
US 51.8.64.151:443 h.clarity.ms tcp
US 8.8.8.8:53 chrome.google.com udp
FR 172.217.20.174:443 chrome.google.com tcp
US 8.8.8.8:53 174.20.217.172.in-addr.arpa udp
US 142.250.69.3:443 beacons.gcp.gvt2.com udp
US 104.22.23.72:443 publisher.linkvertise.com udp
US 51.8.64.151:443 h.clarity.ms tcp
US 51.8.64.151:443 h.clarity.ms tcp
US 104.17.24.14:443 cdnjs.cloudflare.com udp
US 104.18.10.207:443 stackpath.bootstrapcdn.com udp
GB 95.100.244.20:443 contextual.media.net udp
FR 172.217.20.162:443 googleads.g.doubleclick.net udp
US 172.67.31.186:443 publisher.linkvertise.com udp
FR 172.217.20.196:443 www.google.com tcp
FR 142.250.179.65:443 tpc.googlesyndication.com udp
US 8.8.8.8:53 am-api.taboola.com udp
US 8.8.8.8:53 cdn.linkvertise.com udp
US 8.8.8.8:53 images.taboola.com udp
FR 142.250.179.78:443 img.youtube.com udp
US 104.18.3.36:443 imagedelivery.net udp
US 151.101.193.44:443 images.taboola.com tcp
US 104.22.22.72:443 cdn.linkvertise.com tcp
US 104.22.22.72:443 cdn.linkvertise.com tcp
US 104.22.22.72:443 cdn.linkvertise.com tcp
US 104.22.22.72:443 cdn.linkvertise.com tcp
FR 172.217.20.196:443 www.google.com udp
US 8.8.8.8:53 cms.quantserve.com udp
US 8.8.8.8:53 ads.travelaudience.com udp
US 8.8.8.8:53 match.adsby.bidtheatre.com udp
US 8.8.8.8:53 bttrack.com udp
US 8.8.8.8:53 b1sync.zemanta.com udp
US 8.8.8.8:53 s.uuidksinc.net udp
US 8.8.8.8:53 ums.acuityplatform.com udp
US 8.8.8.8:53 cm.g.doubleclick.net udp
US 8.8.8.8:53 44.193.101.151.in-addr.arpa udp
US 8.8.8.8:53 72.22.22.104.in-addr.arpa udp
NL 188.166.17.21:443 match.adsby.bidtheatre.com tcp
US 192.132.33.67:443 bttrack.com tcp
US 35.190.0.66:443 ads.travelaudience.com tcp
DE 91.228.74.166:443 cms.quantserve.com tcp
NL 185.98.54.153:443 s.uuidksinc.net tcp
US 64.202.112.255:443 b1sync.zemanta.com tcp
NL 154.59.122.79:443 ums.acuityplatform.com tcp
FR 172.217.20.194:443 cm.g.doubleclick.net tcp
FR 172.217.20.194:443 cm.g.doubleclick.net udp
US 8.8.8.8:53 66.0.190.35.in-addr.arpa udp
US 8.8.8.8:53 153.54.98.185.in-addr.arpa udp
US 8.8.8.8:53 21.17.166.188.in-addr.arpa udp
US 8.8.8.8:53 166.74.228.91.in-addr.arpa udp
US 8.8.8.8:53 194.20.217.172.in-addr.arpa udp
US 8.8.8.8:53 79.122.59.154.in-addr.arpa udp
US 8.8.8.8:53 67.33.132.192.in-addr.arpa udp
US 8.8.8.8:53 255.112.202.64.in-addr.arpa udp
US 142.250.69.3:443 beacons.gcp.gvt2.com tcp
US 8.8.8.8:53 obseu.bizseasky.com udp
US 8.8.8.8:53 h.clarity.ms udp
US 142.250.69.3:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 getsolara.dev udp
US 104.21.93.27:443 getsolara.dev tcp
US 104.21.93.27:443 getsolara.dev tcp
US 8.8.8.8:53 27.93.21.104.in-addr.arpa udp
US 8.8.8.8:53 getsolara.dev udp
US 104.21.93.27:443 getsolara.dev tcp
US 8.8.8.8:53 beacons.gvt2.com udp
US 8.8.8.8:53 a.nel.cloudflare.com udp
US 35.190.80.1:443 a.nel.cloudflare.com tcp
FR 142.250.179.99:443 beacons.gvt2.com tcp
FR 142.250.179.99:443 beacons.gvt2.com udp
US 35.190.80.1:443 a.nel.cloudflare.com udp
US 8.8.8.8:53 1.80.190.35.in-addr.arpa udp
US 8.8.8.8:53 99.179.250.142.in-addr.arpa udp
N/A 127.0.0.1:6463 tcp
US 8.8.8.8:53 pastebin.com udp
US 172.67.19.24:443 pastebin.com tcp
US 8.8.8.8:53 clientsettings.roblox.com udp
DE 128.116.44.3:443 clientsettings.roblox.com tcp
US 8.8.8.8:53 24.19.67.172.in-addr.arpa udp
US 8.8.8.8:53 3.44.116.128.in-addr.arpa udp
US 8.8.8.8:53 www.nodejs.org udp
US 104.20.22.46:443 www.nodejs.org tcp
US 8.8.8.8:53 nodejs.org udp
US 104.20.22.46:443 nodejs.org tcp
US 51.8.64.151:443 h.clarity.ms tcp
US 8.8.8.8:53 46.22.20.104.in-addr.arpa udp
US 8.8.8.8:53 23.149.64.172.in-addr.arpa udp
US 8.8.8.8:53 8366f580.solaraweb-alj.pages.dev udp
US 172.66.47.197:443 8366f580.solaraweb-alj.pages.dev tcp
US 8.8.8.8:53 197.47.66.172.in-addr.arpa udp
US 104.21.93.27:443 getsolara.dev tcp
US 172.67.19.24:443 pastebin.com tcp
DE 128.116.44.3:443 clientsettings.roblox.com tcp
US 104.20.22.46:443 nodejs.org tcp
US 104.20.22.46:443 nodejs.org tcp
US 51.8.64.151:443 h.clarity.ms tcp
US 51.8.64.151:443 h.clarity.ms tcp
US 142.250.69.3:443 beacons.gcp.gvt2.com tcp
US 142.250.69.3:443 beacons.gcp.gvt2.com udp
US 142.250.69.3:443 beacons.gcp.gvt2.com tcp

Files

\??\pipe\crashpad_1220_OQHNEQEIWENUULRG

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000001

MD5 3e552d017d45f8fd93b94cfc86f842f2
SHA1 dbeebe83854328e2575ff67259e3fb6704b17a47
SHA256 27d9c4613df7a3c04da0b79c13217aa69992b441acb7e44bf2a7578ca87d97d6
SHA512 e616436f2f15615429c7c5c37de3990c3e86c5e1da7d75a0f524fc458b75d44a5be1a3648a628d63e1cf8aa062e08b538f2f2bc9c6a0b42157beb24f82c571d9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

MD5 bac617b1cfe998c39e43f53b1407ef9d
SHA1 11c03a3714c6d3d24ac5f5893f0607d9e9a6013e
SHA256 62bc67fc5c1bf9caba977288820a255f5de9959f0f6ab7ea44117b70315ed08e
SHA512 76f27d4ed6db12ed29033d3b16edcd537972b04707fc3d8a0015639d7dd33063c61f0db8c9eda940433d6f7a749fdd79bcfb83baf7ba2e9db89d92bed109b44e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 64205e80c890c049e066d4aed126cdfa
SHA1 9e2449581ef7d912d8f78417a3b168c88d08208f
SHA256 a146e4c0eee5b0cde750ab721cb6f15826a146b99207ecbe97c50c2cc464441b
SHA512 fc1b299090b354516850bbe10ac486069fffa49a49985ffad5e04c7b5898a1f49723cf406eac0f740a6d36f6a7aceb2db9a8a269115944d9929569ed7601a5e9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 40bdb1a4e60c0cd037636ed764602cb2
SHA1 6c508e89a033dbea614e75ee11421555c0097cee
SHA256 435319410bf01434b26277a5dd7d2eff67eb045de546df27a2c59cd50639bcbb
SHA512 7ccfe82fbcde0d4f4f6e2450135ce2d77f47c65191b44293ab0075566b5217a1c113931596d92edc8c15c89c8cb2e4317352afb310cbac38d157e27672ec4ca5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 5f33c49d1546537f688125005871ad15
SHA1 bea747e36f3f4c2b3ee27825d4f74174f1607d4c
SHA256 2f72d3b91926a19cacf0b1a3a52b9f0925def688cf283d845d9c7642f813db3a
SHA512 71c6327b643adbd0506338fe46cb7182fbc331f7ab81f9cc5332fae58cd5b44addacc722f07baf07fcfb10d96efd22637d56fcdb0a9eced8f623119d50cd72bf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 47f92374682ee7e295bb1ad3e4753f11
SHA1 e8a6eb4b1da3dd261740feff22a896ff0867d9f8
SHA256 bb689f1dc301aa3337cb69f9339836cdb7f5f00d89f7c4e383e83e8fb84ad82e
SHA512 7bfaa291592a9362ac78655f0c5192b8ecb3500a37f398bafc7e1a7ab6f20bc516a65e5c3638ffc1fd71d596847502a1e12a0d4e04ae241787e99b93e0f7cb3d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 c36604bff429b39a6e3120be7d4ba5ee
SHA1 4e74aa82b1f67a219ea0e9c1a8087efe6b355c5c
SHA256 0c450074f2e1c9346b03f59be299776a516dc34f6410b37db0a5d15b68a757ac
SHA512 8bf3dff03d5d6c01ad141203422742dd81fff84db1fb00dcec374b70021c6113122d1cf5f198371cf048452b8ce64c4a407602622fb078586232052f4c55da08

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6e7b704fc049cfc4d63a8f4a38a314f0
SHA1 e8d9c6fc46663635b94ed307f9374c2e561c8be5
SHA256 843fafd8443bc6a747fe26ca5ac7b3ce407927558477c65ae8d0817d279d59a9
SHA512 7999580074d9aa4bb9e0e46267a1ca831a8b0d7fb966ce3b1a3351704ad271a21ba3e63b172e4a2035f2f3da957b2226009b85200f58a6683d8752cc517297d1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 bea2a036702fd32cffe8dbf3014e28b3
SHA1 3ac8145a2a77f79b6947560cf79e5f5e57ca01ec
SHA256 140d631e20ed6ec167570ad962d6614d49d92bacbdc82a430d067ad874ae55c8
SHA512 379f00c728c78c710b7eedb5f8790f817357aeec8f3398cf73e8af683638e4dce203192ec2e1bde9b1c19c5ff1b1953c5c82c5fc40ceec4d1d89781b60b71790

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b71630b74aea8b412bfa78998e7ce5bc
SHA1 ff0b9580b8a0a38ea2cd09e684b14a874d6b8f93
SHA256 4524baf4fa7d5c986e435a7927b5bd17e13c38ce83468f32eaefaa56344a1ce5
SHA512 b7a0f74e27b51ae760c3599cb91c9158ded0ce1115949ff0364295ad02e8d87a5881e49df028b20dc99ad1759f86ce55e06069ff9401a8eee3401cdeba0d5f44

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 18bf0dc2375f859b64ce5bda88824264
SHA1 3aff979e6ecd6ba0481c4585f9d4c28abfc8365a
SHA256 75bb6b40aa7e22970cf2d77c834c90fbcc7e62ef536565d60b1ff183daa8569b
SHA512 8ef46e177ddcdb4c016a8b445764c83a78ba4f20da52ba69e55a9cc9f143c871bf24dadb6326ef4031ae01d2ea5a6e1c96c7ee57efd1dbc929595369593219e8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 230d5caadd489aa47a352329045dcba0
SHA1 7e5a264a3a36eaba3a574635c0b180fdcb09c1f2
SHA256 6b4039ec413ab67b8430bf25b3049042bca13c635037dcca482b55a735f10732
SHA512 4b54004fe0494df4e6aa8871c55dd7f4ddf9fb84ae4610a53bea70cf3eea8b4b21b1ac2ad771ee1316d4edbd294c2a2f7dfa992fb31e493fd544f1c03dab8ed6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 c26d3f3928d90fb137bf6dda34bebc3a
SHA1 ca36389e7c0600cf917d78db2437331a5fc8231b
SHA256 43815f14b51a4a32152078ee4e0c8e8516bc4e03b57261a247e50cb9ccaa469e
SHA512 ed3de364786fcabd5d80ff3dbc79d3446c8d716f38243ce2da20968f9ad4041eff7c3517169a45b49927d238125dedd3c49022c7325af56c2f5dcb0be51d38df

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 cbe1331d61204bf0d7c51b3308edee53
SHA1 e551943c0586b56989d333d368c44bc90fe48500
SHA256 2443c8295973b26d23675e98c57cfaf1fb7a5ff4a353df2c43a600f39fbf2c22
SHA512 48af6fe1ff72f314808902c0bf54b2079ae2da5a2e4d6d7a534eca27b1adfa0987c638a35ef34bfb57a6cc4503c9c8bb1c5d5f66706c215ebde3ea6934cd3f8c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 44ead270ef2b5f06d90807340b2fd2e4
SHA1 e561f47866f1883f71e527af48b9c8e643e881fb
SHA256 c453d0c3391c5ffcded424eb8e2c22d392bc85cbe5e2ddf7601597808a21f6cd
SHA512 a6e9ad2ebd00238ea5dbed46337b63e62fd7b674efb83ae988d7272074a266d93bdaa60d928e11928924cc0d9840fda149199d5ba6edc1273d1c88c2efaf2837

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 42fd315ec322c1b87b6990e5b1327dfb
SHA1 e5d83b2c40dc33daf8a891f5333d86bc4b4c288f
SHA256 36af2f12d813e4518891098730a409563607bcd0fa06ee9723985b2fedc2f909
SHA512 d8b2aa032b6df89981f59471b326208606692fd282367b8c34763532e99e986a02bcfdc8d506b3776be90b496f4dd99d020654abe03a9d73b8d5a7f74ba94835

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\64250982bda1bb7a_0

MD5 e86c42fabcb99e09eef4cabc82b71f12
SHA1 e90ee7f2a70ac32f43ea7befb7efbe00f91096da
SHA256 a0e709db7c37f2c4eb3a989c7032e67f4df063e00ebbcf76fee212ddfd9237bc
SHA512 65deb4413ee63cf38ba928b832c1d9a54ff75b196bdbeaaa101e00c840718911043e81fece0628885bcb5ce667d3538f4c09fa47d4d80183deeea4be90ff050f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\6674bc23aea7868d_0

MD5 41cc643a6412b571b5bdff28d062537b
SHA1 eaf49231153b250e50db499d6dfd71497dd65741
SHA256 62071ef93fa7cf397cb75afafb8254aecceae618c4e3326a383ac46dd1204c60
SHA512 3d021de52883baa999506981805069c9adad489e289f066caf8573ca8b78e2d17d28ead9d0f5ad9880899618da1287f117dc8430a245f93b4f8d049b6f6f6078

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e9fa527087c45ac2d6e62296c6cdbded
SHA1 4e2ca4b9583a06a356658c6ba7ad0513a7a7df63
SHA256 dd83d9997725dcce13f3959e1b20408105426fc6d5d8d4ee8c2553fe978863ef
SHA512 70dfdf2ed0b4cc06384795e523d5a7e575c4157d59975b20249004a90c7730c072fb6afd4619270cf077114e90e5e391c4d6b362cff68a1426fc01d311099621

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 9f80c5c5f99120845dbbb11ea0ac0933
SHA1 21db08c94aaddc32cc7e70f4eef6d1445b3e9f2b
SHA256 00e5dc8bae4529c9b55808de41336c793b712981547bc98c2ddb7916f161aa61
SHA512 25ded55b9bcf2a73bb53ee6e8a7946aec7ca93a680336f2f2748d1e85e5173616a0f01c82afaa76fce04e531bf387a39cd8f7cbec2e55e99dca15ee2f629d4bc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 51f3c60caafe73ee251b0cc8c0cc085f
SHA1 c445ce820997e8b4b29623918056b85c1429fafc
SHA256 70268292a2d7121bcd2902665773b2674944f76b7178d6b21a411502fce8da2c
SHA512 560962e1fc9eaf5b81e59ae39cce3e0274cae379f00d69e5612888ccfb8caf98d525a9e5accbcedc999e5824239cc646fc4be323ee0c6f22282a5c587d00d64c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 af093cf00676591917fe3e20d6720186
SHA1 08c52c68d2fa8fd41e70d8e79cf7a397fbef902b
SHA256 e18a419621369de87a526ce71a3451d1bda7eab61401c89416d6d453c1d4861e
SHA512 a9952e781e64352926d42ec7b06af03af7a53eb5f5169bb9630c8b59d67e8631e5b6040edf937d8cad874c25da09bd61a3bda1ce7a0d503b36af5027a2be92f4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a5b75aba2041a87a6cf841a7ef78b3f7
SHA1 135b7566840be07ab4657493cf4c6c7920df4447
SHA256 726bca41648f5cacf143619e9d421bb91255a3259f4eb9ea8b425ff1a57d31ef
SHA512 4458a28327f68543e3a0fed004ffe9f880c5e0c40304d818022c4839aae0a4ddd1bc0d649f70e4bef8a2d7518dd24acc21290b078224468aa223c28409c25379

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 c04e7579bfdf54e2b37381c8b1accdf4
SHA1 399cede3ba5fddbe0149a9bc714aa0888bb5b5ff
SHA256 8dce0d454e208534d8c4197d17c13f0e784fb463150ba71d162afacfb27aa625
SHA512 869d8f0ad2998d05f74bb0acee9da5f446bdb940c2e4c79a317285244175a8bc8f35014d62200d3c331ce1f4157cd0831ae7e09839e21f780f45b9cb67f48617

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 1251836ce5b132d3ca8a3304ddc279d0
SHA1 072acc45f6365134682dd5317938dd845fc68a09
SHA256 d346d4188bcc0d77073735e92015993b05230262a58172c2ab421de16a722c50
SHA512 7134c82e640241bb54d41dcff0fd494c7835240f5593c82b0dffcae670ecf7e17c61abc7b5294a215f638168eea9a9201a86dc91a36b1d5574b67cf4072683a0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ccfbc01feddd40f247c6ce86d5ead595
SHA1 aff44b70f8f09546e523a9dd395ea611c11ba88e
SHA256 34a49f3669fed500afb7470327475157d78109ceec5cadc41f54b0036a53f403
SHA512 5e4e8974e6652af9e44a3ca6000161fc4d7d9105801ddc489d4245aef78c184bcdcf51bdeba1c7be3af926034b8d387fd861ffd432c4d1057317a439a15a7f8d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6385d465a538fa2e01eab6db2f01acf8
SHA1 a0b0698a48617f06c7ca27745eb1df5df502364e
SHA256 a739317ca75619a68f883fb580919a8835cc00025a13945bdb0071e1ea8561cd
SHA512 b84f7d28a76c1816778172afba47a546707f14297bcc2e7a9184ed0136b1ef09f6cdd1d7726086e5f44ad2b8849ac7da6ffd4f2374c6126980bc13a949c18360

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 8550f2ad718b3071916b8ec0adf2b659
SHA1 c2af6a26424a56f7d504a218e790d3383e0c718c
SHA256 c679ff8c52743c7893cab353869cc541dad9b0af1431fdcbfadce26dbac11dd4
SHA512 a1ea580dcbcb96b4e9df75c509975c1a4590e0be933ab92df06ee9955fb98b7738251b9892020f75a37bb181e0033485a634c542be093ff2e3f5a93b50283fee

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5466e0546faebaa926b0333f210b9768
SHA1 74b40efe96f95ea4ee8cc57357e5a3b74b24276c
SHA256 4416ba21649f1ffde3723f5c3c76c3f0788d177b86bdc4889131e2d6c3d22b12
SHA512 f7dc2f15e9554bab83bab3a015cc490c2b3f007f8001bcf5d277124fb83f25aaa170deb3643893fcdcac675bb90619c3044af0e00cbaba69da0e439ceb824959

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\52d58f18-89b3-4ceb-9e61-15a1009f1336.tmp

MD5 a16f102c85926a38bb6829886bca8bfd
SHA1 e176730ccdb635cfdb869edd917ba29278507a80
SHA256 b3426ee0abc3bd7f771b30786b70fff209ffeb0816755ab7d3e2c150d7d28b4d
SHA512 060a03df1eafe7c77ddf241f383ce3aaf96beacaaea858a76a376fd2a102f9dfd0920d4c37fc0a57cd8da55610bbc652f52611bbc4f145a9902753fe147315e6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 f07f93e358d1ccf479711318153f1b2b
SHA1 c47bc1549b4f4b1251717ddcb73341414c9972fc
SHA256 3520e4219fd443d891fefc2f63268b2cb5bed466a5016f11259ffad2e5303266
SHA512 2617cb78b3cda33c149ef8b7c735bb7c9359b7205a900df04ed2dacb119e91d9c9c79177138c578c53e1f606eb3ed752ef920824f036664b6c36f13de3a2e34c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 cb4036a46cc2ed7b32e880ce78314c2e
SHA1 c962fd712a7a32493878759c99f2b9e2e6f6a307
SHA256 5ad89de28a43e78b34045b395b8e5da50f33c57cf0d722de21d3abac3672fa7c
SHA512 1d543fe18a90bfeb32c3ceca7031124ff733fcef97cd9d1ab52e4bfd68cd6313e52cdda8259919b210034e14d40d0c8ffe57f77cdb6f981398d52d8a35859d5f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 7e27c729adfa7617565030bea9a0f2d2
SHA1 a49947d46cab405fb6254e903de50bb0575b89df
SHA256 e3fb7a2f6c9b17a1cfc9af12a36423a856a172e88cf1d6bbde20e46c04893ead
SHA512 c339ff4902f2d0276da0f25d11e59263824ae9850f74cb6fc3e0e4e61405083c3c11d7d65ebf330bf1be7182717970fa132fe371772052135a8259e074dbb77c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001d

MD5 6c9f24607a85011c8fa145f30be632ad
SHA1 8f130cec0d0a6579fe8d398bc7e62451e7badda0
SHA256 7d5a1d5cc0ff324a2faa264a6d1a40115aa945a8d7c71808108da456125dc784
SHA512 79ef710010892897b208f4b4c61c043523454ae3bc9a765057ddf0b8e9f702d4a6ee1c13317b1fdf95caeda2b9d9fd182140614eb409b5fc72cbffc6c723b48b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001a

MD5 61e4576e6aa91cd435fe92f085fb0a3c
SHA1 fa21a6bad3a461c8f0e27b75913c8f1cbe0b2b62
SHA256 78d8aca4e50e6ba58890b68f8c3d6e562ff0b16516a0c3df56be18b69dca6aa9
SHA512 b250c2940f7ca24b763bfcd4d39d0022d6441bad54c415b9848ef949f8871f219289f044301de03313bf8cfa53bb2797c5590acc1b32889b0641f7a13b710bfe

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 114c3b6d22019f06ddf4eb77743032d6
SHA1 b20061cf3099be51cfbf7ad281f94f075dd3bd07
SHA256 ff8de73d7f9839ba27fd02a3880da5b2dc91b815d7196551efd945470e830666
SHA512 2c266d480a1182c0a1137af50e132a4826543d0e3022d7b581b52ebb8cdbc4678a569ed0bc9c08407ab377244cd9a1fb935168ddeaa8c298684ef84a6b432276

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000019

MD5 638a4990025383a0f83ebf29bdb84a68
SHA1 153e8818dc42f598e47fde8cf398f1447649a4d0
SHA256 878e34b89800bb271d3588e526eb3598eb3822e263f3bdaf53645847d39d0ad6
SHA512 59a505fa1a3bea1511e8fed16dced733299928b4081665d3e3fa4fc71d6f0ed0b09934805f442bf190c9093937e1494ac938167f9beaca0223243703f73efe87

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000021

MD5 cc379cde7c0b1e297da79328df8223f1
SHA1 b6056d75b9458d57702851af3546029f3e664420
SHA256 8ee760804be8dc944305fe935577796336088ee31bfa4f9b49e8eaf0928a88fc
SHA512 1d98ba9e55574f214c9eb8606e22e09693ceccae8a17b87ce31ebd016d3fd54f5945045f1a3066b860ae9e32653f3708d7dd108842d675695c0664a8837c7725

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001c

MD5 db0297317b0756af2f971beaccfc2ee2
SHA1 5763610fc16851c0b78ce1e4489bf38a59e90233
SHA256 5beb4eb1679e1ffbbfd21b2d0cff9e7e8c5a08e4320d709bb8b3b33059aac06d
SHA512 00232f21e7345f868e4187abb7178e6714bcba4c86bec4580a7fcf0f63e0012d42196a2e5a3324965e039e9137e9b6b26ba357bd19b9b7814fc3702aff7e8b0d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00003a

MD5 24d70f57445760fa446b5b7707c769f5
SHA1 c68a2ee5ed1d6680bdc62a6c69596571dc90f37f
SHA256 f3963fd42503aae6e325160f2e3b455073679f3b057b87d72043f098b41cbbfe
SHA512 6a613c37d4ba10a8dfb4317e7c8726dfcc09a5f0a3369dc0aa2a61046f56c3dd40a24ae92ca04c7f113207f39a02a033dd180b45ce0528d2b6c43aa6673c6376

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d0c3bba6c86c07d710bdc27a4c1f6aa0
SHA1 d0a1ec3b7fe38cf146ee22930b9138dcb0592f7d
SHA256 b3252a08e9396939b8a5c31531ab5d1135555dc28e9884bb3c20ee462e954d5f
SHA512 daf5c15e2bc6d1653a4753192e3dc56d079dd9f51df27bc26f8cb79e4ebb2fbc2708b1dfd5ef0c6e9dd523f141db0e59ed175f0624a8eaf1c3d9d58760e143c1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000048

MD5 dd62255c6e72b80ce88a440481d3d22f
SHA1 17758b8673c033ecf7c194e5d1190bbf9516c825
SHA256 16921001068e64b8ac9935d54eaa1dca108647370c5987443732ecd4f0f56249
SHA512 19cb0414fa378f59229d6296a4165e3a073fb6c6b812969c7015d3f73e7738c70893346740396986c6148ca1fcd5e7a8021aed775c808eb67ee9d1b301f0ee76

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 db56835cf55c7ba1275c1bace8c24656
SHA1 5b806e3032ae2952b01504d05acf1ea8032f46fe
SHA256 f5211a18aadb64ca08640f72be233f18141b0d7154db9eeb72754b7f2bddde03
SHA512 f7189638a57d9ebb2f162d2123864c1d7f7e8f4c2ed909b33037be054be036606aadc58444129991932d69d00ade8bd4a1bc8d47dcf5d12f7d7a39b81242b79a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 23c57e82c5efe47bf5034783145bd91b
SHA1 8b0d2eb292e7681d783b8e7bb075b5506bcf10e7
SHA256 7ec15e0a818f814cdf9ca253564f06e7b5a54342483d1e89cbb14f2313c6be3d
SHA512 e5f5cf5c25544e2660040ffae1da01cc12c074bf89e8bea26f241d9fdb83d2fb21f61c67b392f9e8ef6dbcf814cb623f13411df011fd0571dee15ce79e85c3d6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 3eeda9c787514e79527f8a1bf5cd4956
SHA1 86b83518f0f0d2b0cd7c50c235cc30828e31a32d
SHA256 a27c326952478b3264362932a6a0f109fb5dc57259c1c38d7fcf1b7914e2a528
SHA512 f272c9fae2baff177779f3bfaf5f6d851728c9bb1536df5b041165ba821ecf29fbe2b0fca66ab419b7f00dbb60d8a8ca235ede39a3a015df33e7e450a344204f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e4dab09b550eaea9e25c3d8b37b6fdc1
SHA1 3822128ef666157e7695ea124519d791fc2f01ff
SHA256 0d0add1c46f2dc9d59ce225cb0e7117b0beb0fc143aa7bbfd1a3b8040d75673a
SHA512 01f8e109b3e36759fd547cebbd76f9c15801a24dd863b6895f9a01fe08e92f7fcda52b2de23279d7d5804bcced5767138f52eb9a3222c6e8f456837fdb7abb9c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 c0c6258ebbc7bace939477df728ef07f
SHA1 617c3644fd20e624f6e3425324b7defad137e911
SHA256 2fd43a42b051858a60224ec056af8ea433bb307c7a4176bab63c5a054c2e6c10
SHA512 83a1fd472aba77eb9ebbd6523e26eeaa8acd310054c21d286b918da1e37af857db6d3d5510ba4d0f8b3fb398f52e851a2e05eddcea9612b176c9a4dc34990a74

C:\Users\Admin\Downloads\Bootstrapper.exe

MD5 76639ab92661f5c384302899934051ab
SHA1 9b33828f8ad3a686ff02b1a4569b8ae38128caed
SHA256 6bb9ad960bcc9010db1b9918369bdfc4558f19287b5b6562079c610a28320178
SHA512 928e4374c087070f8a6786f9082f05a866751ea877edf9afa23f6941dfc4d6762e1688bbb135788d6286ec324fa117fc60b46fed2f6e3a4ab059465a00f2ebee

memory/3500-755-0x00007FFF735B3000-0x00007FFF735B5000-memory.dmp

memory/3500-756-0x000001F4CCC10000-0x000001F4CCCDE000-memory.dmp

memory/3500-757-0x00007FFF735B0000-0x00007FFF74071000-memory.dmp

memory/3500-759-0x000001F4CE8D0000-0x000001F4CE8F2000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7fcc090db4148616e96bf75d05a405cd
SHA1 e30312444969f064a02c588bb6f99122e341ef6b
SHA256 ae4ee8f88a0e362bb648b692f64b4e7d7169e8177aee0e2954aa2d1ba8f77dbf
SHA512 891125344ed1e80fd7b76a06d5e8521c4c56af3c96755ebfc87dd3c405e86e5a8aa4a4b39a8bb833f1c4226aa19ec5415fb523ae046e6e38d42b2b5a600bd2aa

C:\Users\Admin\AppData\Local\Temp\node-v18.16.0-x64.msi

MD5 0e4e9aa41d24221b29b19ba96c1a64d0
SHA1 231ade3d5a586c0eb4441c8dbfe9007dc26b2872
SHA256 5bfb6f3ab89e198539408f7e0e8ec0b0bd5efe8898573ec05b381228efb45a5d
SHA512 e6f27aecead72dffecbeaad46ebdf4b1fd3dbcddd1f6076ba183b654e4e32d30f7af1236bf2e04459186e993356fe2041840671be73612c8afed985c2c608913

memory/3500-771-0x00007FFF735B3000-0x00007FFF735B5000-memory.dmp

memory/3500-773-0x00007FFF735B0000-0x00007FFF74071000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 c993e92f076bead8784e0cbe17bca998
SHA1 5d703d7d6b876f1d5930cf1ced969c5026185af2
SHA256 14d619a8eb9c269a38989b23390da92a42d7bb98b6014d3e1376400b1e48b8ac
SHA512 40d07d9f2c9d892a1e5d170663aa58065a3f6e04f218ffc2239fbd20c81afda00a7cbdf6f9b869b77f5fe2aca786aad64233b6c6dfcb3aba6165c31c3c6c7360

C:\Windows\Installer\MSI786A.tmp

MD5 9fe9b0ecaea0324ad99036a91db03ebb
SHA1 144068c64ec06fc08eadfcca0a014a44b95bb908
SHA256 e2cce64916e405976a1d0c522b44527d12b1cba19de25da62121cf5f41d184c9
SHA512 906641a73d69a841218ae90b83714a05af3537eec8ad1d761f58ac365cf005bdd74ad88f71c4437aaa126ac74fa46bcad424d17c746ab197eec2caa1bd838176

C:\Windows\Installer\MSI7899.tmp

MD5 a3ae5d86ecf38db9427359ea37a5f646
SHA1 eb4cb5ff520717038adadcc5e1ef8f7c24b27a90
SHA256 c8d190d5be1efd2d52f72a72ae9dfa3940ab3faceb626405959349654fe18b74
SHA512 96ecb3bc00848eeb2836e289ef7b7b2607d30790ffd1ae0e0acfc2e14f26a991c6e728b8dc67280426e478c70231f9e13f514e52c8ce7d956c1fad0e322d98e0

C:\Windows\Installer\MSI7F23.tmp

MD5 7a86ce1a899262dd3c1df656bff3fb2c
SHA1 33dcbe66c0dc0a16bab852ed0a6ef71c2d9e0541
SHA256 b8f2d0909d7c2934285a8be010d37c0609c7854a36562cbfcbce547f4f4c7b0c
SHA512 421e8195c47381de4b3125ab6719eec9be7acd2c97ce9247f4b70a309d32377917c9686b245864e914448fe53df2694d5ee5f327838d029989ba7acafda302ec

C:\Program Files\nodejs\node_modules\npm\node_modules\nopt\LICENSE

MD5 b020de8f88eacc104c21d6e6cacc636d
SHA1 20b35e641e3a5ea25f012e13d69fab37e3d68d6b
SHA256 3f24d692d165989cd9a00fe35ca15a2bc6859e3361fa42aa20babd435f2e4706
SHA512 4220617e29dd755ad592295bc074d6bc14d44a1feeed5101129669f3ecf0e34eaa4c7c96bbc83da7352631fa262baab45d4a370dad7dabec52b66f1720c28e38

C:\Program Files\nodejs\node_modules\npm\node_modules\bin-links\LICENSE

MD5 d2cf52aa43e18fdc87562d4c1303f46a
SHA1 58fb4a65fffb438630351e7cafd322579817e5e1
SHA256 45e433413760dc3ae8169be5ed9c2c77adc31ad4d1bc5a28939576df240f29a0
SHA512 54e33d7998b5e9ba76b2c852b4d0493ebb1b1ee3db777c97e6606655325ff66124a0c0857ca4d62de96350dbaee8d20604ec22b0edc17b472086da4babbbcb16

C:\Program Files\nodejs\node_modules\npm\node_modules\promise-all-reject-late\LICENSE

MD5 7428aa9f83c500c4a434f8848ee23851
SHA1 166b3e1c1b7d7cb7b070108876492529f546219f
SHA256 1fccd0ad2e7e0e31ddfadeaf0660d7318947b425324645aa85afd7227cab52d7
SHA512 c7f01de85f0660560206784cdf159b2bdc5f1bc87131f5a8edf384eba47a113005491520b0a25d3cc425985b5def7b189e18ff76d7d562c434dc5d8c82e90cce

C:\Program Files\nodejs\node_modules\npm\node_modules\aggregate-error\license

MD5 5ad87d95c13094fa67f25442ff521efd
SHA1 01f1438a98e1b796e05a74131e6bb9d66c9e8542
SHA256 67292c32894c8ac99db06ffa1cb8e9a5171ef988120723ebe673bf76712260ec
SHA512 7187720ccd335a10c9698f8493d6caa2d404e7b21731009de5f0da51ad5b9604645fbf4bc640aa94513b9eb372aa6a31df2467198989234bc2afbce87f76fbc3

C:\Program Files\nodejs\node_modules\npm\node_modules\minizlib\node_modules\minipass\LICENSE

MD5 d7c8fab641cd22d2cd30d2999cc77040
SHA1 d293601583b1454ad5415260e4378217d569538e
SHA256 04400db77d925de5b0264f6db5b44fe6f8b94f9419ad3473caaa8065c525c0be
SHA512 278ff929904be0c19ee5fb836f205e3e5b3e7cec3d26dd42bbf1e7e0ca891bf9c42d2b28fce3741ae92e4a924baf7490c7c6c59284127081015a82e2653e0764

C:\Program Files\nodejs\node_modules\npm\node_modules\minizlib\node_modules\minipass\index.js

MD5 bc0c0eeede037aa152345ab1f9774e92
SHA1 56e0f71900f0ef8294e46757ec14c0c11ed31d4e
SHA256 7a395802fbe01bb3dc8d09586e0864f255874bf897378e546444fbaec29f54c5
SHA512 5f31251825554bf9ed99eda282fa1973fcec4a078796a10757f4fb5592f2783c4ebdd00bdf0d7ed30f82f54a7668446a372039e9d4589db52a75060ca82186b3

C:\Program Files\nodejs\node_modules\npm\node_modules\tar\node_modules\fs-minipass\node_modules\minipass\index.d.ts

MD5 f0bd53316e08991d94586331f9c11d97
SHA1 f5a7a6dc0da46c3e077764cfb3e928c4a75d383e
SHA256 dd3eda3596af30eda88b4c6c2156d3af6e7fa221f39c46e492c5e9fb697e2fef
SHA512 fd6affbaed67d09cf45478f38e92b8ca6c27650a232cbbeaff36e4f7554fb731ae44cf732378641312e98221539e3d8fabe80a7814e4f425026202de44eb5839

C:\Program Files\nodejs\node_modules\npm\node_modules\libnpmorg\LICENSE

MD5 072ac9ab0c4667f8f876becedfe10ee0
SHA1 0227492dcdc7fb8de1d14f9d3421c333230cf8fe
SHA256 2ef361317adeda98117f14c5110182c28eae233af1f7050c83d4396961d14013
SHA512 f38fd6506bd9795bb27d31f1ce38b08c9e6f1689c34fca90e9e1d5194fa064d1f34a9c51d15941506ebbbcd6d4193055e9664892521b7e39ebcd61c3b6f25013

C:\Program Files\nodejs\node_modules\npm\node_modules\@npmcli\arborist\LICENSE.md

MD5 2916d8b51a5cc0a350d64389bc07aef6
SHA1 c9d5ac416c1dd7945651bee712dbed4d158d09e1
SHA256 733dcbf5b1c95dc765b76db969b998ce0cbb26f01be2e55e7bccd6c7af29cb04
SHA512 508c5d1842968c478e6b42b94e04e0b53a342dfaf52d55882fdcfe02c98186e9701983ab5e9726259fba8336282e20126c70d04fc57964027586a40e96c56b74

C:\Program Files\nodejs\node_modules\npm\node_modules\minipass-pipeline\node_modules\minipass\package.json

MD5 d116a360376e31950428ed26eae9ffd4
SHA1 192b8e06fb4e1f97e5c5c7bf62a9bff7704c198b
SHA256 c3052bd85910be313e38ad355528d527b565e70ef15a784db3279649eee2ded5
SHA512 5221c7648f4299234a4637c47d3f1eb5e147014704913bc6fdad91b9b6a6ccc109bced63376b82b046bb5cad708464c76fb452365b76dbf53161914acf8fb11a

C:\Program Files\nodejs\node_modules\npm\node_modules\treeverse\LICENSE

MD5 1d7c74bcd1904d125f6aff37749dc069
SHA1 21e6dfe0fffc2f3ec97594aa261929a3ea9cf2ab
SHA256 24b8d53712087b867030d18f2bd6d1a72c78f9fb4dee0ce025374da25e4443b9
SHA512 b5ac03addd29ba82fc05eea8d8d09e0f2fa9814d0dd619c2f7b209a67d95b538c3c2ff70408641ef3704f6a14e710e56f4bf57c2bb3f8957ba164f28ee591778

C:\Program Files\nodejs\node_modules\npm\node_modules\libnpmhook\LICENSE.md

MD5 e9dc66f98e5f7ff720bf603fff36ebc5
SHA1 f2b428eead844c4bf39ca0d0cf61f6b10aeeb93b
SHA256 b49c8d25a8b57fa92b2902d09c4b8a809157ee32fc10d17b7dbb43c4a8038f79
SHA512 8027d65e1556511c884cb80d3c1b846fc9d321f3f83002664ad3805c4dee8e6b0eaf1db81c459153977bdbde9e760b0184ba6572f68d78c37bff617646bcfc3b

C:\Program Files\nodejs\node_etw_provider.man

MD5 1d51e18a7247f47245b0751f16119498
SHA1 78f5d95dd07c0fcee43c6d4feab12d802d194d95
SHA256 1975aa34c1050b8364491394cebf6e668e2337c3107712e3eeca311262c7c46f
SHA512 1eccbe4ddae3d941b36616a202e5bd1b21d8e181810430a1c390513060ae9e3f12cd23f5b66ae0630fd6496b3139e2cc313381b5506465040e5a7a3543444e76

C:\Program Files\nodejs\node_etw_provider.man

MD5 d3bc164e23e694c644e0b1ce3e3f9910
SHA1 1849f8b1326111b5d4d93febc2bafb3856e601bb
SHA256 1185aaa5af804c6bc6925f5202e68bb2254016509847cd382a015907440d86b4
SHA512 91ebff613f4c35c625bb9b450726167fb77b035666ed635acf75ca992c4846d952655a2513b4ecb8ca6f19640d57555f2a4af3538b676c3bd2ea1094c4992854

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Node.js\Node.js website.url

MD5 35b86e177ab52108bd9fed7425a9e34a
SHA1 76a1f47a10e3ab829f676838147875d75022c70c
SHA256 afaa6c6335bd3db79e46fb9d4d54d893cee9288e6bb4738294806a9751657319
SHA512 3c8047c94b789c8496af3c2502896cef2d348ee31618893b9b71244af667ec291dcb9b840f869eb984624660086db0c848d1846aa601893e6f9955e56da19f62

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Node.js\Node.js documentation.url

MD5 db7dbbc86e432573e54dedbcc02cb4a1
SHA1 cff9cfb98cff2d86b35dc680b405e8036bbbda47
SHA256 7cf8a9c96f9016132be81fd89f9573566b7dc70244a28eb59d573c2fdba1def9
SHA512 8f35f2e7dac250c66b209acecab836d3ecf244857b81bacebc214f0956ec108585990f23ff3f741678e371b0bee78dd50029d0af257a3bb6ab3b43df1e39f2ec

C:\Config.Msi\e5b734b.rbs

MD5 d994b1d75fcc798a8b51cfaa28ca6629
SHA1 6706f23e34f68551cc20d7718ac3a8eaed1be14d
SHA256 66bcc609d7540f967b522a765e97812a1c26567b4b0d1e2127e0625e3ee6c7c3
SHA512 d873eb19608509381259e576f4bdb2a614b5d6d8bdb43e399e4b1620a4156744697d5c69963db37420ad6ac63e72c4fd8a6c68a34d564b74f44d9b1af93d4157

memory/3500-3156-0x000001F4CEAF0000-0x000001F4CEAFA000-memory.dmp

memory/3500-3158-0x000001F4E74E0000-0x000001F4E74F2000-memory.dmp

memory/3500-3562-0x00007FFF735B0000-0x00007FFF74071000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 432ecd3b6e636298691af3253cd5a285
SHA1 a652eec74c3d43f5e8acc65337a909c7cecce68e
SHA256 c55578395c092f11ed07ecdfa0ea538ac3bf6aeed575816a357b5ba8e077c9e0
SHA512 f498ea94b3e89dc1ba294fdf39450204a6fe830b4533999ce8434340eee352417d3e7722253bacea9847cd7a57296f9614aac3d7725163df2e47522d3cd05f5a

C:\Users\Admin\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\Bootstrapper.exe.log

MD5 729fe1364e567b8893f837291f48ff98
SHA1 e875c41ad464ab83de0df33165d551dd2a28f10c
SHA256 565c65f30b6a25f74133ec21da782211d1510085019f3f41bfddd34bd165e153
SHA512 cb3a561dfe0e89ad68f44372a5c01a4250b6cf6df8734dd6f9301d2ef4d0bb658892ef9940273605f40cef507ff359fa104cad15ebce4485f4f8f477c3483b23

C:\Users\Admin\Downloads\DISCORD

MD5 5aa26de003aeebae624a08de919c52b5
SHA1 ff1a4dd7673a6b604324e1363738658cc4d565c0
SHA256 335052f362ac50a1d52e8268ebc4323f59644ef7988cb29ea485d57745667bd2
SHA512 43220140c68668fd309ce343c06e22910dbe6b74818a9a0f07da052cd8d6020524311c6c00201fc3bceb6f18743ba07ae65e2d4900dd79fab7218bef5caf192c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8729ebd44eca87f796407132b9cfc182
SHA1 e0411befe4e8d0357a5758797a5294e93c07f992
SHA256 cb4bc213867a46bb8145b258cfdebc40451b78a0e5f099cee77f4cd358ff3eeb
SHA512 decd14c562fea29e1200e95bddc3a902813a8731b53246c72283cfb38f35e2ce2888b664dd26fba8d31c8cf1041fe13a32ebaff2fe290b79cc43794db5713993

C:\Config.Msi\e5b734f.rbs

MD5 3b69c4a2b54fe3a60b6d4f9667e2a5cb
SHA1 4450451fd7d99589adb728d17f734c1e5e381ae9
SHA256 5a69b8d50d513d282c3031a59460254d2e95ccbb9c577aa53d209b3df7fa405b
SHA512 63e626342a99e1a92a6f934612ba0e4a3f71b65f8da6efb1d29731cc3f64fcb3343ca3e1195c650e8fb03036d672740633f3bfa344e6072709f55cd356b8e24b