Malware Analysis Report

2025-06-16 06:36

Sample ID 240825-k8fj3aybkj
Target https://pastebin.com/raw/nXKxFBw3
Tags
discovery
score
6/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
6/10

Threat Level: Shows suspicious behavior

The file https://pastebin.com/raw/nXKxFBw3 was found to be: Shows suspicious behavior.

Malicious Activity Summary

discovery

Legitimate hosting services abused for malware hosting/C2

Drops file in System32 directory

Drops file in Program Files directory

Browser Information Discovery

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of SendNotifyMessage

Enumerates system info in registry

Modifies data under HKEY_USERS

Suspicious behavior: EnumeratesProcesses

Suspicious use of AdjustPrivilegeToken

Suspicious use of FindShellTrayWindow

Suspicious use of WriteProcessMemory

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-08-25 09:16

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-08-25 09:16

Reported

2024-08-25 09:36

Platform

win10-20240404-en

Max time kernel

1199s

Max time network

1085s

Command Line

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://pastebin.com/raw/nXKxFBw3

Signatures

Legitimate hosting services abused for malware hosting/C2

Description Indicator Process Target
N/A pastebin.com N/A N/A
N/A pastebin.com N/A N/A
N/A pastebin.com N/A N/A
N/A pastebin.com N/A N/A

Browser Information Discovery

discovery

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133690509806875125" C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 3616 wrote to memory of 3764 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3616 wrote to memory of 3764 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3616 wrote to memory of 4480 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3616 wrote to memory of 4480 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3616 wrote to memory of 4480 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3616 wrote to memory of 4480 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3616 wrote to memory of 4480 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3616 wrote to memory of 4480 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3616 wrote to memory of 4480 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3616 wrote to memory of 4480 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3616 wrote to memory of 4480 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3616 wrote to memory of 4480 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3616 wrote to memory of 4480 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3616 wrote to memory of 4480 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3616 wrote to memory of 4480 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3616 wrote to memory of 4480 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3616 wrote to memory of 4480 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3616 wrote to memory of 4480 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3616 wrote to memory of 4480 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3616 wrote to memory of 4480 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3616 wrote to memory of 4480 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3616 wrote to memory of 4480 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3616 wrote to memory of 4480 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3616 wrote to memory of 4480 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3616 wrote to memory of 4480 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3616 wrote to memory of 4480 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3616 wrote to memory of 4480 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3616 wrote to memory of 4480 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3616 wrote to memory of 4480 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3616 wrote to memory of 4480 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3616 wrote to memory of 4480 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3616 wrote to memory of 4480 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3616 wrote to memory of 4480 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3616 wrote to memory of 4480 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3616 wrote to memory of 4480 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3616 wrote to memory of 4480 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3616 wrote to memory of 4480 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3616 wrote to memory of 4480 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3616 wrote to memory of 4480 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3616 wrote to memory of 4480 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3616 wrote to memory of 4400 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3616 wrote to memory of 4400 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3616 wrote to memory of 4472 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3616 wrote to memory of 4472 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3616 wrote to memory of 4472 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3616 wrote to memory of 4472 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3616 wrote to memory of 4472 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3616 wrote to memory of 4472 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3616 wrote to memory of 4472 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3616 wrote to memory of 4472 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3616 wrote to memory of 4472 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3616 wrote to memory of 4472 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3616 wrote to memory of 4472 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3616 wrote to memory of 4472 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3616 wrote to memory of 4472 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3616 wrote to memory of 4472 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3616 wrote to memory of 4472 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3616 wrote to memory of 4472 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3616 wrote to memory of 4472 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3616 wrote to memory of 4472 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3616 wrote to memory of 4472 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3616 wrote to memory of 4472 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3616 wrote to memory of 4472 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3616 wrote to memory of 4472 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://pastebin.com/raw/nXKxFBw3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xd0,0xd4,0xd8,0xcc,0xdc,0x7ffe164c9758,0x7ffe164c9768,0x7ffe164c9778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1520 --field-trial-handle=1764,i,16643735811903164440,15057591848931737680,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1828 --field-trial-handle=1764,i,16643735811903164440,15057591848931737680,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2064 --field-trial-handle=1764,i,16643735811903164440,15057591848931737680,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2712 --field-trial-handle=1764,i,16643735811903164440,15057591848931737680,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2720 --field-trial-handle=1764,i,16643735811903164440,15057591848931737680,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4588 --field-trial-handle=1764,i,16643735811903164440,15057591848931737680,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4660 --field-trial-handle=1764,i,16643735811903164440,15057591848931737680,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=4788 --field-trial-handle=1764,i,16643735811903164440,15057591848931737680,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=4868 --field-trial-handle=1764,i,16643735811903164440,15057591848931737680,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=4664 --field-trial-handle=1764,i,16643735811903164440,15057591848931737680,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=5208 --field-trial-handle=1764,i,16643735811903164440,15057591848931737680,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4284 --field-trial-handle=1764,i,16643735811903164440,15057591848931737680,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=5648 --field-trial-handle=1764,i,16643735811903164440,15057591848931737680,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=5760 --field-trial-handle=1764,i,16643735811903164440,15057591848931737680,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5916 --field-trial-handle=1764,i,16643735811903164440,15057591848931737680,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=5436 --field-trial-handle=1764,i,16643735811903164440,15057591848931737680,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=5668 --field-trial-handle=1764,i,16643735811903164440,15057591848931737680,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.15063.0 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5528 --field-trial-handle=1764,i,16643735811903164440,15057591848931737680,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-databases --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=5784 --field-trial-handle=1764,i,16643735811903164440,15057591848931737680,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-databases --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=5764 --field-trial-handle=1764,i,16643735811903164440,15057591848931737680,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=5924 --field-trial-handle=1764,i,16643735811903164440,15057591848931737680,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=5540 --field-trial-handle=1764,i,16643735811903164440,15057591848931737680,131072 /prefetch:1

Network

Country Destination Domain Proto
US 8.8.8.8:53 pastebin.com udp
US 104.20.3.235:443 pastebin.com tcp
US 8.8.8.8:53 pastebin.com udp
US 104.20.4.235:443 pastebin.com tcp
US 8.8.8.8:53 235.3.20.104.in-addr.arpa udp
US 8.8.8.8:53 235.4.20.104.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 www.google.com udp
FR 142.250.179.68:443 www.google.com tcp
FR 142.250.179.68:443 www.google.com udp
US 8.8.8.8:53 68.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
FR 142.250.201.170:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 163.214.58.216.in-addr.arpa udp
US 8.8.8.8:53 131.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 170.201.250.142.in-addr.arpa udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
FR 216.58.215.35:443 beacons.gcp.gvt2.com tcp
US 8.8.8.8:53 35.215.58.216.in-addr.arpa udp
US 8.8.8.8:53 11.227.111.52.in-addr.arpa udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 encrypted-tbn1.gstatic.com udp
US 8.8.8.8:53 encrypted-tbn3.gstatic.com udp
FR 142.250.201.174:443 encrypted-tbn1.gstatic.com tcp
FR 142.250.75.238:443 encrypted-tbn3.gstatic.com tcp
US 8.8.8.8:53 194.18.217.172.in-addr.arpa udp
US 8.8.8.8:53 174.201.250.142.in-addr.arpa udp
US 8.8.8.8:53 238.75.250.142.in-addr.arpa udp
US 8.8.8.8:53 play.google.com udp
FR 142.250.75.238:443 play.google.com tcp
US 8.8.8.8:53 consent.google.com udp
FR 142.250.201.174:443 consent.google.com tcp
FR 142.250.201.170:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 www.tampermonkey.net udp
DE 46.4.58.236:443 www.tampermonkey.net tcp
DE 46.4.58.236:443 www.tampermonkey.net tcp
US 8.8.8.8:53 u.tampermonkey.net udp
US 8.8.8.8:53 a.tampermonkey.net udp
DE 5.9.16.218:443 a.tampermonkey.net tcp
DE 46.4.58.236:443 u.tampermonkey.net tcp
US 8.8.8.8:53 cdn.snigelweb.com udp
US 104.18.11.248:443 cdn.snigelweb.com tcp
US 104.18.11.248:443 cdn.snigelweb.com tcp
US 8.8.8.8:53 236.58.4.46.in-addr.arpa udp
US 8.8.8.8:53 162.20.217.172.in-addr.arpa udp
US 8.8.8.8:53 218.16.9.5.in-addr.arpa udp
US 8.8.8.8:53 248.11.18.104.in-addr.arpa udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
FR 142.250.75.226:443 googleads.g.doubleclick.net tcp
US 8.8.8.8:53 226.75.250.142.in-addr.arpa udp
FR 142.250.75.226:443 googleads.g.doubleclick.net tcp
FR 142.250.75.226:443 googleads.g.doubleclick.net tcp
US 8.8.8.8:53 ep1.adtrafficquality.google udp
FR 142.250.75.226:443 googleads.g.doubleclick.net tcp
FR 142.250.201.162:443 ep1.adtrafficquality.google tcp
FR 142.250.75.226:443 googleads.g.doubleclick.net udp
US 8.8.8.8:53 ep2.adtrafficquality.google udp
FR 142.250.179.97:443 ep2.adtrafficquality.google tcp
US 8.8.8.8:53 tpc.googlesyndication.com udp
FR 142.250.178.129:443 tpc.googlesyndication.com tcp
FR 142.250.178.129:443 tpc.googlesyndication.com udp
US 8.8.8.8:53 97.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 129.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 162.201.250.142.in-addr.arpa udp
US 8.8.8.8:53 234.75.250.142.in-addr.arpa udp
US 8.8.8.8:53 chromewebstore.google.com udp
FR 172.217.20.174:443 chromewebstore.google.com tcp
FR 172.217.20.174:443 chromewebstore.google.com tcp
FR 172.217.20.174:443 chromewebstore.google.com udp
US 8.8.8.8:53 lh3.googleusercontent.com udp
FR 142.250.178.129:443 lh3.googleusercontent.com tcp
FR 142.250.178.129:443 lh3.googleusercontent.com tcp
FR 142.250.178.129:443 lh3.googleusercontent.com tcp
FR 142.250.178.129:443 lh3.googleusercontent.com tcp
FR 142.250.178.129:443 lh3.googleusercontent.com tcp
FR 142.250.178.129:443 lh3.googleusercontent.com tcp
US 8.8.8.8:53 ogads-pa.googleapis.com udp
US 8.8.8.8:53 apis.google.com udp
US 8.8.8.8:53 174.20.217.172.in-addr.arpa udp
FR 142.250.178.142:443 apis.google.com tcp
FR 142.250.75.238:443 play.google.com udp
FR 142.250.75.238:443 play.google.com udp
FR 142.250.178.142:443 apis.google.com udp
US 8.8.8.8:53 img.youtube.com udp
US 8.8.8.8:53 region1.google-analytics.com udp
US 8.8.8.8:53 142.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 200.20.217.172.in-addr.arpa udp
US 8.8.8.8:53 scone-pa.clients6.google.com udp
FR 142.250.178.138:443 scone-pa.clients6.google.com tcp
FR 142.250.178.138:443 scone-pa.clients6.google.com udp
US 8.8.8.8:53 ssl.gstatic.com udp
US 216.239.32.36:443 region1.google-analytics.com tcp
US 216.239.32.36:443 region1.google-analytics.com tcp
US 216.239.32.36:443 region1.google-analytics.com tcp
US 8.8.8.8:53 138.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 36.32.239.216.in-addr.arpa udp
US 8.8.8.8:53 ogs.google.com udp
FR 172.217.20.206:443 ogs.google.com tcp
US 8.8.8.8:53 206.20.217.172.in-addr.arpa udp
US 8.8.8.8:53 63.141.182.52.in-addr.arpa udp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
US 8.8.8.8:53 support.google.com udp
FR 142.250.178.142:443 support.google.com tcp
FR 142.250.178.142:443 support.google.com tcp
FR 216.58.215.35:443 beacons.gcp.gvt2.com udp
FR 142.250.178.129:443 lh3.googleusercontent.com udp
US 8.8.8.8:53 storage.googleapis.com udp
FR 142.250.75.251:443 storage.googleapis.com tcp
FR 172.217.20.206:443 ogs.google.com udp
US 8.8.8.8:53 251.75.250.142.in-addr.arpa udp
US 216.239.32.36:443 region1.google-analytics.com udp
FR 142.250.178.138:443 scone-pa.clients6.google.com udp
US 8.8.8.8:53 gstatic.com udp
FR 216.58.214.67:443 gstatic.com tcp
US 8.8.8.8:53 67.214.58.216.in-addr.arpa udp
US 8.8.8.8:53 beacons3.gvt2.com udp
FR 172.217.20.163:443 beacons3.gvt2.com tcp
FR 172.217.20.163:443 beacons3.gvt2.com udp
US 8.8.8.8:53 google.com udp
FR 142.250.75.238:443 google.com tcp
US 8.8.8.8:53 e2c27.gcp.gvt2.com udp
US 8.8.8.8:53 e2c36.gcp.gvt2.com udp
US 35.227.159.135:443 e2c27.gcp.gvt2.com tcp
SG 35.213.145.237:443 e2c36.gcp.gvt2.com tcp
SG 35.213.145.237:443 e2c36.gcp.gvt2.com tcp
US 8.8.8.8:53 163.20.217.172.in-addr.arpa udp
US 8.8.8.8:53 beacons.gvt2.com udp
FR 142.250.179.99:443 beacons.gvt2.com tcp
FR 142.250.179.99:443 beacons.gvt2.com udp
US 8.8.8.8:53 135.159.227.35.in-addr.arpa udp
US 8.8.8.8:53 237.145.213.35.in-addr.arpa udp
US 8.8.8.8:53 99.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 e2cs13.gcp.gvt2.com udp
FI 34.88.201.232:443 e2cs13.gcp.gvt2.com tcp
US 8.8.8.8:53 beacons2.gvt2.com udp
FR 172.217.19.35:443 beacons2.gvt2.com tcp
US 8.8.8.8:53 232.201.88.34.in-addr.arpa udp
US 8.8.8.8:53 35.19.217.172.in-addr.arpa udp
FR 142.250.75.238:443 google.com udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
FR 216.58.215.35:443 beacons.gcp.gvt2.com udp
FR 142.250.179.99:443 beacons.gvt2.com udp
FR 172.217.19.35:443 beacons2.gvt2.com udp
FR 142.250.75.238:443 google.com udp
FR 216.58.215.35:443 beacons.gcp.gvt2.com udp
FR 142.250.75.238:443 google.com udp
FR 172.217.20.163:443 beacons3.gvt2.com udp
US 8.8.8.8:53 beacons4.gvt2.com udp
FR 142.250.179.99:443 beacons.gvt2.com udp
US 216.239.32.116:443 beacons4.gvt2.com tcp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
FR 216.58.215.35:443 beacons.gcp.gvt2.com udp
US 216.239.32.116:443 beacons4.gvt2.com udp
US 8.8.8.8:53 116.32.239.216.in-addr.arpa udp
FR 142.250.75.238:443 google.com udp
FR 172.217.19.35:443 beacons2.gvt2.com udp
FR 142.250.75.238:443 google.com udp
US 8.8.8.8:53 chromewebstore.google.com udp
FR 172.217.20.174:443 chromewebstore.google.com udp
US 8.8.8.8:53 play.google.com udp
FR 142.250.75.238:443 play.google.com udp
FR 142.250.75.238:443 play.google.com udp
US 8.8.8.8:53 play.google.com udp
FR 142.250.75.238:443 play.google.com udp
US 8.8.8.8:53 google.com udp
FR 142.250.75.238:443 google.com udp
FR 142.250.75.238:443 google.com udp
FR 142.250.75.238:443 google.com udp
FR 172.217.20.174:443 chromewebstore.google.com udp
FR 142.250.75.238:443 google.com udp

Files

\??\pipe\crashpad_3616_AVVJLGOJRGPLRYQZ

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

MD5 99914b932bd37a50b983c5e7c90ae93b
SHA1 bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
SHA256 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
SHA512 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 69d3fe5f153204576edc287661057ff8
SHA1 a8f6ee016f6ba37b762b58b3cc847479019da149
SHA256 d60be17f73363b747d569ec8cf2f8be58c3adcfdb83937bbf681f5b1488e5410
SHA512 4b56210570c7e7bc67ff4c3b9afc977bbb76c3067555474bebedb41772f16393b09ce2b6d6deddcbe1861cfb851ddf72c8b3d4e273ad7aabaf65c98ecb2e82e5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 cc0900f949bcba20354f1082584d32f9
SHA1 340bcef6a8db34d0ff2affcc9f660d8b38f65834
SHA256 9bc61732d33d600dc38d0d9b22ddb612282cef60bf9b483a366168e74b61489c
SHA512 78952e2d41908e2ccee5c26c18062a67e289b17ce5a6c4b7049e34cbf8380f22976e6c629d799e8de5c474dc6402dfc0feff889c89885a96052e483b849e488e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 202309cc86fc872e536ffe38efedd7a2
SHA1 4dcf726622b7003d0f2f4c2eadca67f02121c418
SHA256 e77fd3d3197cdf8e3ee97d4707b14c3f080afaf9612519f3357bdfb2873a0d6b
SHA512 a545f32d0b6a63247160585bcc38647b37a9379faa49b870b1b8a3e71c0d7cd62815c1af9c7781a8bfe6cf52e0a9b21d87cc6ccf32a75fd2f89da855e7406f72

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000001

MD5 2257803a7e34c3abd90ec6d41fd76a5a
SHA1 f7a32e6635d8513f74bd225f55d867ea56ae4803
SHA256 af23860fb3a448f2cc6107680078402555a345eb45bc5efb750f541fe5d7c174
SHA512 e9f4dc90d0829885f08879e868aa62041150b500f62682fc108da258eee26ad9509dcbf6e8a55f2d0bdba7aa9118dd149a70a7d851820d4ea683db7808c48540

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 c78b11f459d3bf8fe1b28d4cfbe16fe5
SHA1 80c4141f53e06cbc5749df59259c2f40f76a878a
SHA256 0440be42c3982f6f9d775f7ce412f212f3d11a3195d88c6062c3ba70ac97068c
SHA512 26a9569ae94419c63c90a76163f0f5492dc5f32623ac6ed2c2dff2297f436af2e4f60229ea05007c6f3530ec8aaa4d4d4380b2be549713a6d7590c0638edaa77

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1b50dd94928646280ebeacd6aa90e4f8
SHA1 04bd88e41f71ee4689fe204f47fdbe4ded823a9f
SHA256 1948a54a61445810118072b103146c60317c98874b0566b563da43baac38e25d
SHA512 913d99ab5d27bf36bfb0def87137d36991b0f77ccafb2b6aa1bd7526a6edd23cba6e9b118c454528933e6e9cf022008d004414ac26bb1cce52d9134dd4a5ed1f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 bf83897b15ba90f550d8b9e57f07ca65
SHA1 e9573b4cf9f51af807220a7aef20f981e9654f23
SHA256 de9d2d206bd66705c10160c30b622ea1540d1213976c076f4cc944d3af8a40dc
SHA512 a1212680e05de93635d1c6e30c5b51e085f7099b3a4507cd75c40869d6e82a3d49f8f2165b7ecea4d2d810f4bc71cc8ba30993c99eb84148e12d426db90878c3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 b44d73aba6013fee28fe1b0c908052cd
SHA1 dd1c6d0f976d1272f2cca26ad46b638f06ca4713
SHA256 6a12fb2cad4dd4e977a21f338b387dec9f125bf0054e7a59f49869d9a8f02ea7
SHA512 ab20da0a5c6795fb83c9c2f9cf04402450a855dc4c947c477cda055f4a28d1511ff5d950f2594c671f1cd15c3593e2c397c46cf90910c3825b2b7bed0a0ce89f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 88fe53ae86ef842788d506db6f5625cc
SHA1 cdabb1d8f387976c2d5cb3460e81ac43c644b6bb
SHA256 41721c299fd34fe4c9fdcda95d1193334739c6d54cd8e43b5d0b978c588cd8eb
SHA512 e257579efef37b35a78722b95dc356954c4e4cad2156ea6cd2bbda7a4e5dc9d2cddf72889b5ccb91b6e3e7da8b790363bdc779e26f402dc512d30429de59b94b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 4735a4d85a3b1286b29de695fb43803a
SHA1 75261ae4a87802d0256b5bc1552d48c6405fafa5
SHA256 8cde5a397f4953c7de6d47f4fb9d4af2940d8002ff4e0e6fc35d292934b34c90
SHA512 6c526292f3c10b9a6419d73a100386211223bae857b8dcd75fdaa9710e17327d1d999943106b1ed749d817534b2a3c44600fdb4eb7d19919e8709496d5c0b764

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 274ba36d783450c898da249809f91d12
SHA1 683ce68f4dce680c862013f890f3db77808f202a
SHA256 56101356a527f385fbf015833bbecc3835cf6b0ca17580eb8db51ae39a523bdb
SHA512 ded6d66bf403be2d03506fd1f51353d205f79d071d66bfb30af6d2a9a2dfb0b6ef0c6c177b0ad01e5e256a0da259970c0b2c5a5be433595d20658c2a6cce7c95

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000025

MD5 e4cc1ece2f2425b10ae2ccc212c1dafc
SHA1 92609e6d0093693110baa23758382889bcb30da6
SHA256 92e9415d8bc8529e2a3f335258ef7ff159cce2965ce3b2b7c15f73720efee809
SHA512 2848dee3a6da891b7044518bc97aeafd340705cebe846350b9a7f314b52450f1eb977b8b492638965ce4674ebaa341e4f832438199c3cad2fb0a0793ef83a619

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002a

MD5 a1afe33ce7442502a96deee597945384
SHA1 fe34cd78635f5617cf238de6dc746058d6f88899
SHA256 f7eeb570c60aff1435db1daf3767c0672634269789870ef91c69b2b90a47edaa
SHA512 f8bca21c3fd79d63c8265f5dfcba95419eac697b42efb600e7c33d15dc5d9c3e0d0d360da39e14004facaea4cff4dcfc00d7437979283ce0a2b06916b69b8c80

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 638ee5a2f6a50151fc78578e80ce04c5
SHA1 acbbd657a6cc819bfe2746dcb308a4a407bf672d
SHA256 1692474b403c7311179fbce918deb9461a5a830f1957e4ad1c320f8a1b5a8e9e
SHA512 3efc5270880f5ef6fa142f33b7ef7ecb49fc8d54b92a3c2b1d8c50adcc18a2c50f279831390a449b67a80b768388dec15a99996977115c7d66eca829f8f35ad8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9aa7664f5f28a5dedbbbe0ceffd6a004
SHA1 563cb6ffaa19835d554d1007f94328f5bf7d4e97
SHA256 74bab92d6c80257cb495870e2283d1f19b977084d52cf20bb914ffab78d90c13
SHA512 5b8a621e509877ae3f6fc71fd447479f89512bec46e818e0b540c4e3df236ba22945fd7429206aadabd1a8fd0f9e900e69097c6a9109b6c497345f3bea4cc77e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 a5479b88e7ab4b32cf525786fd533220
SHA1 ec4bb04cfcec8f6997cde632a353d7ba829bc169
SHA256 f1f868f18417630b0a7e1bd46f3dca8e1205d93a480b37ac44187040659eae42
SHA512 08cccab147140de47b04a16a80b69437fe7ef3abaccc47cb1fa737a5bd67445c4902ef570f06841d0bc4df1dbb9a1ebda9cf0b9407eca6c7ce550885a384d1e7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe594ffb.TMP

MD5 ed9e5b4ff663670413043c08a7eb193b
SHA1 4d887f58c66dfbf4bc2b367c9a6916a769c8f049
SHA256 02d940910c61bcdc65d2a78834ccb9e3ad5c5bd567ca98ec05325cbf00386e6a
SHA512 7bb694b75c9b676ef8056be7f9a9b70b360dbde31b13565b46ed65514d9eee1a4c3730ee6ef60549595ee4dc9abe9a86a8842ebd4d144db06dd57ef9e226dc78

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 76aba93b4cb6b1a47cc667795f5669ea
SHA1 05c953f149b1f331c722115ef186670c7a730485
SHA256 81ace137f50fe2870923cee77fd257f67fd59257c47973bb34c983e2f3539c30
SHA512 5ff0f2ac1facb888984ca2c287c9e9a1a34a2f26a625d6a2110ca6af3057cb1dc96dea8f3e47badf1d71641d395133a4050d42d976fa9e778e0c2c43bb6fa29e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f579aa8153adce168d65c90c5b02f02d
SHA1 3a496c3913bf8dfb0e9c731f39957fddb9ea18e4
SHA256 bc9033ec08c51f9e2fe13550b479783f88c196ca160c0b5fa3cbb4adf18f5e3a
SHA512 b47a0099ae697494c9b15f9eb28344426c205ad9f712691683f9c29da8cc8ba17da5cb955f407f19cf3175a4b4e47615eecbb934d667a582f471a5572ea74dfb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 b0d0f56e50b122b1843bcc1617c1e9fd
SHA1 f6093f743737bb0f310a1d2afd23e0fe51d61b85
SHA256 f0407f6c72ec95680b3a864acf5a112196101aee7b602dd297752c77360285a4
SHA512 998bcb3b8a51458da31407d466bdabc79b6843de49336b2765f942e1f71beb1fc66efb312ac762d53c1da88139b7151fd56c31dc6e8ae3486ac5580e9ad15c72

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000043

MD5 0d17932e0626482afe8b6f310e47cb24
SHA1 78dd115cea950e82c6428486836b1975b6630573
SHA256 1f5b32a1afcdf9092cf1f0bb84eae0a6be1c8b4ddeb4d2fc4d271d1314aab252
SHA512 75e51a80add7329ddf91df268fe15a827931325283f15212b55a2dc41b76c1050863b0c0eecc4e7f20c069c0b8cf0c5b4e666ec9dca843c37a8e25867785edb1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 0d996b9b8c7f6c521dcaff2405a655c4
SHA1 61bf7281f7dc955ade126b74a9d87fb34bc6bc97
SHA256 db9a7d371d7feed0868dab7f2a0b8e8192d4a13234d08e194c75db70cbab3df8
SHA512 5bb6b877b233da362dd36fe8a0afe9aaf3414b9ee0393446ef23f5b3a427645706c01fa5fbe88e88c590944e8d5809fc92b70457a31de19c992466f192e0fcc4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 24e112e7fcdf6cc8782860b0e6fdc491
SHA1 20b6ec8a2e7e6e3645f95b7cbc2304e0d148da2f
SHA256 697d63fe0a87522bd7dad15afbf7e88aa818875fdd82a5149be08ed7ba4288ad
SHA512 9522e5ad0d1f9f2e799d778b6baf478174e27aafe6c37fef5e5871a0ff243c466e118e5faa5e0b77017cf535f4a27a505c80201104a4529e3e3d26a03af5e2ef

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000051

MD5 6ee4f302b3696351f651f31b7f3aa6cb
SHA1 268b890b544ac6f485ffb567ed23b7cad48607ab
SHA256 6e15be0e38cbe25886179892afca211069402ce234cddb338c846f93ab2e1256
SHA512 c873a8aea2ebd1be900549647396c33a99cb1df5567e83a08011e0b34b23b97131031f41716915c50cd0db8718ab989e8f64d39f3a2297fb4e097f76926a006c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 ae6fdd3b9eea2c240acccba5aeca842f
SHA1 097df8c62b1b60cd9ea880566a21d341f11d374e
SHA256 6a1e92d025be8ee88c02f416a02859a9bd7a1a0d91ff9d536684942b676f026e
SHA512 b6e26becb199ce657caf49576177b9ac4627bb1cbc1ca47106a4e059e09de314ad03e9d91b9fc4965c0ad98ee1745844d7e62207c1d6dd24b5e46f4234fcc2b3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 1ac811c0275a8eab82ed1126e61194b5
SHA1 bfe8782766d73952ce0e34f9c8aecf3c08e73eb4
SHA256 01d16dd155781f95f5a93ba5f2b60a9d613db320b37243189281aa6a8d309062
SHA512 9a8bffa1c2a967a10225eb781a71614b14754fa6a098d7a1638b7244b9a20d7e4c4bc4e128e549dce227bade098c4a64fc55ea968dcd0d2e7d144ba6d2fa1200

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 54294fe6a167b7dbf9f6fdabf004c8fd
SHA1 e0d08c296e02c00825297b7864278c709cd57621
SHA256 1ea7f3c90a978727187ae924fd58d3dded50711b16140bcdf821800213fe403d
SHA512 044d7cbd2b4bdbfcc0a1e5197d5088b8a7896e3857906c84ae8b058753621d66b159034c303cfac4a63cef118bdd485b2f956fa576bcc8ae6dde54ee8a18812d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 a157f7d469994220b25f11b9e2af2ced
SHA1 b7865e912c62f24bc78968d743f0f3f08b175b9e
SHA256 8f5f1562bc1f5e6cf8d9c1610849b67592745451af8f83a532c26e44444a0ee0
SHA512 4a9626a701ce5cc64e10a05df3d1d9d6b7b0fb8c946d16511ba0c078feef4bdfbcd687ec893224bf8088d3797f832428da67a21347ea45abd992f1dbb53cc337

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 dc3eab48a4bee939550cb43666c68ac2
SHA1 c7aba10b1949c1b1655b5485291008a82e5041cf
SHA256 d37ab7a720637741f099c7a7630c1a130f216b4b4c480aa8e31a27517b6af02f
SHA512 0c98542d983c5596ae2b7585b38b2623573ded90644319ef1f2943555c7877da125919f171cdac0780df388da68549c1831b058e04b3f7742bf21c9601dbe9f0

Analysis: behavioral2

Detonation Overview

Submitted

2024-08-25 09:16

Reported

2024-08-25 09:19

Platform

win10v2004-20240802-en

Max time kernel

171s

Max time network

166s

Command Line

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://pastebin.com/raw/nXKxFBw3

Signatures

Legitimate hosting services abused for malware hosting/C2

Description Indicator Process Target
N/A pastebin.com N/A N/A
N/A pastebin.com N/A N/A

Drops file in System32 directory

Description Indicator Process Target
File created C:\Windows\System32\DriverStore\FileRepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created \??\c:\windows\system32\driverstore\filerepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Drops file in Program Files directory

Description Indicator Process Target
File opened for modification C:\Program Files\Crashpad\metadata C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe N/A
File opened for modification C:\Program Files\Crashpad\settings.dat C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe N/A

Browser Information Discovery

discovery

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133690509865096267" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 1908 wrote to memory of 2392 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1908 wrote to memory of 2392 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1908 wrote to memory of 3996 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1908 wrote to memory of 3996 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1908 wrote to memory of 3996 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1908 wrote to memory of 3996 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1908 wrote to memory of 3996 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1908 wrote to memory of 3996 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1908 wrote to memory of 3996 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1908 wrote to memory of 3996 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1908 wrote to memory of 3996 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1908 wrote to memory of 3996 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1908 wrote to memory of 3996 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1908 wrote to memory of 3996 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1908 wrote to memory of 3996 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1908 wrote to memory of 3996 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1908 wrote to memory of 3996 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1908 wrote to memory of 3996 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1908 wrote to memory of 3996 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1908 wrote to memory of 3996 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1908 wrote to memory of 3996 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1908 wrote to memory of 3996 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1908 wrote to memory of 3996 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1908 wrote to memory of 3996 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1908 wrote to memory of 3996 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1908 wrote to memory of 3996 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1908 wrote to memory of 3996 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1908 wrote to memory of 3996 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1908 wrote to memory of 3996 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1908 wrote to memory of 3996 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1908 wrote to memory of 3996 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1908 wrote to memory of 3996 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1908 wrote to memory of 4404 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1908 wrote to memory of 4404 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1908 wrote to memory of 2120 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1908 wrote to memory of 2120 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1908 wrote to memory of 2120 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1908 wrote to memory of 2120 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1908 wrote to memory of 2120 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1908 wrote to memory of 2120 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1908 wrote to memory of 2120 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1908 wrote to memory of 2120 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1908 wrote to memory of 2120 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1908 wrote to memory of 2120 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1908 wrote to memory of 2120 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1908 wrote to memory of 2120 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1908 wrote to memory of 2120 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1908 wrote to memory of 2120 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1908 wrote to memory of 2120 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1908 wrote to memory of 2120 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1908 wrote to memory of 2120 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1908 wrote to memory of 2120 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1908 wrote to memory of 2120 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1908 wrote to memory of 2120 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1908 wrote to memory of 2120 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1908 wrote to memory of 2120 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1908 wrote to memory of 2120 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1908 wrote to memory of 2120 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1908 wrote to memory of 2120 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1908 wrote to memory of 2120 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1908 wrote to memory of 2120 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1908 wrote to memory of 2120 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1908 wrote to memory of 2120 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1908 wrote to memory of 2120 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://pastebin.com/raw/nXKxFBw3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffa5276cc40,0x7ffa5276cc4c,0x7ffa5276cc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1932,i,18367683686240052021,17182040619357399599,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1920 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2132,i,18367683686240052021,17182040619357399599,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2164 /prefetch:3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2264,i,18367683686240052021,17182040619357399599,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2284 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3092,i,18367683686240052021,17182040619357399599,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3136 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3100,i,18367683686240052021,17182040619357399599,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3300 /prefetch:1

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4584,i,18367683686240052021,17182040619357399599,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4564 /prefetch:8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4724,i,18367683686240052021,17182040619357399599,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4612 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffa5276cc40,0x7ffa5276cc4c,0x7ffa5276cc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1880,i,1300881497765596281,13424756757599041034,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1876 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2124,i,1300881497765596281,13424756757599041034,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2180 /prefetch:3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2276,i,1300881497765596281,13424756757599041034,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2256 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3152,i,1300881497765596281,13424756757599041034,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3172 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3276,i,1300881497765596281,13424756757599041034,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3424 /prefetch:1

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3736,i,1300881497765596281,13424756757599041034,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3700 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4820,i,1300881497765596281,13424756757599041034,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4832 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4916,i,1300881497765596281,13424756757599041034,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4924 /prefetch:8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc

C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe" --reenable-autoupdates --system-level

C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x298,0x29c,0x2a0,0x274,0x2a4,0x7ff6bc9f4698,0x7ff6bc9f46a4,0x7ff6bc9f46b0

Network

Country Destination Domain Proto
US 8.8.8.8:53 104.219.191.52.in-addr.arpa udp
US 8.8.8.8:53 pastebin.com udp
US 104.20.3.235:443 pastebin.com tcp
US 8.8.8.8:53 172.214.232.199.in-addr.arpa udp
US 8.8.8.8:53 235.3.20.104.in-addr.arpa udp
US 8.8.8.8:53 74.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 134.32.126.40.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 241.150.49.20.in-addr.arpa udp
US 8.8.8.8:53 86.23.85.13.in-addr.arpa udp
US 8.8.8.8:53 15.164.165.52.in-addr.arpa udp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
US 8.8.8.8:53 73.144.22.2.in-addr.arpa udp
US 8.8.8.8:53 81.144.22.2.in-addr.arpa udp
US 8.8.8.8:53 tse1.mm.bing.net udp
US 150.171.28.10:443 tse1.mm.bing.net tcp
US 150.171.28.10:443 tse1.mm.bing.net tcp
US 150.171.28.10:443 tse1.mm.bing.net tcp
US 150.171.28.10:443 tse1.mm.bing.net tcp
US 150.171.28.10:443 tse1.mm.bing.net tcp
US 8.8.8.8:53 26.35.223.20.in-addr.arpa udp
US 8.8.8.8:53 10.28.171.150.in-addr.arpa udp
US 8.8.8.8:53 www.google.com udp
FR 142.250.179.68:443 www.google.com tcp
FR 142.250.179.68:443 www.google.com tcp
FR 142.250.179.68:443 www.google.com udp
US 8.8.8.8:53 227.74.250.142.in-addr.arpa udp
US 8.8.8.8:53 68.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 clients2.google.com udp
FR 172.217.18.206:443 clients2.google.com udp
US 8.8.8.8:53 206.18.217.172.in-addr.arpa udp

Files

\??\pipe\crashpad_1908_STZQNXTVDNJSEUNP

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

MD5 c9ec3717f7ede0783cafe4a177cb1905
SHA1 8941b9397f98a033d6fbdd2ecb97e392f1d8375f
SHA256 0db691ba9f2c055aaa67d4d0fff9400144e5ec914a29a8c23b849cc9611e5d7c
SHA512 b7e1dbf720b91ac5a2a5fee4ff0199a510df89c2276332f4b1024b8529a1ffc2217e9d241880e7010eb4bea4ec75e8e88ec70d669d280966bff22ddadbe3eb37

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 9b59949ca47031e829f4824980d38cc9
SHA1 c6bfe34601a4ab78a5a34bad7dd04df326e60d56
SHA256 029e28ed71820031b1e0dde1a84433cb0b6c6ab81a53be34a5966fa06faee867
SHA512 0859cfceae90e9ac420af346d62e1868a73a1f9415db34a14fb3ec16838d7c0824ceebf8db449fcf515cceb7a7544df437d492e9ed798d9e9d0e443d9214ab81

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 47742a14d12ec3a2d2d4fdb43e501f07
SHA1 ffc65f0c7bea9d0a77f75d1d57a62f3a7edd3694
SHA256 cbe03df65237dad47a6eb72d4d6cc3252b43773f8867dd82559b6f509fab13b1
SHA512 5c5ac09156638fad5ff35011438b0a77cae6d3df309bc0baf5b70997539b345ab364d276a97a04c380066f95682f149c04b367b823d0865e30f6a5dd7277ab03

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8f6f0a0bf5a85a70d1a69eeaa934a0bd
SHA1 26181f16182674a7659211398e4da7e2420b17b6
SHA256 08de8c8ef8cb10b7e5d4fdf5bbf49c9f1024bd211a2a6a33370b776788cca071
SHA512 30b14781eee025d18349cfead8eee292ef4d82632892244918446861358bfe1c39cef219c2e03729215640c75f4fd53e342b6ef454bc9d3880c896f5ecf4f6f2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 4e5e453183580ae0ddd688287437b5f6
SHA1 147f947d85bb4cfc6598f19a9bf042586afa51f4
SHA256 9104c3658d14ca400249c0a23aed216e48e9eb6c65e9dfbd22ab13267c5f2b5d
SHA512 3013aa534f8389194c1b34122d3a30ca31f04e29a34ce899b5526e1323c79cb40036004844b74532e41ccb8f6ac0d861453ed15214d4e05f8dbf35abf4c81c8c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 01d16b2ad1b460ad2d82ddbd71e5f674
SHA1 9d8fbc75738ce8863f39262d0e79a4fc59ae39ae
SHA256 33ef1e696a2d5b4998069ac50de3b564245d299b490d8924f07b7a45fce5b88c
SHA512 338d694a96404b0bafc6bc8e32c81e36d2a8a8beb68dcf6ea175f9129dffbd782e2bf4c213a8251032625bf59b1984b4be12f1f3e67ee846bcccacef0f644055

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 6203a09a06c4c40eeef7168f1207b6a7
SHA1 3502470b594690ed49f9eb70453562729a7e7c43
SHA256 65c022d4f504882de0b2539e6c7f2f5f2dd76b133faab54f1d157ed1bac347af
SHA512 700e22096360c5726fb672e560e4d8ca5ef9f76fe03cf4be1faa8b7473d4df398d2860cee9c1f062229333f65176b1cf20545179b5bec4a994b6a73b7ecdbd2b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 619a6b57e2b282066a759a8e29481b83
SHA1 47733d478a75c562e7f3c9a0f8be614574d8c956
SHA256 73a17241cd695321d3a50576489a6f3c708d8bdd321bd46d748879d55b78ac65
SHA512 99f8b4e25760c6c4f8e6954d60d55bda22100da4060f7e6739de7e2c14555a584a679418be112110ed3347e53cad9f2144c5a3da60c8d248359f3e9ac38df8d8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\89cf4d18-099f-47f0-abce-995196b16b2b.tmp

MD5 62cdfd36143aa01aef04d038b36a8572
SHA1 205e99baea8294ba5687099a3bcf4654e08f29c6
SHA256 97523d73efe3da4f72ee30dd7795bf7434daa159a34a0af3400a0d6c3f8562f9
SHA512 5d4663a6f7568b6dd5a156bc02cf66e81da2ba876cd2e06c076641ac43786fe40fdcd422f90349774cad068a58f8f6c8353a7fd5d99b196ebaed77dab8c4f272

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 bac167e10d758c3a506de33af0963849
SHA1 a239f28b7b1eb508c1be135b6c4a1e3efa9d4a53
SHA256 56ffde88255f39479a0a620e964222f8ca8064df8a15c91a9a4f52a21c103ad4
SHA512 768174e7cf54aaed8a405a78def3e29ed95a3276db694a408c115fab2a17f31e9e762e7ed0cddc776692a2bbd8165bb7d2f2b8b2e30ee36f076703060520618b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 6678b293c527e989d200f1e841a52443
SHA1 9ed053e1deb7299d988a47799605625599af8e02
SHA256 5ae658a375675404c1285bf905b5e95f10538aa888e30d5d91115099ef7d5fbe
SHA512 d39b1582e229b3c63fa49a129f3c64aacf6add79fbe28e9b60601b46df124b05a532b6d277165a3f1e84b49fbb7901852454ea1c4820f257e2ed637a172be8db

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1

MD5 1c7fcd4ac8f9d33823820e15b3051d1c
SHA1 5b6b3230987892ac112cbc81bccd6588c71c7aff
SHA256 756ef6a19eca12a0dc559c2a1ff69d0afb4e17f7fcdf373a8fc9e244e1950b5c
SHA512 5197f08558c5e43c7e0d46ea879959cd5f26f448cee2454171b53563f7b289845209922b3ec4f8629c678af411dd2d1b822266c7a2e8a61cb2e14fcc11ac542e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

MD5 4cac357bf24f523841d64a4775f0aa54
SHA1 78b550849a3899d802ec8798fac15a7401580ba9
SHA256 04e85566882a2bc4e8d6d31ceefcd36b4c0a5b3cc3885321ea274abf780ce5c2
SHA512 f9b9107b26c3ac0ae71c1a24c5e240f984663322eea15ecf6ad4d2e30cb444b78bb3da3d3c9229c37ebba39061fa283f94f02376524abd7d09f02cdb632159d9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 961e3604f228b0d10541ebf921500c86
SHA1 6e00570d9f78d9cfebe67d4da5efe546543949a7
SHA256 f7b24f2eb3d5eb0550527490395d2f61c3d2fe74bb9cb345197dad81b58b5fed
SHA512 535f930afd2ef50282715c7e48859cc2d7b354ff4e6c156b94d5a2815f589b33189ffedfcaf4456525283e993087f9f560d84cfcf497d189ab8101510a09c472

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_0

MD5 81d112ec9cf0224b4760f2d611353c37
SHA1 7da8bbd3353d1645e8b8a2a8cd867a974a357e29
SHA256 690afcd1ed63792e249d273a8f1addc6a2bc92efc0660736b4116b720edc4e3b
SHA512 50e07707a27b7d8a896b9eade3a4f1838b92eb47d31a9d5ce84f2212c0f92f016b889b59d60c1545281fafcf8cd50905f335c815d4f52a30ba9ca7b282d9594b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 49497a4d9a27ba28e4b2dfda88876a3c
SHA1 433373bc3361327f9f9a65a714acb04e33bb4e0b
SHA256 6cbf17384c24525cb563058096bf8e36a39e063f726395902ef37477bb699045
SHA512 e0e62b403b789eefcef6e3a74aab864f81a7760ad426233688b07167870cf2ffcdde93c16971fa4c523039eaa0e781d52ebb5b1b60306ada059f087c2da5ccfe

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG

MD5 ac1108bc871057010aca9e8591d5bc4c
SHA1 16f841a82af8d69e81aa924f31902a9361dab6b2
SHA256 831ef45a29eadf5d1c775aad34d32f3e1b33997e0aa4356c3cc060fbf4abc6d1
SHA512 47807499bb006743d30e8927714c61e1eb31eb8308950c50b25728203810fadb61c3b7e0dabe3a1cbeb2dd0a5fd3874cb041ee287712fd7e4c1ff9dcee77ca27

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Version

MD5 ef48733031b712ca7027624fff3ab208
SHA1 da4f3812e6afc4b90d2185f4709dfbb6b47714fa
SHA256 c9ce8dbbe51a4131073db3d6ceef1e11eaca6308ad88a86125f221102d2cee99
SHA512 ce3a5a429e3796977a8019f47806b8c0671b597ead642fcbfbe3144e2b8112d35a9f2250896b7f215d237d0d19c5966caf3fe674165a6d50e14cb2b88c892029

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Favicons

MD5 b42536df414f56f02f86174ef28d16e8
SHA1 f83777fcef31f80a6223d48ea05a0b541906c0d0
SHA256 adb70a155f0d7b1b4624d3f3e24a43b49f8e6c140d405685c5edea70b1fd15cd
SHA512 0415fed22a66280522662dbc39a0e806bb779914c0d5c78a0c2e9f7eef93a79c24910ec1e04fe9d6490310f1c24396ebbcc70860e1548599b6502c7812d154ca

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\LOG

MD5 8c488b11e847624fe34fb63a6290e10f
SHA1 1f41ad4d2ed3970853c17e9dcd49b506b08c8398
SHA256 925e8cfa26218ffd044e91bb3c5af54b7de14459c4549aa322721b45b00477f8
SHA512 a0e866d61f4414770a64ff3b14df0488905c31ca3a022b54c4a74fd96302a8305fe437d25bcc4ad3dba732e68d1b438368f9f89563c89c173917c776f4561b68

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_2

MD5 4cc8beb3ce1c23359cf01484515a88ac
SHA1 474b806a70495aeaca03b8dfb2fbdf421e70f232
SHA256 fffb545daaf3ad87f9ff1120d78aa6759edd57461582b43c4f8aa6aee7e21119
SHA512 0131efddbd50edb563746860ffe36af04525bd66920a6c877891e34176eba50e4ed02adeeb0a32e466979ec292f451b6538ff2885f3ec1c52345923236c426e1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_1

MD5 d43a80343b4b36cb78bbc0096b868f86
SHA1 74de6debac3092468e6b715a6628112598b0cd32
SHA256 8a60dfb1e065374a48e30cf47704b07327cf89a87706fc4797b6a3731e2254c9
SHA512 5acb0ce1b726887b7e68d9af41ce21c182fd300494719550e7cd7b94b3dae7c15e61e0a44cbc4ac68fd4485950a7aeb15138528c0eec60e09a4757a6f637c08a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\segmentation_platform\ukm_db

MD5 0ff5d0e046b2a2cd41fa93d3b43d2a5f
SHA1 0d3233c3bdf30bd7a9c6d686c9a31276a44c4b6a
SHA256 c88f161126dd01eccf3d1c075568ff247fdfb893978d5ee77042e87767133f07
SHA512 c1757f536e301ccf1714a2628091010c579933876d4972fb81fdacca18712eb6690fb32dbc9b4d5d625530185ad0008bcd8fd14dd5f32208bc22d22323f47047

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG

MD5 e012287334b22fda17f76402816dc019
SHA1 15b461227c5d8fc01d9b72166c3455a706547a25
SHA256 0b9ab8c108b5b11b199194e2b75767249b94f160ef15c7e9bb52233a942f5988
SHA512 38cd6548b0a180f35c703942ba08779b62116bae3bd354da2b5307582551e9e8bd9d20678bacc53d4cab3faa8e2520e9c216c19bc098736c79d61bdd6bf92a06

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Visited Links

MD5 c4d89b1b269ad7308885811a4eb67c2b
SHA1 e447653aa7dc5ac369c1dfb723e1366b2817a8dd
SHA256 ad62863c804db863e90e7a758e389f04e541aa89ec732433f340a2c924e9e752
SHA512 033129606dfcf5bd8d350e3380232b9cd57f4f65d60da38e4b5ae306546476489dfaade758dc169c872e21b94e259b94aaed25400f2569bfa14950469a20eb5c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\History

MD5 8262ebee2c8aa88f00575869f3f8706c
SHA1 d97355b2cce1dd3ab83d50e41731f2f293c17f5e
SHA256 ff1d7aec88026948cc3d3ff467f7af8605b5971c1141b5739e85900939de8d58
SHA512 725a6a09f96dc5bdbfeba934013abd9fa5a9a05188413596728ff32f4c60c9eae7482a0b785556a9930edc1ebc6885c51b2d7017a5ed447278297664acfd6349

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sessions\Tabs_13369051131794053

MD5 2498c3b7f1fe0d5eacfad0685f953728
SHA1 d3b435ec580af1227297d702971e5be11ac77c91
SHA256 aa0697c4da8c21629dc3839a2195cb5b479a8718f0681b537cc412ed4629b09f
SHA512 ff5dcbbe7b9d2960045f1c93db4e818614909433e0d54b37071952daea2ac01e2fb25a87a37e128176ad61975118d927a9093e70eb14fa8cacff59ba2b4073ac

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\000003.log

MD5 b5cc71fab5745c2f20a317990460e1cc
SHA1 22cb255e4b68992a07f0b6381c9005e2d3f8981f
SHA256 678fce0d1df644f7992de18454c85c9a01f935898fc4ccc42007a219b0fa27d8
SHA512 59e7c9d57cbce6fd2ae5e0b570c9fb0aed937e97bd249605cb44ca4cc2e7c636d1d519f9a7d3f0a7f4df25ffe0d312c95f66ff3e9db30d2cdf7a54b33dc11392

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG

MD5 5a3aa9ca017a5650cb3bc48f7ec92a25
SHA1 a3d640cfad4b90ade1159818703a13b7576dcfe3
SHA256 12bf7e86bccac31f83447447b51834b3752cc2abcc2a557ae6c1c9c532f8a70a
SHA512 2a18efb11ac9c5186cb76df5453af73f8eccf3d02e7db6cfc822294efe2dd0c3fbe0937431c714ae9c5359be84d4cf837a89ebe86e5100dddbbf84566e720e54

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_2

MD5 bf2a825ccd2ce4ace6ae3119e665ce11
SHA1 2f97ee1eb0b94bc2689d798087cd9c477c22974d
SHA256 9f090bbf1732a252b7100dcd881de9f1eebfecd5c354759aa4fd41838025c9da
SHA512 5e037efc33d92721b07dc1fc156a9d57cbb389609a91486e7796c309e0e92a2d223954b9d8522dffcdb421c93d239818610f195efae8e6656a1aa8f42fe3cd76

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

MD5 8ba40ba95fe7eb5d2dacb2e4a1be6c87
SHA1 ead0bea4a72186ba75def7a2e9158ee0910b06c8
SHA256 861fbc33d57419aee125ad86708f79ee9b17fcc8b897dd7724b726f3c147dac1
SHA512 91ea0362a62e522fef4c249fa8c346794bc779a013451188dee02a56a747dc6453faf950ba494eecf1575731590084e9f22028b232817a87787aa8be0b0df041

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\DawnCache\data_1

MD5 9416084eddf61f8ee035197dd435ffd9
SHA1 275e43f3c0df0ca295c49ca23d300e1dd3fa70a8
SHA256 791738b1e392133d3bd7b71179770ef6501f54aa13c9e593a7866b46b2928bd3
SHA512 0b065f50d2a3bc52650be2086c5fe7bf8211ed0c9e2b441008a86293280cb16d24b44bf24affdb607e8e9c08cd305878b72cda2b34b121de799da2611ace0ce5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_0

MD5 18b24942ba3db416c734449a3fe53c34
SHA1 067fe03c9109044bf3ab5eb94a034ac3968a5656
SHA256 a18f03b355278f58f973377f03f2882c3a003ae862d7602f1e4f61b1c5f03f8f
SHA512 1bd3b8fb0ca23b49d01b185fd499bb20ce725f5fa0d7b023bf48d45aa0d37a418ceb5d117d5300d075a8098c6402bd0436b94909a15a1e1c6b67ce055b0eb69c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG

MD5 ab86906c3da38c48732c4817fcbeea9e
SHA1 15370576011374e4a5234954ad79479f7473e5ca
SHA256 77cd677552e6995c56e6011329c6af57b9242206e5f2f39c235be10be3539572
SHA512 8d717f02c30e3298066fb491fa721e939dc01a8c730dc1e2385adb0503f80adaa57a4886d9ce1347d2efb72aa59b6f7b299c5058b4d3719a4dbef9017bda01b7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000003.log

MD5 cb685e168b6f1f127a2b45e159e84971
SHA1 a99241d16de8e6c95867aa9c109a513eafca9794
SHA256 b028f5068dd88659bcf640b0f3237b5d5982427b4e05e33f964385a2dd27d431
SHA512 74de9d50de065285e68869fb382c53b36268832cbbffd3c1393586a3fc4156c87ff7f64a6115a68a16440d1e4bbf854bbe2f91acb8077e3dfed640efef5ae360

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG

MD5 ccecf870158e8090f2ac4bd58a2bb2a4
SHA1 3eabef107ea4f33e268e449c8f482f37f8df0389
SHA256 7f9c430724b890b5dd23efd8f935ef02d2e7c955abc90f07ea48df598914f731
SHA512 8f940f80f039748d3f935b9b6889e3d3dd5e652ca1dac650ee7324abd7f2e2a84723642e336716e2adb00ddc1ede226c3e7bca478d71c51cc7964f0b7e4e3f51

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GraphiteDawnCache\data_1

MD5 9b08a634f99944bcb0715a0d8ae530e7
SHA1 2fa8b4c8d9a65fd923149dfb49850dcffefd47f8
SHA256 b27a53d6a158b4d8e6a82559d74378953e0250c33c646e4cb7c7dc412514387f
SHA512 1d514c52beb35adcc795b0abcdeea11dda46e4bd25d247aa459e677a6a74c121970153798cc5146d286a330a39205bf2ddb8d543ec904e368f47d299f51bc81d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\data_3

MD5 9fc79f737c0d1a1328d9f58d9017fd6c
SHA1 4c65967f9f31132aee1e406faf7562aa24dab89d
SHA256 83853443f98dcff48a54319c4759fc31db694b1582930ea602753482a34ef98e
SHA512 e53074c10cc65694aca2b5bae27df496a85ed5fc6f12a6c82d8edebbaccef72f73bc010528286b4645d4e40303b9473fb835c30fe2e7c04d34dfa0941665f66c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\data_1

MD5 2096424f8b98a6d49642928a63e980ee
SHA1 acf360a5c4d2d3010bf441ac4d1ba1eec21bec50
SHA256 1b8a3ab252e13c3c630e36dd52dd1f8e457e83b78e1676876a9ebae70ec39f31
SHA512 ef88422d57a2066e0d1d44686974244e93b0b6a6684b825586e9c217de6373b0ec80e2289c1305553779e87205520bd8769669fe313522c67cb019b4ac9818b1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\QuotaManager-journal

MD5 f54ed88356418613c11253e52bfecc5a
SHA1 9fe29a93734eaf295d0deab85347b3b5eaa9db12
SHA256 97423f27eaa505e60ab7a7670e24bd5dfc420dcb7959f4bdee0fdf4d5aab2eda
SHA512 7b2cdfaa404a193605376d77f6236185206bb5a48c05bfdfff3bc89f8c840120361e64c8586d4345b4dae753f6f1139bd9e16822005bb4530c5c109ce84c0721

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\QuotaManager

MD5 8654e3f982cf3ca59f7a88be3e19417a
SHA1 424439f775ccaebc3c75861bac2687e7b32390cb
SHA256 b71dfb2f4ed5d608fbc19af783964ddc836e5328899c5c01388c8cd5c558260a
SHA512 1708c0e96a5aff0aee878995ef4a1087434b2cc2196aa62a0b25639279711a4027004f51f145fc05f287556f59ec00a2ec18992e9b06fe4e8aaa2240e48d2220

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\data_0

MD5 122b78139aa80b7112937e55eb6f9855
SHA1 13ed63627a9e0f40f113ccd457c9c9cb68c5be29
SHA256 dca4d569f24d9280bd40e243f95379a6c7ff58aa67829961e1babdefc11c7384
SHA512 af56db8c7e30cc7be0b1a0fd62ea97e0020966b7e3e6723e3c2188129574b63b61fc1a8c14f51a6d322db5e950def8861b24a16d64c62cb644526e29134e2b5e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\000003.log

MD5 c2831f3a05da942b5d664eab5ae3b4a3
SHA1 29cb56e5f5bf6bfbe9240a3150d8f3a7e3dcb32d
SHA256 b128b2885384cf59ed677026168649c96e557c00b77b1f522fac219842644125
SHA512 afc82284e9f4451771bf42a2c5f95cafa5aa698870b28c85d772dee7a6a31697c5fc0b2757f2e630a89814e4bd532ace3b411daf29e284b0864335aff7f24b8f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\LOG

MD5 46b59e3c952091f0568ce69ee45314a3
SHA1 55e70294af0f7aad5c16e98fef5c94fe9b2f4538
SHA256 a890a285abe7ea5acefd0b67ac6bfce4139081a23a0edaced0080953b21ce7ad
SHA512 1dbdd543715ea0eaeab972e4e457cafe305fabe35ba55a1cd7cdb1544fc70e0ba89dc9392b11935fe1b38f4b87a3b7566e50fe7635abc96f244a7ba142c2ae1d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\000003.log

MD5 441cb59b14d567bda44e61dbcad372b3
SHA1 1c601b28eaf7790ed9b87411aad483b01185b142
SHA256 39036993874cfb926bdbac3b2b4e89d017a9913d51e5febc1a361dff95c20e50
SHA512 862168987abc37b4cccd47cf10e3ebc39a37738e1849878788037b3bfb97cee611a48285b73ed2cdcbc2cdb21790e74ed5190edf23f28decefabe0b71294439d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG

MD5 91d237dcc21d9530826975ab23b1dc48
SHA1 4ffdca8006a8b67c15e0f7e748e8e406016f4852
SHA256 70d241bdb205f799a0489194e25a1317ff313ce55aed9feb12f162f862394270
SHA512 d15e401f635f41e2ed6f02833cf9b30a993e505ae79fd7a2d69f9e6205f25ef9f4ce89c4b88a2f891f35c683f7c129620a2c6d4c2b0f605cfd6a5ba5b5776d22

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sessions\Session_13369050986478845

MD5 05115ab987bac796a4a924f149530c5e
SHA1 f25f1e33ed79634aa23e2a2b863b8fdb5446bd3c
SHA256 f74965e13d7aad067464ba7b1d41081f2cc30499e1072dd940bc8fa8ae0acd30
SHA512 55504c4ca82086f6894bd5dc914db61966e7dacb84f274e94ea9c81f324d36eb77d6e0d1a8c9417bcc088170241646393a336b99758c14ce73fd8b5428762999

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Browser

MD5 de9ef0c5bcc012a3a1131988dee272d8
SHA1 fa9ccbdc969ac9e1474fce773234b28d50951cd8
SHA256 3615498fbef408a96bf30e01c318dac2d5451b054998119080e7faac5995f590
SHA512 cea946ebeadfe6be65e33edff6c68953a84ec2e2410884e12f406cac1e6c8a0793180433a7ef7ce097b24ea78a1fdbb4e3b3d9cdf1a827ab6ff5605da3691724

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG

MD5 b1d5ec9e07303d5ed4da19d1fdce199b
SHA1 cfad5e19d730fb84dd0d5a4a73d2aa7185c6dd29
SHA256 915eafbac63cb218052bd92d2e7c64ad995958b6dc251408b6901a092466151a
SHA512 2f2f83d5ec321ede19e07ee12c5af83c955c2431073c089dfc05fabd701bd34204a3b508c45d5e5b857100b2cdcc023fb30eb692e88b26afa515d78309dda490

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\first_party_sets.db

MD5 5a1706ef2fb06594e5ec3a3f15fb89e2
SHA1 983042bba239018b3dced4b56491a90d38ba084a
SHA256 87d62d8837ef9e6ab288f75f207ffa761e90a626a115a0b811ae6357bb7a59dd
SHA512 c56a8b94d62b12af6bd86f392faa7c3b9f257bd2fad69c5fa2d5e6345640fe4576fac629ed070b65ebce237759d30da0c0a62a8a21a0b5ef6b09581d91d0aa16

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\first_party_sets.db-journal

MD5 72891b45e7b85d3f7321f3efdb404167
SHA1 d089f84193a3e673de2c56a4eab6d2efeb53dbca
SHA256 897e1d6a0b1ca016771b5adeaf73146554e6ca1721eaec7e67375a67a965c876
SHA512 9c2ac45756b14f9ac17a4c4f83a124bfdf0aed74a63f32bbf9f6e64e9ae7d984ed4fa23c1e64a6f0c9ae4ebe7c1b279f62792df3e00260b3778fdce0ff895b38

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 e673163042c7fa767e96072336ec9fb9
SHA1 1413132d200205d05589153320e91e4cc42481e2
SHA256 17e4a886a763ff1a7a0f6b5fafe0b69e3088420300cf1718f699f7c1f2c6cdbe
SHA512 12272eb4fa969b2983a19c9fadd0cd77dcd53282a24c28f3e8b082dc34cd7b0684ad56aef4c85b8f1cbf43a304c6749112f76b71333f63f4bd01d628ee9b8be5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f721d4179e9d1cd92895160467942271
SHA1 e58a22e441f24f78eb5fbb8179b43243e83ef814
SHA256 33f7fbc76c28fa294bc7e29511ddfe67ec02cac82ca48aaa611b7b758e39de28
SHA512 a26881494eca4e98dc1749a200d538f1caac838d940d13adaa71d04d17748d3ebb8f94a715a0863562c68435f42dfc8359f940047644d9f0758bece65b82beec

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 c2f283e96835860d3ec5a372e27e9048
SHA1 933831947ed2e3d8d9bd5356b0ef53e3d7c78cc4
SHA256 105dc45821624640e7d716229eb2f0111d98e84f08b4c3d8d73d99c3b511805f
SHA512 99a09bc1f5447500a40751299fee81665d5e661c6cf0a9edab3261d6dbd3a24f56cef2dd69a117dffd25f504463103c424f5121db1280bd4950680f61d839486

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

MD5 5d8a5f3fe7260f15e4b8808656fca53c
SHA1 f49fadc565c0ac27ab37457526c65a021e6223e5
SHA256 441065a4eaa8d31f92777e746dcc7dcb1a67453d469c8c979a0accdb9437f96b
SHA512 d6ed2ddd229de3795ee1df5164facac72fdb1863bd8eea7945eeb7ecf719af632aa84a8bacaefd8a0f875b371b5d52b69ec42c911d89edca4b857c96514891c8