Analysis Overview
SHA256
b7edf054bc4923240bac135058249de85b62184ee75bdbd68bae0e380e1420bf
Threat Level: Known bad
The file trojan.py was found to be: Known bad.
Malicious Activity Summary
Discord RAT
Executes dropped EXE
Legitimate hosting services abused for malware hosting/C2
Drops file in System32 directory
Drops file in Windows directory
System Location Discovery: System Language Discovery
Browser Information Discovery
Enumerates physical storage devices
Modifies registry class
Modifies data under HKEY_USERS
Checks processor information in registry
NTFS ADS
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Suspicious behavior: GetForegroundWindowSpam
Modifies Internet Explorer settings
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of SendNotifyMessage
Suspicious use of FindShellTrayWindow
Enumerates system info in registry
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-08-26 13:39
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-08-26 13:39
Reported
2024-08-26 13:57
Platform
win11-20240802-en
Max time kernel
1050s
Max time network
1045s
Command Line
Signatures
Discord RAT
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\release\Client-built.exe | N/A |
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
Drops file in System32 directory
| Description | Indicator | Process | Target |
| File created | C:\Windows\System32\DriverStore\FileRepository\display.inf_amd64_01cf530faf2f1752\display.PNF | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| File created | \??\c:\windows\system32\driverstore\filerepository\display.inf_amd64_01cf530faf2f1752\display.PNF | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Drops file in Windows directory
Browser Information Discovery
Enumerates physical storage devices
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\release\builder.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\Release (1)\xeno rat server.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe | N/A |
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-3007475212-2160282277-2943627620-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION | C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133691532057721338" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{4336a54d-038b-4685-ab02-99bb52d3fb8b}\Instance\ | C:\Users\Admin\Downloads\Release (1)\xeno rat server.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3007475212-2160282277-2943627620-1000_Classes\Local Settings | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-3007475212-2160282277-2943627620-1000\{1E40BBAD-1032-48D1-8160-794A6306C80C} | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3007475212-2160282277-2943627620-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell | C:\Users\Admin\Downloads\Release (1)\xeno rat server.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3007475212-2160282277-2943627620-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\1 | C:\Users\Admin\Downloads\Release (1)\xeno rat server.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3007475212-2160282277-2943627620-1000_Classes\py_auto_file\shell\Read\command\ = "\"C:\\Program Files (x86)\\Adobe\\Acrobat Reader DC\\Reader\\AcroRd32.exe\" \"%1\"" | C:\Windows\system32\OpenWith.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3007475212-2160282277-2943627620-1000_Classes\WOW6432Node\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\Instance\ | C:\Users\Admin\Downloads\Release (1)\xeno rat server.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3007475212-2160282277-2943627620-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:FMTID = "{00000000-0000-0000-0000-000000000000}" | C:\Users\Admin\Downloads\Release (1)\xeno rat server.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3007475212-2160282277-2943627620-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\1\0\0\0\MRUListEx = ffffffff | C:\Users\Admin\Downloads\Release (1)\xeno rat server.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3007475212-2160282277-2943627620-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0 | C:\Users\Admin\Downloads\Release (1)\xeno rat server.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3007475212-2160282277-2943627620-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\1\0\0 = 50003100000000000259777c100041646d696e003c0009000400efbe02598b781a59f06c2e0000004e570200000001000000000000000000000000000000938b9b00410064006d0069006e00000014000000 | C:\Users\Admin\Downloads\Release (1)\xeno rat server.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3007475212-2160282277-2943627620-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\IconSize = "16" | C:\Users\Admin\Downloads\Release (1)\xeno rat server.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3007475212-2160282277-2943627620-1000_Classes\py_auto_file | C:\Windows\system32\OpenWith.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3007475212-2160282277-2943627620-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 020202 | C:\Users\Admin\Downloads\Release (1)\xeno rat server.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3007475212-2160282277-2943627620-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags | C:\Users\Admin\Downloads\Release (1)\xeno rat server.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3007475212-2160282277-2943627620-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Mode = "4" | C:\Users\Admin\Downloads\Release (1)\xeno rat server.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3007475212-2160282277-2943627620-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupView = "0" | C:\Users\Admin\Downloads\Release (1)\xeno rat server.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3007475212-2160282277-2943627620-1000_Classes\.py\ = "py_auto_file" | C:\Windows\system32\OpenWith.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3007475212-2160282277-2943627620-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\1\0\0\0 = 7e003100000000000259d57b11004465736b746f7000680009000400efbe02598b781a59fc6c2e000000585702000000010000000000000000003e000000000026efd1004400650073006b0074006f007000000040007300680065006c006c00330032002e0064006c006c002c002d0032003100370036003900000016000000 | C:\Users\Admin\Downloads\Release (1)\xeno rat server.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3007475212-2160282277-2943627620-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\1\0\0\0 | C:\Users\Admin\Downloads\Release (1)\xeno rat server.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3007475212-2160282277-2943627620-1000_Classes\py_auto_file\shell\Read\command | C:\Windows\system32\OpenWith.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3007475212-2160282277-2943627620-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\1\0\MRUListEx = 00000000ffffffff | C:\Users\Admin\Downloads\Release (1)\xeno rat server.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3007475212-2160282277-2943627620-1000_Classes\鞺ë»á€€è°€ç–º\ = "py_auto_file" | C:\Windows\system32\OpenWith.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3007475212-2160282277-2943627620-1000_Classes\Local Settings | C:\Windows\system32\OpenWith.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3007475212-2160282277-2943627620-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\1\0\0\MRUListEx = 00000000ffffffff | C:\Users\Admin\Downloads\Release (1)\xeno rat server.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3007475212-2160282277-2943627620-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 02020202 | C:\Users\Admin\Downloads\Release (1)\xeno rat server.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3007475212-2160282277-2943627620-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1092616257" | C:\Users\Admin\Downloads\Release (1)\xeno rat server.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3007475212-2160282277-2943627620-1000_Classes\Local Settings | C:\Windows\system32\cmd.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3007475212-2160282277-2943627620-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4 | C:\Users\Admin\Downloads\Release (1)\xeno rat server.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3007475212-2160282277-2943627620-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg | C:\Users\Admin\Downloads\Release (1)\xeno rat server.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3007475212-2160282277-2943627620-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:PID = "0" | C:\Users\Admin\Downloads\Release (1)\xeno rat server.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3007475212-2160282277-2943627620-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\1\0 = 780031000000000002598b781100557365727300640009000400efbec5522d601a59f06c2e0000006c0500000000010000000000000000003a00000000004aa6550055007300650072007300000040007300680065006c006c00330032002e0064006c006c002c002d0032003100380031003300000014000000 | C:\Users\Admin\Downloads\Release (1)\xeno rat server.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3007475212-2160282277-2943627620-1000_Classes\py_auto_file\shell | C:\Windows\system32\OpenWith.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3007475212-2160282277-2943627620-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU | C:\Users\Admin\Downloads\Release (1)\xeno rat server.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3007475212-2160282277-2943627620-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 00000000ffffffff | C:\Users\Admin\Downloads\Release (1)\xeno rat server.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3007475212-2160282277-2943627620-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\MRUListEx = 0100000000000000ffffffff | C:\Users\Admin\Downloads\Release (1)\xeno rat server.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3007475212-2160282277-2943627620-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\1\0\0 | C:\Users\Admin\Downloads\Release (1)\xeno rat server.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3007475212-2160282277-2943627620-1000_Classes\py_auto_file\shell\Read | C:\Windows\system32\OpenWith.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3007475212-2160282277-2943627620-1000_Classes\Local Settings | C:\Users\Admin\Downloads\Release (1)\xeno rat server.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3007475212-2160282277-2943627620-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\1 = 19002f433a5c000000000000000000000000000000000000000000 | C:\Users\Admin\Downloads\Release (1)\xeno rat server.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3007475212-2160282277-2943627620-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0a00000001000000 | C:\Users\Admin\Downloads\Release (1)\xeno rat server.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3007475212-2160282277-2943627620-1000_Classes\.py | C:\Windows\system32\OpenWith.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3007475212-2160282277-2943627620-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\1\MRUListEx = 00000000ffffffff | C:\Users\Admin\Downloads\Release (1)\xeno rat server.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3007475212-2160282277-2943627620-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\1\0\0\0\NodeSlot = "4" | C:\Users\Admin\Downloads\Release (1)\xeno rat server.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3007475212-2160282277-2943627620-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7} | C:\Users\Admin\Downloads\Release (1)\xeno rat server.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3007475212-2160282277-2943627620-1000_Classes\Local Settings | C:\Windows\system32\OpenWith.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3007475212-2160282277-2943627620-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\Shell\SniffedFolderType = "Generic" | C:\Users\Admin\Downloads\Release (1)\xeno rat server.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3007475212-2160282277-2943627620-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\LogicalViewMode = "1" | C:\Users\Admin\Downloads\Release (1)\xeno rat server.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3007475212-2160282277-2943627620-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByDirection = "1" | C:\Users\Admin\Downloads\Release (1)\xeno rat server.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3007475212-2160282277-2943627620-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\1\0 | C:\Users\Admin\Downloads\Release (1)\xeno rat server.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3007475212-2160282277-2943627620-1000_Classes\鞺ë»á€€è°€ç–º | C:\Windows\system32\OpenWith.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3007475212-2160282277-2943627620-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a0000001001000030f125b7ef471a10a5f102608c9eebac0e0000009000000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000 | C:\Users\Admin\Downloads\Release (1)\xeno rat server.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3007475212-2160282277-2943627620-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1" | C:\Users\Admin\Downloads\Release (1)\xeno rat server.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3007475212-2160282277-2943627620-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\Shell | C:\Users\Admin\Downloads\Release (1)\xeno rat server.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\release.zip:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Release (1).zip:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\OpenWith.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\Release (1)\xeno rat server.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Processes
C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\trojan.py
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\trojan.py"
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --backgroundcolor=16514043
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=8796E06C6ED5818084B90C85A53CF6D2 --mojo-platform-channel-handle=1760 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=renderer --disable-browser-side-navigation --disable-gpu-compositing --service-pipe-token=F1BF340EB6F7A1FA93F83FCB26CC93FE --lang=en-US --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --disable-accelerated-video-decode --service-request-channel-token=F1BF340EB6F7A1FA93F83FCB26CC93FE --renderer-client-id=2 --mojo-platform-channel-handle=1780 --allow-no-sandbox-job /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=90B3BB6E7DFAD5613EE6ACC486E70B4C --mojo-platform-channel-handle=2324 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=91E8925E0595DCC5C995AC721211A246 --mojo-platform-channel-handle=1936 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=B8D78A1D3CE928ADBEA388EAA8614E6D --mojo-platform-channel-handle=2188 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffcef4acc40,0x7ffcef4acc4c,0x7ffcef4acc58
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1976,i,16155597185047148356,13660183513647872461,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1972 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1760,i,16155597185047148356,13660183513647872461,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2100 /prefetch:3
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2244,i,16155597185047148356,13660183513647872461,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2412 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3084,i,16155597185047148356,13660183513647872461,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3108 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3112,i,16155597185047148356,13660183513647872461,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3236 /prefetch:1
C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4440,i,16155597185047148356,13660183513647872461,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4412 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4752,i,16155597185047148356,13660183513647872461,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4760 /prefetch:8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4764,i,16155597185047148356,13660183513647872461,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4840 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=4584,i,16155597185047148356,13660183513647872461,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4780 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=216,i,16155597185047148356,13660183513647872461,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3452 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=3448,i,16155597185047148356,13660183513647872461,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3468 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=4076,i,16155597185047148356,13660183513647872461,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5008 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=3340,i,16155597185047148356,13660183513647872461,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3308 /prefetch:1
C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe" --reenable-autoupdates --system-level
C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\Crashpad --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x244,0x248,0x24c,0x220,0x250,0x7ff787954698,0x7ff7879546a4,0x7ff7879546b0
C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe" --reenable-autoupdates --system-level
C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\Crashpad --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x244,0x248,0x24c,0x220,0x250,0x7ff787954698,0x7ff7879546a4,0x7ff7879546b0
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffcefa93cb8,0x7ffcefa93cc8,0x7ffcefa93cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1924,12855330387854646327,18296632412410824068,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1936 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1924,12855330387854646327,18296632412410824068,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2000 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1924,12855330387854646327,18296632412410824068,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2552 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,12855330387854646327,18296632412410824068,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3204 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,12855330387854646327,18296632412410824068,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3224 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,12855330387854646327,18296632412410824068,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3960 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,12855330387854646327,18296632412410824068,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3820 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1924,12855330387854646327,18296632412410824068,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4348 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,12855330387854646327,18296632412410824068,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4928 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,12855330387854646327,18296632412410824068,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4904 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1924,12855330387854646327,18296632412410824068,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5396 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,12855330387854646327,18296632412410824068,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5476 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,12855330387854646327,18296632412410824068,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4320 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,12855330387854646327,18296632412410824068,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4892 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,12855330387854646327,18296632412410824068,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5584 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,12855330387854646327,18296632412410824068,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3396 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1924,12855330387854646327,18296632412410824068,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5812 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1924,12855330387854646327,18296632412410824068,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=5796 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,12855330387854646327,18296632412410824068,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5836 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,12855330387854646327,18296632412410824068,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5156 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4920,i,16155597185047148356,13660183513647872461,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4560 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1924,12855330387854646327,18296632412410824068,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6376 /prefetch:8
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Users\Admin\Downloads\release\builder.exe
"C:\Users\Admin\Downloads\release\builder.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1924,12855330387854646327,18296632412410824068,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=4348 /prefetch:2
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
C:\Users\Admin\Downloads\release\Client-built.exe
"C:\Users\Admin\Downloads\release\Client-built.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,12855330387854646327,18296632412410824068,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2064 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,12855330387854646327,18296632412410824068,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1100 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,12855330387854646327,18296632412410824068,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2960 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,12855330387854646327,18296632412410824068,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6120 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,12855330387854646327,18296632412410824068,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6024 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,12855330387854646327,18296632412410824068,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6108 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,12855330387854646327,18296632412410824068,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7036 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1924,12855330387854646327,18296632412410824068,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6672 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,12855330387854646327,18296632412410824068,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6952 /prefetch:1
C:\Users\Admin\Downloads\Release (1)\xeno rat server.exe
"C:\Users\Admin\Downloads\Release (1)\xeno rat server.exe"
Network
| Country | Destination | Domain | Proto |
| FR | 142.250.179.68:443 | www.google.com | udp |
| FR | 142.250.179.68:443 | www.google.com | tcp |
| FR | 216.58.215.46:443 | chrome.google.com | tcp |
| US | 8.8.8.8:53 | 170.201.250.142.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| FR | 172.217.18.206:443 | clients2.google.com | udp |
| FR | 172.217.18.206:443 | clients2.google.com | tcp |
| FR | 172.217.18.206:443 | clients2.google.com | udp |
| US | 8.8.8.8:53 | 73.144.22.2.in-addr.arpa | udp |
| FR | 142.250.179.68:443 | www.google.com | udp |
| FR | 142.250.74.234:443 | content-autofill.googleapis.com | tcp |
| FR | 142.250.74.234:443 | content-autofill.googleapis.com | tcp |
| GB | 95.101.129.218:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| GB | 95.101.129.235:443 | r.bing.com | tcp |
| GB | 95.101.129.235:443 | r.bing.com | tcp |
| GB | 95.101.129.235:443 | r.bing.com | tcp |
| GB | 95.101.129.235:443 | r.bing.com | tcp |
| GB | 95.101.129.235:443 | r.bing.com | tcp |
| GB | 95.101.129.235:443 | r.bing.com | tcp |
| GB | 95.101.129.235:443 | r.bing.com | tcp |
| GB | 95.101.129.210:443 | th.bing.com | tcp |
| GB | 95.101.129.235:443 | r.bing.com | tcp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | 210.129.101.95.in-addr.arpa | udp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.133:443 | user-images.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | login.microsoftonline.com | udp |
| NL | 40.126.32.74:443 | login.microsoftonline.com | tcp |
| NL | 40.126.32.74:443 | login.microsoftonline.com | tcp |
| US | 8.8.8.8:53 | 133.108.199.185.in-addr.arpa | udp |
| US | 13.107.5.80:443 | services.bingapis.com | tcp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| US | 104.18.33.89:443 | www2.bing.com | tcp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | api.github.com | udp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | 210.156.26.20.in-addr.arpa | udp |
| US | 140.82.114.21:443 | collector.github.com | tcp |
| US | 140.82.114.21:443 | collector.github.com | tcp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| FR | 216.58.215.35:443 | beacons.gcp.gvt2.com | tcp |
| FR | 216.58.215.35:443 | beacons.gcp.gvt2.com | tcp |
| FR | 216.58.215.35:443 | beacons.gcp.gvt2.com | tcp |
| CA | 172.217.1.3:443 | beacons2.gvt2.com | tcp |
| US | 8.8.8.8:53 | 3.1.217.172.in-addr.arpa | udp |
| CA | 172.217.1.3:443 | beacons2.gvt2.com | udp |
| FR | 216.58.215.35:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | beacons.gvt2.com | udp |
| FR | 216.58.215.35:443 | beacons.gcp.gvt2.com | udp |
| US | 162.159.135.234:443 | gateway.discord.gg | tcp |
| US | 140.82.112.21:443 | collector.github.com | tcp |
| GB | 92.123.142.177:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| GB | 92.123.142.139:443 | r.bing.com | tcp |
| GB | 92.123.142.139:443 | r.bing.com | tcp |
| GB | 92.123.142.91:443 | r.bing.com | tcp |
| GB | 92.123.142.91:443 | r.bing.com | tcp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.133:443 | raw.githubusercontent.com | tcp |
| US | 172.64.154.167:443 | www2.bing.com | tcp |
| US | 172.64.154.167:443 | www2.bing.com | tcp |
| US | 185.199.109.133:443 | raw.githubusercontent.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 140.82.112.21:443 | collector.github.com | tcp |
| US | 140.82.112.21:443 | collector.github.com | tcp |
Files
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 3adade63627a9291d9792902b098b719 |
| SHA1 | 4a819abfda6deb994d16099e08a1938477baf71f |
| SHA256 | f2d5d52f8fc4de62e4d9f14b7870c5c1878e2e7e8a342ea96aa68f64909aa8dd |
| SHA512 | 622c9ecdb9b9b6546b48282ef0df86bf9753e72c54cbf1abe2d0050f75bf3320a239378ba5117ba33c3e7cc8e5f4f99f635b8d0c54dfa609201ec958e4a207bb |
\??\pipe\crashpad_3172_JVRSKVUYQLJEZWAA
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState
| MD5 | fffed0542be3699ebcc8c18097a032b9 |
| SHA1 | e55174548e880ede420e5233950559dbe913006f |
| SHA256 | b715c9ca030982373706681213d7a8e11af748a40f16532e1c798d2c21266578 |
| SHA512 | d1f70743cf45f173ca81b1c90b9449f97761aea7bf91988a395067d453bf43624dc80d291f8fe240bec4464d734c66b9ecb326da2019b3ce83677ee977a93734 |
C:\Users\Admin\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages
| MD5 | b30d3becc8731792523d599d949e63f5 |
| SHA1 | 19350257e42d7aee17fb3bf139a9d3adb330fad4 |
| SHA256 | b1b77e96279ead2b460de3de70e2ea4f5ad1b853598a4e27a5caf3f1a32cc4f3 |
| SHA512 | 523f54895fb07f62b9a5f72c8b62e83d4d9506bda57b183818615f6eb7286e3b9c5a50409bc5c5164867c3ccdeae88aa395ecca6bc7e36d991552f857510792e |
C:\Users\Admin\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages
| MD5 | 752a1f26b18748311b691c7d8fc20633 |
| SHA1 | c1f8e83eebc1cc1e9b88c773338eb09ff82ab862 |
| SHA256 | 111dac2948e4cecb10b0d2e10d8afaa663d78d643826b592d6414a1fd77cc131 |
| SHA512 | a2f5f262faf2c3e9756da94b2c47787ce3a9391b5bd53581578aa9a764449e114836704d6dec4aadc097fed4c818831baa11affa1eb25be2bfad9349bb090fe5 |
C:\Users\Admin\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages
| MD5 | 877eef3ecad29d55a52c3e3d33edb732 |
| SHA1 | 1e12431638248a45ac175913d753b5c59f5201c3 |
| SHA256 | de2c47e4f096eca405f187a7ed13a5843647a87b29c4705a9c3ce6270f94e19e |
| SHA512 | 218076a70da4795af00d87892ca50fc26b9ec581a2f145943123d15f425a23b682058bd7ba35ea8dbfb783129d2b71d0219f72de4998181175c47a408fa3fc2e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\0055d7c3-7dfc-4980-8623-800970ba083b.tmp
| MD5 | 76684588c30c525d4df057f0680dbb14 |
| SHA1 | 68e762a1d931c303d7d1c99cca111e2117dcd7f0 |
| SHA256 | 0726a536f47165654f0101bd99c7d6615bf72cfef73874715cf2212dd012efc3 |
| SHA512 | 2fa290c02191e42e2262e32b0b448bdfa120ad5abe25672775b4e4b682179a3fbb7a1131e15550d941510ff271078f31566d5cf788ae12b7c7ded1e94b07cc06 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e068c6c8cd1bbb3d40ebcfa35f56c72c |
| SHA1 | f16eda4a93d9bea5d4cac569b76aea5e356c67f1 |
| SHA256 | 64b0e8339f33a0dd9562909612d69594380fe689f27b84752bb2328032426525 |
| SHA512 | c2bc6bdd44518949d85a0d2278533a7f29869bcec340ea938acb6a9f7c264f2c25d30f800323a4b3f4160c2b491428b70f4b708bd587bb48d67624c37579de4c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 4b7c12cd69dbbf84550f206145e5ed98 |
| SHA1 | e6e88062b037525b4a9a6b2fca705772e0a2aa71 |
| SHA256 | ca935f8f91373946e2a443159d707ae6ba86cf538d327e81550dfa811ec5d213 |
| SHA512 | 70ee73ce39a5f5d014e2e37de92343861945310a188db52a775274f36de0ebbbe9da1557cf40a3298eaf17cf5f4feb3e2d7bdc6f4dbc92ab27c4a5c5687f6c56 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000001
| MD5 | 2257803a7e34c3abd90ec6d41fd76a5a |
| SHA1 | f7a32e6635d8513f74bd225f55d867ea56ae4803 |
| SHA256 | af23860fb3a448f2cc6107680078402555a345eb45bc5efb750f541fe5d7c174 |
| SHA512 | e9f4dc90d0829885f08879e868aa62041150b500f62682fc108da258eee26ad9509dcbf6e8a55f2d0bdba7aa9118dd149a70a7d851820d4ea683db7808c48540 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
| MD5 | de5ca8a0bf34d2049afe7b1e60c3db84 |
| SHA1 | df1a6f67cfa98500109198735dc5e2cd23462da7 |
| SHA256 | 8cdcf9d717b72784b857336bc7ecaea7a1ee3ba64b94d268a2c9e5856b148b14 |
| SHA512 | d953080901789a169da731bacbfd19bdf5e3a1668077cb1663bbbfdbde1fa3cc12544a3ed6b8683851b55719c974ebc01d5fbff7dfee6bdd63453477ce02b820 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 017cf029df700d3024c9dbfc55e26bcb |
| SHA1 | 0934e5c729ce3ed81386c51336cfda09ecab0683 |
| SHA256 | 56191bf8f7b1c9c1a3a5b2cae26b9080bc40dd8892dd0eb42b99f1bffe3555d2 |
| SHA512 | 074c69c29e70b658697a5e914a4bbaa45f9365efbff9f9253292e179e0b1b2d86e49bb6512ddd62bcc7b6363b426189415a3b21b266a57161c62a9b413376040 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | cb27d83178ac3c3e32101f110b690096 |
| SHA1 | 88a2f53da63b88816727d4d2e93bff3eac22b550 |
| SHA256 | 21dd190119d2b3304ece7d7aaed9acbed5d48a955ce171d0796f72547aed4604 |
| SHA512 | 585737afa51ced72b7018b52306d2c5f0717868e2a53a33542df6bca01e2d9dae66522f209bf11e53f39929b9c81ffc5482a6381af52bf8c948e64c33f9a8d81 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 5b191da6a91e69b0f4af860b7340ba7f |
| SHA1 | 911f4772469046f4592fc5b5150753a141e3ef00 |
| SHA256 | bf711d70b8d4a1d85fbaad0e6b1844ca88d476fc25f95664a62fa3d705fa14e7 |
| SHA512 | 8fa9f8b9c64c5e16c3a01a42c6e2d6b93b21adb447c94f83cf77878420eb37f370906faf29f90acb5b44a4169027bdb1e66a23a02bcb89bc9da19b02fefcfc94 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | e43240db1bb765a3a63f3087ac5bc1e9 |
| SHA1 | fd6a3c29319dd7e85c504b28633bff721708962d |
| SHA256 | 2df068ac81b0ec305ab1ea159a2a1d5027a6cd115034464b254d07ad48b0ab85 |
| SHA512 | 8e7b169e446d5df5ca1c917d96ebaa4209172dadb25324067cd34631a552cedeb8c2c8c3e79b1f9da62ee8aaeabc464f3f6324cd011169c60b34e11238f96c2d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 56c19a92b7729cd0811cf5ca87bbd390 |
| SHA1 | 3f2991332cd0ec49a24022815dd1adb6f992be84 |
| SHA256 | c0579872440c07fe3cfc103e5754049b980dec3d31e948678eb2a8a997e067d4 |
| SHA512 | 45ad0fb7213cd7b83a7f411201f9ac6bb4f5cbcf2d1c582d84a70c9f29ae319d0443239cfab4a28587a13b44d20bade867cb140dad033c339ef2dcd0ae50c4bc |
C:\Windows\SystemTemp\Crashpad\settings.dat
| MD5 | 9a7519f74f4dc4b15d72e18e639a8914 |
| SHA1 | fc8b4045420b5f4700136dc6be36b7931b618975 |
| SHA256 | f9acc136da09ef7d198f2ef094bd4806bed17eb170ba81b00d63bf9cc1ef715e |
| SHA512 | b79ff87f113e57545774dbd07720e4d53267083d022687d7cb79e45c2c051b4451037453884d7effc4b7b5e468b591d715e6580d2a28bb65df1c7f29795b0991 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 9f18f60c50c2580fba3e096d4d941a89 |
| SHA1 | 3c2d3d94889942aebdf88f0896aab30d39a16d72 |
| SHA256 | 164e14f823aa60bd2dc542248c601bc9b7bea73b41ae2fa112205990a85d702b |
| SHA512 | 56a58d0357686ae200dff2705b5b56ad62f9d1bac3b23096e318c9f29909b758f3dc608e66512b128a7bb98655f9e1a36f4fda4f7c438c68e8845d0a99e7460a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 6ac9d70f16b52051c29a829f6a1aeab4 |
| SHA1 | f7dee3c92723f1c0316655861fa525fd1d5766c8 |
| SHA256 | 1a8db79cbce867fec60166fb9f64ff7de6a08fac0ee0ca10fac484117dd08aee |
| SHA512 | 938f0e33b6f44a1f37cef379afd541dcf24bd6030ab15c9ba7f07545938ef53316bd80b245c328ae456df05154837797d88886771fb1e6be042d7863fbd59c1c |
C:\Program Files\Google\Chrome\Application\SetupMetrics\20240826134043.pma
| MD5 | d7bdecbddac6262e516e22a4d6f24f0b |
| SHA1 | 1a633ee43641fa78fbe959d13fa18654fd4a90be |
| SHA256 | db3be7c6d81b2387c39b32d15c096173022cccee1015571dd3e09f2a69b508a9 |
| SHA512 | 1e72db18de776fe264db3052ce9a842c9766a720a9119fc6605f795c36d4c7bf8f77680c5564f36e591368ccd354104a7412f267c4157f04c4926bce51aeeaa1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 4bf4b59c3deb1688a480f8e56aab059d |
| SHA1 | 612c83e7027b3bfb0e9d2c9efad43c5318e731bb |
| SHA256 | 867ab488aa793057395e9c10f237603cfb180689298871cdf0511132f9628c82 |
| SHA512 | 2ec6c89f9653f810e9f80f532abaff2a3c0276f6d299dce1b1eadf6a59e8072ed601a4f9835db25d4d2610482a00dd5a0852d0ef828678f5c5ed33fe64dddca9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | b4ae6009e2df12ce252d03722e8f4288 |
| SHA1 | 44de96f65d69cbae416767040f887f68f8035928 |
| SHA256 | 7778069a1493fdb62e6326ba673f03d9a8f46bc0eea949aabbbbc00dcdaddf9d |
| SHA512 | bb810721e52c77793993470692bb2aab0466f13ed4576e4f4cfa6bc5fcfc59c13552299feb6dfd9642ea07b19a5513d90d0698d09ca1d15e0598133929c05fe1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | a5a656972b0982bbc46d3818aa23630e |
| SHA1 | 808482eea3537a9ec5899cf7a475c77f6901d79b |
| SHA256 | e12f0f6dc76559ec9b08b5fc1435337e25d1583c3c1ecfbab70709cf6e275427 |
| SHA512 | d7533280b8db6fb659baec0ac1cd40788e8bf1f51c64806cbf4c65e8a0fb969ee12c72884090bea83495cd170f7fe7a57f558885df993da3f7c926d21363cd68 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 4efda965ccd28df55c3f0526f87ba620 |
| SHA1 | 51f64ee7a8710b85c899860659fc32f3577e38cd |
| SHA256 | 561b2f6467380edf0c6b86ba40527e5b9cb3f7a035f5f0e8e6466dcdeaa43064 |
| SHA512 | 386804f013c6d476a6a5e6cadedfc84ab2a873223a71fc70ae3012f94b43ecb7bc681ce8bc20764b0147b8ed379ebb3422815382aa1f83c2c87d2a2efb62b7e8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ac16f60a-82a1-44f3-b83a-010a7e81a23e.tmp
| MD5 | 063398d80b89ccdd4a48e3c0d20ed2e3 |
| SHA1 | b18d3fa9da9ed007d0d139e5551b8d9f2cc220ff |
| SHA256 | 5f253b823bd1d80ad324e3d6175112839a4a2c0d5a5ac9d05be27ecb29dae92f |
| SHA512 | d15d1b3f0d796873216e02143accbb17663b1ad720b47a0192331432887219972b28dc6104e2d94546fc32c551c8520f799d145bbc700847f53f6d69a9eda320 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 9bb678aaccbe63474f743efad63c5248 |
| SHA1 | c819f420188610e22bf8fbece1951473c487d88e |
| SHA256 | d6626d324187452569b5167d1c1c08dbe39cfd48d229c46f47afdfca3973a5fb |
| SHA512 | e286dbe48919f10041e45720aad4fd56e5582eef8d13b724196911ffddeb5f2085248ac1893a3ee55b756ec2fdd29c456a735b4cd111ded6dffbc4ef082383bc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | f056e25a5484c04b169b68ba1b7baade |
| SHA1 | 57b89f850fe8356b5fa838d69069e9afacfd837b |
| SHA256 | a05af70675a1a03e7e72fd8b9e47c046a9059163ba73469ed7a12c2dec57ba97 |
| SHA512 | 31ae6dd7f7aede5294050e9c9a2e982787474f67aa7a0f503cdf528fa2cb3ba3a379459f3bd89c093ee4ddcb041e4ce9c956349c4134e27e27086b5f8ea316db |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 9b0b4a5c91b8d92fe9ad2faae50cde4e |
| SHA1 | 8ca664c69eb3567deb8e3317e8e2079c8c8802b0 |
| SHA256 | cbf9cdec051dfbae5673583ab271993729246e53f092a44e917945b3581305e3 |
| SHA512 | 4b2c4fe545aa28c4fb7897d101abfccfe71212ffa349f366b4481cc356e301599073f43d6309ee384d6ba967631c94f25650359652cdcb51b751f63037be23ee |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 9b8aa8f25f1d1edbbe2f71aab31892fb |
| SHA1 | 726b2a1bff1b714dce7949bc6918938a57e6f84c |
| SHA256 | c43195ccd44c7556fc44da7f7a84ecf1620c7d1893dcee0c56a93515c31b7196 |
| SHA512 | 43d7b0cf403d9223b4babeb6881f946eea1c5cbe8325e3a2ea4f92d21f206f5bbcdca7ea49b902263e658d2f636e7943c644a9d3a32fd0b86dc12bde62d1d326 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e82dec84e56f590196b666146dcd9cc3 |
| SHA1 | 162389003bf33bb3dc1602c8daf53135d81e3a3c |
| SHA256 | d26750d741ed2ac6f141b32629b2f41ea2da7a0e66878b5a21e4d03fc7d1ec15 |
| SHA512 | 0981704c19639371d984338a525efee0d9bef6c559eb30324fa89ee53baf089da81a0b4515f8e7cbfa57263466feba61c1ea42ce2a98b72856e7271dce935057 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 782a5d9fc9af3d3b74b795d82f2c0421 |
| SHA1 | e2bc23fca9268b2188c1ac1d4de2e9558e675f3f |
| SHA256 | ffff2ced43c3263c02718b2fc90874f1a7eb9759620bb849d35be2aa21dc5925 |
| SHA512 | ca899a913a385307422e8bf500417bff05f977c10efcd636fcb26f8832891d1212bd6a281d6c5cd0f6d32dd7edcd5f6d6903b57121820d6baafb5b40c7a79098 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 807419ca9a4734feaf8d8563a003b048 |
| SHA1 | a723c7d60a65886ffa068711f1e900ccc85922a6 |
| SHA256 | aa10bf07b0d265bed28f2a475f3564d8ddb5e4d4ffee0ab6f3a0cc564907b631 |
| SHA512 | f10d496ae75db5ba412bd9f17bf0c7da7632db92a3fabf7f24071e40f5759c6a875ad8f3a72bad149da58b3da3b816077df125d0d9f3544adba68c66353d206c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 457c80fec735d751f2e29d5d5eae2dd4 |
| SHA1 | fb377c1bf41c6866c8bb5d649c36b19640e1bbb9 |
| SHA256 | 6c466001eb16e404d658f56cabd604f3d6c4827fcc116699f571cf896ff2e541 |
| SHA512 | 9d03214a097ee8117dc834789886a510a593f7a41e7bc5dac12c7f0c45d50788457b01d22dda51901293fbb954c703d85b00f998f5cbd96f8a78a41159b271b0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 0876bfd95872bd8caf7eb3391dd7cbd5 |
| SHA1 | c059ab647c18c397bcd86453059e6cea843e7ab2 |
| SHA256 | a3689613cdb32b2898de6834cf362f874794007ae28b22ad24dae002c8311df8 |
| SHA512 | 2019ec897161c95d41ac90e24d8bfb2ead01d2b7a6ee245773b7d4311f00fa353d888d93ed9154b6e9fef85e707fa0c83c7ad1cedd3f5db259cfc4410ce736f6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 05d8d269e4bdd39738aec9f993cc5c79 |
| SHA1 | a9cf0b690408da8601dc72fe0fe1c6e5733f2267 |
| SHA256 | 74f1f89a82dda9848e07bec3c9038b08da7f94e9fab4f7700aa6507234d926a1 |
| SHA512 | 594c4e9a99f033875d293d0253a27cce1fcc8a4e370b21c9fca61e3d8799ca42387fdee41122d8c2f92bb6d95f16c7da34dc1df5b264a0348849798f602306fc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe59de8f.TMP
| MD5 | b22db31e6d5c5f4562280b51b428711b |
| SHA1 | ede5f8ac85448715fae2e9eb68b9eb127b9108c3 |
| SHA256 | 491d67fd73a0b5a66c087b313c42a7c150df0a669de62d236773dd657891e589 |
| SHA512 | 1f76967e1a0eacdcaea246485d66f2e4e690a1beb702e711dabac2a58400b2852b0571f4fe4ab347ce4473accdbe99a6e89c014b687134487f63a570bda4807a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7e9eb0f66c3d2371fe9c27a9a1a622f9 |
| SHA1 | 7434d672e43d40085bd868b07cc1253d2df515db |
| SHA256 | 8f8fb9ff80161410e4ed254db28399456724a6466c4b2fd474777494976a1951 |
| SHA512 | 4feee7ba0bee2591dc6691c2d402c139f239fa9cd692531533685841b5ddd292d2d9400d39202b1c79eeb47d96a2c698bff6b911a40452b16171d83e7a91df95 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 3b198163cd7b03ce497429bb27f6de68 |
| SHA1 | 3487e71f1510010062924507aa25d397e7a74ad9 |
| SHA256 | 0ea837d05f294b6d8bc3e73319794ecc5e22cbdc3de685571a46e5086aa167b6 |
| SHA512 | 4ff566073324935b294245cea6db4feb8cac3284a1a70789fa05d27d7a4d04baf193feb0ec7109441d55bd57ce01b403592a54dba5917d53f852762e53b883bd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001f
| MD5 | 06a4fcd5eb3a39d7f50a0709de9900db |
| SHA1 | 50d089e915f69313a5187569cda4e6dec2d55ca7 |
| SHA256 | c13a0cd7c2c2fd577703bff026b72ed81b51266afa047328c8ff1c4a4d965c97 |
| SHA512 | 75e5f637fd3282d088b1c0c1efd0de8a128f681e4ac66d6303d205471fe68b4fbf0356a21d803aff2cca6def455abad8619fedc8c7d51e574640eda0df561f9b |
C:\Users\Admin\Downloads\release.zip:Zone.Identifier
| MD5 | fbccf14d504b7b2dbcb5a5bda75bd93b |
| SHA1 | d59fc84cdd5217c6cf74785703655f78da6b582b |
| SHA256 | eacd09517ce90d34ba562171d15ac40d302f0e691b439f91be1b6406e25f5913 |
| SHA512 | aa1d2b1ea3c9de3ccadb319d4e3e3276a2f27dd1a5244fe72de2b6f94083dddc762480482c5c2e53f803cd9e3973ddefc68966f974e124307b5043e654443b98 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 5c33c93775d20ba0c11dad17b8eec3de |
| SHA1 | ca8bdc69ae7698e2174cea141cfca4e4ea3af4e5 |
| SHA256 | bb322772db0bc56df3c008f6b75a27be8ac242b487b7119743f9988f8739d768 |
| SHA512 | 108baddf80f1f745a8f2057aad651ed05fa7fb0b2fd3fd36c5728de9b865378c627e639f00276a2c77f61f19dc91705ac0c2ef0c34248e892e0bb72ffc02a2c0 |
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock
| MD5 | f49655f856acb8884cc0ace29216f511 |
| SHA1 | cb0f1f87ec0455ec349aaa950c600475ac7b7b6b |
| SHA256 | 7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba |
| SHA512 | 599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8 |
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx
| MD5 | b5ad5caaaee00cb8cf445427975ae66c |
| SHA1 | dcde6527290a326e048f9c3a85280d3fa71e1e22 |
| SHA256 | b6409b9d55ce242ff022f7a2d86ae8eff873daabf3a0506031712b8baa6197b8 |
| SHA512 | 92f7fbbcbbea769b1af6dd7e75577be3eb8bb4a4a6f8a9288d6da4014e1ea309ee649a7b089be09ba27866e175ab6f6a912413256d7e13eaf60f6f30e492ce7f |
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val
| MD5 | d222b77a61527f2c177b0869e7babc24 |
| SHA1 | 3f23acb984307a4aeba41ebbb70439c97ad1f268 |
| SHA256 | 80dc3ffa698e4ff2e916f97983b5eae79470203e91cb684c5ccd4ff1a465d747 |
| SHA512 | d17d836ea77aeaff4cd01f9c7523345167a4a6bc62528aac74acde12679f48079d75d159e9cea2e614da50e83c2dcd92c374c899ea6c4fe8e5513d9bf06c01ff |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 1174f3a75e1a000f22e3030ba57b9cc6 |
| SHA1 | 2b779a4243befaa010c738e321893c4db93649b4 |
| SHA256 | 12ec1ac37b8f40db1760d4ee9108211b9fc9dea5ab0bcecfa30e130a686cbbf4 |
| SHA512 | 8309790c75783fa4d34b47280cf607cb1021dcace84ddaf82e1faf691d44f0b02c40612b5c6c4da23c11377c8075bc305303d5bae8de75f374e9ac861951bfd3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8b2552977be19a29ffda957d61e7d222 |
| SHA1 | 2c88e6d5bad5f8eefef4a46f1bcb205a008ee232 |
| SHA256 | 9036ee985b2ec0c89efa806b775cf20c060e788c89ca0f7010f6267ad7f8d935 |
| SHA512 | 05f4b9bbdf3da28014c8604433f5aea2709a4648bcf5374ab5d875199f2dfd5d04ddf768f855b08fac37791b6fa274aa3c3f13629a3b908ab7aea0c1f780062d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 205e2150402fd7e7507fac5b9a026512 |
| SHA1 | 25db27118b4ab9a32fcbc08405b94b27ad3298db |
| SHA256 | 392b366b49d5467506962ae0cebc9efb7f2acd7ca2f519dad3973b92cdbdf1b6 |
| SHA512 | f8221943ed7258a13c431752db7aeabba0b0527ce3529266ea2b77e7eb22db8d9b4cb69d15250bcfcedfaeeed42d3edc2496e240c9ca71f6b2556622aafcc656 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 2f241230755e45759357c1ce71e15429 |
| SHA1 | 57caa3af5f8b7964e39e3db5b86dc7d2ab74c5ff |
| SHA256 | c2a6a8b126c0f6f7ed6404e5fdfce60469978fce1b1c68f37f19299e2595a429 |
| SHA512 | 6268e80a74034a26e6bc1fa23c306196c9e7c2bc2dc5165696d5b0f469ea5655f97d970a91bac03f8d956ab8b45b69a9fc9e2968e5f7203f13101fda69579c9c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 9528b6ecbc4477c409b3596ea8afdede |
| SHA1 | 690ac8a76a130f1dfde3a4b1b2f56efd132b9185 |
| SHA256 | b32e880849762a5642cf873de0f7667e065597bfbdf7b256c21ace42167a7bd9 |
| SHA512 | a1dcd66d4dc767e987950b89a64c021960d5797a468654f8d8e0c2a22bb3700c6568d0a5dc1c61293cd7d7da6bdd8e6822bdbb774a9f317d68ec81fe159fd7df |
memory/6032-884-0x0000000000040000-0x0000000000048000-memory.dmp
memory/6032-885-0x0000000005100000-0x00000000056A6000-memory.dmp
memory/6032-886-0x0000000004B50000-0x0000000004BE2000-memory.dmp
memory/6032-887-0x0000000004B00000-0x0000000004B0A000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | eed995bcf3d49dd2ce46c18621e9d66a |
| SHA1 | 9f0e50202b26382e40aaca264a1c29d63bca47e8 |
| SHA256 | 945d60e0225efb97e5c148d3ca0c350f02459a14cdc42b98ba4b7de993104d7b |
| SHA512 | 0a5d98d8024c319fb5004122ebbbc77897a60eab76ccf3099f8b4e363c806d09f6973a8804d529a73859616178d41c038d0029214132fce4eadbf22a4a6045e5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 64b8eb0d8bbbb1af41fa0f372d3f824b |
| SHA1 | cd5a85dc4727d5f47a29529a00a96c9165440cd4 |
| SHA256 | 7221f5598947b6c789a175114825e974cacac474b7b21008207f975817705b5a |
| SHA512 | 5b2ba0b6a89839f79c6e81f4c869183c2c410ad3b9b103f6aa4d1f5d6a96a4aa03b67f07eade1fb49ca6303f0f1a154500bcbd92a65de9fac4f6c927583536b4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ec37050b6258a86bd81eb65ce9a1f2ec |
| SHA1 | 7500bdf35b72c847aa51d186629d7a1943937a30 |
| SHA256 | 587e670ffc0e6c07e1f296458061dfdcae8ca61b0ed164772b5b0c92367f60e0 |
| SHA512 | 83b5f002543c98822935bce222d64d22894d092b7cde02e8439a21b0bb58e798c9046c1fa1f625069e8361dc4438cf88241171e13b0dd01b73b3a8067f334214 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | bbea67fe65f7fbb5f04829195f98088c |
| SHA1 | b35155990aec057702720953a681e18cb980ac8c |
| SHA256 | 51ee97b526143bcde292c1b12c386a2eb96d8ba8436b41a58354962794f0bb34 |
| SHA512 | 04132789e43dfb1bca71dd299978c9765f85c02db36239fcf2c680762881ef421640e8551c6f15fd71d30afd1b53ac8e6191f12850ee2d364b932f3eb3ae12f7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f0f2d195ef080c1b0d4ed1a0bc2fdc61 |
| SHA1 | f19c9dd8551e3e6e6f563f12645bb727e7444f0e |
| SHA256 | 3ea99545bf6d4a28ed14f62bbf6ee4b7cb2590f827385fa756572bdd73aec022 |
| SHA512 | 7b6b9cb736a5ae3740efa25d831884b387c8321c60e07c009acc5482fd34320b387a1032fce8cac0a29b95db55897afa029687706d4c148bb13330ce1624b563 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 45ad3abe746271b66bb926f3b6176b97 |
| SHA1 | 215a3199027911ff401e11afa3524433d59e245c |
| SHA256 | 91e148df30cb1a871dc240e3c01e79567ea0ac53a4c2979585168d665ce5a43f |
| SHA512 | aee8c10021016deae3b3a6ae006ac1994934cd63110a493e062126e41322f2631544595ef8e47b47750ee96129f92c58194ae3cce3f70150d76c42f75a2c6076 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3bd59ea6f7c25973ce3459f2c528bb16 |
| SHA1 | afd37f496a579c7480b6e3c4c8c90648d08ea16d |
| SHA256 | ffafef252e533db10c54fa01acfde49385261bb1e2732a3bcf2bed2f90eb19c9 |
| SHA512 | 2c2ae5c69a2c7516288d47416689adf10ce6fbe333cdabd42b982dbb6f2ab70a2e0c643e1bf966829d9ff2d3b4f44dded9d72af35e1046042ab129a2154afcc3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | a93c69cc8ebfed59544ea1a71708c8ce |
| SHA1 | 698e82f87d5e211670b9d6164faa91c1323eeddc |
| SHA256 | 6f8eb5e2f8a3a67c380f85f900288b9c4454f8e88de99f17985f9f632b2aa6cc |
| SHA512 | 540345157d59f922be39958a4364f926e9e4681b9f20cd7ab7ec0b3a3e9da25194169c0a3d9bd12118cbde5556da92e93de45cfe5cff01df180f1840f701bc29 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 67438987c95151ff3520aeccbb001317 |
| SHA1 | 60f1fdc5ed5eeca29fa02986ef7a081904bd52f6 |
| SHA256 | 133d2580a8067c92e86692a7dd4431a881bf359f0fb982001a0302d55e0f3827 |
| SHA512 | debea4ae06a8d13f31a2b91917ceadba80808d0b3e11e58eec6e8c93c27053d5cf826d5211fbbb15c58c97c778baabb7ee3afbc41ad071b99490c735fad2508f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 5854e43c6066b26fee0c9f9ce27ace80 |
| SHA1 | feb53d2d0684d9df5bd3e7aff31c8c5d8fcec3a7 |
| SHA256 | be2f9390156078832dea5dbb51c3f023538e52fb920c4365ef22bfedf80b56fb |
| SHA512 | 026c489385a68847f18f565941bc7e3b61c94d1faa2f00720aca3a3182943e9ec2af1fc5c2cf5fe941a5c2636bc1e1284c89946babc53726786be5b394c5c608 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 015feed368820dab24c099d06c076901 |
| SHA1 | 7caa9981e25b71360dbf77933743034b68e37da9 |
| SHA256 | 271f071bc559d79936698a9c69bb48cb632cf777c8811e1c115af8a8b3133fa3 |
| SHA512 | 819e60bd886599e46e4ea290b852123832d1c91be2089f8c358c4ca840273b37d2a30c13fe7815badac52113c71d768270ec5f822f840408e011c9869d30f970 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 6d5546a98d6b55a268ac1a633df6b0ee |
| SHA1 | 0232e3b73ffc1357f929545ac6d24b4178dcd63e |
| SHA256 | fd48d4f7e4e2524afa5781bbd6e350a6abb072fdc368198660fa2a3353eb2914 |
| SHA512 | 33342212cb37fe33f23eb9a178ff2ff8d4c17621ad99487e653b059ca28bb22b2c3f5fb71e175b3982e38ebbb7deae025cb85543fd42c9bb680f3c5edcda30ff |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c1494e42bebe5b5f599d5d82bd85b7e1 |
| SHA1 | ae1a9499d03d911b0db9efe7ed54a2d78af3588e |
| SHA256 | 367df4e4f8c656c4f17e4de2a8ba2bd69dfa858d63c140820661b1f7fb841633 |
| SHA512 | 5fb798228274fe161889ffb75f32fc7e0a385e7defbe4f4e902c4337092c467b1b98755853844baa2831a54e4735011a54c70f0d6fb0997818f8530f718a8561 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 5ba0b8b894bd20b8bc5981c0e963739e |
| SHA1 | 5af4c2767e8a90c06526be9130eb5213c5bfe7b4 |
| SHA256 | afa8f526f447cbbf8e71432259ec24cf5e51bcdaa20865f040ff6c5b5e1a8591 |
| SHA512 | 8c88505d2d0667e3cd88f54149b208dcf8e60245005a033e9323ea9db692f556ad409a9a75f34c3658e8e5fa4701128479f815757e6ca26e78dd5528699b57f6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 416945ef0cb14d4c245a1158253233d4 |
| SHA1 | 64d9a795c224568a4f465267e4e71f4fce17a9b0 |
| SHA256 | b3882d94280e4d2f57e461b14bdd5f2f0887530336f5fda8dfc9ae5bfafe19d3 |
| SHA512 | 30e96d03fd33ed37a568b0f7ae532171e29ade936b433b7d67439361adc29c3bc72f66007cbe11aa5912d0197614c450e8f86fe03e20e4b1b58cf93e346d64cc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 6121d55a553f3b8b29654d6b7e0d027f |
| SHA1 | 36c987958965f85a3dbfa16ce36df6382a2ccbc7 |
| SHA256 | a188d2e240419781128c89e2021b6048d15ab269e3222d15ee470e7fafc09e70 |
| SHA512 | bb8384ec29150b77d638d5fa6e9cb9b8ea58a2a15d3d25b5b07c0ee16aa8683054a3cfdfea84c5ffd8e7f5ac1562cd21e4e5139773698e0dcb4a4d1d56dceea3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | a14a0faa028c0d61ff06f701c20734b3 |
| SHA1 | c0fb8f454f90c24d0de69e930bd7b9c784e1cbe3 |
| SHA256 | 02c8429037bf14942576d05f3aaca804f8c705188113bb6186d2d09277696e91 |
| SHA512 | 50ce0bed61121be93fcc2d0aa6439665be9f70b7b39fd5e50d7a5bfee75323b23196bcd1a4ea437d05f627534c3c9f33effcb4e3bbf01d0a28374f46d774a3fd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | fa6e2a2abe050c2babbc1a62c7d07001 |
| SHA1 | ea0986404eb44799fe74979d4da94abb43a0153e |
| SHA256 | f005ba5e05660c859b6b1b9d9402b8004afc4f63a679031cb6de3b58558da7b8 |
| SHA512 | 58c09f5d36fdedb51aa48dacb529ded027a1181da340d7bcf7f662aa91dd49f12347790f4076c15843b4f82cbd8cadc4db9c8806cafccb1290d3c3f9f57a364c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d660cf4ac4efdd2d51d9e2202231162e |
| SHA1 | 3d9ae12a87d39f3429a45420cb83875f9021f9a3 |
| SHA256 | 2ca7d082739e5c4057f30e1593c6ce44652af2c5c7aab380a39de1d46e67c5f3 |
| SHA512 | f00928a6d306543a846d16f8692cff7601c55e1c04a4b83d5e13fd4e5d0f18ee0a048e600e792ced441c8d4b7129a470b2a9cca2313ee64ef29fd51716cbbc69 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 19260410f913d1a464237f448a368338 |
| SHA1 | 48fd7cf9f132b54c09e8958d95995afcefe55ceb |
| SHA256 | 4f89f9406f06cd0422ca794e302d79f67ffa667502b63ab34d5e96de0d253923 |
| SHA512 | ed9211adb44bc15ede74101bb4435aaaf3662a2a9d9d0d3ae384551d04bc818d2765ba556319840b1118e525478557b09d24dac3c6ed07a7b51eb02d9090a731 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 64611a7c177090a64cf8121fd33f388b |
| SHA1 | 9c020e96a26b132b3c0f5c6341f9ef5485cced90 |
| SHA256 | dca30b7d321469463428490cb5a3a20ac061959adb7957de41b3ea32e1dbf0ca |
| SHA512 | c967cf39cc1f596cfb41080bb4f525f93da4a5f4f1005f299250bf065ff0c681cddc2f479c41dd5452ad887232695fee486c81b56d727a5b14857e31628549f2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7e506a99e85a9b0c8b9a4cff1bbb93dd |
| SHA1 | e5917baef1af26c537ece4ede25c0a06009e877c |
| SHA256 | e014a8c1bd371f66a2841c6a80ee602d79771e2649edd70bf9115f6f38d6b4fd |
| SHA512 | dfe781a3a1f2e08a473b8105762410e024dc156d15c78b159e5474b81aae547c3e7fb9ab0123d75ebb37bf49baed17ac972aa704bc3397d1f1e2f2e198c283be |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | cd4cc791fb7221a517916be2316929ab |
| SHA1 | ff132a941389024ca24d5d732d9173508690e695 |
| SHA256 | 2c3063c6400e24ee154495c02a0bf6a21518ba0e55917090f0e2f388dce2b876 |
| SHA512 | 8089e43eaddb6764ebfa7712c8c42d7014f3dfe1c3017152942d1e463c34a9acd0f4fa946e14fbbd693a63b4facdcafdb75960d8e0d79161071286e1e1e12b33 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 45a84f4d9d47feb5c8040a81e263b1b8 |
| SHA1 | b4b6742d0044cdc230d3430041e85f26d172f177 |
| SHA256 | c2159670aac90a29b3dc8df6dc0ee465753d1edfd89bb41ffecde7935e60177e |
| SHA512 | 64d08fcbbf5a19c095da9c667254f16355bd024a6f435646ba07691fb19af5c16fba8694a6d7041194d5bb397e177da34612421ff67099ef5085aa4f6ae1d180 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3a926100ad8dd5ae0fc2c83e05f60462 |
| SHA1 | a5bdfbe183d0e5da83197ebecac99b6fcb7e8be0 |
| SHA256 | 191c4e39619a09148fa7bf58d625813fdbbecafde1e12a62e9c09f4d7c67fa73 |
| SHA512 | 4dc19d087b3c0a07bc274a9bd646b39f7b72272058443fef9adfd4a152015a271ae939ae738b15da5e4a4f5615dfe44d959207d53ee8cd637ca6328ddc5451fe |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 799fcecc12fc8869b17dee91866f810d |
| SHA1 | 7f2d69a0f2d4905fe17e3cb0be438edfc81b2b72 |
| SHA256 | 7ac83f707ad40cd4bf9905d90caf59f56457014c914f8c4d1ab60b1e92cf5d52 |
| SHA512 | 63bfcb2922cd6f8fa9c6e1ffce608ad2a8a1e00ff92efd541c574dcbd4a6dca51ce3226db29605fd6c2d5ce3ac6c9954bd646beab58d57501848a9baefc6d218 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 1fec83c30e70eed9e60ccf3ec3be5792 |
| SHA1 | 3384051928ec0723518821c33a85f1fbaf733842 |
| SHA256 | 29c0ff4adef92581885770961ae8dacefcf7177a992e4c9e5e136617f5c82f76 |
| SHA512 | e3642969bf5e05ff7dff047d3f10a6f659a56cce6e7670f53dd46e9a7045d609d33bac74f10a985e0019e3035df0ae4aed6d5cdd46c0bd57c02ec569da2c9f4f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | cdf99cd75ac07123cfa1454aad9db210 |
| SHA1 | 2d4bad54a131df8884c25b27f2a780bad4eb1bf5 |
| SHA256 | 1e44be26cb3a3ce090d01188d9eeee85a6bfc4bc47d1c7177b7986c6ebe70336 |
| SHA512 | 323802b43fd4e4e5fdef5ef35cbca6a48c7c5e1fa20db5245bfa82af3fc5ac698ec667b1ffa20dee1bf08152efa453b612e7b806839ac0c4a2da37074e2b2c36 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c0d596c147ebb0243885dc75b98681cc |
| SHA1 | 8f9e3e929a65123525cb9fff256f95fc965ed106 |
| SHA256 | 111b362fa55f2f62140fe1008876cd648a53fe95f7a74effffae4271f0d5fe5e |
| SHA512 | c0e3561e057f8713fc6c4ca6533f1c9c03d9866f28806249727be2334ddc2042f461e81d6d80777744c5588ab5b3f0cdd76180e7ce34a905215822a85b2db710 |
memory/6032-1162-0x0000000000910000-0x0000000000A32000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 78be6e8e70ad8f146e5d3527785568f3 |
| SHA1 | 1463f66315532150fac4004a5fbedb8a39eb90f4 |
| SHA256 | 6ddf1f735a9c1bfbaed9b645f7a3823a453bd856f53385a99d8c56f60b1af102 |
| SHA512 | c7fa3fa378500375a16b884cdface96bbb7bd16cbb3a1aad082824f5bc2ac051815353eaab4f8b21326449b169e76fa4b54a2b95e2f49ae258b26e26165c7876 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 1147100d28f97f5667ad44e97ea075d7 |
| SHA1 | 7be8630bb678c673509469d47cbd8b450703194e |
| SHA256 | d1cb2f01270940a9ab76e44b0a7a6f2bbc9ad01180b0b33ba3fb17ae7ad23692 |
| SHA512 | 66c2e79a5f26cdac10c68b867c21a8cea3e1874b2a5ffac739fcd588000af9501d88ad90c20d943531e4bd1b4ab8b3e2d22d541dad2373c896644cb0c4847f2e |
C:\Users\Admin\Downloads\release\Client-built.exe
| MD5 | 9da4ddece64f066c9a6c96b9317ad82b |
| SHA1 | 64606c90132bba0daa54edfc797fe0a16bf14557 |
| SHA256 | 6206d3439f4b9e25a96c96cd15789469601ca5449cac239060ff34c789a77315 |
| SHA512 | a387e0d48ffc591796de95e7a538a6e9bfc8cb43b414ca3245c54daab6ccad706e6268028882e80e5d6dfd12ff9b6e0b620cb8d1dae4ac3915554def845b83cc |
memory/6004-1184-0x0000028E36260000-0x0000028E36278000-memory.dmp
memory/6004-1185-0x0000028E50840000-0x0000028E50A02000-memory.dmp
memory/6004-1186-0x0000028E51060000-0x0000028E51588000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 0f1fdc449341cc1e0251dbff3e18f0a1 |
| SHA1 | 94a6be07d4b2fa2a0b83f503963cbb0099685e15 |
| SHA256 | e14984505588987c310c6b79c461cc758d782c79da081becf39363e46de43f67 |
| SHA512 | 18cc5adbdf77b197a6d452c3c6e9bc810a1ebc2faa046d8b7fa6e4f42cb9b7bc8edcd577591d46758b08814f218734a73a03687d2564971b3af7b596a5c86a67 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b82db048d454f612c20105fc5a958095 |
| SHA1 | efcda1497ac579beba2b117913498150c50853fa |
| SHA256 | 7113b4909231d077b9c326574cc5bd3c0f6f779bb71272307408ce59759d837e |
| SHA512 | e0d93d19ef000cced1cea5cdabffaae50ac9058d570819ddf008f61280218e416d23ffb3efca03f69a89c3d33920b0c6bf64f5bc41143ef04c4edaca26242777 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f891fb749a6d6bce75b81a227ee9ab61 |
| SHA1 | 6b3840ab027c8192dd2c8ddee66d87e0aa008615 |
| SHA256 | 4039b74a66241f7b768fecab3d6b4f314d34450671a827c979b6299341551cff |
| SHA512 | da4dc9bb4e18e0cd3dfd33033f02187ee145d63cdff6b846cd7f3a6b795e9f135ab0505fc30d7e3ff8b3a0892be114b3d42e225a8e5376ba30f0b15c62d89315 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ba1212bc1bd681480cbd90f7fa9c0536 |
| SHA1 | ce96b675c0d92315f9539c31dd9f1f994427f1e6 |
| SHA256 | 00f504cb14b9b94292fbf1d2f9cf4f2174c180994e4b9a4e586b5b9baadd6a06 |
| SHA512 | 9cff5eb74fa0dcce9fc66252892c6da7a4fdccbc14a1877bf5ac25d17e1fef843ea976097e49ed8e1aaa5eb23af7afa49d5326cf5ee4933dc715905605040e8d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b587c8c43e881022b3003c4279a217c3 |
| SHA1 | a0dd5f7c75354418ffb5a376f41b491a32555233 |
| SHA256 | c3c52724e9a4a26199c59994ccc350168a96d9272ba6ace95fc575d034ffebc0 |
| SHA512 | 92e53cb5012863703db68d5c2d9c6c032190cdac5120111d9dd66e7c5f2b397e7a6ae4e0b68ae9ba7d3089f48997b3ca6328669ae544d78ca17127d120583623 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ca88210e9952a0f640290e01ba01d7a6 |
| SHA1 | 6a383d9bc08216ec6234cd16ec153d1fb5a68981 |
| SHA256 | 118b82c8542c60110ad00883ebd4121acdb301db790f5bb18b9c48b4e568f861 |
| SHA512 | 1494c3695721f915d8d7abaf1bde5c63a2b77f9a67d8f841ed69f3ebf578e3d037b051a5f349e22c167e5e9a13f885308350697a6e6e842a740c20875040e5e6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 19fccc470c014d61bf0a67a22aa7ae48 |
| SHA1 | f72d9a53e5268afcd5117afd2f39c4970dbe5264 |
| SHA256 | 852e814bef49e9f964cd6c736ecde325960dd248685210b9272c2dba051b64f3 |
| SHA512 | c5c7686625da2b6b31e57f4becd0e72f08a65f98afe7e92c9d38f82fb3374f887517bfc9b76de8eea3e8401d63c4a85ca7f8eff576bfaae78bb67640c33cb6c0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | dfbf7c61a6ea62059d326f9f09a5f856 |
| SHA1 | 6869f31db32b1bf6b1254b2f91c5fbf3ff0e5ca0 |
| SHA256 | f7cba4e13a8b1897a5d8cbd384915b26cc675bda6785e14d691fb490a2a48f5e |
| SHA512 | bb873bcf50f56e43c6460b08718216da25f55ea5a60034f50971719a2cb92504870fbe19843fb5190427bbc998ec56822b91cf4645860fca157baaa45ffe0db2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 37007d613b3d20cdd294919ede26dc39 |
| SHA1 | 81601adff84cb47834977dd7a5d735007dd2de6a |
| SHA256 | ca486cadbfc76501853902c88d9884d61830d5c161e14cd21b519a60b10cd79c |
| SHA512 | 6a60f8cfa09a688d91c043834053d9f26301c30bfb8dc6380affd68cf4b1f291fb6dda8383b83b4b6182566d1d907578d94fb6c78f453c2aaff931b9e89e47fe |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003
| MD5 | d6b36c7d4b06f140f860ddc91a4c659c |
| SHA1 | ccf16571637b8d3e4c9423688c5bd06167bfb9e9 |
| SHA256 | 34013d7f3f0186a612bef84f2984e2767b32c9e1940df54b01d5bd6789f59e92 |
| SHA512 | 2a9dd9352298ec7d1b439033b57ee9a390c373eeb8502f7f36d6826e6dd3e447b8ffd4be4f275d51481ef9a6ac2c2d97ef98f3f9d36a5a971275bf6cee48e487 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004
| MD5 | 60f8cd04587a51e31b51d1570d6f889a |
| SHA1 | 88574c41d0ab81721b275252464da5c7927a4835 |
| SHA256 | 27cb4390e32a97375dd4987ae000406933bceba5199f17893711e782333b81cb |
| SHA512 | 84c12448ac55dd819749fef9be9919111a3df4bc51e66d2fa9f7376c11c101ed1349cb36aa119aa873cdd6c0c91027e201fbe23c2c83b89bc900a4d9077bcc52 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002
| MD5 | ed124bdf39bbd5902bd2529a0a4114ea |
| SHA1 | b7dd9d364099ccd4e09fd45f4180d38df6590524 |
| SHA256 | 48232550940208c572ebe487aa64ddee26e304ba3e310407e1fc31a5c9deed44 |
| SHA512 | c4d180292afa484ef9556d15db1d3850416a85ad581f6f4d5eb66654991fa90f414029b4ce13ed142271a585b46b3e53701735ee3e0f45a78b67baa9122ba532 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005
| MD5 | 76a3f1e9a452564e0f8dce6c0ee111e8 |
| SHA1 | 11c3d925cbc1a52d53584fd8606f8f713aa59114 |
| SHA256 | 381396157ed5e8021dd8e660142b35eb71a63aecd33062a1103ce9c709c7632c |
| SHA512 | a1156a907649d6f2c3f7256405d9d5c62a626b8d4cd717fa2f29d2fbe91092a2b3fdd0716f8f31e59708fe12274bc2dea6c9ae6a413ea290e70ddf921fe7f274 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006
| MD5 | 56d57bc655526551f217536f19195495 |
| SHA1 | 28b430886d1220855a805d78dc5d6414aeee6995 |
| SHA256 | f12de7e272171cda36389813df4ba68eb2b8b23c58e515391614284e7b03c4d4 |
| SHA512 | 7814c60dc377e400bbbcc2000e48b617e577a21045a0f5c79af163faa0087c6203d9f667e531bbb049c9bd8fb296678e6a5cdcad149498d7f22ffa11236b51cb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007
| MD5 | b38fbbd0b5c8e8b4452b33d6f85df7dc |
| SHA1 | 386ba241790252df01a6a028b3238de2f995a559 |
| SHA256 | b18b9eb934a5b3b81b16c66ec3ec8e8fecdb3d43550ce050eb2523aabc08b9cd |
| SHA512 | 546ca9fb302bf28e3a178e798dd6b80c91cba71d0467257b8ed42e4f845aa6ecb858f718aac1e0865b791d4ecf41f1239081847c75c6fb3e9afd242d3704ad16 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000d
| MD5 | 038c1f469deb6932520d09a340856ebc |
| SHA1 | 8b361a8c0489b69e9ef4e132e36f20c161c5ec1e |
| SHA256 | 5fafae77cfdc093baea4dd31485ced7dc4ab8e734311b3c2aaac1dc2ed95f451 |
| SHA512 | fc3123f11323a9f18f5e1bb31c61fa229e0de8b6d07bb01b220605cfd9ba499ed63e76be0b7146e096412cc94486bdba0ee102982b38b258958c6327fc6bb6c8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 6d29497c30527946b4ec610af88aa220 |
| SHA1 | 4f2194d2b9afc5faadf81d172af9341a0cfa62de |
| SHA256 | f2c0a0709d2977f154378362f41fbcabdcad3a40643f07ef2ffb993fc08feee2 |
| SHA512 | 476e5280b87b58d8765bbd3bb886ac740413cae05d7b1fab26949f76da301ae9cb4ca73dd6d0fece055ed1ee098c025ff7a7ec1ddd3c212b75fe6c4e4a4aa665 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000015
| MD5 | 2e23d6e099f830cf0b14356b3c3443ce |
| SHA1 | 027db4ff48118566db039d6b5f574a8ac73002bc |
| SHA256 | 7238196a5bf79e1b83cacb9ed4a82bf40b32cd789c30ef790e4eac0bbf438885 |
| SHA512 | 165b1de091bfe0dd9deff0f8a3968268113d95edc9fd7a8081b525e0910f4442cfb3b4f5ac58ecfa41991d9dcabe5aa8b69f7f1c77e202cd17dd774931662717 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 281f6b71226be2d9d86f6a4ad5e7ecb1 |
| SHA1 | a862a03225266602a9530b1dcbb915f291a9f18d |
| SHA256 | de98e82232366ac7fccfa9e9e8c59b0ae78a2749f583e7d94edfd12b988d26ca |
| SHA512 | d4d8feaedb1c17b7021df92b0ae4272916e78705ed7c46cf9904831e6f0162e3958da48ce3dd4f9471edab5616e5fed5a1c804ec99683f69ed3fa76cef63a0fb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 9695f87c8490f6acd0b595f6ee665cdf |
| SHA1 | 1716658079fc5d66930f665e545199509d739474 |
| SHA256 | 4f1ce7bed2f7dc8384c5781ab2ca7f54541b225f098b58eb7453ebe913687a7d |
| SHA512 | afb92ffe67ca070bc8fba06cd8440dc2c4cbb1b138bc23b1e384ca8e2ee8b093f8250766effd22a646e955a8623934f8bb395cc7ea500ca7bad5cd6aed250c77 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 948a62fd9d05b5dfab3e86e8318f8898 |
| SHA1 | 657d0a14ea8ada83c337926ed980292b3d9ae99c |
| SHA256 | 8289b07bd40979a0cd5bdb715c2af045da07b554e959f66deee9e3b094daef0b |
| SHA512 | 279fe4cc544c47778f4a7cd2ca29ba465476df21dcb10e112a0aa714133588018636eaf1d54eb34bb00aa15694a892dd5b2933532cf5f1956431fb91d3e0f4bd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e26aa19903a511856a1bb022e90f5216 |
| SHA1 | 93578197267480e98ee443a6b734610ebc2518db |
| SHA256 | 72546c7fd7bb78bade26edf2e831761b47a671e5adbc785173a4cac09f26a57a |
| SHA512 | 3602b3e81717ec49d5262dc057c17d581fcba81c969aba3c398288e4c387fb34b7dcc1eb6e2804e5b5885df237bee291b7bc18aa2023a44bc31b1d6d362bf2b0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | f75162f614e484d359f2b55a1cf7f305 |
| SHA1 | 97f9bdeb14498a61d1f95e6664ac582718750d6f |
| SHA256 | 921ee3c7653f8aeacce019db7fd55bcf752fafcf4f7289a9ece26f015464c036 |
| SHA512 | a1d2dff27790f89de0059442cc57eb7fa7f51cb20b6fd57d04559a1f4017d8ba6fd162c2385623973960143fe814ffb296164ae29fb3d8d865e569fdde7cf965 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | e336b3e1643b7762796222576912189b |
| SHA1 | c1314ef77124ca6f67343fd28d7a11cdfb5f2d3a |
| SHA256 | 7700c4ab4bd8363e152d7902b6a031e4ddf4c3f552a71a0b55cd6add65a012e7 |
| SHA512 | 7cefd09faaa80929ec3f313353ec00d6fff908b5d3dffda23587cdfff400a0c65bb71801d52808ad4003b085441cbbb9ba958bfd7af07626780c7502aa2d4e8a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 75f6a3ed36797b1a2ec695de5cc5ec76 |
| SHA1 | cc48fbced35db2af4f873a4c26e7328a3008893f |
| SHA256 | b394400505de69178aa01c6d444f15a39fc0eb6ec45220b8cf2010c4f2bf7142 |
| SHA512 | f3bd6091acd7b9a6cf7edbab308958566254d03b4ad55967c0e66e707261af055480c00722e8b009cc3353270e1e519a3d7b763569f386946f76d69a858097b3 |
C:\Users\Admin\Downloads\Release (1).zip
| MD5 | 89661a9ff6de529497fec56a112bf75e |
| SHA1 | 2dd31a19489f4d7c562b647f69117e31b894b5c3 |
| SHA256 | e7b275d70655db9cb43fa606bbe2e4f22478ca4962bbf9f299d66eda567d63cd |
| SHA512 | 33c765bf85fbec0e58924ece948b80a7d73b7577557eaac8865e481c61ad6b71f8b5b846026103239b3bd21f438ff0d7c1430a51a4a149f16a215faad6dab68f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 5e61dc2c5afee6e7ce08e7144c3f659d |
| SHA1 | 6e015f30dcfa199a0b5595aa99529a6659e6e90e |
| SHA256 | 23dd995d935de304dcd70f8ba989bc56087df5c35dd009caf4968abdf843b44c |
| SHA512 | adde7cf338c963cd337c3fe1fb9b4a7020a6cd40ba97b6faa39a355befd6bfc4fb15a0a5f1ae9bf3f8ee07a22285ac9fadce56f1831c0c48b7aceb4b57073521 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ee92814cc0cfb5e221da8a04ab0bffcd |
| SHA1 | fa492fcd943bbd5368822e9289f7e00fbf82ec66 |
| SHA256 | 0161d45b014c72ee4e2a891a7d153c6312d38fd1557d7ee74d47f75a1d4650da |
| SHA512 | 4c0e18146de4e2d579f2c01cf609081eca532e8c930d7b8c76c2a45bd7c866fadd7e65bedf4b86043aabf050e130526dc68ba956792646857f772266b179dcd6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 5924b5393a715a445d99f2d2dd99ac7c |
| SHA1 | 7103911fcd4dd8463a1e0fe91eb8337b8bb1558b |
| SHA256 | d42cd6477cb14ac231a5465c0b2f2bdd5475437d8782960b2202037c2d1c7750 |
| SHA512 | c0c0a0e4e1510f60dd79be428b312ba339c3d373dcd0cbbd1ab2c9eae4034880114971394dc1f903c85b393b727751a8f789557241084457d06d63a13fc66609 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\444c2a5b-1a9d-47d7-a6b0-63c12f9e323f.tmp
| MD5 | 69b95d9ff6c3dcdb4109a0677e23c89f |
| SHA1 | 1ddf77aa37750916490f6b0119623c3e1f5a7840 |
| SHA256 | b4f80ff046edc865c43456ef2ac07efc0aae976e934b6b7b77dfb7797f6b7124 |
| SHA512 | e2fb8ff80ea86fbc1fa5154d9e80e13873ddfd149f3951376f27407af90bcdc52268b5e213e92e7ff2bf8f979557430b7fdbb0862f1d0f28af0cba3ccec4b48f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | a6f9d1304248dbe0efb2bb9352d5b5dc |
| SHA1 | 52724fadbf9a07db73495f239c4a88c09d275213 |
| SHA256 | 79221bf8e6367a1c84388062f8a43e023ee65ed527a3d36e1fa4a6d793c7052e |
| SHA512 | 8d95c6d0141fe84c65d3c92056830b6acc99fd397ad176aa482fb794bcbc6ce9cf877734ac4bc1c62fc479df05608f8349e852a6ca3e70f59bac2ef5c95ce42a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 505d78f87ad29f9a11331263eb11a112 |
| SHA1 | 156fddce2b13f6c6a485dac62437ecd1c3eb38cc |
| SHA256 | d3625515208eb912998062ea95561cbee6d4d45657c153ab689864b117dcb958 |
| SHA512 | 70c30d2b2198246972f3de0d75e92b0162dc4d1871ba798881714b7e35a5cb0a918d532a27ad1d000e9bf2968521d25efd5e6a4184d7ffdc1354f88bc6749f8d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e2a3db658a738050b525e6d39ffe4439 |
| SHA1 | 09b115badc8e26644dd777daefe45def6beeeca2 |
| SHA256 | ef231736ca053681fdef3ec6b7a14e3d09a2403f90cc6120af3b600f546ea24f |
| SHA512 | 4694c8eab3d8019d93acb018ccd90afaaa1beff7516ec801181a1eb49233f1d4910fcce3a374d2a25d466c4cb5eed5f9fb1e4bbc3c3917b41d661f4c44cd8785 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 197e54869bf811b0e34407249debce61 |
| SHA1 | ce614fa751b87e8fa625b9478939f78505800a3d |
| SHA256 | 60da8567799472810313c9fee9327007ea1311d96326398f380b1fd97d9a5585 |
| SHA512 | d9c04cb94ac908c64930331e4d86edab34576120c720179dc1bac66005326b616c5782986bbe78890fbbe66093992149b9eaee984c815b905328b23f3dafd49c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7da45fd7f3160f302c0610d6685eb042 |
| SHA1 | b08327a5885e6d8bec182e8d3bf5109ac7f29659 |
| SHA256 | 4d93b38ee139b43a28c57b432ed473e070c1a70964e7d5227a19a459a15b029b |
| SHA512 | bcbf57704ea1ccc128c6f80a832e8310f9ff64a2f44cf13a1b8fc2342f220f08fe9994e471aa1a6b5c352ca0ad7275a983b91bebb679ad9ebbaea15cda4b652c |
memory/2788-1928-0x0000000000130000-0x0000000000332000-memory.dmp
memory/2788-1929-0x00000000051D0000-0x00000000051E4000-memory.dmp
memory/2788-1930-0x00000000076E0000-0x00000000076FA000-memory.dmp
memory/2788-1931-0x00000000076D0000-0x00000000076E2000-memory.dmp
memory/2788-1932-0x00000000095F0000-0x0000000009612000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c89c4150c422eb77a6c733e617d87ddb |
| SHA1 | bf8b40c93731a70570eb43d3ef39ce66bbcdf01d |
| SHA256 | 15018aea21392c82c2456e4d021243d5d516d69f49ba0e77289bf3ec8b8d378c |
| SHA512 | 6c62c8485b8699c45006c5428ed859f052c8a77f3eca64316aff1d9b58ee0d2387ca17e4a2002aa7afeb6f0373d68c1204c82368be9ea15eacc36600a6099709 |
memory/2788-1942-0x0000000007750000-0x0000000007802000-memory.dmp
memory/2788-1943-0x0000000007CA0000-0x0000000007FF7000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 48e5460a0c9a1010c5e0517bcf37955c |
| SHA1 | bd400d82546811b83602cf423696a7cbf29202ed |
| SHA256 | e2223ff1c88d1a6911c5f2aee9f4396a5c75db8da446b9eb116bbde042a163fb |
| SHA512 | 90cd2849e6583c24096e436f8f0dce45827a7c3dab46c63813b45bfd4d6517e0b04d03c35a8cf7aca51eaed13c4defccf5d802247b01b1b711752c22a9f2f236 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 114ab794a36be8e467d35e52e1a5d7d9 |
| SHA1 | 46662b2a9445c55a714deee2aae3ea62a256d547 |
| SHA256 | 006b5c1271b67587065dcb61b8a7abae0318ea0a7c5088aeecf647ad864c7d29 |
| SHA512 | 630049dc87155607b1ade3101638803b13ff9ba0b900c6b5f855031ad927bbcad1d09512d83894f5b4761c1345626abd811306705b9e9c7dcabec197540bd8db |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f14d0da0be10ceb05dcf1222b005ae1c |
| SHA1 | af3239b33310db782957e5205aa691c5e2c0acf8 |
| SHA256 | 5a031f17f1d7231825ba6cc1d9ed9551631163ee6150d2a0cb8e46157b335505 |
| SHA512 | 25f46acfd2955b596e6ac8c3ad449e4a7a06bbbd48672e97d51c8ac601445f45271710fd677e675aaeb238d50a54a361cdeaebb6faf4e3c861b1520be48d10df |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 592e1c2ffbaf7bf2f8cf24b92dbda48d |
| SHA1 | 6dcda658e21aff87368276a564724c442ecd7438 |
| SHA256 | e9d1d9e4fe43126a2bb468a1712cadfa72fa3edbb5153657ba2fb62cfca56c49 |
| SHA512 | 40e88e1e9282d2b44c397d7c1952d48cc3301f2fdb019475297e50323e6de392d11eca6d6a48c6699350a2882d8d9ff68b4d2341d9ad4e87e76da54af42cb835 |
memory/2788-1982-0x0000000000A80000-0x0000000000BA4000-memory.dmp
memory/2788-1983-0x0000000000930000-0x000000000094A000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 80be7573be3b2b62866c3074f21a4c51 |
| SHA1 | 7b30c929bc34500560766ce4412f9a43a4b40f22 |
| SHA256 | ba383c876c34991cd2d816c14656be8501f35253a043c504d1055226180c9720 |
| SHA512 | 7c4dd21b6255e93339693a0c75a7692fe95f282d61d81b58f151d99c7f9e3bbdca253a996b47e4a180af487cf87e0a8971c41801667ee8abf05982b6e5f6b6a9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 5b4f1fdb5ffde7229a965be3531e310e |
| SHA1 | 5850569d1d47b42e792a445e85dfd2b98a422756 |
| SHA256 | eb06d55ce9dfe6a3e44ca6993499b922c5138630a4e90beb6be9c940f97ec7cb |
| SHA512 | 7fff8ffeece3e61fc12feadd021ba47ef611966d59f1451f15fea049202f05771fa2b5c7aa5c738394fa75dea5fdda9e306801dde128b39b80795e38fb44c49c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 1b8857ddb812fe574a82fbf0e574f203 |
| SHA1 | 7462719b5074ac18f89650d501f582b1fe6dc6da |
| SHA256 | 5ce7d8e87681d65ba7f2e1951fa80a566048f04ddcc9c172d962141920350e6e |
| SHA512 | 652cbd1042975ec3ad998840cdb87c752df1147c62d63bc3b9ec3e93ef3564e25eb158ae773ebdfe2b9bbac508fbce7c7bd857102552fac84ba3d0d83fa0adf0 |
C:\Users\Admin\Desktop\Solara.exe
| MD5 | e069304f72f1993e3a4227b5fb5337a1 |
| SHA1 | 131c2b3eb9afb6a806610567fe846a09d60b5115 |
| SHA256 | 5d00cfc66ae11f68bae4ac8e5a0f07158dae6bfd4ea34035b8c7c4e3be70f2c5 |
| SHA512 | 26f18e40b1d4d97d997815fe3921af11f8e75e99a9386bbe39fb8820af1cbe4e9f41d3328b6a051f1d63a4dfff5b674a0abafae975f848df4272aa036771e2e9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 25f0364330116ccb2dec1d143163dc47 |
| SHA1 | 6e6749c2571e80eeaaaa63d1a596bc2f024a76c1 |
| SHA256 | 27e73f665bfdf62c0d3a32cb22ef19b7bf4f7debfc271fe365cc858b46a776a5 |
| SHA512 | 78bd4a0391a833d382d2f55f58b71269022371c7245c322f0842ad80b19ef33cd58788c113a49257de21601f12bbef2239308b451c8b90d1e279527d6c151624 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 76e1ac8a6ce54f7189646aa17fe19593 |
| SHA1 | c3252a568e11c35473ab0c8face3b8c8df128410 |
| SHA256 | 393126ee0ce74f41530ee52ab555d933f0b9d757762fa5a3a383bbf918990cac |
| SHA512 | 7d7656833fcb7af61c2c1a63711bbeb5a3905aed96298210ef45c29501f1f1a43edaae6be383ab58667a026a7c70e21b45cd87894b6cb526236ce6eda19c0e8e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 1d7a3f4b8fa316dbd958fe0ce431fb45 |
| SHA1 | 23586fceac8ffa9eb4d2ff1eee54dc2b61d9de94 |
| SHA256 | 3055bc60e4ae394bd7107bd00b6ca6303bac4f519b164427f9096048a4af5a7b |
| SHA512 | aa6ca1795fa7cee0311a7c568bb790a1c9ab2db1ab536eb8ba210970049b4b50ff5543a87ecd5f759a7f73df6f331bb1826be3bd4cf496de5da62682c8ae6482 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7d73cd4aaa0650e4d0382b215f6f26bf |
| SHA1 | 863dcb61c843fae053526512cb6bcf02c294ac64 |
| SHA256 | 9f47f0667dc53e5dfe50f0286ed76571679392b217eefceafc6ff269f96b2d5f |
| SHA512 | 8c068d4e980ee605d3f688c5ce93069ccbf9663176049060fdabc687aec5d62f8d848526ec8f981cf4c683040a5e963b50ff3ca94bcb736d727a0791eb4d72a7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 94fe6355a0a2d1baf4d47d5df3ed82af |
| SHA1 | cd6e10b2c218e7ac44fb23f70fd7eaa049a1c3d1 |
| SHA256 | d1ada2581b5c927922703964767e61560369b0faa0f1170ce8d833de44778738 |
| SHA512 | c4ae8f30d813694be7c42f313ede6f97a55ff36d27b70e751b97f1f1456aef0553d7a8eef5f9d56a125da3f7f246d3b96024900f75e34a5c4ab68a670fe08152 |