Analysis Overview
SHA256
424691c17ca850f4b9d390a795b5c416f3df3c37f223c90fcc8544344ae86b5d
Threat Level: Known bad
The file SeroXen-main.zip was found to be: Known bad.
Malicious Activity Summary
Quasar family
Quasar RAT
Quasar payload
Identifies VirtualBox via ACPI registry values (likely anti-VM)
Obfuscated with Agile.Net obfuscator
Checks BIOS information in registry
Themida packer
Loads dropped DLL
Legitimate hosting services abused for malware hosting/C2
Drops file in System32 directory
Suspicious use of NtSetInformationThreadHideFromDebugger
Drops file in Windows directory
Browser Information Discovery
Unsigned PE
System Network Configuration Discovery: Internet Connection Discovery
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Enumerates system info in registry
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of WriteProcessMemory
Runs ping.exe
Modifies registry class
NTFS ADS
Kills process with taskkill
Modifies data under HKEY_USERS
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-08-25 14:11
Signatures
Quasar family
Quasar payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Obfuscated with Agile.Net obfuscator
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-08-25 14:11
Reported
2024-08-25 14:21
Platform
win11-20240802-en
Max time kernel
569s
Max time network
569s
Command Line
Signatures
Quasar RAT
Quasar payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Identifies VirtualBox via ACPI registry values (likely anti-VM)
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\ACPI\DSDT\VBOX__ | C:\Users\Admin\Desktop\SeroXen-main\SeroXen.exe | N/A |
Checks BIOS information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion | C:\Users\Admin\Desktop\SeroXen-main\SeroXen.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\VideoBiosVersion | C:\Users\Admin\Desktop\SeroXen-main\SeroXen.exe | N/A |
Loads dropped DLL
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Desktop\SeroXen-main\SeroXen.exe | N/A |
Obfuscated with Agile.Net obfuscator
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Themida packer
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | camo.githubusercontent.com | N/A | N/A |
Drops file in System32 directory
| Description | Indicator | Process | Target |
| File created | \??\c:\windows\system32\driverstore\filerepository\display.inf_amd64_01cf530faf2f1752\display.PNF | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| File created | C:\Windows\System32\DriverStore\FileRepository\display.inf_amd64_01cf530faf2f1752\display.PNF | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of NtSetInformationThreadHideFromDebugger
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Desktop\SeroXen-main\SeroXen.exe | N/A |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\SystemTemp | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| File opened for modification | C:\Windows\SystemTemp | C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe | N/A |
| File opened for modification | C:\Windows\SystemTemp\Crashpad\metadata | C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe | N/A |
| File opened for modification | C:\Windows\SystemTemp\Crashpad\settings.dat | C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe | N/A |
Browser Information Discovery
System Network Configuration Discovery: Internet Connection Discovery
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\System32\cmd.exe | N/A |
| N/A | N/A | C:\Windows\system32\PING.EXE | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Kills process with taskkill
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\taskkill.exe | N/A |
| N/A | N/A | C:\Windows\system32\taskkill.exe | N/A |
| N/A | N/A | C:\Windows\system32\taskkill.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133690687193023748" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-4272559161-3282441186-401869126-1000_Classes\Local Settings | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\Quasar.v1.4.1.zip:Zone.Identifier | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Runs ping.exe
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\PING.EXE | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Users\Admin\Desktop\SeroXen-main\bin\Quasar.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Windows\Explorer.exe
C:\Windows\Explorer.exe /idlist,,C:\Users\Admin\AppData\Local\Temp\SeroXen-main.zip
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xe4,0x108,0x7ffbd6f6cc40,0x7ffbd6f6cc4c,0x7ffbd6f6cc58
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1808,i,2867160821799762028,8780356320327163402,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=1800 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2076,i,2867160821799762028,8780356320327163402,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=2088 /prefetch:3
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2172,i,2867160821799762028,8780356320327163402,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=2196 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3068,i,2867160821799762028,8780356320327163402,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=3232 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3116,i,2867160821799762028,8780356320327163402,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=3284 /prefetch:1
C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4408,i,2867160821799762028,8780356320327163402,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=3552 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4736,i,2867160821799762028,8780356320327163402,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=4764 /prefetch:8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe" --reenable-autoupdates --system-level
C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\Crashpad --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x244,0x248,0x24c,0x220,0x250,0x7ff723ce4698,0x7ff723ce46a4,0x7ff723ce46b0
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4804,i,2867160821799762028,8780356320327163402,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=4668 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=4952,i,2867160821799762028,8780356320327163402,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=4792 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=3376,i,2867160821799762028,8780356320327163402,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=3228 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=5000,i,2867160821799762028,8780356320327163402,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=3456 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=4788,i,2867160821799762028,8780356320327163402,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=4700 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=3368,i,2867160821799762028,8780356320327163402,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=3292 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=3760,i,2867160821799762028,8780356320327163402,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=4996 /prefetch:8
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {c82192ee-6cb5-4bc0-9ef0-fb818773790a} -Embedding
C:\Users\Admin\Desktop\SeroXen-main\SeroXen.exe
"C:\Users\Admin\Desktop\SeroXen-main\SeroXen.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=3548,i,2867160821799762028,8780356320327163402,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=4916 /prefetch:8
C:\Users\Admin\Desktop\SeroXen-main\bin\Quasar.exe
"C:\Users\Admin\Desktop\SeroXen-main\bin\Quasar.exe"
C:\Windows\System32\cmd.exe
"C:\Windows\System32\cmd.exe" /C ping 127.0.0.1 -n 4 > nul & taskill /F /IM "SeroXen.exe" & taskill /F /IM "SeroXen HWID Reset.exe" & taskill /F /IM "SeroXen Toolkit.exe" & rmdir /s /q %userprofile%\AppData\Local\SeroXen & rmdir /s /q %userprofile%\AppData\Local\SeroXen & del /f %userprofile%\Desktop\SeroXen.lnk & taskkill /F /IM "SeroXen.exe" & taskkill /F /IM "SeroXen HWID Reset.exe" & taskkill /F /IM "SeroXen Toolkit.exe" & rmdir /s /q "C:\Users\Admin\Desktop\SeroXen-main" & rmdir /s /q "C:\Users\Admin\Desktop\SeroXen-main" & exit
C:\Windows\system32\PING.EXE
ping 127.0.0.1 -n 4
C:\Windows\system32\taskkill.exe
taskkill /F /IM "SeroXen.exe"
C:\Windows\system32\taskkill.exe
taskkill /F /IM "SeroXen HWID Reset.exe"
C:\Windows\system32\taskkill.exe
taskkill /F /IM "SeroXen Toolkit.exe"
Network
| Country | Destination | Domain | Proto |
| FR | 142.250.179.68:443 | www.google.com | udp |
| FR | 142.250.179.68:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | 68.179.250.142.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| FR | 172.217.18.206:443 | clients2.google.com | udp |
| FR | 172.217.18.206:443 | clients2.google.com | tcp |
| FR | 142.250.179.68:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 131.178.250.142.in-addr.arpa | udp |
| FR | 142.250.179.68:443 | www.google.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 185.199.111.133:443 | camo.githubusercontent.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 140.82.114.22:443 | collector.github.com | tcp |
| US | 140.82.114.22:443 | collector.github.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 185.199.111.133:443 | camo.githubusercontent.com | tcp |
| US | 185.199.111.133:443 | camo.githubusercontent.com | tcp |
| FR | 216.58.215.35:443 | beacons.gcp.gvt2.com | tcp |
| FR | 216.58.215.35:443 | beacons.gcp.gvt2.com | udp |
| FR | 172.217.18.206:443 | clients2.google.com | udp |
| FR | 172.217.18.206:443 | clients2.google.com | tcp |
| US | 216.239.32.3:443 | beacons2.gvt2.com | tcp |
| US | 216.239.32.3:443 | beacons2.gvt2.com | udp |
| FR | 172.217.20.163:443 | beacons3.gvt2.com | tcp |
| FR | 172.217.20.163:443 | beacons3.gvt2.com | udp |
Files
\??\pipe\crashpad_4732_TDJIMERXTYNYSGWX
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState
| MD5 | da2bafe48e3dee2e67e0555b4a7820c0 |
| SHA1 | 11fc827b069acf1b718d90bc7caf372ef4dbedc1 |
| SHA256 | e05029d5e0d7453fa405dd06aa0b1c633474d21212d000356f09621ba06b86f8 |
| SHA512 | 89810e95440da8245cadd949043285700b537ec4bd7e90e2d263b70f45fd30bd168b7bde163a251b780653b96fcbca5dd8ebb8b12ce09a452633c3277a1417a3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000001
| MD5 | 2257803a7e34c3abd90ec6d41fd76a5a |
| SHA1 | f7a32e6635d8513f74bd225f55d867ea56ae4803 |
| SHA256 | af23860fb3a448f2cc6107680078402555a345eb45bc5efb750f541fe5d7c174 |
| SHA512 | e9f4dc90d0829885f08879e868aa62041150b500f62682fc108da258eee26ad9509dcbf6e8a55f2d0bdba7aa9118dd149a70a7d851820d4ea683db7808c48540 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | b5e016466ef85e94f67003fbbd044c07 |
| SHA1 | dd691f35dbf47d29cf629cab58e8567e279e4e2f |
| SHA256 | 52cd91dba00bc47c01c5829d59dee1aaf9893f08e86adf8dc0df89c70f519a40 |
| SHA512 | 59ea6de19cd6805f8e484eb97423f08fd94a45f477a5326bc55bcda41ddc63edd70f655f631a61f53ae5bf8baa2087f8ffcf3310a33ad3d8b69183f9d31959a6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\c9d79289-e246-40a8-9213-a359a17296b5.tmp
| MD5 | 65fb69f1032212343f1413bc06fa8293 |
| SHA1 | 3e60597681ce0d2ddf55f5e6d91279a1865a4447 |
| SHA256 | c5555439fc7bbaa8cd29745a977a520ef80223eb41711bc5d4c78c77bbcf5e3c |
| SHA512 | 60b9bf4c6a791abaa7a6d74896b5e5a7714f8cad03a51e8a333a812a4919744602ca792926da1ec17bcf2c0ed0fe7bff4e7b60c14e5864ae5e7e02fcf4f5eefe |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 7e12ebff3ee45c7fb640de5b2a03e65e |
| SHA1 | f41287ba7d7946d00b66d6896a2b13cdc0cc45ac |
| SHA256 | 4efec8671431f924e056d6c8218932ca2f1bd800ba638c636cb632e1cdada343 |
| SHA512 | 631d267529f628457b73fd260685da76de32f239e6a2ca81bf730f7106137de76c8f919e92ec293276f87f6935e2057b1862da2ccc8e6f2b76d6e87aefdd35ac |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
| MD5 | c1113440650405c0f1b4d0266f51d8bf |
| SHA1 | bdd172e0abb415fb6eccd628baec788da278abcf |
| SHA256 | 22264f1bdbac1b17ff5bca8ea9baeba1dabd7f301b422d372f2ab94c9527cb02 |
| SHA512 | 63f0bcd6c17d57c4abc180aba4a9d596d4df83bac7f2d7f2aea0c72abc82fca89a2ddeaec2256aa27aae01d7b0e62a00fdcc3a59b78dfd64fcb9797d94177934 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 52f0a60eee464bea084f7973a1e0a057 |
| SHA1 | dccf4905b701daf8adcb5c993805958efd0ea07c |
| SHA256 | df926ff5ad449d3d74ea5d077a1ee3b6acfbd8181bac2bb71b5897f8d96b22e5 |
| SHA512 | 6012f175c983f8ca27112d0805e48c38dd6fbd082b130e21ea3b86e195fc1fba1fb90493de43d8633d0f1079ebfff7b33b4866f88755c72c142471b050bcd47c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | d0df626bd3205750700654627dd48e76 |
| SHA1 | d9e348f3e827951b40f6aec18d13523e59bf3b0a |
| SHA256 | c4614aa715f2b5ce0ca30649a556bf20e06cc16cc318d7568ac98739c656c0dd |
| SHA512 | f553efc200eb8ab6df3eda90b64015ffe987215723b795892d50a04d77d14b7b2a1893acd9ab07b5eee4ac07c63c191cd9945cf53a72c13e357598f85fe85c40 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | b45c8deceb0aaac419c23459177575ed |
| SHA1 | 79abde7bd3c4cb9a4fb4426bf8d557210b157031 |
| SHA256 | 41044265ff1c2666f2b73c01d21a198167239e89c91a83cb0173ed59d3e3638e |
| SHA512 | ff7dfae964dea1e8e1c2613494fc12e4ae4a0c5de187c9e6414597c542d9380001f4a90eaccfdcbe8a0f343a78921396c803802482cb3af9b5b946973d729eb4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 9201ace524a636172f212fd5c2d3b9d6 |
| SHA1 | 367e79146574ed5b3390deffe97f7da9a58d04d4 |
| SHA256 | 7a0ce9dd09b9510f5b35701d5f7060c3afe1b4ba66c93a16b752dad1b4a96634 |
| SHA512 | 67142ae9b643ecc7c5e37a2d6ba64c1c571d512990998144ebcb93caa7e529812a25e485eb6dd30d3f7081885703e644e1c469a473764ef232542ad944ecddac |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 624a17ac92cf1ee3b023003d171d9d9a |
| SHA1 | c77a7846a1a476d4c770734996cd6ecf4c8bf6c5 |
| SHA256 | 0158ae988cb1b5f492b1e1c84421de37b454bcd273d57661e26e13829e78dada |
| SHA512 | af254324a00f2db2c4d196a303fae935b18b65ea9bb958888443787038f840086b7b1a4200ce347f68439d288dc90a7213d247556677073b51d23e058bacab77 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e95597335baf150d66fb599b5a522b79 |
| SHA1 | 8b6e51d45b8737ca27ccd5acf2c83e15b032dc22 |
| SHA256 | cf8671a0c771ce886bd7de18bfa78514caaa159e91b648abec3222ccd0eb1f52 |
| SHA512 | 53923587557e249422648ff8554d3fc252795a1769cd50cf0623ce9adce40e40c7887ad69fd51fc14ab212460fdf9110b521f42f14ddbd825d8bd86fb6be4ea1 |
C:\Users\Admin\Downloads\Quasar.v1.4.1.zip.crdownload
| MD5 | 13aa4bf4f5ed1ac503c69470b1ede5c1 |
| SHA1 | c0b7dadff8ac37f6d9fd00ae7f375e12812bfc00 |
| SHA256 | 4cdeb2eae1cec1ab07077142313c524e9cf360cdec63497538c4405c2d8ded62 |
| SHA512 | 767b03e4e0c2a97cb0282b523bcad734f0c6d226cd1e856f6861e6ae83401d0d30946ad219c8c5de3c90028a0141d3dc0111c85e0a0952156cf09e189709fa7d |
C:\Users\Admin\Downloads\Quasar.v1.4.1.zip:Zone.Identifier
| MD5 | fbccf14d504b7b2dbcb5a5bda75bd93b |
| SHA1 | d59fc84cdd5217c6cf74785703655f78da6b582b |
| SHA256 | eacd09517ce90d34ba562171d15ac40d302f0e691b439f91be1b6406e25f5913 |
| SHA512 | aa1d2b1ea3c9de3ccadb319d4e3e3276a2f27dd1a5244fe72de2b6f94083dddc762480482c5c2e53f803cd9e3973ddefc68966f974e124307b5043e654443b98 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 21a33e945cef1dcd25073de2e7ce5cad |
| SHA1 | 4408ffb59d8b3d356ba8c82aeb6b2b6f0bd1603b |
| SHA256 | e348925e8cf2b6d8261e1d716ef785230705a1257dcb539c7e7c66a53a2589bc |
| SHA512 | 6cb42deb4b64f2a20a883ac082fe77cb444ec47a9f51741ccdd5209f57e736be7fbc401f0b45f4df1b9f3a509485e5c710ddb3e075761dbf58553cd6dc85aa17 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7c7fad9dfc27643d4851d42f5490e31a |
| SHA1 | 0af0a86ac7d9e95ae53ccf584e0dd6674d86da5c |
| SHA256 | 1b7c41029ec7c5cf3fe453d043ae51d8fe60d03266096e71540984ec6021c9c7 |
| SHA512 | 0bf6be2fa062a8a60f580178beef3f6c9e90619e2796ec92fe23376f099e9d4be1fa06df876920f8d4cfb41079ec4f72a271d5ce043c6c8688a90940ea0eb98b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | a4936d67d4d2fa6a7057a68e8900ec41 |
| SHA1 | b960afc91b701711ffef2b74885f625737f597df |
| SHA256 | 4320450d171161e772329c3f525ef5ef63cb694ded434a8b6d24e5cc178b3406 |
| SHA512 | 9b47f0bdfb680d17aba75fbfe86e0e97294bc7fe082cbdf873bd4c2b3eaa8199a67db27193fb7f2d70aecb8f2cdb266e6cf999da69eb2db5b0583ef0b8de6fe3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 2997e586db0004170e0600968e3ecf8f |
| SHA1 | 4cb0e02de746111f74b4dba4cd6521e0bd804d1a |
| SHA256 | efa33a2199203594e3c0f7bf3e78f5cc9d2c2f2830f69a06bc1c07123ccf2a54 |
| SHA512 | b89f03daf66e30ebed259b24b8ebdced81963692cf8d06a90eac7d15ed86d8a0eb59afa4ffdfa493a60e66e23af996951b0ae638d042398d76c7f56366791abd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 238c0bbe5216ebac4aa0e69fbd26c1ca |
| SHA1 | fdcd0667e683b87419aedd6f0b8c213e04ca89cd |
| SHA256 | 24d12726aff36679f6012bef6e3f66fdd62d0fbb4b7bc3a41f2a6756e5526543 |
| SHA512 | 282e09493c77a779e4f095c89646b92473d04d512b0ec0ea815220dd1136e83af6267c1e58e42dc1eef28353a4ac8ded5388f4ce8ef8f40acd28cdb3915e1c7d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | cd4e9ceaafed1f0630d440345a60527a |
| SHA1 | f3a57bbb7a36cfe6c75c44d6574b72abe122708a |
| SHA256 | 0a6dc00ad794ff9175c2a7ec9d8352b064b9f6d356d623e8dcdde7d2eac8de66 |
| SHA512 | 4821f97b3722b9be902022b2c06469e08e7fe5728ff55807c55d96e305c6d036c6c59ce1c107533d93e2a237ba8cfc567f9bdc65e1f491451bb58a6622d8eac0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 5b2d3873e8f4f0b4c96bcdd560f05cfd |
| SHA1 | db1ef32da51a9834f8b39370c564ac3ec1344878 |
| SHA256 | baf9965aafbc957ac226c5fdac3a2cdeddb1afe8c75e713ab4bafbd26c7965de |
| SHA512 | c501fefa03fbcadf0b35e674dcfefeb55e7855b2376a3e8666215f8226893a458cc463191c5ac914876b80e421a5f95a1f10f5cfa00289b03ef94042d5fd64de |
memory/3448-519-0x0000020163AB0000-0x0000020164032000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\49979061-04bb-41a9-8625-de2d15652f02\AgileDotNetRT64.dll
| MD5 | e3bd88b3c3e9b33dfa72c814f8826cff |
| SHA1 | 6d220c9eb7ee695f2b9dec261941bed59cac15e4 |
| SHA256 | 28e9458a43e5d86a341590eaa83d0da18c29fce81f2383d84bda484e049a1796 |
| SHA512 | fcb7e384b5bda0f810c4b6190a991bd066eedfc8fc97af9837cda1ba480385c8bc09bd703c1029f9d8d8a3eea3dbc03af97b014b4713a4ceea6ad6ae85b3b6e9 |
memory/3448-527-0x00007FFBBB1E0000-0x00007FFBBBA3F000-memory.dmp
memory/3448-528-0x00007FFBBB1E0000-0x00007FFBBBA3F000-memory.dmp
memory/3448-529-0x00007FFBBFFC0000-0x00007FFBC010F000-memory.dmp
memory/3448-531-0x000002017E690000-0x000002017E6CE000-memory.dmp
memory/3448-530-0x0000020165CB0000-0x0000020165CEC000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 0a112f2cfcc69d977f7766c5beb8935b |
| SHA1 | c304f0ce008de3fac148f5d89c391b065d718407 |
| SHA256 | d4081c1ef9a37b1e5c9ce5a41263f9a5de6f8162de9db0e8ae7a036a6662b0fd |
| SHA512 | 72613f45f60a0290b6fe9bc9360aedc328c28e76ab9d81d44f2b7ba12b4e06940c9524b329031ab554fa3bb53ff60f26282f54c51e9977886679dd19e3e48ecf |
memory/3448-542-0x00007FFBBB1E0000-0x00007FFBBBA3F000-memory.dmp
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock
| MD5 | f49655f856acb8884cc0ace29216f511 |
| SHA1 | cb0f1f87ec0455ec349aaa950c600475ac7b7b6b |
| SHA256 | 7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba |
| SHA512 | 599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8 |
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val
| MD5 | d222b77a61527f2c177b0869e7babc24 |
| SHA1 | 3f23acb984307a4aeba41ebbb70439c97ad1f268 |
| SHA256 | 80dc3ffa698e4ff2e916f97983b5eae79470203e91cb684c5ccd4ff1a465d747 |
| SHA512 | d17d836ea77aeaff4cd01f9c7523345167a4a6bc62528aac74acde12679f48079d75d159e9cea2e614da50e83c2dcd92c374c899ea6c4fe8e5513d9bf06c01ff |
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx
| MD5 | b5ad5caaaee00cb8cf445427975ae66c |
| SHA1 | dcde6527290a326e048f9c3a85280d3fa71e1e22 |
| SHA256 | b6409b9d55ce242ff022f7a2d86ae8eff873daabf3a0506031712b8baa6197b8 |
| SHA512 | 92f7fbbcbbea769b1af6dd7e75577be3eb8bb4a4a6f8a9288d6da4014e1ea309ee649a7b089be09ba27866e175ab6f6a912413256d7e13eaf60f6f30e492ce7f |
memory/5112-559-0x000001C93E580000-0x000001C93E6B8000-memory.dmp
memory/5112-560-0x000001C9402E0000-0x000001C9402F6000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 4bcc27aceb1181cec3fffab5420e77e2 |
| SHA1 | 13c0e2e5c384ef97ed511ca1f1d3ffaeae2433b9 |
| SHA256 | 26d49fad5521b80d4a0f58e905cc78627063cbd9acc43b2e15cd1114902d2a6b |
| SHA512 | 90f0549bfa7270506a4483f638cc1dde0cdc147a86107539a4820dc479da5e6eed73efda5e53eb56369977b889f3435efc1cd7126fe465d8cc09d4788322b000 |
memory/5112-571-0x000001C95B290000-0x000001C95B552000-memory.dmp
memory/3448-574-0x00007FFBBB1E0000-0x00007FFBBBA3F000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 1f971908459c9d561317f2fee239aa3d |
| SHA1 | f5fc6ef2eedbe0351963d6a49d01c80a5a320797 |
| SHA256 | 30dd3cb962e59f3ebf10f55694db5cb61543723aac5d59d850051412cd515db9 |
| SHA512 | 78779e375f933e563357acbaf6120e6a60d3c4c9fca785bc9f84e693c25eb3eebfe0e2926638e4a6d06ea270933e9b9787ecc95da0fee4ebd4a8e98465da40dc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 92cdf8c9faf02dbfdce528dc678516c3 |
| SHA1 | a9a00267203b7e14b5c10abfba1bc93fe9d633dd |
| SHA256 | 51ed38d055e03fc1007acad61abd8be2e0eb5807166f2eacb00b1c11a2c9a119 |
| SHA512 | 88051d403aab21abb33679315c3eec379ce6b1458c6c67744f5f096e4fb611e77f6a6e760d663c0e84e3e322b9dd3db2eadba567aa5a5be65da95c8649521373 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 1e9a6d4dae5ea6d570a3afc6d29b5249 |
| SHA1 | 52a58a4db15605792d5e129dde4f0482e1a47c18 |
| SHA256 | 49f5fe1f6092a2caeff8c15a6218dfc6a4578a88615e3a500ad34123a62ed4ec |
| SHA512 | 53a421abbc844afea8cb820ee633fbd82aee92bc9ee22fcadc7dcd9854f11d2545b3da2cbc7f767c031a9ae2c0829f882519766a70960121a0bb386c6e687141 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 6541ad9c333ce3fdda23ae01caf33981 |
| SHA1 | fabc2675dd67ff181010614a7e76ba87de1b0096 |
| SHA256 | 8b7c2ae32228d8f52416c91fd0ca49439dbe8f6e86388c495c052068af7f7c3e |
| SHA512 | a5cb294a1e8f57570650941763febb852de874a71b9a16dc32a052e7856fef840438a19bcb69d14ed249ef58b85081e6ef9ba43b60deebde5dff1148ad75e33c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 86773f0febfb0245adab4a3a01124ff6 |
| SHA1 | 28c1e335daf61b34edf4736fdaaaaa14dbf823c8 |
| SHA256 | f3bb09db58e08d5f8b99ba6658eae19cb5eacf54c2b2ee25a1ff55b0bca9b790 |
| SHA512 | f2217c21debf6ea959eeb937ecb631316f21a8937e57ae0bca5a6c2e1e79eb5443506744c9fa4de0adf942c424afb10574e5e7210b4a64253728c84be510a02c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ae3e54b41789fee14780e7c2f1289ab3 |
| SHA1 | 05b780b178d0f8edb806c91c4f4324586e6bb7f1 |
| SHA256 | 6bed6b3ce0f6cef89366b8b02bfda76cf20fb77e4fad935e3096c9e5fdf48b63 |
| SHA512 | 7398fc6ccd59e1bc9c3550df6f5102508a87e6cc57dc2c2f42b1d4e96a95393482b93436cb341ff0475268058caf15d78ec944e1c8ac635d18b0b3aabd3ceb51 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 92489791880feee49ba3b0c441e7635d |
| SHA1 | 98eb40508be3c880e30ca01ff6913b09349d888e |
| SHA256 | f7ffe6cb665dc0c6e7ff7f47c530a557a5aa0d5c5a87b57c8820930b75e4c6be |
| SHA512 | b5fbca9470efbdfeea2f7f467d42b499cc330914ca8489a67ae05fbff003803857fcbe3bc3a0a01bf8ce1844647f7252aa2e530427c17e212d354e03b7ace7b1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | de619e1770b8e1c9bddbf9d20b3e96fb |
| SHA1 | 4ff44a889e37efc1468046fccb32f28aa45b2990 |
| SHA256 | a33c745234718f3582ff01abaa56749aad7bd72a3df55aaf3cc59e43e8dceba1 |
| SHA512 | 45b0b3e3d3de61c945e6377e18b731df2250c1556ab47ad224038fa0451d92329d42a41ebe99351109d82351e3e8f3d1371b79570cb03821bcb6b8b06a3629aa |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 345539188ab01f322a5db6e6ff9b6cfd |
| SHA1 | 31e40c8168c057768f8a6e1f15f569b7f1c45008 |
| SHA256 | eea58de46de4131fc9429d81c046d146008522eb243855dc9be08678f1643d17 |
| SHA512 | 0c19ee9b9a9439cf490429a533944ddaff87bc8a28ccf0553e6aca173edd64d87cc82e8072495dc7a0830a758b95b523d3b39fe6c8baa160a2ceffebc0d416da |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 6ad200e09a22f2a692cd232f7b239ea2 |
| SHA1 | 6d544618f00f77e98cf70e90fce319109e0b1671 |
| SHA256 | 09a260bb85e93e29f20689e01972328a933010117782bbdc071234b1f537daab |
| SHA512 | 14c712e0f8230722bd5c0e91756c85d80a1b96dfb426c386fd00cfbc9e7ee80b30e354bf032538947cf3cbe3a8ebdb256c3fc351711d590fe564418a543b14ff |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ef25c5544af8875abbdfc566448693de |
| SHA1 | 9960f8efe5344fa700a00ddd5d210c583539da4c |
| SHA256 | fc0f72a700bc5c5f5d8344c8652ff41804da3b1cfb7f32566da5ee34d35dd2c0 |
| SHA512 | b7af5b4ea8649b181d6da9db19a4b3bed9847906a711bc19b6a1e39d6b6b2a2a627cd1c4bb3b38b8217c677cdabcd9512e52d37c654f763ca848c96256be5690 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 628a337e9a47e6b56d3b5933de0ff686 |
| SHA1 | a3c9c8fac8feaa967eb75c7b763bd9a80f21d1a3 |
| SHA256 | 069a9af82c04a29ab814fec2b819e2e70fc312d28695010d965918cdf266b2a6 |
| SHA512 | ecae1d38725140f513ec1c89644f5f42a0b49d883dfac33acadac9bf3fafded78e0d6fafc7788bd42a3c31f546b666813e5d5d7b2f7f22bfd8e1f55c72995ade |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | b15433435f8dd781ecc4150c0ab995be |
| SHA1 | 4f12540d40664f6f61b4f82bade619e1a0b4d7f7 |
| SHA256 | 8bca777cba1bf9110476470159f98a882ea1f6ac1df6c5f24da552532f9b24b2 |
| SHA512 | db0be2768bbe013360f41b9c21b61a9973c6894708c9a82c16fdf58623061972e179e4d6c9605e5134304b60408011575421df0eabcfae43011e400c790f2edd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | a6d54ff59d3016dbd1aa1990034a2ae2 |
| SHA1 | 650367b3844b96ca20efcf0da6334da9394edd9f |
| SHA256 | dbd5e88f6305da0b287e727c1aa04d18d94f2ace25a3cd35760591cbf8648d88 |
| SHA512 | 87b38f77f260ddad07130f455fdf523bb13827e2d61e67bd6a015870694c34f82f6c403e12ead3a383608560d273b8d04beef06eb56c4694892afa2555dcd8ca |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | a880268d2285c4c5ae8c9082e4ffe965 |
| SHA1 | 2df0e4e69e77f47b8822afb120558fd354be640c |
| SHA256 | 14b0847a3aa7e3ed3cbe0fcb8039e2e5134074f9daad97f43145bbfe0fb3f383 |
| SHA512 | fe86f2b7811f03ea959b6eba12585b26aa4c712740ca71f4b8f21a3515c38b0d77bc92664faae7ff29940d470e8683462ec93e1447d4fb104c2cdde62f0849df |