Malware Analysis Report

2025-01-23 15:03

Sample ID 240831-mtqslazaql
Target https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5
Tags
discovery antivm
score
5/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Mobile Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral5

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral8

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral12

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral9

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral7

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral3

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral4

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral6

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral10

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral11

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
5/10

Threat Level: Likely benign

The file https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5 was found to be: Likely benign.

Malicious Activity Summary

discovery antivm

Drops file in System32 directory

Drops file in Windows directory

Reads CPU attributes

Checks CPU configuration

Changes its process name

Reads runtime system information

Enumerates kernel/hardware configuration

Browser Information Discovery

Writes file to tmp directory

Suspicious use of SendNotifyMessage

Checks CPU information

Checks memory information

Suspicious use of FindShellTrayWindow

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of WriteProcessMemory

Enumerates system info in registry

Suspicious behavior: EnumeratesProcesses

Modifies data under HKEY_USERS

Suspicious use of AdjustPrivilegeToken

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-08-31 10:45

Signatures

N/A

Analysis: behavioral5

Detonation Overview

Submitted

2024-08-31 10:45

Reported

2024-08-31 10:47

Platform

android-x64-20240624-en

Max time kernel

76s

Max time network

68s

Command Line

com.android.chrome

Signatures

Checks CPU information

Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Processes

com.android.chrome

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 accounts.google.com udp
GB 74.125.71.84:443 accounts.google.com tcp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 142.250.200.8:443 ssl.google-analytics.com tcp
US 1.1.1.1:53 webminer.pages.dev udp
US 172.66.44.158:443 webminer.pages.dev tcp
US 172.66.44.158:443 webminer.pages.dev tcp
US 1.1.1.1:53 a.nel.cloudflare.com udp
US 35.190.80.1:443 a.nel.cloudflare.com tcp
US 1.1.1.1:53 update.googleapis.com udp
GB 142.250.200.35:443 update.googleapis.com tcp
GB 142.250.179.238:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 216.58.212.238:443 android.apis.google.com tcp
GB 142.250.200.36:443 tcp
GB 142.250.200.36:443 tcp
GB 216.58.201.106:443 tcp

Files

files/dom-0.html

MD5 820548ac31fabba84f9e196945305158
SHA1 77c12f08a98d2e21816c529e1bb598b7f4fdbdc9
SHA256 54bb63bba08f821f37e86cc133a496eaf6e3d2152de3a1f26cdcc21c3098cf9f
SHA512 ff9ab8f7da0ed08c1557526788592346da289b087d5bbb599fb28f568aa681715e79853c7d8f8dc5e0a5b70f2a30ab355d52dbac1f2597ccc55603bcb989ed74

Analysis: behavioral8

Detonation Overview

Submitted

2024-08-31 10:45

Reported

2024-08-31 10:48

Platform

android-x86-arm-20240624-en

Max time kernel

81s

Max time network

82s

Command Line

com.android.chrome

Signatures

Checks CPU information

Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Processes

com.android.chrome

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 webminer.pages.dev udp
US 172.66.47.98:443 webminer.pages.dev tcp
US 172.66.47.98:443 webminer.pages.dev tcp
US 1.1.1.1:53 update.googleapis.com udp
GB 216.58.213.3:443 update.googleapis.com tcp
GB 142.250.200.46:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 216.58.213.14:443 android.apis.google.com tcp

Files

files/dom-0.html

MD5 820548ac31fabba84f9e196945305158
SHA1 77c12f08a98d2e21816c529e1bb598b7f4fdbdc9
SHA256 54bb63bba08f821f37e86cc133a496eaf6e3d2152de3a1f26cdcc21c3098cf9f
SHA512 ff9ab8f7da0ed08c1557526788592346da289b087d5bbb599fb28f568aa681715e79853c7d8f8dc5e0a5b70f2a30ab355d52dbac1f2597ccc55603bcb989ed74

Analysis: behavioral12

Detonation Overview

Submitted

2024-08-31 10:45

Reported

2024-08-31 11:31

Platform

ubuntu2404-amd64-20240729-en

Max time kernel

0s

Max time network

2698s

Command Line

[xdg-open https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5]

Signatures

Changes its process name

Description Indicator Process Target
Changes the process name, possibly in an attempt to hide itself pool-spawner N/A N/A
Changes the process name, possibly in an attempt to hide itself gmain N/A N/A
Changes the process name, possibly in an attempt to hide itself dconf worker N/A N/A

Enumerates kernel/hardware configuration

Description Indicator Process Target
File opened for reading /sys/kernel/security/apparmor/features/rlimit /snap/snapd/current/usr/bin/snap N/A
File opened for reading /sys/kernel/security/apparmor/features/signal /snap/snapd/current/usr/bin/snap N/A
File opened for reading /sys/kernel/mm/transparent_hugepage/hpage_pmd_size /snap/snapd/current/usr/bin/snap N/A
File opened for reading /sys/kernel/security/apparmor/features/dbus /snap/snapd/current/usr/bin/snap N/A
File opened for reading /sys/kernel/security/apparmor/features/domain /snap/snapd/current/usr/bin/snap N/A
File opened for reading /sys/kernel/security/apparmor/features/io_uring /snap/snapd/current/usr/bin/snap N/A
File opened for reading /sys/kernel/security/apparmor/features/network_v8 /snap/snapd/current/usr/bin/snap N/A
File opened for reading /sys/kernel/security/apparmor/features /snap/snapd/current/usr/bin/snap N/A
File opened for reading /sys/kernel/security/apparmor/features/caps /snap/snapd/current/usr/bin/snap N/A
File opened for reading /sys/kernel/security/apparmor/features/file /snap/snapd/current/usr/bin/snap N/A
File opened for reading /sys/kernel/security/apparmor/features/policy /snap/snapd/current/usr/bin/snap N/A
File opened for reading /sys/kernel/security/apparmor/features/query /snap/snapd/current/usr/bin/snap N/A
File opened for reading /sys/kernel/mm/transparent_hugepage/hpage_pmd_size /snap/bin/firefox N/A
File opened for reading /sys/kernel/security/apparmor/features/ipc /snap/snapd/current/usr/bin/snap N/A
File opened for reading /sys/kernel/security/apparmor/features/network /snap/snapd/current/usr/bin/snap N/A
File opened for reading /sys/kernel/security/apparmor/features/ptrace /snap/snapd/current/usr/bin/snap N/A
File opened for reading /sys/kernel/mm/transparent_hugepage/hpage_pmd_size /snap/snapd/21759/usr/lib/snapd/snap-seccomp N/A
File opened for reading /sys/module/apparmor/parameters/enabled /usr/bin/dbus-daemon N/A
File opened for reading /sys/kernel/security/apparmor/features/dbus/mask /usr/bin/dbus-daemon N/A
File opened for reading /sys/kernel/security/apparmor/features/mount /snap/snapd/current/usr/bin/snap N/A
File opened for reading /sys/kernel/security/apparmor/features/namespaces /snap/snapd/current/usr/bin/snap N/A

Reads runtime system information

Description Indicator Process Target
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/cmdline /snap/snapd/current/usr/bin/snap N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/cgroups /snap/snapd/current/usr/bin/snap N/A
File opened for reading /proc/self/fd /usr/bin/dbus-send N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/filesystems /usr/bin/sed N/A
File opened for reading /proc/filesystems /usr/bin/dbus-daemon N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/filesystems /usr/bin/sed N/A
File opened for reading /proc/2587/cmdline /usr/bin/dbus-daemon N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/mounts /snap/bin/firefox N/A
File opened for reading /proc/2532/cmdline /usr/bin/dbus-daemon N/A
File opened for reading /proc/2600/cmdline /usr/bin/dbus-daemon N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/mountinfo /snap/snapd/current/usr/bin/snap N/A
File opened for reading /proc/mounts /usr/bin/dbus-daemon N/A
File opened for reading /proc/2510/cmdline /usr/bin/dbus-daemon N/A
File opened for reading /proc/self/fd /usr/bin/dbus-send N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/2585/cgroup /snap/snapd/current/usr/bin/snap N/A
File opened for reading /proc/sys/kernel/cap_last_cap /usr/bin/dbus-daemon N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/filesystems /usr/bin/gsettings N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/fd /usr/bin/dbus-send N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/filesystems /usr/bin/sed N/A
File opened for reading /proc/filesystems /usr/bin/gsettings N/A
File opened for reading /proc/self/mounts /snap/snapd/current/usr/bin/snap N/A
File opened for reading /proc/2516/attr/apparmor/current /usr/bin/dbus-daemon N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/sys/kernel/random/uuid /snap/snapd/current/usr/bin/snap N/A
File opened for reading /proc/self/fd /usr/bin/dbus-send N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/fd /usr/bin/dbus-launch N/A
File opened for reading /proc/2516/status /usr/bin/dbus-daemon N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/cgroups /snap/bin/firefox N/A
File opened for reading /proc/self/fd /usr/bin/dbus-daemon N/A
File opened for reading /proc/filesystems /usr/bin/sed N/A
File opened for reading /proc/filesystems /usr/bin/sed N/A
File opened for reading /proc/filesystems /usr/bin/gsettings N/A
File opened for reading /proc/cmdline /snap/bin/firefox N/A

Processes

/usr/bin/xdg-open

[xdg-open https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5]

/usr/bin/dbus-send

[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]

/usr/bin/dbus-launch

[dbus-launch --autolaunch 36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/usr/bin/dbus-daemon

[/usr/bin/dbus-daemon --syslog-only --fork --print-pid 5 --print-address 7 --session]

/usr/bin/xprop

[xprop -root _DT_SAVE_MODE]

/usr/bin/grep

[grep = \"xfce4\"$]

/usr/bin/xprop

[xprop -root]

/usr/bin/grep

[grep -i ^xfce_desktop_window]

/usr/bin/grep

[grep -q ^Enlightenment]

/usr/bin/uname

[uname]

/usr/bin/grep

[grep -q ^file://]

/usr/bin/egrep

[egrep -q ^[[:alpha:]+\.\-]+:]

/usr/local/sbin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/local/bin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/sbin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/bin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/bin/sed

[sed -n s/\(^[[:alnum:]+\.-]*\):.*$/\1/p]

/usr/bin/xdg-mime

[xdg-mime query default x-scheme-handler/https]

/usr/bin/dbus-send

[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]

/usr/bin/dbus-launch

[dbus-launch --autolaunch 36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/usr/bin/xprop

[xprop -root _DT_SAVE_MODE]

/usr/bin/grep

[grep = \"xfce4\"$]

/usr/bin/xprop

[xprop -root]

/usr/bin/grep

[grep -i ^xfce_desktop_window]

/usr/bin/grep

[grep -q ^Enlightenment]

/usr/bin/uname

[uname]

/usr/bin/sed

[sed s/:/ /g]

/usr/bin/grep

[grep x-scheme-handler/https= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]

/usr/bin/head

[head -n 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/grep

[grep x-scheme-handler/https= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]

/usr/bin/head

[head -n 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/grep

[grep x-scheme-handler/https= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]

/usr/bin/head

[head -n 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/grep

[grep x-scheme-handler/https= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]

/usr/bin/head

[head -n 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/grep

[grep x-scheme-handler/https= /usr/share//applications/defaults.list /usr/share//applications/mimeinfo.cache]

/usr/bin/head

[head -n 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/head

[head -n 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/grep

[grep x-scheme-handler/https= /usr/share//applications/defaults.list /usr/share//applications/mimeinfo.cache]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/sed

[sed s/:/ /g]

/usr/bin/grep

[grep -l x-scheme-handler/https; /.local/share/applications/*.desktop]

/usr/bin/grep

[grep -l x-scheme-handler/https; /usr/local/share//applications/*.desktop]

/usr/bin/grep

[grep -l x-scheme-handler/https; /usr/share//applications/apport-gtk.desktop /usr/share//applications/bluetooth-sendto.desktop /usr/share//applications/display-im6.q16.desktop /usr/share//applications/gcr-prompter.desktop /usr/share//applications/gcr-viewer.desktop /usr/share//applications/geoclue-demo-agent.desktop /usr/share//applications/gkbd-keyboard-display.desktop /usr/share//applications/gnome-about-panel.desktop /usr/share//applications/gnome-applications-panel.desktop /usr/share//applications/gnome-background-panel.desktop /usr/share//applications/gnome-bluetooth-panel.desktop /usr/share//applications/gnome-color-panel.desktop /usr/share//applications/gnome-datetime-panel.desktop /usr/share//applications/gnome-disk-image-mounter.desktop /usr/share//applications/gnome-disk-image-writer.desktop /usr/share//applications/gnome-display-panel.desktop /usr/share//applications/gnome-initial-setup.desktop /usr/share//applications/gnome-keyboard-panel.desktop /usr/share//applications/gnome-language-selector.desktop /usr/share//applications/gnome-mouse-panel.desktop /usr/share//applications/gnome-multitasking-panel.desktop /usr/share//applications/gnome-network-panel.desktop /usr/share//applications/gnome-notifications-panel.desktop /usr/share//applications/gnome-online-accounts-panel.desktop /usr/share//applications/gnome-power-panel.desktop /usr/share//applications/gnome-printers-panel.desktop /usr/share//applications/gnome-privacy-panel.desktop /usr/share//applications/gnome-region-panel.desktop /usr/share//applications/gnome-search-panel.desktop /usr/share//applications/gnome-session-properties.desktop /usr/share//applications/gnome-sharing-panel.desktop /usr/share//applications/gnome-sound-panel.desktop /usr/share//applications/gnome-system-monitor-kde.desktop /usr/share//applications/gnome-system-panel.desktop /usr/share//applications/gnome-ubuntu-panel.desktop /usr/share//applications/gnome-universal-access-panel.desktop /usr/share//applications/gnome-users-panel.desktop /usr/share//applications/gnome-wacom-panel.desktop /usr/share//applications/gnome-wifi-panel.desktop /usr/share//applications/gnome-wwan-panel.desktop /usr/share//applications/hplj1020.desktop /usr/share//applications/ibus-setup-table.desktop /usr/share//applications/im-config.desktop /usr/share//applications/io.snapcraft.SessionAgent.desktop /usr/share//applications/libreoffice-calc.desktop /usr/share//applications/libreoffice-draw.desktop /usr/share//applications/libreoffice-impress.desktop /usr/share//applications/libreoffice-math.desktop /usr/share//applications/libreoffice-startcenter.desktop /usr/share//applications/libreoffice-writer.desktop /usr/share//applications/libreoffice-xsltfilter.desktop /usr/share//applications/nautilus-autorun-software.desktop /usr/share//applications/nm-applet.desktop /usr/share//applications/nm-connection-editor.desktop /usr/share//applications/org.freedesktop.IBus.Panel.Emojier.desktop /usr/share//applications/org.freedesktop.IBus.Panel.Extension.Gtk3.desktop /usr/share//applications/org.freedesktop.IBus.Panel.Wayland.Gtk3.desktop /usr/share//applications/org.freedesktop.IBus.Setup.desktop /usr/share//applications/org.freedesktop.Xwayland.desktop /usr/share//applications/org.gnome.Calculator.desktop /usr/share//applications/org.gnome.Calendar.desktop /usr/share//applications/org.gnome.Characters.desktop /usr/share//applications/org.gnome.DejaDup.desktop /usr/share//applications/org.gnome.DiskUtility.desktop /usr/share//applications/org.gnome.Evince-previewer.desktop /usr/share//applications/org.gnome.Evince.desktop /usr/share//applications/org.gnome.Evolution-alarm-notify.desktop /usr/share//applications/org.gnome.FileRoller.desktop /usr/share//applications/org.gnome.Logs.desktop /usr/share//applications/org.gnome.Nautilus.desktop /usr/share//applications/org.gnome.OnlineAccounts.OAuth2.desktop /usr/share//applications/org.gnome.PowerStats.desktop /usr/share//applications/org.gnome.RemoteDesktop.Handover.desktop /usr/share//applications/org.gnome.Rhythmbox3.desktop /usr/share//applications/org.gnome.Rhythmbox3.device.desktop /usr/share//applications/org.gnome.Settings.desktop /usr/share//applications/org.gnome.Shell.Extensions.desktop /usr/share//applications/org.gnome.Shell.PortalHelper.desktop /usr/share//applications/org.gnome.Shell.desktop /usr/share//applications/org.gnome.Shotwell-Viewer.desktop /usr/share//applications/org.gnome.Shotwell.Auth.desktop /usr/share//applications/org.gnome.Shotwell.desktop /usr/share//applications/org.gnome.Snapshot.desktop /usr/share//applications/org.gnome.SystemMonitor.desktop /usr/share//applications/org.gnome.Tecla.desktop /usr/share//applications/org.gnome.Terminal.Preferences.desktop /usr/share//applications/org.gnome.Terminal.desktop /usr/share//applications/org.gnome.TextEditor.desktop /usr/share//applications/org.gnome.Totem.desktop /usr/share//applications/org.gnome.Zenity.desktop /usr/share//applications/org.gnome.baobab.desktop /usr/share//applications/org.gnome.clocks.desktop /usr/share//applications/org.gnome.eog.desktop /usr/share//applications/org.gnome.evolution-data-server.OAuth2-handler.desktop /usr/share//applications/org.gnome.font-viewer.desktop /usr/share//applications/org.gnome.seahorse.Application.desktop /usr/share//applications/org.remmina.Remmina-file.desktop /usr/share//applications/org.remmina.Remmina.desktop /usr/share//applications/python3.12.desktop /usr/share//applications/remmina-gnome.desktop /usr/share//applications/rygel.desktop /usr/share//applications/simple-scan.desktop /usr/share//applications/snap-handle-link.desktop /usr/share//applications/software-properties-drivers.desktop /usr/share//applications/software-properties-gtk.desktop /usr/share//applications/software-properties-livepatch.desktop /usr/share//applications/thunderbird.desktop /usr/share//applications/transmission-gtk.desktop /usr/share//applications/update-manager.desktop /usr/share//applications/usb-creator-gtk.desktop /usr/share//applications/xdg-desktop-portal-gnome.desktop /usr/share//applications/xdg-desktop-portal-gtk.desktop /usr/share//applications/yelp.desktop]

/usr/bin/grep

[grep -q %s]

/usr/bin/x-www-browser

[x-www-browser https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5]

/usr/bin/xdg-settings

[xdg-settings get default-web-browser]

/usr/bin/dbus-send

[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]

/usr/bin/dbus-launch

[dbus-launch --autolaunch 36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/usr/bin/xprop

[xprop -root _DT_SAVE_MODE]

/usr/bin/grep

[grep = \"xfce4\"$]

/usr/bin/xprop

[xprop -root]

/usr/bin/grep

[grep -i ^xfce_desktop_window]

/usr/bin/grep

[grep -q ^Enlightenment]

/usr/bin/uname

[uname]

/usr/bin/xdg-mime

[xdg-mime query default x-scheme-handler/http]

/usr/bin/dbus-send

[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]

/usr/bin/dbus-launch

[dbus-launch --autolaunch 36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/usr/bin/xprop

[xprop -root _DT_SAVE_MODE]

/usr/bin/grep

[grep = \"xfce4\"$]

/usr/bin/xprop

[xprop -root]

/usr/bin/grep

[grep -i ^xfce_desktop_window]

/usr/bin/grep

[grep -q ^Enlightenment]

/usr/bin/uname

[uname]

/usr/bin/sed

[sed s/:/ /g]

/usr/bin/grep

[grep x-scheme-handler/http= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]

/usr/bin/head

[head -n 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/grep

[grep x-scheme-handler/http= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]

/usr/bin/head

[head -n 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/grep

[grep x-scheme-handler/http= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]

/usr/bin/head

[head -n 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/grep

[grep x-scheme-handler/http= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]

/usr/bin/head

[head -n 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/grep

[grep x-scheme-handler/http= /usr/share//applications/defaults.list /usr/share//applications/mimeinfo.cache]

/usr/bin/head

[head -n 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/grep

[grep x-scheme-handler/http= /usr/share//applications/defaults.list /usr/share//applications/mimeinfo.cache]

/usr/bin/head

[head -n 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/sed

[sed s/:/ /g]

/usr/bin/grep

[grep -l x-scheme-handler/http; /.local/share/applications/*.desktop]

/usr/bin/grep

[grep -l x-scheme-handler/http; /usr/local/share//applications/*.desktop]

/usr/bin/grep

[grep -l x-scheme-handler/http; /usr/share//applications/apport-gtk.desktop /usr/share//applications/bluetooth-sendto.desktop /usr/share//applications/display-im6.q16.desktop /usr/share//applications/gcr-prompter.desktop /usr/share//applications/gcr-viewer.desktop /usr/share//applications/geoclue-demo-agent.desktop /usr/share//applications/gkbd-keyboard-display.desktop /usr/share//applications/gnome-about-panel.desktop /usr/share//applications/gnome-applications-panel.desktop /usr/share//applications/gnome-background-panel.desktop /usr/share//applications/gnome-bluetooth-panel.desktop /usr/share//applications/gnome-color-panel.desktop /usr/share//applications/gnome-datetime-panel.desktop /usr/share//applications/gnome-disk-image-mounter.desktop /usr/share//applications/gnome-disk-image-writer.desktop /usr/share//applications/gnome-display-panel.desktop /usr/share//applications/gnome-initial-setup.desktop /usr/share//applications/gnome-keyboard-panel.desktop /usr/share//applications/gnome-language-selector.desktop /usr/share//applications/gnome-mouse-panel.desktop /usr/share//applications/gnome-multitasking-panel.desktop /usr/share//applications/gnome-network-panel.desktop /usr/share//applications/gnome-notifications-panel.desktop /usr/share//applications/gnome-online-accounts-panel.desktop /usr/share//applications/gnome-power-panel.desktop /usr/share//applications/gnome-printers-panel.desktop /usr/share//applications/gnome-privacy-panel.desktop /usr/share//applications/gnome-region-panel.desktop /usr/share//applications/gnome-search-panel.desktop /usr/share//applications/gnome-session-properties.desktop /usr/share//applications/gnome-sharing-panel.desktop /usr/share//applications/gnome-sound-panel.desktop /usr/share//applications/gnome-system-monitor-kde.desktop /usr/share//applications/gnome-system-panel.desktop /usr/share//applications/gnome-ubuntu-panel.desktop /usr/share//applications/gnome-universal-access-panel.desktop /usr/share//applications/gnome-users-panel.desktop /usr/share//applications/gnome-wacom-panel.desktop /usr/share//applications/gnome-wifi-panel.desktop /usr/share//applications/gnome-wwan-panel.desktop /usr/share//applications/hplj1020.desktop /usr/share//applications/ibus-setup-table.desktop /usr/share//applications/im-config.desktop /usr/share//applications/io.snapcraft.SessionAgent.desktop /usr/share//applications/libreoffice-calc.desktop /usr/share//applications/libreoffice-draw.desktop /usr/share//applications/libreoffice-impress.desktop /usr/share//applications/libreoffice-math.desktop /usr/share//applications/libreoffice-startcenter.desktop /usr/share//applications/libreoffice-writer.desktop /usr/share//applications/libreoffice-xsltfilter.desktop /usr/share//applications/nautilus-autorun-software.desktop /usr/share//applications/nm-applet.desktop /usr/share//applications/nm-connection-editor.desktop /usr/share//applications/org.freedesktop.IBus.Panel.Emojier.desktop /usr/share//applications/org.freedesktop.IBus.Panel.Extension.Gtk3.desktop /usr/share//applications/org.freedesktop.IBus.Panel.Wayland.Gtk3.desktop /usr/share//applications/org.freedesktop.IBus.Setup.desktop /usr/share//applications/org.freedesktop.Xwayland.desktop /usr/share//applications/org.gnome.Calculator.desktop /usr/share//applications/org.gnome.Calendar.desktop /usr/share//applications/org.gnome.Characters.desktop /usr/share//applications/org.gnome.DejaDup.desktop /usr/share//applications/org.gnome.DiskUtility.desktop /usr/share//applications/org.gnome.Evince-previewer.desktop /usr/share//applications/org.gnome.Evince.desktop /usr/share//applications/org.gnome.Evolution-alarm-notify.desktop /usr/share//applications/org.gnome.FileRoller.desktop /usr/share//applications/org.gnome.Logs.desktop /usr/share//applications/org.gnome.Nautilus.desktop /usr/share//applications/org.gnome.OnlineAccounts.OAuth2.desktop /usr/share//applications/org.gnome.PowerStats.desktop /usr/share//applications/org.gnome.RemoteDesktop.Handover.desktop /usr/share//applications/org.gnome.Rhythmbox3.desktop /usr/share//applications/org.gnome.Rhythmbox3.device.desktop /usr/share//applications/org.gnome.Settings.desktop /usr/share//applications/org.gnome.Shell.Extensions.desktop /usr/share//applications/org.gnome.Shell.PortalHelper.desktop /usr/share//applications/org.gnome.Shell.desktop /usr/share//applications/org.gnome.Shotwell-Viewer.desktop /usr/share//applications/org.gnome.Shotwell.Auth.desktop /usr/share//applications/org.gnome.Shotwell.desktop /usr/share//applications/org.gnome.Snapshot.desktop /usr/share//applications/org.gnome.SystemMonitor.desktop /usr/share//applications/org.gnome.Tecla.desktop /usr/share//applications/org.gnome.Terminal.Preferences.desktop /usr/share//applications/org.gnome.Terminal.desktop /usr/share//applications/org.gnome.TextEditor.desktop /usr/share//applications/org.gnome.Totem.desktop /usr/share//applications/org.gnome.Zenity.desktop /usr/share//applications/org.gnome.baobab.desktop /usr/share//applications/org.gnome.clocks.desktop /usr/share//applications/org.gnome.eog.desktop /usr/share//applications/org.gnome.evolution-data-server.OAuth2-handler.desktop /usr/share//applications/org.gnome.font-viewer.desktop /usr/share//applications/org.gnome.seahorse.Application.desktop /usr/share//applications/org.remmina.Remmina-file.desktop /usr/share//applications/org.remmina.Remmina.desktop /usr/share//applications/python3.12.desktop /usr/share//applications/remmina-gnome.desktop /usr/share//applications/rygel.desktop /usr/share//applications/simple-scan.desktop /usr/share//applications/snap-handle-link.desktop /usr/share//applications/software-properties-drivers.desktop /usr/share//applications/software-properties-gtk.desktop /usr/share//applications/software-properties-livepatch.desktop /usr/share//applications/thunderbird.desktop /usr/share//applications/transmission-gtk.desktop /usr/share//applications/update-manager.desktop /usr/share//applications/usb-creator-gtk.desktop /usr/share//applications/xdg-desktop-portal-gnome.desktop /usr/share//applications/xdg-desktop-portal-gtk.desktop /usr/share//applications/yelp.desktop]

/usr/bin/gsettings

[gsettings get org.gnome.shell favorite-apps]

/usr/bin/grep

[grep -q 'firefox.desktop']

/usr/bin/gsettings

[gsettings get com.canonical.Unity.Launcher favorites]

/usr/bin/grep

[grep -q 'application://firefox.desktop']

/usr/bin/gsettings

[gsettings get org.mate.panel object-id-list]

/usr/bin/which

[which qdbus]

/snap/bin/firefox

[/snap/bin/firefox https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5]

/snap/snapd/current/usr/bin/snap

[/snap/bin/firefox https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5]

/snap/snapd/21759/usr/lib/snapd/snap-seccomp

[/snap/snapd/21759/usr/lib/snapd/snap-seccomp version-info]

/snap/snapd/21759/usr/lib/snapd/snap-confine

[/snap/snapd/21759/usr/lib/snapd/snap-confine --base core22 snap.firefox.firefox /usr/lib/snapd/snap-exec firefox https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5]

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 location.services.mozilla.com udp
US 8.8.8.8:53 location.services.mozilla.com udp
US 8.8.8.8:53 prod.classify-client.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 35.190.72.216:443 location.services.mozilla.com tcp
US 8.8.8.8:53 r10.o.lencr.org udp
US 8.8.8.8:53 r10.o.lencr.org udp
GB 2.22.144.142:80 r10.o.lencr.org tcp
GB 2.22.144.142:80 r10.o.lencr.org tcp
GB 2.22.144.142:80 r10.o.lencr.org tcp
US 35.190.72.216:443 location.services.mozilla.com udp
US 8.8.8.8:53 webminer.pages.dev udp
US 8.8.8.8:53 webminer.pages.dev udp
US 172.66.44.158:443 webminer.pages.dev tcp
US 34.107.221.82:80 detectportal.firefox.com tcp
US 8.8.8.8:53 www.mozilla.org udp
US 8.8.8.8:53 www.mozilla.org udp
US 8.8.8.8:53 www.mozorg.moz.works udp
GB 143.204.72.186:443 www.mozilla.org tcp
US 34.107.221.82:80 detectportal.firefox.com tcp
US 8.8.8.8:53 example.org udp
US 8.8.8.8:53 example.org udp
US 8.8.8.8:53 ipv4only.arpa udp
US 8.8.8.8:53 ipv4only.arpa udp
US 8.8.8.8:53 ipv4only.arpa udp
US 172.66.44.158:443 webminer.pages.dev udp
US 8.8.8.8:53 spocs.getpocket.com udp
US 8.8.8.8:53 spocs.getpocket.com udp
US 8.8.8.8:53 firefox-api-proxy.cdn.mozilla.net udp
US 8.8.8.8:53 firefox-api-proxy.cdn.mozilla.net udp
US 8.8.8.8:53 prod.ads.prod.webservices.mozgcp.net udp
US 34.149.97.1:443 firefox-api-proxy.cdn.mozilla.net tcp
US 8.8.8.8:53 r11.o.lencr.org udp
US 8.8.8.8:53 r11.o.lencr.org udp
GB 2.22.144.142:80 r11.o.lencr.org tcp
US 8.8.8.8:53 o.pki.goog udp
US 8.8.8.8:53 o.pki.goog udp
GB 142.250.178.3:80 o.pki.goog tcp
US 34.149.97.1:443 firefox-api-proxy.cdn.mozilla.net udp
US 8.8.8.8:53 tiles-cdn.prod.ads.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 tiles-cdn.prod.ads.prod.webservices.mozgcp.net udp
US 34.36.165.17:443 tiles-cdn.prod.ads.prod.webservices.mozgcp.net tcp
US 34.36.165.17:443 tiles-cdn.prod.ads.prod.webservices.mozgcp.net tcp
US 34.36.165.17:443 tiles-cdn.prod.ads.prod.webservices.mozgcp.net tcp
GB 2.22.144.142:80 r11.o.lencr.org tcp
GB 2.22.144.142:80 r11.o.lencr.org tcp
US 8.8.8.8:53 img-getpocket.cdn.mozilla.net udp
US 8.8.8.8:53 img-getpocket.cdn.mozilla.net udp
US 34.120.237.76:443 img-getpocket.cdn.mozilla.net tcp
US 34.120.237.76:443 img-getpocket.cdn.mozilla.net tcp
US 34.120.237.76:443 img-getpocket.cdn.mozilla.net tcp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
GB 2.22.144.142:80 r11.o.lencr.org tcp
US 8.8.8.8:53 telemetry-incoming.r53-2.services.mozilla.com udp
US 8.8.8.8:53 tracking-protection.cdn.mozilla.net udp
US 8.8.8.8:53 tracking-protection.cdn.mozilla.net udp
US 8.8.8.8:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 8.8.8.8:53 retired-jorey-malphite-node.koyeb.app udp
US 8.8.8.8:53 retired-jorey-malphite-node.koyeb.app udp
US 8.8.8.8:53 getpocket.com udp
US 8.8.8.8:53 getpocket.com udp
US 8.8.8.8:53 www.mozorg.moz.works udp
US 8.8.8.8:53 www.amazon.co.uk udp
US 8.8.8.8:53 www.amazon.co.uk udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 8.8.8.8:53 uk.hotels.com udp
US 8.8.8.8:53 uk.hotels.com udp
US 8.8.8.8:53 www.vodafone.co.uk udp
US 8.8.8.8:53 www.vodafone.co.uk udp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 www.facebook.com udp
US 8.8.8.8:53 www.facebook.com udp
US 34.149.97.1:443 firefox-api-proxy.cdn.mozilla.net udp
US 104.22.78.190:443 retired-jorey-malphite-node.koyeb.app tcp
US 8.8.8.8:53 www.reddit.com udp
US 8.8.8.8:53 www.reddit.com udp
US 8.8.8.8:53 www-live.waf.digital-prod.vodafoneaws.co.uk udp
US 8.8.8.8:53 www.bbc.co.uk udp
US 8.8.8.8:53 www.bbc.co.uk udp
US 8.8.8.8:53 www.ebay.co.uk udp
US 8.8.8.8:53 www.ebay.co.uk udp
US 8.8.8.8:53 bbc.map.fastly.net udp
US 8.8.8.8:53 e11847.a.akamaiedge.net udp
US 104.22.78.190:443 retired-jorey-malphite-node.koyeb.app tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 8.8.8.8:53 normandy.cdn.mozilla.net udp
US 8.8.8.8:53 normandy.cdn.mozilla.net udp
US 8.8.8.8:53 normandy-cdn.services.mozilla.com udp
US 35.201.103.21:443 normandy.cdn.mozilla.net tcp
US 104.22.78.190:443 retired-jorey-malphite-node.koyeb.app udp
US 104.22.78.190:443 retired-jorey-malphite-node.koyeb.app tcp
US 8.8.8.8:53 classify-client.services.mozilla.com udp
US 8.8.8.8:53 classify-client.services.mozilla.com udp
US 8.8.8.8:53 prod-classifyclient.normandy.prod.cloudops.mozgcp.net udp
US 34.98.75.36:443 classify-client.services.mozilla.com tcp
US 8.8.8.8:53 firefox-settings-attachments.cdn.mozilla.net udp
US 8.8.8.8:53 firefox-settings-attachments.cdn.mozilla.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 8.8.8.8:53 attachments.prod.remote-settings.prod.webservices.mozgcp.net udp
US 34.117.121.53:443 firefox-settings-attachments.cdn.mozilla.net tcp
US 34.117.121.53:443 firefox-settings-attachments.cdn.mozilla.net tcp
US 8.8.8.8:53 attachments.prod.remote-settings.prod.webservices.mozgcp.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 34.117.121.53:443 firefox-settings-attachments.cdn.mozilla.net tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 8.8.8.8:53 dmv2chczz9u6u.cloudfront.net udp
US 8.8.8.8:53 www-live.waf.digital-prod.vodafoneaws.co.uk udp
US 8.8.8.8:53 reddit.map.fastly.net udp
US 8.8.8.8:53 bbc.map.fastly.net udp
US 8.8.8.8:53 getpocket.com udp
US 8.8.8.8:53 www.mozorg.moz.works udp
US 8.8.8.8:53 foundation.mozilla.org udp
US 8.8.8.8:53 foundation.mozilla.org udp
US 8.8.8.8:53 www.nationalgeographic.com udp
US 8.8.8.8:53 www.nationalgeographic.com udp
US 8.8.8.8:53 e11847.a.akamaiedge.net udp
US 8.8.8.8:53 www-cdn.natgeofe.com udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 8.8.8.8:53 ipv4only.arpa udp
US 8.8.8.8:53 ipv4only.arpa udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 8.8.8.8:53 www.fastcompany.com udp
US 8.8.8.8:53 www.fastcompany.com udp
US 8.8.8.8:53 metro.co.uk udp
US 8.8.8.8:53 metro.co.uk udp
US 8.8.8.8:53 mansueto.map.fastly.net udp
US 8.8.8.8:53 forms.bootshearingcare.com udp
US 8.8.8.8:53 forms.bootshearingcare.com udp
US 8.8.8.8:53 www.smithsonianmag.com udp
US 8.8.8.8:53 www.smithsonianmag.com udp
US 8.8.8.8:53 firefoxsponsoredcontent.ampxdirect.com udp
US 8.8.8.8:53 firefoxsponsoredcontent.ampxdirect.com udp
US 8.8.8.8:53 english.elpais.com udp
US 8.8.8.8:53 english.elpais.com udp
US 8.8.8.8:53 adlanding.admarketplace.net.akadns.net udp
US 8.8.8.8:53 www.thecut.com udp
US 8.8.8.8:53 www.thecut.com udp
US 8.8.8.8:53 www.esquire.com udp
US 8.8.8.8:53 www.esquire.com udp
US 8.8.8.8:53 hearst-hdm.map.fastly.net udp
US 8.8.8.8:53 www.wired.com udp
US 8.8.8.8:53 www.wired.com udp
US 8.8.8.8:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 ciscobinary.openh264.org udp
US 8.8.8.8:53 ciscobinary.openh264.org udp
US 8.8.8.8:53 www.bbc.com udp
US 8.8.8.8:53 www.bbc.com udp
US 8.8.8.8:53 inews.co.uk udp
US 8.8.8.8:53 inews.co.uk udp
US 8.8.8.8:53 bbc.map.fastly.net udp
US 8.8.8.8:53 www.teenvogue.com udp
US 8.8.8.8:53 www.vox.com udp
US 8.8.8.8:53 www.vox.com udp
US 8.8.8.8:53 n.sni.global.fastly.net udp
US 8.8.8.8:53 thereader.mitpress.mit.edu udp
US 8.8.8.8:53 thereader.mitpress.mit.edu udp
US 1.1.1.1:53 ciscobinary.openh264.org udp
US 1.1.1.1:53 a19.dscg10.akamai.net udp
GB 88.221.134.155:80 ciscobinary.openh264.org tcp
US 1.1.1.1:53 www.popsci.com udp
US 1.1.1.1:53 www.popsci.com udp
US 1.1.1.1:53 services.addons.mozilla.org udp
US 1.1.1.1:53 services.addons.mozilla.org udp
GB 18.245.162.43:443 services.addons.mozilla.org tcp
US 1.1.1.1:53 versioncheck-bg.addons.mozilla.org udp
US 1.1.1.1:53 versioncheck-bg.addons.mozilla.org udp
US 34.160.90.233:443 versioncheck-bg.addons.mozilla.org tcp
US 34.160.90.233:443 versioncheck-bg.addons.mozilla.org udp
US 1.1.1.1:53 ipv4only.arpa udp
US 1.1.1.1:53 ipv4only.arpa udp
US 1.1.1.1:53 ipv4only.arpa udp
US 1.1.1.1:53 safebrowsing.googleapis.com udp
US 1.1.1.1:53 safebrowsing.googleapis.com udp
GB 142.250.187.234:443 safebrowsing.googleapis.com tcp
GB 142.250.187.234:443 safebrowsing.googleapis.com tcp
US 1.1.1.1:53 o.pki.goog udp
US 1.1.1.1:53 o.pki.goog udp
GB 142.250.179.227:80 o.pki.goog tcp
GB 142.250.179.227:80 o.pki.goog tcp
GB 142.250.187.234:443 safebrowsing.googleapis.com udp
US 1.1.1.1:53 _http._tcp.archive.ubuntu.com udp
US 1.1.1.1:53 archive.ubuntu.com udp
US 1.1.1.1:53 archive.ubuntu.com udp
GB 185.125.190.81:80 archive.ubuntu.com tcp
US 1.1.1.1:53 _http._tcp.security.ubuntu.com udp
US 1.1.1.1:53 security.ubuntu.com udp
US 1.1.1.1:53 security.ubuntu.com udp
US 91.189.91.81:80 security.ubuntu.com tcp
GB 185.125.190.81:80 security.ubuntu.com tcp
US 1.1.1.1:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 1.1.1.1:53 firefox-settings-attachments.cdn.mozilla.net udp
US 1.1.1.1:53 firefox-settings-attachments.cdn.mozilla.net udp
US 1.1.1.1:53 attachments.prod.remote-settings.prod.webservices.mozgcp.net udp
US 34.117.121.53:443 firefox-settings-attachments.cdn.mozilla.net tcp
US 34.117.121.53:443 firefox-settings-attachments.cdn.mozilla.net tcp
US 1.1.1.1:53 img-getpocket.cdn.mozilla.net udp
US 1.1.1.1:53 img-getpocket.cdn.mozilla.net udp
US 34.120.237.76:443 img-getpocket.cdn.mozilla.net tcp
GB 142.250.187.234:443 safebrowsing.googleapis.com tcp
US 1.1.1.1:53 getpocket.com udp
US 1.1.1.1:53 getpocket.com udp
US 1.1.1.1:53 www.fastcompany.com udp
US 1.1.1.1:53 metro.co.uk udp
US 1.1.1.1:53 metro.co.uk udp
US 1.1.1.1:53 www.smithsonianmag.com udp
US 1.1.1.1:53 www.smithsonianmag.com udp
US 1.1.1.1:53 english.elpais.com udp
US 1.1.1.1:53 english.elpais.com udp
US 1.1.1.1:53 www.thecut.com udp
US 1.1.1.1:53 www.thecut.com udp
US 1.1.1.1:53 www.esquire.com udp
US 1.1.1.1:53 www.esquire.com udp
US 1.1.1.1:53 www.wired.com udp
US 1.1.1.1:53 www.wired.com udp
US 1.1.1.1:53 www.bbc.com udp
US 1.1.1.1:53 www.bbc.com udp
US 1.1.1.1:53 mansueto.map.fastly.net udp
US 1.1.1.1:53 inews.co.uk udp
US 1.1.1.1:53 inews.co.uk udp
US 1.1.1.1:53 vmtls-np.map.fastly.net udp
US 1.1.1.1:53 gtm-live.pri.bbc.co.uk udp
US 1.1.1.1:53 www.teenvogue.com udp
US 1.1.1.1:53 hearst-hdm.map.fastly.net udp
US 1.1.1.1:53 www.teenvogue.com udp
US 1.1.1.1:53 www.vox.com udp
US 1.1.1.1:53 www.vox.com udp
US 1.1.1.1:53 thereader.mitpress.mit.edu udp
US 1.1.1.1:53 thereader.mitpress.mit.edu udp
US 1.1.1.1:53 www.popsci.com udp
US 1.1.1.1:53 www.popsci.com udp
US 1.1.1.1:53 foundation.mozilla.org udp
US 1.1.1.1:53 foundation.mozilla.org udp
US 1.1.1.1:53 n.sni.global.fastly.net udp
US 8.8.8.8:53 n.sni.global.fastly.net udp
US 8.8.8.8:53 api.snapcraft.io udp
US 8.8.8.8:53 api.snapcraft.io udp
GB 185.125.188.58:443 api.snapcraft.io tcp
US 8.8.8.8:53 api.snapcraft.io udp
GB 185.125.188.54:443 api.snapcraft.io tcp
US 8.8.8.8:53 canonical-bos01.cdn.snapcraftcontent.com udp
US 8.8.8.8:53 canonical-bos01.cdn.snapcraftcontent.com udp
US 91.189.91.43:443 canonical-bos01.cdn.snapcraftcontent.com tcp
US 8.8.8.8:53 api.snapcraft.io udp
US 1.1.1.1:53 api.snapcraft.io udp
US 1.1.1.1:53 api.snapcraft.io udp
US 1.1.1.1:53 api.snapcraft.io udp
GB 185.125.188.54:443 api.snapcraft.io tcp
US 8.8.8.8:53 api.snapcraft.io udp
GB 185.125.188.54:443 api.snapcraft.io tcp
US 8.8.8.8:53 canonical-bos01.cdn.snapcraftcontent.com udp
US 8.8.8.8:53 canonical-bos01.cdn.snapcraftcontent.com udp
US 91.189.91.43:443 canonical-bos01.cdn.snapcraftcontent.com tcp
US 8.8.8.8:53 api.snapcraft.io udp
US 8.8.8.8:53 api.snapcraft.io udp
GB 185.125.188.58:443 api.snapcraft.io tcp
US 8.8.8.8:53 api.snapcraft.io udp
US 8.8.8.8:53 api.snapcraft.io udp
GB 185.125.188.54:443 api.snapcraft.io tcp
US 8.8.8.8:53 safebrowsing.googleapis.com udp
US 8.8.8.8:53 safebrowsing.googleapis.com udp
GB 142.250.179.234:443 safebrowsing.googleapis.com tcp
US 8.8.8.8:53 telemetry-incoming.r53-2.services.mozilla.com udp

Files

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-08-31 10:45

Reported

2024-08-31 11:31

Platform

win7-20240729-en

Max time kernel

2693s

Max time network

2650s

Command Line

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5

Signatures

Browser Information Discovery

discovery

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 3036 wrote to memory of 1660 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3036 wrote to memory of 1660 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3036 wrote to memory of 1660 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3036 wrote to memory of 2808 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3036 wrote to memory of 2808 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3036 wrote to memory of 2808 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3036 wrote to memory of 2808 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3036 wrote to memory of 2808 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3036 wrote to memory of 2808 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3036 wrote to memory of 2808 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3036 wrote to memory of 2808 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3036 wrote to memory of 2808 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3036 wrote to memory of 2808 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3036 wrote to memory of 2808 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3036 wrote to memory of 2808 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3036 wrote to memory of 2808 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3036 wrote to memory of 2808 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3036 wrote to memory of 2808 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3036 wrote to memory of 2808 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3036 wrote to memory of 2808 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3036 wrote to memory of 2808 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3036 wrote to memory of 2808 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3036 wrote to memory of 2808 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3036 wrote to memory of 2808 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3036 wrote to memory of 2808 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3036 wrote to memory of 2808 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3036 wrote to memory of 2808 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3036 wrote to memory of 2808 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3036 wrote to memory of 2808 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3036 wrote to memory of 2808 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3036 wrote to memory of 2808 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3036 wrote to memory of 2808 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3036 wrote to memory of 2808 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3036 wrote to memory of 2808 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3036 wrote to memory of 2808 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3036 wrote to memory of 2808 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3036 wrote to memory of 2808 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3036 wrote to memory of 2808 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3036 wrote to memory of 2808 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3036 wrote to memory of 2808 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3036 wrote to memory of 2808 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3036 wrote to memory of 2808 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3036 wrote to memory of 524 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3036 wrote to memory of 524 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3036 wrote to memory of 524 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3036 wrote to memory of 2664 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3036 wrote to memory of 2664 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3036 wrote to memory of 2664 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3036 wrote to memory of 2664 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3036 wrote to memory of 2664 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3036 wrote to memory of 2664 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3036 wrote to memory of 2664 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3036 wrote to memory of 2664 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3036 wrote to memory of 2664 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3036 wrote to memory of 2664 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3036 wrote to memory of 2664 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3036 wrote to memory of 2664 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3036 wrote to memory of 2664 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3036 wrote to memory of 2664 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3036 wrote to memory of 2664 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3036 wrote to memory of 2664 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3036 wrote to memory of 2664 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3036 wrote to memory of 2664 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3036 wrote to memory of 2664 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef7689758,0x7fef7689768,0x7fef7689778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1136 --field-trial-handle=1316,i,5866218481639213542,18337138888476356461,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1548 --field-trial-handle=1316,i,5866218481639213542,18337138888476356461,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1616 --field-trial-handle=1316,i,5866218481639213542,18337138888476356461,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2276 --field-trial-handle=1316,i,5866218481639213542,18337138888476356461,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2292 --field-trial-handle=1316,i,5866218481639213542,18337138888476356461,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1464 --field-trial-handle=1316,i,5866218481639213542,18337138888476356461,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3788 --field-trial-handle=1316,i,5866218481639213542,18337138888476356461,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3624 --field-trial-handle=1316,i,5866218481639213542,18337138888476356461,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3508 --field-trial-handle=1316,i,5866218481639213542,18337138888476356461,131072 /prefetch:8

Network

Country Destination Domain Proto
US 8.8.8.8:53 webminer.pages.dev udp
US 172.66.47.98:443 webminer.pages.dev tcp
US 172.66.47.98:443 webminer.pages.dev tcp
US 172.66.47.98:443 webminer.pages.dev udp
US 8.8.8.8:53 retired-jorey-malphite-node.koyeb.app udp
US 8.8.8.8:53 smiling-tilda-mono.koyeb.app udp
US 172.67.24.44:443 smiling-tilda-mono.koyeb.app tcp
US 104.22.79.190:443 smiling-tilda-mono.koyeb.app tcp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 142.250.200.42:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 apps.identrust.com udp
GB 2.22.144.152:80 apps.identrust.com tcp
GB 2.22.144.152:80 apps.identrust.com tcp
N/A 224.0.0.251:5353 udp
US 104.22.79.190:443 smiling-tilda-mono.koyeb.app tcp
US 172.67.24.44:443 smiling-tilda-mono.koyeb.app tcp

Files

\??\pipe\crashpad_3036_FSRQRSJVPZDVEGHE

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000007.dbtmp

MD5 18e723571b00fb1694a3bad6c78e4054
SHA1 afcc0ef32d46fe59e0483f9a3c891d3034d12f32
SHA256 8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa
SHA512 43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

MD5 f50f89a0a91564d0b8a211f8921aa7de
SHA1 112403a17dd69d5b9018b8cede023cb3b54eab7d
SHA256 b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec
SHA512 bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

C:\Users\Admin\AppData\Local\Temp\Cab41D3.tmp

MD5 49aebf8cbd62d92ac215b2923fb1b9f5
SHA1 1723be06719828dda65ad804298d0431f6aff976
SHA256 b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f
SHA512 bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

C:\Users\Admin\AppData\Local\Temp\Tar432D.tmp

MD5 4ea6026cf93ec6338144661bf1202cd1
SHA1 a1dec9044f750ad887935a01430bf49322fbdcb7
SHA256 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8
SHA512 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 0a22048f999c75853552a92996f4d5d2
SHA1 4c632be50a3730b28c55d57a500bb10a7414e5ab
SHA256 4e5ba1c73b876907ce004f7a4f554517c49fea140cda5aa56f98417cdb4e56ae
SHA512 7f2e1522991094a41792cdf65bd1bea47c3d65c66bfa3f58a7ccf71dc9a01bfb0384995030785331f77ebe44db4fa70af45a74649e7f519fd0a7e8a72d781dc4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 9233219daa22abc4289ad0a77d476b08
SHA1 6a024c73932c7c3615c92bfc4b27e0dbde220c2e
SHA256 7f85e99a7f95c7b1ce5a99973e3ff2bcae8f6a1492230ade35e9363c45e65860
SHA512 4256ea21397c3b914834db605c73f9c8815129d0b75fbc902ddeaf6605d55919e1c3b6c1be1692b00cb93e483bd320ef75d091c6c799182bea673f4ca8cb7264

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 80e8ab5f63015a0e9a928e645982c02c
SHA1 caa98b5385e9aeae28b669190b72fff3ee0606bd
SHA256 ea44ff80b2c307acf756262d9b3210fca4aab752b213fafbacc16635b8052aed
SHA512 6b82b393ecb737a3ca54d9122c89053d2627059a18bcc703b414d7bcd33a27e1ed2bd8d7b0b33c6d576dafb2543a653eb9c6d4d016f0fd8b2a3380428f06f170

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ba081924d79fb5e6c61e229070f73c15
SHA1 b51bd19bae08c2b91aa13cd6de5c50d3ff137f6f
SHA256 a773bbf25226e41c6886e038362bcbec14ff6fc06691c526505299d513636886
SHA512 13b8d14f431b7177085ad20fd0bf593bc0e1842eefb29a45e8a6f3ca6a57733dcfffc124201f5a6491ab8ffb5ebca9eea5b9feddbfcad82d163d1e4a8940b357

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 4936e63eec857436f6ff1ff5fba192b1
SHA1 38fb80c8305417e9f2bf976e86c13f8db80eb9de
SHA256 ede58d804a73f8756fb38154fe980d2a1d4eab4e2b4f6e02903a6f32753a44bd
SHA512 c11925a34eeb7e658e55f9ebe792c30f691c2436ef5dce2c581ff429f0226cf2572e77c258b4bb6d1a7b386df755b7305b8ad78d12af1b73c7979f7c2c4bc11a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5c2b05db4d170cacb38769e15be41bc4
SHA1 0398749efa7e5c14233b6e917476c00a25cbe824
SHA256 26edb76fc94ce07ad24bc4bb8f91c2f4706e84cb38ee178fdcc6844dc7ea8743
SHA512 004728515d4db0f81ece2c66cafc7cb4285039af511d4b45695aa2fdaca78ae6880be5481f9a205fc37daf08ae1a10e1d485399771b059875cba9a9f73a590f4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 e385c185c848ce4858532c2b6d8594d5
SHA1 0c345ae6855841f34b3eff5cae6ab06b85787c69
SHA256 a37b4c430fb7e13beac506e0230aec5e708f221b60b3feb422856154e88e44e9
SHA512 50f082c5217dc3cc3017260d6ce1e56087b6505c6da94c5ce411c56f9518e8843f8d9d0949359577d2e23a4a437b1741555016f665e188a8c5a699fa2df80073

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\d93422fa-bb48-43f3-aaf5-24b3d99f5eb5.tmp

MD5 7c5c62af0371d2cbe72ed71aff65c71d
SHA1 d45b983e49ca55b8b6aa6e7b1ab101fb64f73c50
SHA256 243298d13276b54836fc2b96ff52cca281b6f35f990b2c3e61f49fa8e3e13b72
SHA512 25ed7e3f4bca559e639c0af9039b08c940cec78501b50762373256b5250f9579975e078e3a5ee5787099ff8c9ddcacf1cdf0b2b8ecfb9074810ee47c16759902

Analysis: behavioral9

Detonation Overview

Submitted

2024-08-31 10:45

Reported

2024-08-31 11:31

Platform

ubuntu1804-amd64-20240611-en

Max time kernel

1s

Max time network

2693s

Command Line

[xdg-open https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5]

Signatures

Enumerates kernel/hardware configuration

Description Indicator Process Target
File opened for reading /sys/bus/pci/devices/0000:00:01.1/device /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/class /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/class /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/class /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/device /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/vendor /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/irq /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/class /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/irq /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/vendor /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/vendor /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/device /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/class /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/device /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/irq /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/class /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/vendor /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/vendor /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/class /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/class /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/device /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/vendor /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/vendor /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/resource /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/irq /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/resource /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/device /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/vendor /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/class /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/irq /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/device /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/device /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/device /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/resource /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/resource /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/resource /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/class /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/resource /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/irq /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/resource /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/device /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/irq /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/resource /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/device /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/irq /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/irq /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/resource /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/irq /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/vendor /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/vendor /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/class /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/vendor /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/irq /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/vendor /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/vendor /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/class /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/vendor /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/vendor /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/class /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/irq /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/irq /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/class /usr/lib/firefox/firefox N/A

Reads runtime system information

Description Indicator Process Target
File opened for reading /proc/self/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/task/1610/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd /usr/bin/dbus-send N/A
File opened for reading /proc/self/fd /usr/bin/dbus-send N/A
File opened for reading /proc/filesystems /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /bin/sed N/A
File opened for reading /proc/self/task/1597/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /bin/sed N/A
File opened for reading /proc/filesystems /bin/sed N/A
File opened for reading /proc/filesystems /bin/sed N/A
File opened for reading /proc/filesystems /bin/sed N/A
File opened for reading /proc/self/task/1584/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/stat /usr/lib/firefox/firefox N/A

Processes

/usr/bin/xdg-open

[xdg-open https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5]

/usr/bin/dbus-send

[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]

/usr/bin/dbus-launch

[dbus-launch --autolaunch 11c67417355f45d397f6be11f62e85a6 --binary-syntax --close-stderr]

/bin/grep

[grep = \"xfce4\"$]

/usr/bin/xprop

[xprop -root _DT_SAVE_MODE]

/bin/grep

[grep -i ^xfce_desktop_window]

/usr/bin/xprop

[xprop -root]

/bin/grep

[grep -q ^Enlightenment]

/bin/uname

[uname]

/bin/grep

[grep -q ^file://]

/bin/egrep

[egrep -q ^[[:alpha:]+\.\-]+:]

/usr/local/sbin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/local/bin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/sbin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/bin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/sbin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/bin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/bin/sed

[sed -n s/\(^[[:alnum:]+\.-]*\):.*$/\1/p]

/usr/bin/xdg-mime

[xdg-mime query default x-scheme-handler/https]

/usr/bin/dbus-send

[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]

/usr/bin/dbus-launch

[dbus-launch --autolaunch 11c67417355f45d397f6be11f62e85a6 --binary-syntax --close-stderr]

/bin/grep

[grep = \"xfce4\"$]

/usr/bin/xprop

[xprop -root _DT_SAVE_MODE]

/bin/grep

[grep -i ^xfce_desktop_window]

/usr/bin/xprop

[xprop -root]

/bin/grep

[grep -q ^Enlightenment]

/bin/uname

[uname]

/bin/sed

[sed s/:/ /g]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/bin/grep

[grep x-scheme-handler/https= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/bin/grep

[grep x-scheme-handler/https= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/bin/grep

[grep x-scheme-handler/https= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/bin/grep

[grep x-scheme-handler/https= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/bin/grep

[grep x-scheme-handler/https= /usr/share//applications/defaults.list /usr/share//applications/mimeinfo.cache]

/bin/sed

[sed s/:/ /g]

/bin/sed

[sed -e s|-|/|]

/bin/sed

[sed -e s|-|/|]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/which

[which firefox]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/firefox

[/usr/bin/firefox https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5]

/usr/bin/which

[which /usr/bin/firefox]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5]

/bin/grep

[grep -q %s]

/usr/bin/x-www-browser

[x-www-browser https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5]

/usr/bin/which

[which /usr/bin/x-www-browser]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5]

/bin/grep

[grep -q %s]

/usr/bin/firefox

[firefox https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5]

/usr/bin/which

[which /usr/bin/firefox]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5]

/bin/grep

[grep -q %s]

/bin/grep

[grep -q %s]

/bin/grep

[grep -q %s]

/bin/grep

[grep -q %s]

/bin/grep

[grep -q %s]

/bin/grep

[grep -q %s]

/bin/grep

[grep -q %s]

/bin/grep

[grep -q %s]

/bin/grep

[grep -q %s]

/bin/grep

[grep -q %s]

/bin/grep

[grep -q %s]

/bin/grep

[grep -q %s]

/bin/grep

[grep -q %s]

/bin/grep

[grep -q %s]

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 185.125.188.62:443 tcp
GB 185.125.188.62:443 tcp
US 151.101.1.91:443 tcp
US 151.101.1.91:443 tcp
GB 195.181.164.15:443 tcp
US 1.1.1.1:53 spocs.getpocket.com udp
US 1.1.1.1:53 spocs.getpocket.com udp
US 1.1.1.1:53 getpocket.cdn.mozilla.net udp
US 1.1.1.1:53 getpocket.cdn.mozilla.net udp
US 1.1.1.1:53 prod.ads.prod.webservices.mozgcp.net udp
US 34.120.5.221:443 getpocket.cdn.mozilla.net tcp
US 1.1.1.1:53 shavar.prod.mozaws.net udp
US 1.1.1.1:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 1.1.1.1:53 tracking-protection.cdn.mozilla.net udp
US 1.1.1.1:53 tracking-protection.cdn.mozilla.net udp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 firefox-settings-attachments.cdn.mozilla.net udp
US 1.1.1.1:53 firefox-settings-attachments.cdn.mozilla.net udp
US 1.1.1.1:53 attachments.prod.remote-settings.prod.webservices.mozgcp.net udp
US 34.117.121.53:443 firefox-settings-attachments.cdn.mozilla.net tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 webminer.pages.dev udp
US 1.1.1.1:53 webminer.pages.dev udp
US 172.66.44.158:443 webminer.pages.dev tcp
US 172.66.44.158:443 webminer.pages.dev udp
US 1.1.1.1:53 retired-jorey-malphite-node.koyeb.app udp
US 1.1.1.1:53 retired-jorey-malphite-node.koyeb.app udp
US 172.67.24.44:443 retired-jorey-malphite-node.koyeb.app tcp
US 172.67.24.44:443 retired-jorey-malphite-node.koyeb.app tcp
US 172.67.24.44:443 retired-jorey-malphite-node.koyeb.app udp
US 172.67.24.44:443 retired-jorey-malphite-node.koyeb.app tcp
US 1.1.1.1:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 1.1.1.1:53 location.services.mozilla.com udp
US 1.1.1.1:53 location.services.mozilla.com udp
US 1.1.1.1:53 prod.classify-client.prod.webservices.mozgcp.net udp
US 35.190.72.216:443 location.services.mozilla.com tcp
US 1.1.1.1:53 archive.mozilla.org udp
US 1.1.1.1:53 archive.mozilla.org udp
US 35.190.72.216:443 location.services.mozilla.com udp
US 34.117.35.28:443 archive.mozilla.org tcp
US 1.1.1.1:53 ciscobinary.openh264.org udp
US 1.1.1.1:53 ciscobinary.openh264.org udp
GB 88.221.134.155:80 ciscobinary.openh264.org tcp
US 34.117.35.28:443 archive.mozilla.org udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
GB 185.125.190.48:80 connectivity-check.ubuntu.com tcp
US 1.1.1.1:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 1.1.1.1:53 content-signature-chains.prod.autograph.services.mozaws.net udp
US 1.1.1.1:53 content-signature-chains.prod.autograph.services.mozaws.net udp
US 1.1.1.1:53 attachments.prod.remote-settings.prod.webservices.mozgcp.net udp
US 34.117.121.53:443 firefox-settings-attachments.cdn.mozilla.net tcp
US 172.66.47.98:443 webminer.pages.dev tcp
US 172.66.47.98:443 webminer.pages.dev tcp
US 172.66.47.98:443 webminer.pages.dev udp
US 172.66.47.98:443 webminer.pages.dev udp
US 172.67.24.44:443 retired-jorey-malphite-node.koyeb.app tcp
US 1.1.1.1:53 smiling-tilda-mono.koyeb.app udp
US 1.1.1.1:53 smiling-tilda-mono.koyeb.app udp
US 172.67.24.44:443 smiling-tilda-mono.koyeb.app tcp
US 172.67.24.44:443 smiling-tilda-mono.koyeb.app udp
US 172.67.24.44:443 smiling-tilda-mono.koyeb.app tcp
US 172.67.24.44:443 smiling-tilda-mono.koyeb.app tcp
US 172.67.24.44:443 smiling-tilda-mono.koyeb.app udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
GB 185.125.190.49:80 connectivity-check.ubuntu.com tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 91.189.91.98:80 connectivity-check.ubuntu.com tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
GB 185.125.190.98:80 connectivity-check.ubuntu.com tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
GB 185.125.190.98:80 connectivity-check.ubuntu.com tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
GB 185.125.190.98:80 connectivity-check.ubuntu.com tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
GB 185.125.190.97:80 connectivity-check.ubuntu.com tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
GB 185.125.190.97:80 connectivity-check.ubuntu.com tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
GB 185.125.190.49:80 connectivity-check.ubuntu.com tcp

Files

N/A

Analysis: behavioral2

Detonation Overview

Submitted

2024-08-31 10:45

Reported

2024-08-31 11:31

Platform

win10-20240404-en

Max time kernel

2699s

Max time network

2696s

Command Line

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5

Signatures

Browser Information Discovery

discovery

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133695747912687979" C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 1424 wrote to memory of 3964 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1424 wrote to memory of 3964 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1424 wrote to memory of 2020 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1424 wrote to memory of 2020 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1424 wrote to memory of 2020 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1424 wrote to memory of 2020 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1424 wrote to memory of 2020 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1424 wrote to memory of 2020 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1424 wrote to memory of 2020 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1424 wrote to memory of 2020 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1424 wrote to memory of 2020 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1424 wrote to memory of 2020 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1424 wrote to memory of 2020 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1424 wrote to memory of 2020 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1424 wrote to memory of 2020 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1424 wrote to memory of 2020 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1424 wrote to memory of 2020 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1424 wrote to memory of 2020 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1424 wrote to memory of 2020 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1424 wrote to memory of 2020 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1424 wrote to memory of 2020 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1424 wrote to memory of 2020 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1424 wrote to memory of 2020 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1424 wrote to memory of 2020 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1424 wrote to memory of 2020 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1424 wrote to memory of 2020 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1424 wrote to memory of 2020 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1424 wrote to memory of 2020 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1424 wrote to memory of 2020 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1424 wrote to memory of 2020 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1424 wrote to memory of 2020 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1424 wrote to memory of 2020 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1424 wrote to memory of 2020 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1424 wrote to memory of 2020 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1424 wrote to memory of 2020 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1424 wrote to memory of 2020 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1424 wrote to memory of 2020 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1424 wrote to memory of 2020 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1424 wrote to memory of 2020 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1424 wrote to memory of 2020 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1424 wrote to memory of 1192 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1424 wrote to memory of 1192 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1424 wrote to memory of 592 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1424 wrote to memory of 592 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1424 wrote to memory of 592 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1424 wrote to memory of 592 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1424 wrote to memory of 592 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1424 wrote to memory of 592 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1424 wrote to memory of 592 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1424 wrote to memory of 592 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1424 wrote to memory of 592 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1424 wrote to memory of 592 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1424 wrote to memory of 592 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1424 wrote to memory of 592 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1424 wrote to memory of 592 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1424 wrote to memory of 592 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1424 wrote to memory of 592 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1424 wrote to memory of 592 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1424 wrote to memory of 592 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1424 wrote to memory of 592 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1424 wrote to memory of 592 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1424 wrote to memory of 592 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1424 wrote to memory of 592 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1424 wrote to memory of 592 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7ff8d8869758,0x7ff8d8869768,0x7ff8d8869778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1520 --field-trial-handle=1804,i,1221123974989810948,5212745558486787984,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1788 --field-trial-handle=1804,i,1221123974989810948,5212745558486787984,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2100 --field-trial-handle=1804,i,1221123974989810948,5212745558486787984,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2860 --field-trial-handle=1804,i,1221123974989810948,5212745558486787984,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2868 --field-trial-handle=1804,i,1221123974989810948,5212745558486787984,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5236 --field-trial-handle=1804,i,1221123974989810948,5212745558486787984,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3184 --field-trial-handle=1804,i,1221123974989810948,5212745558486787984,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.15063.0 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1700 --field-trial-handle=1804,i,1221123974989810948,5212745558486787984,131072 /prefetch:2

Network

Country Destination Domain Proto
US 8.8.8.8:53 webminer.pages.dev udp
US 172.66.44.158:443 webminer.pages.dev tcp
US 172.66.44.158:443 webminer.pages.dev tcp
US 172.66.44.158:443 webminer.pages.dev udp
US 8.8.8.8:53 158.44.66.172.in-addr.arpa udp
US 8.8.8.8:53 retired-jorey-malphite-node.koyeb.app udp
US 104.22.79.190:443 retired-jorey-malphite-node.koyeb.app tcp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 216.58.213.10:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 apps.identrust.com udp
GB 2.22.144.152:80 apps.identrust.com tcp
US 8.8.8.8:53 190.79.22.104.in-addr.arpa udp
US 8.8.8.8:53 10.213.58.216.in-addr.arpa udp
US 8.8.8.8:53 152.144.22.2.in-addr.arpa udp
US 104.22.79.190:443 retired-jorey-malphite-node.koyeb.app tcp
US 8.8.8.8:53 172.214.232.199.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 11.227.111.52.in-addr.arpa udp
US 8.8.8.8:53 2.17.178.52.in-addr.arpa udp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
NL 52.142.223.178:80 tcp
US 8.8.8.8:53 167.57.26.184.in-addr.arpa udp

Files

\??\pipe\crashpad_1424_JFSBBXAJDCCFPIDE

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 f45ef3bf13d770cfea7c3a4f4993d400
SHA1 caf28f57eed51676af98ae603f7c46be43c39742
SHA256 e532177c50ba9dcf346c3fb30d0930ce6bcea33d59a97d248b6dd37fb81d0ecd
SHA512 0256acd47a9b95cba5d27c8fa9d411bbd37bb0a5ef900b7fd4248c0ebeb49c190b6fe399e99e36bb93d26370dce75d9b20f86d7328187a7a0e2a4c8799251a95

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 84a133f1075c1cc61efe9b0baff74f5c
SHA1 1247c64790e30ff50df97ac8e5c5adc04a5ec4ed
SHA256 2dcb3befce067965ab55dddc0ed79a1511456337e670e9279672e28e8ddf7477
SHA512 b195d9b7a0395709dd158a22e1969451cdf9817cccf9966eab8b82e3aa07450376b6c47f4f31a9eac2b681a791f5389a51726d4df45cb4a58761d3e1e6fc662d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 5a27c1bc7ed987aad9f04a263c6fb879
SHA1 833c93c654c0511ba68dc38d3a2286d0af1731ab
SHA256 80bbad3eccecf20ac2856b7c903fae2f991f99fc32ed8a5f5c7814c6f47beb1a
SHA512 b60a86fd66cbdc06dcd7377c21480b06419753e498888766072e1e90fd265ccd0af4e2629dc1a02abba656248b4cf75490f9f96e113cdef0a1c2633e2fc5d2f9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

MD5 99914b932bd37a50b983c5e7c90ae93b
SHA1 bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
SHA256 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
SHA512 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 886e4f10e538bee5d5c0fff439a8583e
SHA1 604ca0b2796911fef78a40a20d06150a0249e93c
SHA256 90fcd7b655bdb9b1888a9c7c9833b06d88e6e0f0cb5e73bdc899880808444b5d
SHA512 d7e178d20449fcaa3370e54091bf3930bc2e1e5e3d5f1b84bb751e47ef39dfb76b9db9b995c6e3502b75691ca3ef410ca932920adc9bcbfa10faf3721054c5e3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3190fd8386eee1ff22537da579aaad1b
SHA1 7d4f0485f6e6c313e6ba782abb01dba3cea41967
SHA256 aa713621542560715e74c1b0262466739532a0e920868e7823aaf1ffd0c9ede1
SHA512 d13b73fbfdbad290bee569a3f4e93653618bf368b4e739e1cb409520380cf458dd16da3d103dd31a951e9920254efd364ead7877ad6dfd152ac71999093352a8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 a7ba86bb9a03fb9b4f6281f928e0bd22
SHA1 c284adb4e9c9ab9247937fdde480c659afc98a02
SHA256 f9b613d35bbf159ece54cc60080318921cdd7f21e9b4ec87d56da72558f30ef2
SHA512 05a5b09adfe0d7652fa568fa46d904509fdf532f5356bf657802d126724b019f1946dce5986c32a2b30ee51baf597ac035ee2ecbe9ffd330f989f3a882e4f523

Analysis: behavioral7

Detonation Overview

Submitted

2024-08-31 10:45

Reported

2024-08-31 10:49

Platform

android-33-x64-arm64-20240624-en

Max time kernel

39s

Max time network

133s

Command Line

com.android.chrome

Signatures

Checks CPU information

Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Processes

com.android.chrome

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 142.250.200.36:443 udp
GB 142.250.200.36:443 tcp
GB 216.58.213.10:443 tcp
US 172.64.41.3:443 tcp
US 162.159.61.3:443 tcp
US 162.159.61.3:443 tcp
US 1.1.1.1:53 webminer.pages.dev udp
US 172.66.47.98:443 webminer.pages.dev tcp
US 1.1.1.1:53 remoteprovisioning.googleapis.com udp
US 172.66.47.98:443 webminer.pages.dev tcp
US 1.1.1.1:53 gmscompliance-pa.googleapis.com udp
US 172.66.47.98:443 webminer.pages.dev udp
US 1.1.1.1:53 accounts.google.com udp
GB 173.194.76.84:443 accounts.google.com tcp
US 1.1.1.1:53 www.google.com udp
US 1.1.1.1:53 chrome.cloudflare-dns.com udp
US 1.1.1.1:53 chrome.cloudflare-dns.com udp
US 1.1.1.1:53 chrome.cloudflare-dns.com udp
US 172.64.41.3:443 chrome.cloudflare-dns.com tcp
US 1.1.1.1:53 android.apis.google.com udp
US 172.64.41.3:443 chrome.cloudflare-dns.com tcp
US 162.159.61.3:443 chrome.cloudflare-dns.com tcp
GB 142.250.200.14:443 android.apis.google.com tcp
GB 172.217.169.4:443 www.google.com tcp
GB 142.250.200.14:443 android.apis.google.com tcp
US 172.64.41.3:443 chrome.cloudflare-dns.com tcp
US 1.1.1.1:53 rcs-acs-tmo-us.jibe.google.com udp
US 216.239.36.155:443 rcs-acs-tmo-us.jibe.google.com tcp
US 1.1.1.1:53 update.googleapis.com udp
GB 142.250.180.3:443 update.googleapis.com tcp
US 172.64.41.3:443 chrome.cloudflare-dns.com udp
GB 216.58.212.234:443 gmscompliance-pa.googleapis.com tcp
GB 142.250.200.36:443 tcp
GB 216.58.204.68:443 tcp
GB 216.58.204.68:443 tcp
GB 142.250.200.36:443 udp

Files

N/A

Analysis: behavioral3

Detonation Overview

Submitted

2024-08-31 10:45

Reported

2024-08-31 11:31

Platform

win10v2004-20240802-en

Max time kernel

2699s

Max time network

2696s

Command Line

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5

Signatures

Drops file in System32 directory

Description Indicator Process Target
File created \??\c:\windows\system32\driverstore\filerepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Browser Information Discovery

discovery

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133695747896969689" C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 1676 wrote to memory of 3056 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1676 wrote to memory of 3056 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1676 wrote to memory of 4808 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1676 wrote to memory of 4808 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1676 wrote to memory of 4808 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1676 wrote to memory of 4808 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1676 wrote to memory of 4808 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1676 wrote to memory of 4808 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1676 wrote to memory of 4808 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1676 wrote to memory of 4808 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1676 wrote to memory of 4808 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1676 wrote to memory of 4808 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1676 wrote to memory of 4808 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1676 wrote to memory of 4808 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1676 wrote to memory of 4808 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1676 wrote to memory of 4808 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1676 wrote to memory of 4808 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1676 wrote to memory of 4808 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1676 wrote to memory of 4808 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1676 wrote to memory of 4808 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1676 wrote to memory of 4808 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1676 wrote to memory of 4808 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1676 wrote to memory of 4808 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1676 wrote to memory of 4808 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1676 wrote to memory of 4808 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1676 wrote to memory of 4808 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1676 wrote to memory of 4808 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1676 wrote to memory of 4808 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1676 wrote to memory of 4808 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1676 wrote to memory of 4808 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1676 wrote to memory of 4808 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1676 wrote to memory of 4808 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1676 wrote to memory of 2704 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1676 wrote to memory of 2704 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1676 wrote to memory of 536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1676 wrote to memory of 536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1676 wrote to memory of 536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1676 wrote to memory of 536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1676 wrote to memory of 536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1676 wrote to memory of 536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1676 wrote to memory of 536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1676 wrote to memory of 536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1676 wrote to memory of 536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1676 wrote to memory of 536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1676 wrote to memory of 536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1676 wrote to memory of 536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1676 wrote to memory of 536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1676 wrote to memory of 536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1676 wrote to memory of 536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1676 wrote to memory of 536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1676 wrote to memory of 536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1676 wrote to memory of 536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1676 wrote to memory of 536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1676 wrote to memory of 536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1676 wrote to memory of 536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1676 wrote to memory of 536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1676 wrote to memory of 536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1676 wrote to memory of 536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1676 wrote to memory of 536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1676 wrote to memory of 536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1676 wrote to memory of 536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1676 wrote to memory of 536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1676 wrote to memory of 536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1676 wrote to memory of 536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffe6614cc40,0x7ffe6614cc4c,0x7ffe6614cc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1904,i,14859398614132309190,5062546210625735041,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1900 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2152,i,14859398614132309190,5062546210625735041,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1732 /prefetch:3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2260,i,14859398614132309190,5062546210625735041,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2432 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3116,i,14859398614132309190,5062546210625735041,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3128 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3124,i,14859398614132309190,5062546210625735041,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3176 /prefetch:1

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4576,i,14859398614132309190,5062546210625735041,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4588 /prefetch:8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4584,i,14859398614132309190,5062546210625735041,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4448 /prefetch:8

Network

Country Destination Domain Proto
US 8.8.8.8:53 webminer.pages.dev udp
US 172.66.47.98:443 webminer.pages.dev tcp
US 172.66.47.98:443 webminer.pages.dev udp
US 8.8.8.8:53 196.249.167.52.in-addr.arpa udp
US 8.8.8.8:53 73.144.22.2.in-addr.arpa udp
US 8.8.8.8:53 98.47.66.172.in-addr.arpa udp
US 8.8.8.8:53 42.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 smiling-tilda-mono.koyeb.app udp
US 172.67.24.44:443 smiling-tilda-mono.koyeb.app tcp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 216.58.212.234:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 138.32.126.40.in-addr.arpa udp
US 172.67.24.44:443 smiling-tilda-mono.koyeb.app tcp
US 8.8.8.8:53 44.24.67.172.in-addr.arpa udp
US 8.8.8.8:53 234.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 43.58.199.20.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 retired-jorey-malphite-node.koyeb.app udp
US 104.22.79.190:443 retired-jorey-malphite-node.koyeb.app tcp
US 172.67.24.44:443 retired-jorey-malphite-node.koyeb.app tcp
US 8.8.8.8:53 190.79.22.104.in-addr.arpa udp
US 104.22.79.190:443 retired-jorey-malphite-node.koyeb.app tcp
US 8.8.8.8:53 217.106.137.52.in-addr.arpa udp
US 8.8.8.8:53 157.123.68.40.in-addr.arpa udp
US 8.8.8.8:53 198.187.3.20.in-addr.arpa udp
US 8.8.8.8:53 172.214.232.199.in-addr.arpa udp
US 8.8.8.8:53 30.243.111.52.in-addr.arpa udp
US 8.8.8.8:53 67.112.168.52.in-addr.arpa udp

Files

\??\pipe\crashpad_1676_PFQLJQMPFGQZXYFU

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

MD5 9b79becf218233627996b81ff929f65a
SHA1 372ef1696bc21898eca3f48ac59db277b44c4aa8
SHA256 7b4deb1ade672955d140273594cf24333fce2453de54e7f4d6ad6c0c1e00fa95
SHA512 27206fb6d95db8385151536fd85619ff19d8c70b71cadc7c23add71b40af279209561210f394081af0cd9cb0b710868fec1640e86ff76df5a92bcb1a9f48d72e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 582924e066f88c055c5698f40d29828b
SHA1 302fa06d003edeaa47e2637c7be3642947eb481c
SHA256 3d5da651ea0ae9f2a6fa1dc7c93488ffe45927153c153ae2dde22cbaec595cbb
SHA512 c1bc3794861a816b42f049ad23a64f50b3071c1bb05f666ebb2b0b29e68cbf7ef8c064f2f5fdc965e5c43576a78ebb0d77efb91a82ca425d200a704981a95dcb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 c5b46d363731fe937421676115a58316
SHA1 1bd38a80cb167e708bc1fbaa5778cd5853eff174
SHA256 b07948286dc2c517b786ce181c4299452a904cde5f9b2c5d5f0f27def5549340
SHA512 dea0507049a02b74fde86cee8dcbd9c3ebffff5495eab2ee70c9bc9c3caab3f2f01a94eecfc3e74d249fdc1c79aaa941fa86f3b5e22739ad1ea0059743e8e00c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 fd8089ec6117509f9fcecf1def8afa05
SHA1 222bc7cdb2cfca99ca3405d070199102359ad013
SHA256 80aa54c855d079c506069759c6b68cb555cd5ef28b18bcdb5ddc5b7003dc722e
SHA512 215e66d7cd86c33d0fe1cbfde483b7a684952b5d93f36274c617c6629c720e21dd5fcdbf0e2f8116220ee1273fdc6ed14d24fc09ba2664a862c5186db1a6c647

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 bcfda085ce9c610f130dca3e4d203265
SHA1 91a32a86b3026e2f6d41b1f4e7b4346b1c11bc6b
SHA256 28f298ea98dc3f29e714378aaa82db7f94ef10576ed1b3c955d99723e832d061
SHA512 8818c27176fa835cdce9fd5a93c341a771cb5f4747b6dea2a3d522abbb08b44783eb8db7f9162896c63e8f2045b902d10bb8cc76465c58e31723bdf51f9b6c90

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a29205940a04797df056a1cc4d82d575
SHA1 4512fe60ab345631572fa2c726d7b95cb641d621
SHA256 a834ec49d1b85742968a28350753a99005c11ae6e6815dae15859aa702719d1f
SHA512 930fdd382d97c573bf11557e7b9e50f6d003dabe1a2386663aa8787ae100f1feb2e3c1f4002598be2ee7adfcd49939bfea079fdf823113561d4ba4e0fa189528

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 a6ca2a3ace604d3e71851adc0f1bb4c1
SHA1 342ebc25ff79ee0fa58b88642cf8bb30f8ada00e
SHA256 222d4f7e1dc7507712fff64a2a5e50283d95ebf22ec52d529007f7265020d2ed
SHA512 59e2b38f56b3ee1ab12860a9cdaf7556c5416d5b9fd04d2009d53aa6bcdc70b9022d986dd7f1b7870d2ffad777a651443655f210137a00947954db9f0659f43a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5544e54310ca7ab7ec2f9ca5cd5ae325
SHA1 b254498d5967f3fe5917d01731519ed7eb5242f7
SHA256 c27ceb92a503e02eaeebfdeaea317b1a3a85d6e91d67e8235a68837b683bdc28
SHA512 939d4a7d29dff4702ff2233c8996628921767851768346ee9fecd89c349ee987c8bf5cee9c499683137444e1cc825646891405b8035de376d1f33899d86c157f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ac1ec364e83758ffbd951cf830353cec
SHA1 73e5c4e4b2b4a6a099652d804f5bc13b41779e67
SHA256 a7e1854f8a21c9dff4a060221a756edda15b8ef143797678973e5aaf2e7758bf
SHA512 a6a027c147094e5a9cf1c2068f24a8d351a991446327e83a20e46d324aca9f3c44e15c552980c0a2d3f65bfac0b18a09a5ca21bfc8b04b000ac3bdfd5a4c6063

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 1dbaa6fa300fdc1fb093529bec7b39e3
SHA1 eef4a5bddfe551aa402eb274aa48a353a4f3fef1
SHA256 d2b2527dd45fdb85511272fee46ab04cc1edec295309c08e6128358ca5db0888
SHA512 9a7e1b5583484b1300590c8b5659721d521337e4f6b0c71661d10ed0fc70b58a9db3f63538c78f616f21fca62282fd43b027eab0c1f9652e3900a4d154b6e251

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9c307d552ebb9acd9bf14d942191d766
SHA1 a362a55fc88dfd70b01417368c4d4f80e3657423
SHA256 0e0a3d0b0c26e15a615b4d65ef4c5cdb28ce099ca8e99f78d80ad1ca1e8a84df
SHA512 f4f611030ab6de583f1644e36d709606851c7cee43e8df7282d7c803c6d37640f4f677e3fd65a8830627821ca1607ba75e084813a5a84f7b1eb9696ac7011e37

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c2cb92066d731071b648bfb47deb5e66
SHA1 3628cb1b46aecbf63df13d4d7cb48605c3aa6342
SHA256 1488ee8d5324120987b8e37e5748c16a58e77b478d1430934f464363c086ee4f
SHA512 951f138dd70ab22e12c46cc878105ab83f81ab8935f913535760b9343faf445fc7c8c1dd745c950ed988793622853576717d7bf1ec7e58ab2e746b2347cfe0e0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 480ce155bc75cbc06182cdb528fe437d
SHA1 95daf2f250ab264636f5c020bdaf5e501fb4a0c8
SHA256 56162d880def52ca3511dfeb2c662b65042a6ef9d2e071366b8b95dd372ac3dc
SHA512 af7ccd33c5cab57ce0a56556ccbd3dd93c4e2a54709612d0536e2d1542ea464f498305619629f18c58ecc8106772bfbc2b8e0ffd6a824e019d4a7d64b89b7085

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9e8e5037f3211eff46c822cd3fa58ae7
SHA1 bbffc96ea615ebaa80e8471e53019faeb54f85e6
SHA256 6b18ce13e1b0d879947beb35bf27199d86c1dde634a4f9fc7d4b9277e1e0af5e
SHA512 3628ba5bca442955e434319d3a754b9ae9c328b7f4a9244020eb229923082c6ccee531bd495aa25d35c7b65c5b438b63a6e2264ce362ad1b2ca30c4d1c870142

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ef69195f6d5748cbdadc174446123c1c
SHA1 a77ed8b28fbb5053ea140fcedc67590a882286d1
SHA256 25e7ff61c52a972c8e9c1f6436cd8067a0cce14d84c45d0408c5b9228f2c19a8
SHA512 c7d5f4dfd7835a19eaa474da1a9ca25e1da3f194785828824b8f120a960b58a33acd047086204d47d0394c82d17484c566e8e177fb6ba30a6c64d44c7c4aa13c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c6ee4c0c2f03baf92d1a47b4e232daaf
SHA1 64158e1a004b8395913cf99d8ec997ef268f4903
SHA256 aa2cdcabec91e103a40cbc5f9090a0baec4af7046136e00a25b739daec5eac67
SHA512 b03e077a91b1eda3419bc3538129f61d7f81c62982435c77617149bb1bf0898d9919e18019c2c0fe15cdd863143e391f2038a343eaab8252c5d2529f8521b49e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 bc0eb26de3d9515534cc5351fc708a36
SHA1 67a6d42f26bf94dabc7d2800d283664492f82601
SHA256 bd8361271993dab4597287e103d2f9cba2f1da4d4a9a27accf6f74db33b2d4b3
SHA512 7922d8ad2530be37e60c3df9c4c7de38a41e1c65ff8cdeaf79622033b8625d22f6a2be555a618539514253a87904ebabf2c12757ca7376191aa357395381dc4c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8a55abdc3a27752f0427df89549735a5
SHA1 f74c91bb5c507b25be56ed6393ca6dfe25bea618
SHA256 cb5e7622e570cccd47a7a399605cc074a066206902c0cf4987088771a3e3fc35
SHA512 52eca795db8b4902b48da59b15f1f69bb78d1bc15720126627b75a2122fd08ae07831c25a6c2c46bb5a26a94babff4305b1cd9b6be9236356e54521eae12a4af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5d7ebae0098f936a0634fc31ff074c46
SHA1 79c20e19f7226ca9c9fb604f9e0ce939714a62b5
SHA256 b7014de60fb94ee59eb365be1fdb3f69106f2461904fee15473345ea6dd2bf96
SHA512 018e3cfbc66eb6b0466ba714dbd89e64efe5bff154978ff931fa7b266be351d0f3f5c86e64bc057b4b4f8fcb8e46950afd5374277a457ce0948560472d85ee0f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b42bbd0ca5baeb84ec22cc117e670eda
SHA1 36fb8f1e438e1f5d85068f34b9a3364f5b3a7eef
SHA256 6e90d6685b8c883f6ef4b4cea4060394eb7f22a1b824abafe8e8abde8cd31b62
SHA512 7871f29b1c9de9746e223aeee7183a4e246429269f14161630f297ddb78c29faf338d6697996f13b6c86992771045658f79816ff1f75219fa9254b9de5fc1e5d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 81e4659659db9e43e55c4ea6bb97fe62
SHA1 c402a837eb3e64f9b0415fe21aadc650a85b7f1b
SHA256 f7d96b9e936d49f0ad786e08e37e3fcb474f7c230fd7cda651faffa7a4591201
SHA512 9b473fd5ba887832e7b3aca6d5a775212e6ba3f8d3fa35cf1a3f17de33c9fe435e55a2cef47ef0dbdf921b4ebd8dc064dc351ffafa25dfcf668df36bf2a59591

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5f14e9e91694bed97df7982edd4bc4ac
SHA1 e4715b91d36ac9f7739ddd6fe0b6f0a0f7f08484
SHA256 2890cbfd98f43bc57d6941693bfc7598749772b9ec42370c5d50d9f85bbffec8
SHA512 2cc32856e055319883b716fb355661830ea83e5a1e621080d1c7be2a237b60e9508c7ff0395c203ab4b601b52e0e2cbf746cedee963e2fb82a842e704d8a130b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 11a370893741156d08c85e89750d4a64
SHA1 a8c35f155c3108cc44bc2458ca20b5b95dcdc37c
SHA256 1e2fcf19a10fd9b4ea2727b52fab1bdf3a16ca2ddf898dabf1ff43ebd62eb2f1
SHA512 f1702aa77326e2e0425caab9d6362b4375a43f8ac242416ac70a65d69dffb44b3642a3cc4d163c4fab638e3015307acd34b0913f261b1c26bcf1f8fc85af3c1d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d87c212be2b6e5ba11308fe7743b859a
SHA1 58e71a247c4139b5daf38f4af91456518a5b5975
SHA256 c04020ae18b7c50edadf4382259e2eea22284f23ea658addf73911306b9a1883
SHA512 27cdaada0ac6ab630de5b37fd90a6b4289e5f00bd1511321261c2021348b7d533083354056de745263bac25ec3383856eebd0c57a26ea957b7f4372e093f0d0f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6cb36bcceb6ac8804c41554a67c2dfac
SHA1 76a3c7b731472db084c7b16d6c96481c954c2e48
SHA256 338a10f43c6c1431910d25ecde6f481bfca917216ac3e608e3d55194f1f6c8ea
SHA512 0dd321c26c7f1ace7859488a71325e3881ba1b305d63df38b92bb3e5eab409c2933230ab4b15c6654a087408a60591574f6352e9b834eed20ae39b6da617dffd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 bf17b264f5fdcbaaa250f9612f938560
SHA1 c239e729151a56e3bd3fe50f19b450313774bffb
SHA256 252e7636e20805a2cae661367fc5659da3ef6e94686945e1b47b710b6b27994a
SHA512 3a08ef103deb470412fa49e2a15a3cf61cee983e8930c64cff33041e9ea3b36157d3a4b017832d23c27b4b40ce3e6f5402396dcaba08233892e6b9377ad228e8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\607b1eb2-e166-459e-bae4-439901a87ede.tmp

MD5 fc62702dd9d59df33038eabc1034d9e3
SHA1 e39b32b1f75b33258ce53b54d818eef785563b73
SHA256 ad8a6b328ab25fc5ef603b0357b201ac8ef737070d0191c2c118cb7d18baa659
SHA512 177cce249bf8db891bbf28f487d3443df6aec19e96d48347ead402b58c907e853cbdbd38034b9e6f3dd51efa5ffa5b0c938f12e8e64cf9d959afda2e95c3ffca

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 31a0910391f60ba32d8e0a375961cb4f
SHA1 3a5bd538fd2df4c1130cfb82b4e7c0718beaa9d2
SHA256 f71cb27b0bd8092f30bf2ae6af41edb5c5a437c4866d9a39422c7424123197f3
SHA512 ddbe336d0ed1f9f5bce2700d123852e4bfd6fd4bf735f37979c8bd3f1984f956c0a3d11bf4471130f8afe7c0db424a25d9caf4657a678d11fb5c81a253a527af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e3d4c23ff24ae8843379ad8bd161a698
SHA1 ab4f444d2cb019b1e5c2a199dd2c9e9dd2aa883c
SHA256 41b6c471028ccb37d8bbaff4701c1bf0deb3131cb0411cba3e604304b99cef39
SHA512 784d9ac39f6d474f6c539968684e14c68cf8916d41f5d8f1bb479eed139257ea83a74b3d55ba3016acf54580180a7fadcc083edaa47f5c8ac39d8ab691fc09e9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9644c8a22570b2113c73a3a33f95e4de
SHA1 1f3ce1e9bf03bfb46e72a212401f86ac125a2d18
SHA256 9bb4901dd4d88ba84a4d954f0c8bc49e97e8cdc579f121cae256c02725f1201e
SHA512 38cff10332258f3b5e3f7942b5a506ccf29e8cf859f6980534851a406890a2773ea7c1b61ac5a13f380d42281a1bc1a72cc80ce5d897931be6b295b2229f3eb1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 df13141a46a4ec1ab24e8ee30f3d9044
SHA1 4be282d74ddf3f428ad74f22c9f1054ddf5b6239
SHA256 2b8e4b6a6a122c218aa9088de36f9ceac0f2c8cb671cd124ea89bd927734b75b
SHA512 8f2091ae613257ac33b8c86d95c53c02920f36f6c8b1fc18400c74517444f218716a5b2dfe0e58ace2dcedc7be27f5ae25aad679566dc13b3e4aa34e0ff58db0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3827bc2879c973fd02176f4c6eab22ed
SHA1 3962ee469fea81ee4e29a8d4724992add67ca946
SHA256 f274fb41f36fded0edf9e3351bd9295add0b72f4778549aa7f1e691a5ed15e92
SHA512 2dbe268e9870638b405104a9905b1948be991873a98fc91ed20ea09aee09b6f4ee22266436deef715e00bd6a8f2a4e22e825bad92cbfaf48403a98b1ca7f25b8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b0746c2bfb1ba84d77385ff39ee7d56b
SHA1 98f49c7c99afd7147227f07e27e595c1e7fcdc1f
SHA256 1f81fc72ce3d173a88c6999522dead0126ff5426bf622dbee9ad28fcd294dbc9
SHA512 257374749bf5662c03eaf77ee5ba612594292caf6a27937640e809ac138ac99a86b69c9b556f3ec05993eea88a1081a6ca3a27f9be0b44213c3f41fc384911d3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2a70eb39b2736fbe21aca71f641e81b6
SHA1 b0bb294f27da2c18573cf492962f25b8b8298ae5
SHA256 5c61bd17fd6855c2761cbdfd2628680ab4b4aeaea1b6744e1e0b76a0fbd9c2e6
SHA512 2d9c45602e5e2a2db69383a1bc960a4d19561cf5516116f45e870c2f8f816ce6f7cf719cd1fa15878add617624bbe4e287979500062329fe75166a78f3ee35be

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 29c848f218f4a3344761513954e63062
SHA1 06055aaa98573c348e34ff558cd3ec2d7d89643d
SHA256 439144665f89a0604403b8dcd772612e2f7cd7722e29707a8d6f8786bfd25476
SHA512 6ce7600ad03312b7158fb109cd50e7bc213d58be17183df0afbd8f0950b3d9f358ba36a0786a3ca41732b1e55f6803e45ca9ba2a15f26a9624626d54a308b235

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 485e44c3cd7e910722227ce385410923
SHA1 bc8931a5cae81cb56590cc6ddea8d1552d9d4da7
SHA256 71f1797f3e48b242b1f43c64d7e31c5c18c3ee4cdd8d3d9679df10eeb2be0f60
SHA512 69d5531a96b9568de1f910a60fd8fb867c53dba50c84315d82efbda2093ba1c43d0debfe10f7330a9413ebdc7669c74df7487854e87debf52cc6eee532ad0fc2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 371e3354bfc8bb80817452e67e6be796
SHA1 f07b616ea56e1dd5a451796cfd40af13d643fd66
SHA256 efe005fed552e011ab1e7b397a92c9559d66529f81fbd66eba6bd76741bf1371
SHA512 d645f62e3d912ee9a4f5686b3e2a2103d70af2b9ca52c7b8ac5e9daca7844cce19255bcc5acfbe6ffa31be816c82fbd5d8210c35aeace47f3990eecb9576316b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 bd0bb7d40302529311d633356f9b7db9
SHA1 3366e1ec95be21f0550194c2ec3d68a54d5ca40e
SHA256 a7879f0f31f00cdb71716daefd3a1c0326aa289edbdb66d2d4f35d042912392a
SHA512 e78d803939a80d0de5687608ce3601bd5538820b63d4047dafa5a59440b7003eb27af5a700a9afb9ec96bfa63e11eada6bc02a7de1745e301f29bd6fe6174a7e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ecc41cd5ca910e853ebe2ec49c48ec54
SHA1 92dd422d52eee70a3ff63ffadaa492e718312a10
SHA256 840bd7d56e3d9bd5c10b037553bcfaaee9d082f35b01b32b030de86f39fecfc2
SHA512 e26463969b6d6dadf2c76d782509bf7191a118793d5d5fdcfe1d07a0566e59393571ed5a0cd436f19fb66758e978bd4eecafb973a043120552dff86cc047ec78

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d3848891be712db536241ffee1f63e07
SHA1 ffb4cf2ef65b85b2d78c6183b71a1984cb408a3f
SHA256 fa8acee47e0ec92288c57e68a205a116b914f069e852978daa21ea3a53f5ecbd
SHA512 34fae0c583e9856455e0418bbc988447598d64e845155970642088e0ef57747d00e521f03e478aee05105c19aaffbd27c74a53a18aaf36e3b6cb18b18925f3e1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 55b5a7f33a81f488a81174b074869858
SHA1 711d1010209a11c285d4bae9059425bca96f1f95
SHA256 fed078f54d094410705a2aee44b90d05506f144d4b683bc467e1dc3f98947b09
SHA512 fed1ef21ceb322a66ea8c223ce2e1708fcf8aef5bddb3e2ebc382abfb07902e4a405778650c73509f2e0016d613f40be3462dc007a67e03bf219dae518e0ac29

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8b192b917bdc4f5fd626576cf88e7743
SHA1 6437e81152333d401ee4e1e432347af72dee72cd
SHA256 083c8db125c050eb3af88842b9c4a40d434e232c9e736cf1ca861b7e2c7417a4
SHA512 719dda925acead3ada0493a6b0ba64a4769da0969be7cfbc2db3688cf75a9764cd10e389cf97e701ceae56e5e54f83b9958a33b05f538f4dd4ec4c9bb9754bb1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 36b15c461a4d3365b75ba34a4e254a01
SHA1 82d4cd2a33a86e2ff35cce8524e3648364c605fb
SHA256 9d7e3be321b3eb55ce0542dd55104345f5a2c2b2a074ab14b6e911c9c84d4052
SHA512 d3215a632ffb04cf48b0f344e3e3614d0fe3168486fb6c8d92582486c17464946493f0bfb1c2a8dcc0febfd35e9bbc16ff94ec0b35565565c221443379089cc6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 052230b572d2f795f5320a8d515a36d2
SHA1 5b753b5094f5bb161d145004510ac675b8dfdfd6
SHA256 653d83307724dd402b2ef589484a90538218449afe77727e73be9c3cbbd70b64
SHA512 223d940a28209f5bcf7040872b5e64d5ed58607d89625da24b5a4ee8968b70dfb9fb27856b1c5c197e39f5f421530c813a982e592798fac6c9c87c7a365202e7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 32c9d78e346c953357dc72d0a56929bd
SHA1 8ae7510c0b3f265e3f035b92713092fc8cbacc13
SHA256 75273a42b077cf8d786c5497a153d3337987176361314090c52fd3039d7b661a
SHA512 61241bf652b45590bf9511a0e5760b85600c6abe119f58c860227aa6d0bd81c4aa6ed8f6d63281050b7e1845a0edc5436bb0c5e3d74f591c7970c658e68b094d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 45a385ef45bccca2f96effbb4409139a
SHA1 609f47ccccdbe4f8201990f4ab9f0b41689891bf
SHA256 cbdb9dccefafbe555a6414b4c5034e36b25660f4621e7a3bbfc005e73de2704a
SHA512 109d52ac582ceda97fc9b438af78219abfdc58ca7b68d70876c5da4ab9d26868dfe49109d63318231d9102c10b5a63eaefaaeac5cd2cd5d9f43c4d415150b372

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b21b3d641205c2581e4d2f64d87063a7
SHA1 08b74ad781aa6efe813d95b0c3c5ec18ce6883a5
SHA256 548b2e7cb0c22926842e8e187d74a8b6ff51444de1babc37cbcb3e10ec14f1a8
SHA512 7a7f51fec3c4878b151e70e6904617a229725aff07d62887d013f2399be17370bbaf0faa9a7f996d264092e122bafc9cecf4b25dbc58ed73b5effac934e0f0fd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 487568d895b2e91e9133ad114f39ed72
SHA1 e4571a3aaf06b5f1e4e548235278553168654703
SHA256 5526c1cc8e276d1d0651597923a972bae026e386fd0f0d278393aaf267383a27
SHA512 68a8e06fe5b9a1d5cc95b6d0a46f2fd0946bb0ccb26503e3ee8a9b52729f319ca12906608463247a1443fa5cb569b9ae811d2d425166dd4db1dfd76621583a92

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 56a96933be64d8624ac1db04e4f25d4f
SHA1 bf076ade2d7e268279791e5504bd064f80973d26
SHA256 ee2b9b3de0922a7ddd9239c97770c6a7b535b00b91951fa3b3e79d556568b6a6
SHA512 8afafd770d97b13138b1258e74d5c1827bc802d593611bbf8f07d628d13dd00b364a893f3fb22286ccb7f6353628d00f5193e33dce8866cfcc2c2e936fcf1a40

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 44b37797f66e5e2d7cf07434e70988e2
SHA1 ff7194bfaf68b5329db936cba0fdd4c2aaaa6eca
SHA256 6bc2699405a692daf17996126beba2583edef0ad844c2f06830121c44351098c
SHA512 fd39561006f5f1b0d34394b2c65a5a37b186170a797d16a803cfd026f5bfb0f707a37fa4fb7467c0084e29a7d8044ba0a39b0b9a737c0afe8634a879ed1969db

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 da0fcac1e4723fb7410a03eece530b82
SHA1 a3e347e3d19f22da388705644b45f9a74deaffa5
SHA256 628f24413ea9a94b043b6cc1134e721d4aa0f7f1b3b3ee3f1f1745295de1c678
SHA512 6d2b9fb076112ef23be63c93a4a4f23f4015891cf319061c16dc607eb8ab93b28a2cfa77a756688c91d305de6c53704bcabe47bec8ae9e7cf702c22fbcec695c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 067ed0f0f7b261830e1a674b042cac9c
SHA1 36968d298ce3c0cc2088cf5ce9fca337688ebf95
SHA256 bb5b9c3393c4c05845d6e691eea03e275e5194699904eac3c0d309184e78aca5
SHA512 815cc1a1759b3f82d467f7894c0918403fb0d67729d8e976e8648fcbf5896785ae9a2397791502ac19ba0843aa270c7f1645a749ca6ebb752580016eb7e8522f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a41141d1c2299f8a589c23bcd5924d18
SHA1 399b2fc629f4854610d655e81fe87673a928314b
SHA256 86dd3f3a3946a306eb98972a15c5b477c4ebbac8b112a18a2eadafb8e6b9fca5
SHA512 a6800954bfb718f9ed94018a0b0577e73b782763651241b0aa85452e2bbdef269da51edb322165357ba4181990420597537ace8902d0605d21eb7d644fb3a45f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b3f38e5b133d01aa10b3ce91ff0af19e
SHA1 5b0509fc21869b4ac56cf04ac449fb43b0fcc900
SHA256 d4158a28fa5beab83d2a7d956a81c2be2a5e7f16892380789fa30f7af1615da3
SHA512 014f21684b636192daee005c9da453d994d367371baf978f045d23653f50582691d71c30680235bfa674748928d971532e09f36e4c7de2530f0315e3ab249e07

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 70165ad0d4a77faee3cff72a3600a85e
SHA1 fce73118e5b6fdc46dbe72e7d842d546718b2aef
SHA256 95237f58f614057b7e49692f5c02dbae24a34eded56e50906339b4a8b5335d49
SHA512 40ad6f6c09c7cf1444dd29494fa0c58de3561e8cbb6bb3d10fec5e56cdc4143a274f8f44b1ea4af59a90919f033dc93e76545c1679cca6a734a7668ee1307426

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d4a3cf39eff16f6291c0ee993137ec44
SHA1 2c320b17cc520750afa60d2460bf7aa5d0c3cccd
SHA256 8273bd4dcd7afb405f69f168f979a1af44537b8d2448651df1131076e0b78382
SHA512 030a84f7aed8f196ef46947024eb300d159c929c5d64a54f6b36ba13572579e913e46f3576a86065f196b3935d299100cfe8195441dd90fe1bd434eda0fa4a09

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 81b731dd7fce3264c33be7ea9305a2d2
SHA1 374c96c91638b6e114d0d23e3c85281646797b48
SHA256 68ebe35adbc9eb42314be741ccaf933b445b472750a1dd313dd1dc29ef5dc12d
SHA512 69b3a1fd22866684f581c09015a6c9a4aabec9676a98aab0a2cdf8215974610650666b791c1e7dd25455e43f3616a99feddfc233d8d6ac6a194a0a2f99e29792

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 553b215624d2e2d289f2259101c719bf
SHA1 d7ed13d68937d1007ddd814bef82b50a3cb8b940
SHA256 891c6ea7dfedc1d1b397e2a9d6b6f789c4f3c679cce350a35efaa14075ce9b60
SHA512 327753d21500795c770d32539d4bde3bc75ccb93465dad4c864a85690c66e73cf2e06bf33699c271491862b6c603fb98823347e5ea3845e605bbd238654fe239

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c326e4290a79965b1035016be616cf13
SHA1 39f790c9ca219ee6b2fffcaffd3806e1ee093a2a
SHA256 9a03deb85d01c32e0e0b6ac177fa6c4ce86e45a4e9c81ce41ed6ff12a360b7be
SHA512 2cff7dfb47a5a1dff8ea73874c634a60c887ea3b3952110fbd113b1c4a85da32a23e7bc12918e9e6c7bdb2077f232820b6b84e56c134dbad69303b9a0d321866

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 245afa1063c7f3b1ce6fe4281407bf54
SHA1 749fb68de72ad995dddeee3a4dac074dd49b8782
SHA256 cd56555c9f8707d461ae84b40f7c8eadc5bffb78270dd3027c688cca59910b7d
SHA512 db6173b2bf34b9826f5a15d6b70b6d3c9c746d2bf5e562868491448c82c5d4d3a894c897231ca730f7081e81a586b1c8683836b0783fbd3f8bb87fa347ddf71b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 aa738f2af87940863766d3a4b929d4b1
SHA1 003f6b14dae8ea804717678ef470ca379ed4e864
SHA256 7a60064a9fa1b7a010dedb43ba9d3263b7c673baf1ac8568b3d1d3cfc94cc77f
SHA512 95ce606a2d04c2b1eeee88e3eb11baf153abc69e561459fbefe790e91d9a0f48561cbebee38c9a3b0e336055b273563098c026468cedbb04232e58f2197833ee

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 fce62bfef09a44c0d997629aa0779fb7
SHA1 ff551f4c37c2b3014a640d45da666a5dbb4941a3
SHA256 36134426290c5c9fb2a815b0ee5a2856e6c9b77a4ba1938116bb3aaca2c718bc
SHA512 1fc810f209200233a7eb5367a8694d4ec241db238ab5522311b70d750a2a50796042188f2e617ded11b0a6524c78c871ccde269749faa44832f567dba8faa7cf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 616614750c8dd1aa72db775a3c78acd7
SHA1 d1196e5f0c3a6ce03f64c0e565de597da208afaf
SHA256 660d853b6147e054e1130d7b85a55c1e5c4f18bea0bab5b6dc84559c2c61aa71
SHA512 cd74fe3c88acb8d91ad90597496d93f56310211636f9e5efb2f69f2e2464b51fae948b5e4c179bc684cde33642fd27c09be1bdbd6026c136723627e94376be63

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0bcf26ecd27d36b0884c3015c4d921f2
SHA1 6f4fdb69a2ad194adb74e97dd7b512de808a37da
SHA256 f3c0824c6e11774e99e57b08c4b44b629d38233c0d47446b721eb1fff2e1806e
SHA512 a887444c90068d2e4cd66c4a462f3f95a9bc099a799011726f63b37a53a3efce42445dc9d6e03833eff37ade358cd40643f01ca9a173d7ea9091225f124de0c8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3a882c5b2469adfe2d0a8dbcade53252
SHA1 39c10a83b533809d35587f6a36d63ba7424fb55a
SHA256 45a9e15e50665b5d29b6c62283a9f1f1757fef18fecb81c66d2f01cdb07dc2f9
SHA512 628cccf0cec7fd2f479a32af535910183baa977ae1d52ff897bb70e0f7f13a1c37f00ef4ae8a2eee98cfc80800463b6c428790ad0fb20220e5e8a672c028694a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f558e53946af8cc0571c5d4b12bb66bf
SHA1 046e5b2a0ab7ab7899ab4f8c2c8d535dc53a11c9
SHA256 49ec97fa74096a2ccbf92c9230e4201f96712d0ddbd8cb8368bc9227d87b54c1
SHA512 1207161d4708c043d870abaa85b9e7073b955001f2a29af9a882e044effe63a990915cd43e601ced5e844a97a5de626b47ffbef8944c4f9525c9f773242d495a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e84afcc2e98bf4ca7e432dbd5d013b96
SHA1 3431a04575848ea7e93ce69d31d796f646719870
SHA256 939eb07804ddeea2862562f7848e7cf58c260b378cc60239735232d154f2f5da
SHA512 4171c5bbc6e1ae9f8bab2825115ef640917f6381b660b5fca41b203e53943cb19ee3e85c1ca550472e05d2e04b73d7721e24a8636ee875211e2bfe96e38cfb35

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2eebab175cdc5e654979e27c109d84b5
SHA1 e8a7421751c8283497e94133e300bbc93aab1f12
SHA256 d867f1ae0d2baa8ba0ff82428ec6df59a6adf9761ba147cb5a3309e8b60ff9eb
SHA512 658be0656e4d40646366d7ccb66cf26a57245d243494a790f54e5441bc2c24ffbed1887f2727ccadb90eabd38722cc5bf62769c967fbfc7fb94384530114eec8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f14ffbf989b97a102e87bcaa29081f36
SHA1 3fb1ff590b2cb27aa7c20c4d8a28daf1b12ffea0
SHA256 efa14bcd56854fc55a134d4a6be83e4e2c0b97cca3a77e96e7c94a5810e72cb1
SHA512 a1a641aa4251688dbcf28c204a493775ce0faa89f34c0cb5e7f5edb7ac088b70b1194c5ee6190aa6e561ba3659719f5f7e00decf1feedfe393490e8cdfe732bb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8e6bdc1da40d6a52c7966aeeebc046f6
SHA1 26461d98472848c7428c6eceb649407a5f20d6c7
SHA256 60b25430a40944b90d9fbdb0bccc673c5bc34175f02fcac8b3fb8b12cf833a98
SHA512 2ce3cddf46f030755b0ee38c84bc0ceca79b5ddf711472a71e4f1961012c855fc72ae140d88207d4b4857e91db6c7496fc3b8ff83247558e8fff424d0b50d609

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b55f4dc2d82013ead876316501c6f81b
SHA1 111d10ec8e3503e2fe1977890b650a106c8033fc
SHA256 e5be3097f3c5fbfe55b409bdcb2324b878b3b1a4a6da773849711ee786db08e9
SHA512 2f1502490e78325a2476d8619fc3b6b286f2294ddb45607a485e7dc042baa326a4174bb11f386f36c7826953f4dd886b6a36ad490fb29ab3f94c7aa5c346b954

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 997290c39af64b7f275a5e99e07b4272
SHA1 28dec970ac9c9c82e2e413ef52dcd82c20c29f52
SHA256 17ede7a7f4ce82d0371d9901a662843004ef389704a4df9a276e848851af97d4
SHA512 e7bf489e5425b2b36d62e73bc24548431163c1745712cfaac3fa50a0139c2be605a92509f36fb74ffe71e48fed5d4625c741434b23b49b6c5f9879f1b9a9ee23

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 cda1fc717ab85642805de2b1af99057c
SHA1 ae981378961555c9dbed2e5c93beb90ffa40e64b
SHA256 9acd6562de524525424e0cc589480ddd19d69920943b492e4b61010b243a426a
SHA512 cc036e8b49e38e5fcb6bfb4ad0c394479b45e3730e37674836e08a256dac0741605b2d886e34a3f6b608288ebf82dbe33e8cf6a450473d8200fc94ce8138a442

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5ead78a77649b352561f79edefe29fb6
SHA1 0823640944bf38ca5b6bdec3c12c9b3b3bb26c74
SHA256 1afdb696fae18d4d220fc4bdbb1a1a36699b5618e047380a7b182f12c85db3a9
SHA512 1ad58c614e259a02eb220649aadec4e2b29cdc09baf0a8107d91ac1f3e13157412a9edeb58b6591f7c2e3bcf5eeaf4f5d68cc45b9857ab9c5b826019a3ea1598

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a27949ab6b52f185ae24e3db748702a2
SHA1 37f35c112b5350dcbedee20ecc354173d249ad7b
SHA256 f617d1b9bcdd0053434e7bf00a007ff6f0dff64432653879228411bb081f5c6f
SHA512 f22b26ee2f2d79111e7588f7332e0afd74373932d1e65663896dc29feaa7902d64c5ef5522a4c3090ebadcf5365c4d7b4ec2c73cefec9d92ac4d0a917e0c4fd8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 cd26bdd109b694e330fee731b142b9ba
SHA1 b4b9c4ec4f0f788f391a0c92f30f4f1f0935bfc9
SHA256 cbc0e45a8ce53d521df6d8c945f6ce93cde939a9c7e707474432154132a7c59c
SHA512 78c5f1c983024bad78496bd60658cfe74866d1359d444b01cba9a93e456d3eaf04a99bc152a2e064d20009ac3eea12375cf3d112113cf39231b0e90687e1d84c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 34dd85b060b255ff51289c5ed6c21882
SHA1 82d34fb803eb943b1149f80a72fea818972135e3
SHA256 3f0165f0b5ad0d21c027ac2bf969788a7cf75298d2b5ef78e421ed1faa4c0a4b
SHA512 be122986fc31d33bb633f327f20b381ddce7e10a33ccbf5bfb3677345db6573ef519e08c3905f03cabd2fd8dc530befc1bc3c17ef82a327d176143b7f1bd4aaf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9cb9c07f8c8635a44c17fb56e66fdf41
SHA1 d2ae8d4edb5e4d6df2215d78e79d6829c20a4f3c
SHA256 e8c53c0a810a7fdb93fa5f13a86da9324041cfe40c05547cb8d893656cda155e
SHA512 b8de1c759bdfbd6d70e347db6d2079cfcdb6053a5f28648f2f45ca453e073c80225b5122ecdc223906c2e89b96345b82d473fe9db7e9b7fc0b3eb0411760a402

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ce97c72621ce7414a0bfc67273c09a76
SHA1 698089d85cb7d0fe430cc9a583cdc20be052addf
SHA256 e57955dc475d6730b20fecbca3636674c73607de18770082c29a3da8c16b66be
SHA512 db3799c8bb35d7c9509c8d39284f73b66cb22f70f1c1d7d50547dc1043b16e589c833f6dde4e256c461a220939a98259d7439d3eed4e1240578a35ab0135e137

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 885cc939663ec0be83fd6e1f870c6b71
SHA1 cbd5220c104014a6f3f136f3785d821587a9b173
SHA256 3a6c85a24cbac8faa1f6c133148b4a34a4ff0caaf4e56e5fb4a731fde700c1c7
SHA512 1e024b5cfcf70ffc426b1ae3fb9244b12bb43986681316af9e9077f5a9937c56206f878e70e66725668a3e851f53caec59f640477691def21cf0a2c2ccb04880

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0675f5e50b7b64336ce460835d3c3924
SHA1 7de1bf731f8c3591bbc71da0c3045625dd2aad05
SHA256 03dc75ad34225abfaffef023f78b53375212affdf3e11e6d9cc6ef74f87085db
SHA512 cbe0b654f10dc0f69e79ba72dd95903dd23f1887c376ae470434d643e1940c21d536b1ff78470c49c0a3f34e43bbc1d3d220438c6a7257138ce9db812fd148a9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ad280c68dbedcede4b34ec2e2f971a78
SHA1 769c2599005444c388ecfdd3dd01b6773f46f063
SHA256 7ffe7ebaf61376b9cf93ed3f1597a6a75a9876f9222b5ca478a573ea3e8db386
SHA512 2d1b6f01ebd3da9188bfe844f19c3e6bfd1ebf09bb49e1f37dcb6fc8271074a9d496968872bad912b8186bca80d7f557b8d377c0f49f2edff4beeb59124bedad

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 87a39e5ab0144750ec2eca7e0a18e00d
SHA1 884735e38c4c008c6e547af941c5a0a2f90f3142
SHA256 e2f7a25da2719b26d8b070d3955761482fe5d006cc05483deec6ddeffdcdb19f
SHA512 1d7a5fd324a2aa67bd4a156500142cf468fd561595d6637d27d88309fdc2dd65b853487dede0f4c68322f3a31b603afab715646411966f37914034cbb37de44b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3e039ec8257c536a877a73264cc7f581
SHA1 b2478df5662d1d97df1e6a6d99edeb2563093c37
SHA256 00a32b83198823a506dadb0716238d5e1387315f21b22b3952fa4235345fe224
SHA512 2ae6c83098f23f1ed8524fb48575b12642b0d6d8def234d8d48afe2fe5a8fe9ff0a4e505a9febbc382ace88b43def23d370f77b9de7d4bfe49b74d7fc9b6ec79

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4ec102c75d028f7fe3ccfda4d48e23bc
SHA1 85375d467ed1d3f88b900a88c6cfa4159c82fa15
SHA256 e798ebc9b7b854b4980c15a707a6248f73620e8f7a2a8cf8047329a181e3a486
SHA512 fedd82de098b1c197f34d93cedf92e0ce6c6949c892a4a257a6489675d45374efa42614d9aaa05015b8d28c2191bd293b155fef29fed08a020613fd6d6570729

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3d93c5a6b8b7f07dd1f30ec90d2e343a
SHA1 a0290d8cf10b1c189b5aa595572e52e0b9598a42
SHA256 63da5b0d9711cda94c5d499cab40ba1da772cf4f7320fe2f84419ad875bb9e12
SHA512 24c08ddcb39e4a842e97f884f4efdac2b802561f564d8acb3bf86e2e5575a80d2bf4b604620de7a8e2523212183b7c05b2b61933ed5b2ce910cdca245d25e781

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6a8642e21a66e4c8d89d32afee5779a2
SHA1 c70e4b53aef07a71c58209d27d0444f873663603
SHA256 2d4d5eddf0fe36393226206a7aa677f90035a6257e92dbb19251873426d673d6
SHA512 38cd6d0cc952d6974d7cc6295fb294d02fad7592ba31f98a8d83ca14e7b48cadb31b3a28a1ed67e37ca8541ef679c49d1818dd3f74c0e1a43063f6025ed051d6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7588e517aa9534e46ca631e4b8163af3
SHA1 c6c937b8a5f98e5542e6e1acb75592cbb0f8abc6
SHA256 8d8ee599225df421c8ec1d808422c16c687c9dedc189909f9cc8add9e10da0e3
SHA512 eb03288c44fce8d26effc69afcec4609f8c44c922fe8b57b932cffe5df1a73e3e4d4edf2ec7e84e323a65c6e518a722d3a718a90811cec5dc83ae9b5a43aaf7a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5e3f95d8668e43fc710cae7528572aa1
SHA1 f429e7e0875de53d73b2d35155fd866939fe5a8b
SHA256 da714365b5b533a28bc248b3c0fa5eb78838dc90f8b741a55be7f70c61440ccf
SHA512 48a6884283cb15db5cc6f5c9cf438d37e4aeeddcc1dd44797162ee67d4f54ad367a9946d6a348fb65ae31dd7eaf22ed6c9a39ad222de55e96b9cf7914734debe

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 056013f4305d186fd605382adde3c3eb
SHA1 eaceeb609c91836dd0928b8b74ab6d02b094b096
SHA256 3a02c27880748204158c6fdc80fa0f288f4e3c39dd18267760a3e10cb2ba740e
SHA512 5fb0b676a31dd8405d02118875ef8ef5fc90b088a8967958d5396037136e958eed41f7e99bd5dda22447da36e04682b0984a2f5bf02310c14f8ad7b4af37862e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5f8ad0f399a20f5e5aa8d789a2413a23
SHA1 6eb73977e10542900f7e64fa6629a9a14fcdd8ca
SHA256 e24c4c6019beb48c58c728c0111babb256a044d231aedbad8cdc44cf026b4ade
SHA512 511858ef8f6570c054e1620075ad70b68e72fdaab9ff228c018d4b687c2d72df5f26d11b307716e1fd487818d029e0b39dd0b7191c7c9da24ad2a33c9d1c08b7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f2ebe69b1e63a00835549d4f6c785f65
SHA1 29f43459c30983e39895dc01e07e0911d3d6b2d8
SHA256 b9f59def011f8e31c377481ecb27503eec6c59e2144ee81c0add57eaa4c6c410
SHA512 e7aedbe3627df9b7f6105ca9088d4322fb3fcb90193a7c40d4280e8085e5e7b31c7ed1e5ccdf5139757a18a7df8eaee3e543a7b0492ea013e681ede998703700

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a0fb4a6456dace19bfe1041b38344d34
SHA1 7701de14da516f487d69f3107189beda72ebc537
SHA256 9507407c649cd2ac59faecd7c955f3b8c004dbd170ddd4058d7d18251df1f479
SHA512 b43685e627de26b3e8d4e80eb0c9267c32bb0c1dfbf9b1dda6d588d810c7d9a15f9126d2f8c3ea0ec3923790749ccffcba9154fad5f4f0a2408b6e61821eb116

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 daae8977b55ef5ef7bf0a29e46edee2e
SHA1 5934f40c5f82e8b260fb37f9757dc2314258a992
SHA256 c1dab033731154949edc20d7baddc16749b8e350c87abc438ebb9b755367f707
SHA512 109c60f3046c1294ff942efba63e5f3df1935c0597d86063d543b896ed300b990dc7ba8d8ab7531df96ac81b849e8c2a3338f8447d1d425b78b1794af7d4b537

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 37fdf98f2c96b3fceccc318f0a4c05c4
SHA1 6df74ee4bc9d64c77828a63b1eb3cc1ef58d917e
SHA256 3e79b1c94a115199c08dd011062d4d3ead46a5aa7436f69f94662b4f0b4f5c9f
SHA512 e54c6a10373a27afb248ba7fd905171d86e88f61ec2333130154d392dbd1ca976b804c7bc682401d8893d8b2adacd07fb499d065d629f86a9e117d3963f55ae8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 bbd10f9ae864c849ad9a3fec5f9de798
SHA1 163329c26ff62d14cbea2b9ccd561259f07b31ed
SHA256 2f23f0f5035b9f78335d8abaae9416bc89b6ad877872ba36afe8010786960294
SHA512 6905a51f93bb0347a2342b3dba861612215b8b590f9527e9e2be80a6b84f9a8558b16c17a37ecd2e3cf81a7a91faf0f211ad2df00eeb29b4b856347c65e19aef

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ab1c3e2c71c418b40ddd736bbf22e365
SHA1 ce3cb95138b5dfc74688755ec298b47d5868638b
SHA256 34c396fd4a4477eac1f03bdcf6b9ab34f61927fb2ea1e40ebe4cb4e0c623301e
SHA512 6bbef6e537e1a29470f9f0856450b98bdc19d07ac758dc5580942ad99ea75d09bc6f68f7834e58356ccdc6fb3179e604c997e368871a1630d37bbef2c19bae1a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6eab6d29c50c96be25ba4334593a5230
SHA1 566b2b6e3fc85c05d9abd73e5d15a5376b5eaa1a
SHA256 feb46ecc70857e620d223b09a306252b90a85b1a7e24ffb8414390b5b921ebc9
SHA512 eaa3df2ff8fa186cc5a158bab3c746bf87c6888823728bb754f06235b4f440e1856c42a55fd0bb68d73c03de6b389f68bc2303237f931736a7091ffdf43851d7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c232430daa5ae9f89e020bd971a48db5
SHA1 21a11c9f6887996841782d24a40999d6892d86b1
SHA256 655e4e16ada666ccbbc02335cebaeec6af01ba1714a21558f204caa2a8fb17bc
SHA512 50d558df80d2c207b83b3534e60f04e0f5fb73b6af6af2f82448369d6c1e40ec6661b070693c5390ee7b2d8315adab75e93dbd391df44ab5da0721f9a36e3b95

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 234627d616e2c136a7558f89078b0061
SHA1 c6897ab0d5ec927094870e8723a678f2fa28b7a8
SHA256 9cc20512a26a1011f5906e009b4a1f437a3eaf13ce6ed93a1e0d3252c5a17787
SHA512 11a3ecf3fdd2673e6e34f32d21c7e220745e576cda3b73cd51d8a6ff8014cd6ec423ab340484c5fdfb134c4e5e06da3bc38f9bc07fa96613a96cf5340286cf99

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 33a09cab12bb1108d75168f86f8328d4
SHA1 65159eb2960a4228d452c6281c868a881fb8d5cd
SHA256 b4d0bfd832fa7258a82e1f30cc895f778ec7d7ba62d474a0af28865228140483
SHA512 db30c987cf2657eb208a5a5bed451b861ac928fa4c695f8d73c5830f8e2cd5ab607da153b4ee4f5aada4ae74936410fcb3539f5020d23aceeaef0870775f3921

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 af4371a7a1c08f75090251ee30964be5
SHA1 3461747c9f85ed47862d96aae20d77269f1b7630
SHA256 93720c34914bfa1f4480f6aca7ce97316962603c1bae124a23075221d6535960
SHA512 dddd5dac9312046a891a216a49c3d6f03f5eb423f5a230736103d57b6172ecff7c3f328861736071f4db245e86e00cf912ddcb98f73feda428157d15526d3569

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 dda2d2756cd2013257e80ee189fed112
SHA1 dcda3d5d8667836caadc29917152051934e33dd3
SHA256 093e86472b49b3fbaa7a0738089676379d8fcffd49fa4ff82a8ae8dbcc6857b4
SHA512 5828f1411b882bdfa1a67bf0d093d23e6ac1665b607c061f321e9ba767fb9c3d271a64d598858a7b71be1c28e093bef88e80c8171a5f84fb7ad30b4659bd1b97

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 63f4876f40924ef73e0953bc56536914
SHA1 acb5b633e894103360174c35c70518b33b42653b
SHA256 e850e56b72342a8638b48a4b239dac875c7b6b7bf6fed61ee76b9fa5da9c2a28
SHA512 8cfb3cd29e9273ed84dec88264a9bb9acb00c68153bfab2130410d1d12c17ff2be4a5070759e03384c3c4e01754ae949c8eea5076eec41392fcea0cd87582b9f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 55eb9af2c561a7cb8f415cc9bd2aca81
SHA1 375a9bd48230d8e46c972803576b73802a118b03
SHA256 84ca64cfb4b03130c743a30f8fee8ec53b8f3817be0603c3f16477711ee49662
SHA512 48210fa5c2f33bb9884426fba51867f10bbd5528c0e123a8ff5b687ca0e884dffc6864cfc7a91d40745f90fb106d5f7a6d2c27d55a2664432edae06f4e3c2528

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 10fd8e0663c914ee0902d3c0a202b93f
SHA1 5f508599efb07d0e05d5b6a282f83e720bb98d18
SHA256 5251d8c2e4e98ef47f4d3590444da5fd4c168a9141e8d8f78d854d67ec0f1e3f
SHA512 af0d8952cf7830cfc70e20540047aad8bd8c400fae76564d820c31aadf439fb2bdfacd9e102924ddeea8c0b804e814dc584101dbc92c8bc3bbc706b088c79fb5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 027e6f208cccf7e02ad42fd4c0e0b4ba
SHA1 b5c2520fde837ef176ec668da7c5dad7bf27a061
SHA256 1b0a16bb10af4fb45e27d6d777f6b1d6304180ba3f0de5e86d7199ed51043e11
SHA512 bcb7852eb98c326dd0f2f3604610a71b58b8a027dab318f7f11b9246ba70f2702806433048d093a5937cf4f48a34b5428090db2eea664ff3cf7d8076b80d95b7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 48ce352a42bbfe22eb51ab5e9344340a
SHA1 850a4e1555f10d56d724dbe6a56a6be38b8897ac
SHA256 cdce0bee0e03e4a1926d69c58cc71d6614267d9e40329cae8ea88ca0391d9bdb
SHA512 1a9a311bf547b2e4062e6999f9030dc2cf1bcc01a44a9dbfc65e367d9aaa4a7522c48c565fd8e4475e67bdd661dc43f69d4f64ee29fcaa6497129946480c6373

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 921566aea52073f31c5d5ca1993ff045
SHA1 0a3e56fa4937fe2f567fa9de5b3176aa247982cd
SHA256 d78bec626595c7c2627af4854c3b71b44ed084699051f0c73c2f1fc4bdf35a27
SHA512 54ff418e1616d9a3946001b60f95f197bd3139beec7eebdb4a72eba06a65c662a2b016edc6aad5bec49e08159bfbde0e757c48c11fd69d95c06ff97220217b0b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5a12072f09f482c892cbe1589aa19c34
SHA1 7112fb9534f370622be3e3f95c649f5781b3804c
SHA256 7c9b9a13a76a00878ac073f02852e8021a76e0f3cb081a1cd8b7206390abd72a
SHA512 f9792c60c3d61ecf7225eb16793df914aed8bf1b353fa900cb2b7e228478fa8e51f82c178363c0f4983a8dfd15cccaceb7231cfafb8000388d915bcf49d0d1d3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c1f8a49e71f365282796a3dd12f1bcb2
SHA1 42ced75c59c034074fe086728e1031e0a74a40be
SHA256 7426e69571ed0fefc072bc2f0aa72cbb3828a7bd573da9fa4e32c950a788adb7
SHA512 52bf127100732f72007f482af6cb9a859a5fcbbfe8356666c033b50a851c0f377bda5c70a9b055d99562ac48af49527b49a17b27817ebf7c719628e3f6b14bea

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 eba5ba70674b631935bca8efd91207ce
SHA1 9713e3ab248312989e3d3900fda4c66d9a164933
SHA256 d946cc24605fd01e557a7ba1d9407472d138e436f5209f163585e95c89380ecf
SHA512 be02c0bdb00f4374a663b42a087dc3a141029f672ecfa4fdbf26590539c463ac7611b9ff1cac7cc04c7595300282cb50df72082f353dba006a3cc2ed0ad7dddc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f5997f2e99bda4a9da11bf121643d935
SHA1 abe01583aa6bfcd6c3611dddd05077f6d4c993f4
SHA256 bf4e3bd06a04ec9ef6e680ecba1af7fe744216711f5bff36f425b0d97fe5ba78
SHA512 46a48a70111846d2dd6a49970bbbfdaf4f535bbf805ca4a9e13037224a921bd43267ccfc927e5cb7b4d513f584cd56c339491f2e36b84f92bf69d5d657fc3901

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a4c06616c12dd8df99bd4171fa50892a
SHA1 0726bfcf7379532cf462a2b6a90a83f5581e426c
SHA256 0e65ab62264c3dad8585b9c1060dfff50f183fea781377817516cfd5c89aa91e
SHA512 f8171993f8e121f561cf46ebe4b2b58c6ea6332a6055f58321779ad3b87992fa5cdd0276f379c543f0598d4740601730d3ecf4f11adad1e8ec0a298febe4b208

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ed446318d430183d2db083e1bd51afbf
SHA1 c003ab1c4816f656ca2ee24717672592b1938f34
SHA256 b741e384568baa04a254626bfebfa9ab342fd8c6ee2f0a9324a1b7b81aa4a497
SHA512 e668ae87240d997082bae86b017476488d0d2861e5374302e0a2be37d86e9a8575a525de9c94022166be4d8a5b0f2d76dff0482628e9968c68cfadc2bdcabeda

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 eadf0ebdcb2993793af30b61a01529b1
SHA1 b6790a67a7d87c42bd7e868600844954c1732a3a
SHA256 29fa260dc1e8a63001e04ec7489ae9cf11919f5814ca2da4908efa3b1011776e
SHA512 662bb375a8403c6d9f0b94ff555d801e72ea405b65b665ff133806ff778d58439d226bb54eab123771d9d4a7466cd2ac89e064b1eb8cab656da762f955fd873a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c96785f622cb932de5cf20591c777fb9
SHA1 1b8feb1f236a6683535378c2a9874c61dc75b9df
SHA256 381d9b150e42fb8e35815a80b05644a888223e14274e1ca93029b3e57ad4aedf
SHA512 da241cfc0af39eefa6ff01ab94f086f9d45999245c7d6457f8ebd8ecd675d3c147ed5d4a3bb97646d864801743549ec641e323a575cb5167fa2234771057c51b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b2b76da6e1eae91733ec7cfdcd4e01c8
SHA1 908f1d77dd758753e9faa9ca3ead18b908636ed6
SHA256 2d89cfca13eba7875a48176992e2119af4b373e0cedc49918368203b4dd0a141
SHA512 ec5422e47f288cb4ffe9beb141d32a2a526e37141e52b530809b002d72e8d4eea488d4469d1abf893ac3b88b591e8d8cf46d72fdfd7582c689e32b5bcf4cb0ba

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 19e4be28e7f916f9c31736f9563604f3
SHA1 5174d9e912d47700689c06c9cc77dac3864f66bd
SHA256 b94b14fb8fbdceee592d98cf1ab1e6db1e9b0aaf7910efae9ba96c75f0b47975
SHA512 ac2f8411802cd0ed8e8f2ab5078f9acbe3b76aa08a36fe791cc85baf695f4c147b5acbf5a12a54c5f55d3dd6b3c21a089f6c7c06fc46f4b7abecf2999da9bcbf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2ea74eab1380be52b759f110db12e775
SHA1 18d3213f8a38f9a31175b7acd6fa42e7b1ec6d09
SHA256 aa4cf4b6431acf11e4ff7fa0d2e04fef0476bf562cc3a1c6e76679145f07c34b
SHA512 d28a3bd97f0796d10bc4dd7e333f8157869149be24f9f806ff6a16dab73d0cae45167f7e5ba3f715d2365b5241ec50852fcdf2c7f69fb2cd2ce831e5170d346d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8bf97edb185d4f9e245b460d15f8e4ef
SHA1 1430ca7078c2dcdb76a8231d5be4d733249f0df7
SHA256 bf7d5b876d244504ca28415f3c4fa8b3e7375f23d06cf979852fd4b100ecc697
SHA512 c0a1ce1db816d1f9a0a213cd15d500e02e0c6c9c05b2514653b6f00bf7ffcf20ec7729d525f786634f4183e77ec1bebfd808f5d6db0dd721ffb9391ae6f05606

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 576cc0c4c7025f8af05c156eefb4c2aa
SHA1 fda7ef69eb809647323ebde102398cb942b224f0
SHA256 bf87551791ee074bfb90409a9b23eb587df18a754eafd74f9086eaaed9265d82
SHA512 99c2839c08ea0cdfb47537c0c949a198e359113c22ff391f91550fa4144f67f94e4779160e5da71126af0523365514daf043731a44eaa4e33e3e38edfbffe8c8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5b8841c86fbf40070835b6af947d9a26
SHA1 33bb33bc925bf52f798db602354374680b00b062
SHA256 aaa10667d5f87600148d4a04e466e717e2a56c6971573467dbed40fe2677cfc0
SHA512 2649ecf7d6339b0db05dab997522b5b408b8eff28a8d166943b43a18cbba856e23214f82b1aabcaaf0b25a14b92af020d89ae59e6dff88a7cc8590b9977cb040

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 dc8e4df78c62d78a60fec0798e1b9436
SHA1 ed4ffc42f99cacec96074f2c3414c248babac7f0
SHA256 fbfbf333cbebeff7c9be01b2e9dfa7f283a1b61f9fd53d5d0cc48f90005b515b
SHA512 382d01e5869aa6e6321a4d81e3c2b942da8fc24a82c012e46896bd44e5a64db73858279afc32e8515e1e170c1aee1c039aee9bf28048c12e12ba3c489638f6c6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 86616771348bc73028b6e24af06b3525
SHA1 1d418ed269ecef90d3fa0581d7ff646a26a68935
SHA256 61211cfbb6029750bb8063ef581e6121e93b9552539a2be469c6e732f8dd76f6
SHA512 390325c83a63de2f65f4d76edf14024f9592be8a3538e4ecd4643c65d490676d632fdddb4af28c7860ae93205452719b66320ec2d80b95bcd6da45247d2e321e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 bd190d7a8696174144005ea735c3d288
SHA1 c9c90325ff21dbc8ce3fad9a913129b2de3ca477
SHA256 d5d1aad8cfc2fd066edd22d5920736fae93626a4cf300fa0dda5d14b5ec7269c
SHA512 f9e57f514c5c2c695a9ce86d4787d018a229b2af46580db5a35675a2c4b5c682ea1b4622ad93fbcf79eb885421446cedcb875b65a2383043f3803c58d368d372

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 bd29a4010d0246e8845393bd68096d6f
SHA1 9e825dfad75ee18d2f98b85acb45b859bfb87a04
SHA256 67f48fb64108d8a57e4e3f2570620c4c992edf8b86e9dfbfaa202893c80c2849
SHA512 5e66e527f1eebd9f6e6bc6c44b2bcf6512d56550366504e01902fe77a0977da9858d174d2e9ab574d770a883d5abb5c62877de005972f832060b84da83ea44bc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6f20f7246e82f240eaedbf76405984ac
SHA1 64a93a88988a0ced177290777f84c10d54be3ed9
SHA256 d970f4aaee0d3c9794a1c9c511b64c7aa34a962d387cd55d38ffc79081e35592
SHA512 185b515f972defa17a00ebe3894858331853c3691d87484141c1e97f02ecf11439543f67884856c7e583591f37d29891f1270a706c3ff6f9f33e576170dc8634

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c3390cab66b109c31a5c1bb66a27a329
SHA1 abd697ca0cfd7c8e084010073c0e27c5dc304590
SHA256 f360d0955d459a80a987e5a84c15d7e46d9a930dd2798d3b9a58cc9b8ae33afe
SHA512 7f8d123e89b314ff199224b374a6c135e37b7be68ecba2578bd456e4b32836d7db040cd2fcf5488e237b981d90906ec63c91f1bb223a2f65c6091b931bccf975

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8c898d80424d5414eab5ff6113440bf7
SHA1 2b2e7f540aedae9b2384112761a428a16220c986
SHA256 41d91e8e16e4f9400a1f24d859916450b8710c0647c8fe636078d3f04fdddcfe
SHA512 ad803d72d46dfdde21f12556dc1045d18861a0e6e4941399abdc29f4f26640f6c1d986dbe89ec958656f72458beda8df8fdb7aa23887ddd9ea8a603b793c0ed4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f810c43e3a5d1a2c7342aeb9dd227474
SHA1 246e276b2c1b5b86272ae8a8d7f92df78d949f3b
SHA256 7f7697e349e0b9fc5736739e28d067e9882c6eab0c0031c05caf2d0242cd33d6
SHA512 fefb66dd7d900a75f0c06cb90ef6ff7213c16e4c34fc886b3e9a57f8ce7c799201d54ad8d825d6c4306e64bf19adb629a2f2eadbe37dabc0e3543da224909631

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 30dd20b7710b8bdb5935e5305fd3361f
SHA1 b63b380a824e13a430df13e59eae961e51cd0c5f
SHA256 6998c44c260e825c26be0be34dfa745bab08731295f384fe84005c6ba7715b7d
SHA512 ebcd5922417644d9ef0e0ed1471961844a8be4ced80652d050927ae34b31abb41a8cb5b99cca37f8a08d05c7d11def4566a4667a2cca59045b29029efbcf4484

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1a8c03145a09c442ca5929eb4d85fcde
SHA1 bbd7377b221d612c8e4c7597aeec2080370a2f47
SHA256 24406e62138a66f47db3e0b512dd36a8fe153183f3bd5890759f5bfa5c25a604
SHA512 cae6ee11c8a03dedf9fe204e84b9f93ad36ae10f69661a536d55a3e5769a9cfae211fc0fb9310253102c4caa6ff3817599da5094cb8e435cdacf037d47a8eccd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 fe3b6d0a2dd167302b18f12ee2ad8f7c
SHA1 2c90dda3a5fe8f05b4116da100486c6c39d973b4
SHA256 cd8571331622b0310e5de6154e9b6e9ee73a8b58f50d4eb6d391a51bce80945d
SHA512 646a3beccae68a271475f4eb8090b8a9f5743cc3a9023fe7c2955d49709ea55646d68ff36c0294c38ec28c9ddd23e347137667f52c2cc0a6730112ffc2ff5842

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ca934215390b2792387b436b8494aa0e
SHA1 9a3c4ca9a709ae5b30add0742228ce7abd5dd9d1
SHA256 e991b3f75810d49615812c95a28537d8c915349106fd8520e7968598f3721bbd
SHA512 c9e46f8a0309a07e97af056fb22308b11b77edbccc761d521b30a9c46eb9863e97b547d0d10090b4039b52a3265da81d84d042a7cb4db327b1ab5bba58a323ae

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4e9def2b393aeec671c889530c9388fa
SHA1 51cc845b19b1e0bddea43f3cf67d4eb7b61f0f55
SHA256 8494866bf3297e76c28142898d7ad7ee3c845351bcfedeac615a40a2bb16c0bd
SHA512 f12b6488bd88f169f30f2240551192b91d3a64435ee556b1b37c288a4de7db9d83e50dec73c0b494c692896ad431c0518bacae5841b10dcf02b41a838d32b970

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7543ea5e462e5420679753f228d4f367
SHA1 160a4136f3b5e5fe910b8657fb5f834d2e5b886f
SHA256 d6fe1e2072501a4dd50e137306687f107c9d77ab4f4448595f853f2a3b07fade
SHA512 bab8055ce779b6f835f4cc01f5a51d0bf5064d6d29f77917d4c019e33b388f32411ab7c5bc6312fe51102e038086174485538fc17c6b8b11a0d7e8635f5e86d2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 144b7fa72974239dc5713cbc9e4f3cec
SHA1 083346ff6e865ec759f9aacf6f84c68920027d56
SHA256 e1ff4cbe833633c246f4646c7c2417c895c6051b88d6c89189556aa15f840636
SHA512 6c34e843d1368c8b99fff6d285fa40daf75959404449cb2feef8c9caf438f98c9d272dcb0abeb529486f44508a4e722fcc14cff2d8e14b16439ed2e780765f79

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a7726e076e29673cb5cee119806dc22e
SHA1 90268b9a1dd58e673a8a0795a85011b6e8fd1e3e
SHA256 5d206c17c1c52f9374c87f7a557834b8954a704e1a6f324f94c5a8c8269924a5
SHA512 e667903cca0ad9098529c64aef79a9fb3a67a97167af796f01b331cbf243ab1417d177979d7d5f671c1eb1dbe0539751ddbb51962782e395ae3345daa6f37f30

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6207bda2ccb37e5f7f140b1aa82ca3da
SHA1 f85a144bd41ea9e90ce266c148d4d0c98f4f9b21
SHA256 d502614d996bef42faebb4043cb156434c072c76972aa06eb81e23a2a5128d07
SHA512 060b3b33e622ac62281d80797f5907efe99ad440ae27f379e1961168892f9820557948d61779df29cf76703c40f3bfc217841271cf1a4753f63a71d47c013028

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1c9fb5690099ccdb3a78ab05b6167394
SHA1 16d75a4d2ffc06412a43e59d192733a49c197388
SHA256 e9a2f3ce9fe3f3f6425da0550394d0e59588492f7f257c0c8d7c9f717ff299c5
SHA512 ca02ac75eed4f6be56a48ac8302f0ad41c6595d4e7fd9d44ba8687ec18f3b9717fd827617b44cd1a2cd6fd6223a37a1ed923d6404a516103014af9b0300919d5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1a1cbe8ef2f38efe0b8f32a2a2dad63d
SHA1 d2026ecb03a907ea82de917fbb8512776c293c0c
SHA256 eb13aca96e3adf6398a7a0a8d9e46501565c6b48640f95d06849c5dae90f4f1d
SHA512 3af2289c6013db06bf7ef8419be57437c9401e1940dde840f6a4688e2721d017a27462e6d98b3d4af325917eab80822ab1f885d2276e91a353c38734dc6f654e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ea790864ca5a4634a003b1942d372c88
SHA1 9dd4b3c5543ca0d095ec01d3e7a056af8e7fcf3d
SHA256 3eb94ce7c16687d0290667ae58633397674409ccef3f38aae195170715c50f02
SHA512 9a5b325f1b28060de7888a28298249e0d8b687a52215465a5235263fda1d0a1d7d5bb090ec6d9af54ec5e65be931144348fa046766ab686c03de439fc44d08e6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0edce9513e85dbdd769f196b0219abca
SHA1 c3f8b70ca3ad83669701b35a2c11d3435aac8267
SHA256 f54d975b5458045c6132a25b2816e343e015f1f8e101d964476053dadb9b8ae5
SHA512 69fd7104fad6c0779018f1cdccfe5772248a942718545e6e2f418cbc29f3451ee3bef442b8b20ac81a61b583dc1932325945d058b1984e2fa4f475b64c3608eb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ef0e6740f2b14fbcb4f2a7824a61f5dc
SHA1 081d76517a3fd2f938ce395a23522f94d00da299
SHA256 b96e4b0b7aa416cb766f2d0cde190408b01c106f71a9b23cfc4c2947066006f7
SHA512 c9c7f63f4430ebab405b51adf2ddd681724e713e4d47f3b66919f7af0a0feed6c10bfff00a542be3a0bf489dfebe5746dcc86ec93127454141222ae83719048d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e74209e8e62b547194275a9bf8a24d84
SHA1 28d78e2292177009b7d1a78c596a4e100c32b1da
SHA256 ad7ca6c4c2f7250a4e2a9983edbbc57e97d9a94e2f7def5d911de5307598f14e
SHA512 6d09b2d8ff7838cd5c10b64863b43b1b91ed559fae7caf344b0497f809f964d0f37b365ff5aa1abdf73884be047c08eb15397d806990dc7b7df0b326bb28ee95

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 34d665d666b754c84ec3dcdacea909f9
SHA1 4cd1b8421db6f60aba4a3e66d121d1629f99b743
SHA256 421a19ba4f3156a6f4cf2816f952cac6c21a75110cf7e8ffd16e8e7b1f44cc4a
SHA512 af825ccd4625e894bc038c6e9f045d881f0df2d50151e3d4885afaed1207a9ce94b5e48f0d81d4e8248916a20d08dacef34e2b7dd9dafa82333296b0b6c4cde7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5225811ecf74d43d2546c25fb15d1a13
SHA1 8a894d815696f0d6f8e6408025706ed3b7d01f7e
SHA256 ce295f0e4700d09c8c04e58931f3f8ba37b76aa997c1d9ecb8c4aca9a8fd134e
SHA512 df590b1a8b61be789a0d40c83799f756019000d30c160380dc959a2e3adf3c4b5eb8d0c5701a77265a01f1be909eea34d1cce09fbe1c094ac79c88a8c20a49df

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 da27360ccec67edcbf1e96e87c6638ae
SHA1 9044f2a0ffc10f2bfcacb9aedf97b6622361c2a5
SHA256 1cc3c0de7171e414a550adf2997fe6f085dd0eb1567a046712e27e1bd4e40d08
SHA512 5943dafb99b4503d974017c473371b6417f3edf5fe45b68c0e23e9f918097912bf6ee9591c5ff90d0f1cb889cd57d2572f97687c730f06edefcca49c6f026aea

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e4632b1dc92632cd724a93fddf5ed4c4
SHA1 1fda60516a1bdecaa849b08fdcf894a591e8578c
SHA256 c2a3280e308eafb7da59efd00d3fd34f6aa42c3b59c235ed89aac91a301b6555
SHA512 b4ed4d0f804c3eac40c58af2dd1bc1fcf7589a7d7bfee192360eeaebf5c0189f13339535eb688ab1df7bc0c0583d11ae1bb9b6c731dfb0562a17fa76a9574206

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d65ad42afec285b4d48feeef28dc32a7
SHA1 09ae0e3b6cfe4288c7c21cb925b336d295ff3f0e
SHA256 0c9a9440af80e7cd89a961fef274d9ceffb9cff7e4937531456e96c53a1ccbbb
SHA512 fe52f087082d8c8c17199bad72103fee0d142e02c132ea4789b90e70187396512c8b9b3ecf03d17779ef5ea008c449dcaf27a9b72724f8ba023cc0bfb75c6b43

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f35699094c358ffdc8fe75dcd5e6a7f4
SHA1 26f78b914a4c96208996c54a028fb4d7b5290613
SHA256 6bfaa03937bf7130950b0388d7c0ad03d9340b4c8cb43d1d57661257de7064ec
SHA512 cbc16bfbb830a6c2d0ca689d670b906ea5358c629a6c3772243ccb71745bed48a064ce5819fb801a86c1b321e8d9a8c0672772b81e960e69bb77bd66a8c0c621

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4443345d6d811819ee9e2b7c1a1f71c6
SHA1 a269165c2dc903f8f14ef57a132020da3a5472c1
SHA256 88bbfa2400a4996f2f1837d0933a28b229b94b0fb4b0ba0ad3b61f32ec694f3f
SHA512 770b320c687f4db80607c8493d7dd74ce28fb64625d4ad11a754f462bd78590e91fdacbeeac5ab85e62c00b2fa9d9b342a222d79d55633c58277af13500dbba4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e473acf3d737c4b03d02451e9bdb87dc
SHA1 1c4f40fb7e1e7516fcf6b7d4c8161a4fde9b0630
SHA256 a7553054a48c585c90074caa1e93ad259b60b200960c828aeae0a77420b96d09
SHA512 3a4318221517c24ce8b5e703ae4c21f53d2fefe55687220bd7cb7fd0be6fe722d86664ed5a86ed70c4af1232bd7d6e8dd8b1c72bedb43600b3ed1e682dbdb0b7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 bdc3f5ebec4058624603a2e22b76445d
SHA1 5763dca8ef4b76493fd044e42c7da4206edc389e
SHA256 f9da0797fc13f41a84a694a7d6bd11ce9980fdc31f086c76b0fe06441483840b
SHA512 67771b9665bea45569f6a5aadba1f4972768d5db935f2421f083fe71faa3031ef72f3c4d630c60133aa417dc10060aabf28e772d478f8f51bc2a145dfa365504

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7e6f0f0cdbeec91f071ba98836bb52a3
SHA1 bd7053cab276b7ae85135e1a2141e18c51f76481
SHA256 5c5ce222795096a9341574c65f38d44f24369d536e10dc1a64199f78dc953c0a
SHA512 4e542015b4d6aef38bbce2a8297e63f7fa88eb953f57342a6485491effc611496ea09b0eb66cf393e2e489357fc963d6cc15dc033afa9d2864306fbd72c4013c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 77a121ecd93b59553b9387edf78440e5
SHA1 79748e6dea1f186b9cca4dd1a031e344bd628687
SHA256 9ad0693a84be55aeb60206113cc8f4a5a9388563b9ab0275d77f67224988fd64
SHA512 c3a2c2d7d99d16b17ea8b1819e8c286d44c26996aa95598156610183d2c7a01041b2697d4a22bc9e53390dc8bae170fcc126284c7f6d2e7ae8ffe6e508017e9e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3e7503f73825f1575101a17b99fc4152
SHA1 3b35ef639a405c09c79f8ee0b10238b9135e7015
SHA256 d03b95d30135ca9924f8bea084fb39535fd371f69f11e552cbc8755cdcc42515
SHA512 d6c8d3db81fcbef5adaa07398fe45c67e34c723dbfc830aa923466e1dd8134a1c5a9ec7fd21c0b49b57c74567ad2238fdd705a801b16b943b16467eff8839ed3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 385f3cdb44faf949cdf6f0155be2c958
SHA1 a38d64a44089419f7aa8cba0cfdcc384854a7ce3
SHA256 50a42925251cf0c4b7e27b6e440bb6a5d258e1521097ea70a8732cbd8d3d8c38
SHA512 ab43d665af4d430a4b0b36b28e2807e5633777359a4e8e765efc85cc1dab5081d358c96fc8c7c21047bf1961d6760798159221e6d92aa07d909f4b5057469e3a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 723bca6c47f121f03f8a02dc06a4fb22
SHA1 eb7e9d98718251c1a9549b4ff7b05ba26765b363
SHA256 4fb4e6afd3a858385c15c0807540bbccb40a0b32bbc0df98391dbdb14cee76c2
SHA512 5519ef5d25f865be8a2c885e6e7c9738ba147e71714fe6e3462e51bd7d3827b91d54c076e1c1e38bcd0fd22701050bf7be2451e0d804d407322b8b7aa561229c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f0b9c3eb2632f698f32fd126c77a618c
SHA1 6bd43e03034e26bac8a8604ddc5743362f6c2d17
SHA256 86a55a62fe4bb58dac26443fe5acf220e65f52cb5f290b8fd67c6cf02aad939b
SHA512 768b516e082c8b564e33e1c2dc3dee67f5f71ac8da280f86732fe5e1fd057e3ac3fd228278f23114572925629269ae1ba9f326c1e9dc713574208e39300c9398

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 31b62bbe666eee297a115fa6bf97e990
SHA1 c5f93d8e8266f8355017346e1eb02a93cfaf04d7
SHA256 215f2b66b1f8529aa9ae9ecfb8fcebd097b56f524e2119c70e952084d37878cc
SHA512 f81cb712dc46cc7d146c54dcd33fecefffeb59e3f53771ef80330069d910802f016be718a2ddabb1b1d9dc698198d1eae74bc1106296e83c4bec6c98d9042afe

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f0836119a2a48b9cd20c661cb002ac8c
SHA1 54cf3dda99680488887d45c5e331bbb30f05ac70
SHA256 8f3ebf951dec0ef0e2389499a92ebd556e20922cb0b457c2902130a899785211
SHA512 e3a9ba184eca20e2ce99c0b50478f676a76238ab5c28fe3b850abe24ffe5cc6ede87ed9dd39f9b40bffaf18e59771b2bffa9b29b203783b7059eca0b4610f51e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c574b2497a601f3ed4482c6ee1db2a22
SHA1 bff27b84e7e1f1d4f07f131f1a9bcfe62075c5dc
SHA256 a4f7355843908508b68383470354e9674706677370b476b5ddd565e57942a2c1
SHA512 93cafd213fd31fba8d938ba29edd75a44722182ffa516c3261fa4fc15f6809bbc3139ab8b6eb473f6599264221f7a11c179a549e9424bdd23442607525e420c4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0696b06cb4607f170d928d7a74f2258b
SHA1 1fa0d2deb6c9923532966e643ecbc61857dede07
SHA256 425cae6f89bf3193f6ecee81dfc854770c0b6110184601f10368686c8f30b8c6
SHA512 4a5155857fe5f6e8569b6b32b61cd8c4160c4ffaec81a8cef0f5ce5c93dce66829354a17cf88d54a01bba230996fd0d591d9bd89be3ce6560197fc47cd3dcef0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 301f59d5f78a0d02f2881a0d9fefafe0
SHA1 18daf6b5d0528aec31766eabdb9e5933aa6e469a
SHA256 198e9e6f90a805e144b2a327987f14c376dc1ce36a32161630ec51b60a0a09a9
SHA512 ec5453af985b3e5e859a98542f98fa5b3f75b17c28c9ddac9532401c90d6d9337478c1a47bc0ff198c34175724823553068572676d3eedd21812f6a7014d6d57

Analysis: behavioral4

Detonation Overview

Submitted

2024-08-31 10:45

Reported

2024-08-31 11:31

Platform

win11-20240802-en

Max time kernel

2700s

Max time network

2699s

Command Line

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5

Signatures

Drops file in System32 directory

Description Indicator Process Target
File created C:\Windows\System32\DriverStore\FileRepository\display.inf_amd64_01cf530faf2f1752\display.PNF C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created \??\c:\windows\system32\driverstore\filerepository\display.inf_amd64_01cf530faf2f1752\display.PNF C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Drops file in Windows directory

Description Indicator Process Target
File opened for modification C:\Windows\SystemTemp C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Browser Information Discovery

discovery

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133695748018295648" C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 436 wrote to memory of 4300 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 436 wrote to memory of 4300 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 436 wrote to memory of 2064 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 436 wrote to memory of 2064 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 436 wrote to memory of 2064 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 436 wrote to memory of 2064 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 436 wrote to memory of 2064 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 436 wrote to memory of 2064 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 436 wrote to memory of 2064 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 436 wrote to memory of 2064 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 436 wrote to memory of 2064 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 436 wrote to memory of 2064 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 436 wrote to memory of 2064 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 436 wrote to memory of 2064 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 436 wrote to memory of 2064 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 436 wrote to memory of 2064 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 436 wrote to memory of 2064 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 436 wrote to memory of 2064 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 436 wrote to memory of 2064 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 436 wrote to memory of 2064 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 436 wrote to memory of 2064 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 436 wrote to memory of 2064 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 436 wrote to memory of 2064 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 436 wrote to memory of 2064 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 436 wrote to memory of 2064 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 436 wrote to memory of 2064 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 436 wrote to memory of 2064 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 436 wrote to memory of 2064 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 436 wrote to memory of 2064 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 436 wrote to memory of 2064 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 436 wrote to memory of 2064 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 436 wrote to memory of 2064 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 436 wrote to memory of 2092 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 436 wrote to memory of 2092 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 436 wrote to memory of 1920 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 436 wrote to memory of 1920 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 436 wrote to memory of 1920 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 436 wrote to memory of 1920 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 436 wrote to memory of 1920 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 436 wrote to memory of 1920 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 436 wrote to memory of 1920 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 436 wrote to memory of 1920 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 436 wrote to memory of 1920 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 436 wrote to memory of 1920 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 436 wrote to memory of 1920 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 436 wrote to memory of 1920 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 436 wrote to memory of 1920 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 436 wrote to memory of 1920 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 436 wrote to memory of 1920 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 436 wrote to memory of 1920 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 436 wrote to memory of 1920 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 436 wrote to memory of 1920 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 436 wrote to memory of 1920 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 436 wrote to memory of 1920 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 436 wrote to memory of 1920 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 436 wrote to memory of 1920 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 436 wrote to memory of 1920 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 436 wrote to memory of 1920 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 436 wrote to memory of 1920 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 436 wrote to memory of 1920 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 436 wrote to memory of 1920 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 436 wrote to memory of 1920 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 436 wrote to memory of 1920 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 436 wrote to memory of 1920 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffcdddccc40,0x7ffcdddccc4c,0x7ffcdddccc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1808,i,14458687789136904034,12546171531479643846,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1804 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2072,i,14458687789136904034,12546171531479643846,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2088 /prefetch:3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2156,i,14458687789136904034,12546171531479643846,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2344 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3084,i,14458687789136904034,12546171531479643846,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3104 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3092,i,14458687789136904034,12546171531479643846,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3144 /prefetch:1

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4784,i,14458687789136904034,12546171531479643846,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4796 /prefetch:8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4540,i,14458687789136904034,12546171531479643846,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1008 /prefetch:8

Network

Country Destination Domain Proto
US 8.8.8.8:53 webminer.pages.dev udp
US 172.66.44.158:443 webminer.pages.dev tcp
US 172.66.44.158:443 webminer.pages.dev udp
US 8.8.8.8:53 158.44.66.172.in-addr.arpa udp
US 8.8.8.8:53 42.169.217.172.in-addr.arpa udp
US 104.22.78.190:443 retired-jorey-malphite-node.koyeb.app tcp
US 104.22.79.190:443 retired-jorey-malphite-node.koyeb.app tcp
GB 142.250.187.202:443 content-autofill.googleapis.com tcp
US 104.22.78.190:443 retired-jorey-malphite-node.koyeb.app tcp
US 104.22.79.190:443 retired-jorey-malphite-node.koyeb.app tcp
N/A 224.0.0.251:5353 udp

Files

\??\pipe\crashpad_436_HQYJPLJHPPHAGPCV

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 78a6b06a9052e53fed966d424ecaba62
SHA1 d9346f8c584c48639472e6fa3955fbe2a7fed4fd
SHA256 33bcb14f67f90926efef4075cc60f088a2ae6cdfbbf1097341b7598f8a41bd79
SHA512 1b61e76021b1ba98ed3d38c370ef1b77dcb38d6b668f1c30f810a8449ff2e5342b3f0a0c785e79fdfa4ad9a7475fca59c9e257768bac13724c4febab2be84cb7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 67158e33beac04c3a0665d7dcb75f2f1
SHA1 95c33daaf4935d7b7f3b0cb5805636ef6108c69c
SHA256 1803152953ea5f9ebe9508dbd34e43d5418b9c05d0e75a182f68dfd5faa805f1
SHA512 37623cb715a3d6344e653e94407bd293e06b3728cd572451c469df245d6e1245ef94625804ea4f842c769587a851d53c4120592bd887ae8aeaa644c9b0572874

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 0894534818574940cb7f37dfd2a1fa95
SHA1 58b1440f2e6a7e75d866fa45f304bb61716d0981
SHA256 5b45d285d1f2cc057b95075a80349466e8b8f3596dfdbd0001791442fb3cf4e9
SHA512 07d5edf490f69ef3ff5bcdbfdda33902d742c2bab342b1e991e0c3d1212e35eccd6c66072b594b55bff8f3315b8143b08a0f751a913ebd5fd12a68dc25a8d100

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

MD5 fcb21d3c947660da4a9b0f061edcd6ef
SHA1 18aeca279482b7e4aff93bf7199b6f46deb04245
SHA256 38a8d71cd8fd29aed37066de154b581c0bada5c9e1f9877ae58cc079408c8abd
SHA512 fa745b6e40a6da8e503b6c81407285bf40c9a1ebb06632124ed471bbfe57b9a312f39b8d3571843374849957abf59136648adbdb4e2980d1d4b6cad9368c7764

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 31544578fb69d8adff3b2c01e2ffcd1a
SHA1 e889d813785de9735b4bfb40cf297f465984bad8
SHA256 9ad10571977964454518845ce7fcfe6e82f0c12941afd17c1f5e503c936bb8eb
SHA512 bc0e869dcbec37dc2998821247462677cbc1219c7011a8dc096b1414639255c8366e86e2fd46a0a4e32a1c4685ffd8f9334bb88a491825e1690619fbe280b758

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e8a5885f1e18663b3ec423037da6fb7e
SHA1 76200013201ab14e1994ab4fb6fc2ce582d6ad67
SHA256 921f8248c7b18e7fecec2a4b9db30bee3dd9669c3a92a90263412e4d7a49aad9
SHA512 87766c9fef3d7b4afb7303de622d6a1853bc009765d3af2edc2e93053a7ce1ab4c29adfa1f476ded13c75ae89ee1dda68c58e5386b47157c75f3d61faef1a0d0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 61ab13fafb1194109a39a48690f3e191
SHA1 cabcc5016ea000bcd2bf0254729fd0dcbbd1d417
SHA256 e1d9ae475858fcc294822f3bd78fa622dbdd4607db1c17f372ac143fc951ba44
SHA512 b845a8db22d9ba686e6a2d45a3f0a066672501947d1bf452fddcea0e1ea9dac926aa500ec153b58204bc734fba41b22e7dfbf6336d1633f8e70b3caf9a0a71e2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9acc64621d9c984dbabf65887b24318d
SHA1 f916653dc0053955ba3069812526b13fec2afb0c
SHA256 bc5dc173df9b6464e1444699fc58362340ff55262af57ad376d1dd0b60b7d091
SHA512 b7e67b5e6fb1a658ab0617f9c2dc8e83459e06e399cc6077ff40ae85104f648717c60d042b5157d439414fb81b5d708dc62e1ee9e1654fe60b260213fa9bf3b2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6908cea3be55337c95261c44c5d40816
SHA1 98d2acabd36e6ce9319538f7f0e815311fc9b690
SHA256 527cc4d86ff73434df9fa6d700fcdc2ee66eff8a2890d81b1b36168f964eb0a3
SHA512 e43b3c2f9ac41e2a54215ee03c7d9456b3cce32753038be5ffb103988e87044bcb3b25833a69dd1ef778199890a8309640ab3a10ab18c244f0d9eb11930672dd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 e6dd12a5cf3afb64c799b70be538cc77
SHA1 4340628a74f5d3e809691734bfe4edb0e405f6bf
SHA256 894effecfd4c37ed56f95266fff5d1c6b98e66a35f1477eb42653e869a0bfe5e
SHA512 8a3c46b5b8abe51ee05eec2cac24a7187a3f1b3d48f08017c11c44496883ea5f744d5becbe499a87b2893f3117160b02cbd40fdd9845e93b6b560376b355dd8c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5ec86463dfb9754ffbe8e2b46848b05d
SHA1 818853ab25a1fdd090e93199ade72dbbffd6decb
SHA256 58115dba20802a13875f71e0796bc9f5b678aa0688de52868ec8070091cbc173
SHA512 1ac3f7a5965b4c22fcfe39192477589782985a9eb0ac80402422722c44eb4eead7b03f66a8c8b928ca129f6865748d0a1c3474665877879530cdd8dfbc2a1f08

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6feb929529f5e8fe1f08a7f4929bafe2
SHA1 8804714230d4a70ef975b5c08df8793ebb522d90
SHA256 4fc8fc7c8bf3e488ba6abedd821592bdd3eab866a9f93b385be4ff7f38d16d75
SHA512 f90ce62e74183aa3259bc0e702d3ed5ec3d08da860efc9a5e0e39dcd8d39304b628433b5ec14a52106cf5267fa904fa318e936d336d09b9aa0f21c292962c411

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock

MD5 f49655f856acb8884cc0ace29216f511
SHA1 cb0f1f87ec0455ec349aaa950c600475ac7b7b6b
SHA256 7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba
SHA512 599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx

MD5 b5ad5caaaee00cb8cf445427975ae66c
SHA1 dcde6527290a326e048f9c3a85280d3fa71e1e22
SHA256 b6409b9d55ce242ff022f7a2d86ae8eff873daabf3a0506031712b8baa6197b8
SHA512 92f7fbbcbbea769b1af6dd7e75577be3eb8bb4a4a6f8a9288d6da4014e1ea309ee649a7b089be09ba27866e175ab6f6a912413256d7e13eaf60f6f30e492ce7f

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val

MD5 d222b77a61527f2c177b0869e7babc24
SHA1 3f23acb984307a4aeba41ebbb70439c97ad1f268
SHA256 80dc3ffa698e4ff2e916f97983b5eae79470203e91cb684c5ccd4ff1a465d747
SHA512 d17d836ea77aeaff4cd01f9c7523345167a4a6bc62528aac74acde12679f48079d75d159e9cea2e614da50e83c2dcd92c374c899ea6c4fe8e5513d9bf06c01ff

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 385d0962786689a9fbc45ccf1b81877d
SHA1 64ff50a9aedf20553d5ae4286ab6e0a9d385df8e
SHA256 3cf36b4a89468275d0bd34044d90aa9c1d46f6504fb23abeaacbc59eada1603f
SHA512 ba07f8a33d4e02d8ff818c915da25551b38b8a4456d732afbbb6ea55be3fa8191145fb964a49d8ff28005e0493da98314f8a1b1a3b987fe8f90349ff81d65935

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a784b1ea64d9f0b4599f0fb4b18f6cea
SHA1 8e4fb9751972a1d14c6e1a243533bb08b2c141dc
SHA256 0f556b634bfb4cd91d3b39585f775f929083e23b4eb6a0c911074086ca13178a
SHA512 0bf97b8a0fd8d4472e6c3f01591271a9bcbeb2cfb6db1b8068f36561b3c03b63e005a007621d98f19aac9a03646a0df1be74452ca45f86d646e8d53b31fbfc1a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 71d91862e2d71a3d2e9f5306d436565a
SHA1 216c4de827b027583d52bdedf3bb6ccf5a4841a3
SHA256 f752980cc5cb7bfeaf4212a6d4da2fca40b5dafa1c2f6a2cc735f68424878117
SHA512 1b88c58b473d699e4458f67055869ed72a483d0c3875537b2d287f4684a9ff55b150120f43308825e875ae5220cfc953356d03802bb0c0505ba40d8959f32acf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 32bec4df07c0437028a2354c9a196edd
SHA1 fe09ebce722533ba72f976a0ffce4e13d8fc4417
SHA256 739444e99163f9b1ce88c54e3785190af68fedec756b3d4ea4086d9f2a621279
SHA512 aba913eb34a0b70993d7d97ca8a221f4e7eef212f003135d87bcd1c3070e85100fd0613abaaae8606f1e860ec38521ac4599a2642759db563585065218f7c0bf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c86abad9ec417fb5aab2209632a232dd
SHA1 ceae633b2b5e1674b2b8b11dde2e06be5eda100c
SHA256 ba672997535d56e97b798e860dbc588f2ce07c7b17fa760091d6d9083d1a532d
SHA512 7c0575f4c0e2bdd073674d86355b9de62c817e7b00533632ff781f30518637d88b298c8c19eac87057c379205f559f388bcfab4a5debf62b6ab39fca16f53b64

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a2ef11f0e9571e1a050bb443a175ec65
SHA1 6c5c00d78d2b610f13fc2a7e22d77eaf95470832
SHA256 1086d5cf651271eedba3f5ba4cc4ba93e490006b7b4534bbe70b5a08714b03c7
SHA512 3f85c8f4b9a68039b23b3f78869963adbee2c246e9b9b316ad2e61df169e47bec44e91a6850c17a0fdbc077ad69d215a60b2762611f0c0893e79986585722284

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 12990b554d6420789b854147fed553bf
SHA1 7370eca181c2f41fc63004069295d73892b53116
SHA256 3610fce99c3271e0eb30fb5a2b885b1458face943eb69767e3b64cb3861a492e
SHA512 39a04464e3f163004728c4e105e86ae9b042f4da66bad329f1f86e9ae966e13fe154c56d842ae6cbcfde75190f02e287641159980c2074cb83e5d6c7a1590300

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e882c3ea801e86348521c8cce4354b74
SHA1 6e1630eb69e72ed48ea237b63394310367e25bbf
SHA256 538a2cb8e0d8777a16964d1decafc4164da206fa6bc4b09a9c7ff685eb613781
SHA512 d7826e145e1a9f0371a9888bfbe6f1fbdf4c55fc06de4863eefe5050e5acf3d22ffc535531bb91ad731f258d14e3709c3cbbbeb09d1550d6ce4e8f39b7757bd9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 aedef01e0eee070b18577cd368845a3b
SHA1 33ea74b344c32829b202a827fcbc1f85b1603feb
SHA256 ec047da4dbef4eb2a6d893723651f6aacef3b7dc1d7f2c402259afc4146a07c2
SHA512 e7d170bb712fc035393dc0f4b7c162a92c55453222aa750cb6f3a58fa914ea5738229fff2a5247aea99818b7f0fddc3c4ccf563a8a716dd0b2f5ba433d565b70

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 04873d19d1b6945d329eed6a3c73cafc
SHA1 bc12e5549cb05852caeacd224530dab5306d630a
SHA256 95b287352d92fb6f84ffca5f1a6b433aee7c824e5663c9b792ae4f17d774c803
SHA512 e0b62615499acb4f7ffd3b2626ce8b476ef6ac1fabfebae48b97392fb6413a75ff2dbff5e92147977c576375bc2a7d577ac8b3a40b69332b34d6bc832efbd072

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 89e2771e8795a4490b6ac301f3527ef6
SHA1 9d33ac8e24183f3b6cddf0ff994b3d5f964c2743
SHA256 d3eb7a3b46ce3d772c017565a0aea06b60886678b2e54ca8439cf0fbf9d0dee5
SHA512 e262d1a2e64350636cd4063c97feac264088c2dbcdd37890fba6189ee5d8094dbbf52006e1369fba8cd97e9b7bfdb17234712f7f58c5988d85b0f00c5569d092

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 98745c4b9937f7f853df5eac0d02f187
SHA1 bf2d36ca5206f68a15bf2356147146a12e73b4e1
SHA256 b3f1fc8f6714f3c4e08a3995eb35d2e8084d9918520f483ac5c58cbc569c6d1e
SHA512 313dcb7d5c9049f5817143e7cbdd257e70e35d91765ef9e5e9d02f7aae61ba4bb58294af22dc588a5f201c0d1df76058befedb6a113591b63244774c5572f2a2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0a4e1677d63b784715093d7ca134f844
SHA1 92a81ce526b1bd3082ac352f91e5570495bf7bd7
SHA256 b001a5e0049c261f32d55da29645ca0d76b68b66d30c75143088afc2cfea29c9
SHA512 ce99213b855be07909621b9477a26e9418d8dd441a2c9305cc627293549163ad6ecdc816a020b9365fa6cfe450f8b9d23a136cbe4491fd6afbefa32c1f4616c9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a1e5c388d86d07955d28027f21b6926f
SHA1 db4b978b1286b5a1e553f0984623f07ff2a58bec
SHA256 a4416d81ddf094d2ba9cadcd126b407f333891a7c18205fc5dbcbd8470ded806
SHA512 1de6dbbb4f133c236afc5dd397c5982050bc1260efcb5c740022a187064190217a39b238d07f3fb5449721842f4dfc431fc51b97bc956052a0f20a14705ee3a3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b1c92fc65122fb89b3602c1f15d2e7e0
SHA1 d73ee7e7abbaaeb4eeda8f57b5fa93fcab80b76c
SHA256 68672b1470cc9d190024d14307383003671b246b682b600e29efa11f2912d2ca
SHA512 ef7235b9cfbbb465e9a0f476202cef1edd7c42d20830d90f50e70b768c25e847b5b7917078d7d9741c7a2f6f86d68e7a5345a4e55a230ac0c48824c3ab49ec42

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7a0de328b8312554edfa2f93ee4a16f1
SHA1 21d2148cced6e278ba26bef527d6a64415f07acc
SHA256 a9518d4062ad40b3886dabe9f8c04d8ae2f6552bc716601b9ce5a5904ba733fb
SHA512 5802700bc6f8dd757d3fd4a014483899e77f0d1dab8697d6fef50c96eb9455c62b159fc06f820435e207b122fa8dd474686daa332da07719d5bceb9aec336e04

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 81c0052583a77d734140cd7755ca9ad4
SHA1 0920de9e8a82c2b27022e359eab69fc0b270b0b4
SHA256 bbc1d06601135d8ded8be8f9cfb9606ba72ba4f94bc92b0ebc635d840fa70c0d
SHA512 06d0b8853eb573aeb5cabbc67df9f9b1630b8e5a5b9cc01cec881e0aa82ce67711b053feb9eda1ec2cdf70c5fe23f9749b09bdba6ba37001d330fc840839569d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 cf7c176b2b7f409fe5b8142e4ea65dc3
SHA1 512ad11361351fbd786356bd26a81cfde8314cb2
SHA256 0844fab846ad7cf9e526ff309d360b904568663b3721c693551ccf43732a31f0
SHA512 130f11d84cedbdacc780f165637a6dc2b29f24effea431b12310375d1ed3c165c5f654529a9a4ae598e55afbc7d538d00cd9aa23e25cc3422560f144b1611aec

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 167445a6c19a569708a0bbc80774b924
SHA1 fab996d4e5e21fda290b067908aa869634ad1970
SHA256 80452039fdfc2de308eaaadad85073626aecb45d2ecd30dff2f8afcbb5196f97
SHA512 34c2ae21a2b498b03944be9a9d1818618917838394972d8b583e18eca79ed58488fcee807e0a503e62ee6dfa0461ce09c3c126359db1f6a729079b004a7859c2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f770289925825485857fee320d40af69
SHA1 8fb15d3a5c4aaf9739bbbdafe75b5f9bbb468e33
SHA256 e7c38098a0fda6b788c29304900896bc247e9b4b49e5ac83ea62c16f9decd5ec
SHA512 8c3673c95931e1eda184f6d491d061736d2828c70768de8539c57638b4ff367372a16c3dab9a22357361212f47236418a648d1058fdb53d5c59cd75300463a63

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3e2e9dcfbc8bc29d5b65692024679823
SHA1 5d08543fb8dd850ec93f9ae3c6f55de8ed23e299
SHA256 1e632d7cd42961973ad8389d773283520480295310b6dfbb799c1cebca331a54
SHA512 dc30c32f0f38e8cdf6037d6cebf4ffee3ad86c22fd04f400ea226d98f0d1b53e17774c1938534ac5d8fed77abed8ad9d2247920589c6b5bd71e1e894d4247626

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a64b34c29507b6cdc289f211ea8c0cf9
SHA1 452fe5dd3eeea49abebf23f1362a077bff59974d
SHA256 b5a41697d38e804a825cbb52cd7073edc71f3d4f8da5bd1ef73e2a8624f92c04
SHA512 d53552b430f3a1b625522789fde5cce26355788c2ffa2c6a5371fd0ebf09fb2b1e9d269495a4942c6bd721745f5ab128ca038846a6659fd42961a6b938939c11

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 87288f3082103c204ba9f26079629c51
SHA1 35fbab1d2bc08aa2f628cff22404c2731dbd52eb
SHA256 29fea14ebada7eaf5840fd92914c494df49cda1c29533276d05968662c92d6f1
SHA512 bd9fc1e91483797d986d0236905682932dd721fd5e80d831d7a6382e2a926830fe9e468d0a20a3559088486cea8c7383085859cdb4f0be4324f1b7e0b582fd58

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c36bc55a8d48fa54a4a7fb4723de322e
SHA1 c9bc473923bfd6cf172e1ee9f5042b679c74851d
SHA256 cf30d7c8c0ea186cd5a8c74b1caac61d1674f52f1137fec63648ab0ccb51d004
SHA512 06173853ad2eb32b14676c0543cfe596c946f866a42b056e06619e8796c00288a2c1e25e8864e6e59b032939ac0bf186efbc62b9e21957f63dc3b23cb9a14c64

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 424eb1e45c01f69363f8c20e47fd6991
SHA1 ce742a6a856a734897528d05b6a4397e69024c5f
SHA256 7395b17c3d9d7120625c104508590663a546b1822a7e5e5bd65f10f6573e93bc
SHA512 c93f6fd999e0760158b4173ae532d0fe68c6545e3e6f9880d7b0920df1625f5bd07e8aa5ce9a7d5793deb7a87e603b302709fe8a7d7695910c5aabb9fc0a45d1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 36747eef3063edc9fcffaa11f1bf43c9
SHA1 122a47e67092a5b341c822779f724564e4e55562
SHA256 c3a3aa44bbf15d92b1106acc739085e7dc2201e05432bd0e2b9bf57ba9f58c54
SHA512 c6fc6da15803d17039c32d22d68b68c9df4b1d248a0691fc9760234cdda86744d0d9b6077be08fe9ee354e088deebe6857a63a01ae7d633fe445dcbbfbe5fddc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6b0153bc4873923a0a6d9427fbe4f4a0
SHA1 bfddd028b28274461750778aa44c2e130e9ee0d2
SHA256 08bd19bf162eae8976436ea141b0ab641f07005bf8b125328f6e1373cbd7e21b
SHA512 18a19f729919b40b64c63903d5315aabe827c477dadcccd1ed103a2fe8bf3e0d15ab5f18c669da998397cf02389ee41714ee01ffaa7c5747d40c6998b3bec7bc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c9369ca7c58a5ec6b415457c0aad0457
SHA1 464c19ba6eda957c78b7548ab296a6fe6ade0e92
SHA256 c38161630fa87ff254d2281690ba85cc9fb52e659a9332bff6a12b09290eb09e
SHA512 cbf9b9788ae04247ca6360be7edcc314c9fcb23ee2d241048c02310c4379380f43e25d322f9c38750b2dfc8b9d7bcc6b55346603902e3679f3143925a24d765d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e00a29917c18e67768fe49bfe480d56a
SHA1 779004cedf9ca52a7e409c8d70266a9bcc6ecc63
SHA256 c7e85533ff8c923a4df3929a077038c72d620cc55df988d0afb4832ef81001c6
SHA512 b0eb96a5187aa53b1ae0c8337f17a2af89ec635c76679414cd93c843fe463f27ea7ecd6fb9f1badbe3c2964c6d32dc3fa976023f1f02dfbe7c2219ba273200ee

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 bed943be743b8432af83a42f55462c96
SHA1 0143dd31a997aabb79a89a3468e1b26347b189d1
SHA256 1f85310e4f55dbfeec807ea6fe78464031dd88f5d9c2bd980d796c0eaf587715
SHA512 c95524bc2ae56c5b111a75b3f8b3636753258653502698c6e400a78b47a623627bf085bb08129eca3517bb402ed7f1587406a9e27fe7427aea57067c88205589

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c6897aee66f257ad385821d41f5e296f
SHA1 243568870320269cb36330ea9d29a15c2a5251bf
SHA256 2f03175b2ca294d63ab8821e108c3941724cf6997cff6894ca878c19bd809c3f
SHA512 e989a395d9338a9cda40bd93191b1d2711ff68134594a52f73c63547cfca2e3a0f74ddc23d16151f4fed9fbbc13dd4c45b6213fb934f43c0bde71befcb42c3c9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 bc73a2766e5f95d8352a17230a87ec72
SHA1 f96aa366c2dc0e4bc8de7c6acbaaf87e9a332605
SHA256 d785d2b29471ef2ab765140c77615f072205debcaaf05de676d84959e1fd4cf7
SHA512 0dfe84b972cf511a76cfdc9092283412df8b5f2540f194bf5bddd432c9cf7a0a081fcbd54886585b0172dff118ad3b39fb06b4a752efa9bcfefe9b1b4704a81e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1162e19adbc591653bb8c43035795b05
SHA1 6b0192101e2af7f12ff44c7ece4d54324ea304d1
SHA256 c4aa44d3e69cbb77ac204b09d63548691b8554406722fd727525850f78b9966a
SHA512 9d89171fa982fc92168b2795be447955178ff4d4313bffdede5a55ba23ae2ef973fefbc029bfd32723994b569d129af90e8308bbee025142505b0908b669bfaf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 599d743ade5b68005a7e1bb4e581b2b6
SHA1 130dc802f71e6002703b526e11dce8582de527f2
SHA256 85d654caa0ccb79bd82f2a48f503af0938b9a2d68f4615674d515122c501a5db
SHA512 5f14a0d11f3a18c2d7667f07b263ce967952e5bade4fbf87d0fa87d6c65ca85e7cca0ee968c817bdea1825545a4b2cbf5c145648b0aa1a4a7a43a7028ee05612

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 52fb42a46348d341f1808b1a0c612ba1
SHA1 b0fd8a3333594c35d7f37da2cfb1ee23a465ad71
SHA256 4ba29e0a7d18fddf565aa3bface9f4fd38b92995543b1d3a09584f80a7fe3e18
SHA512 81226c65772ecabfd7a92f6cb1906d232374d60088e4e2a6f768a7f1607e57c16181645da27df5da09ad8437a550cd7b7d010c48dabb16c3503e2e09f99a216b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7703730c2f492c72e22ec4c819228fc9
SHA1 bcd3e08d7e7a98a9e876da4a788793c3ced87a00
SHA256 da58e21ff92d2b339069962fb6e281f6c3c01b11f13c5650fc1624811357ec74
SHA512 d48a3beb504d52c4ac543569dbf3b1cb8444320f4e2e189198223b50fe9c4d7dc2485236fde92f36e0ef5464480507179d2efb5fb85af944859632b53673334e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 02e52c03c02b43777ca0c3f449281d9d
SHA1 876bcb79f77403e187e1f86bdac9d6d22bb32c8a
SHA256 3650d8527fc4ce1f713df7b848f594e1c61dec04eec0b7333b79f1927b072049
SHA512 158f9918c3e6326a2a3e63d27801cbe6721b170b08f0a7f4960b4126c9c571138b27d1b52a4ef8290eac36c82455bbeeab885e9105cb6b57e9e967c93676859a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b66f384aab7bd5e6d0c4c6403c7dce6d
SHA1 3a3f5a58a7eb8942023f1baad6660a78f49c50db
SHA256 3e27f0766bd8d0f5315347d28d93c9fc9b206447ea5236e199bb26d2d29bd313
SHA512 553fb343fa597a6a40c19651a4208f6f38650a7d205b17a2456be40361b1cb220ebcdf51baa122b06a1401e3375b6edce180a3ebdc4bca79211f51bad3620b97

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 30746ed7976b48c38698c287d93e0987
SHA1 86475f1ddb97c47c0bddeca4010b96a72a553e06
SHA256 f31c465b7a175abf4ec80c0f84a8bcca4b19dc499bf323c84f81ff6c9192c625
SHA512 68b73805735c86109cca9a58f25c71b14601b4ea2d82fda8561354a34af24e05df7ced48d97ccea123f749f4a7afba855133d64374f4d6135d6f95cc3172a7e2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a49d63ca9bf63425f8e8d38f599c9eb8
SHA1 76919c10e3e0aab81f4bd2472e39c81c049ebf99
SHA256 336f49845f3996fa73488a218b444f6afd8a518fc6b608b8369062014fb5cc19
SHA512 6d9acb5501a4bd15911a0b3c573dd2440b5570484c43c47815d3748c3aae74ec3ad0aa4573637637670e5c681cee2e2f8101791ea17ab7895080bd76c4f643a4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7acc1167ffe32a4130151b62c6582abe
SHA1 cfda224610d6e64bc93bb8b38fb4c185d5e42b5f
SHA256 8397e9631aa11f014926639de523680c78bac0833b9f4642624a232b3a29787e
SHA512 f63e983f338fbe4d4bb023a28d439fddef103466b54f3e549663cbd0eade3e91050537afd639f86b46422861a9d78f425a1d04e9aca91428aa46623a904a9875

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 cf6eef8b6ac861fb5ca48917f821d918
SHA1 ae8f3d120d775f2b952bdaef59f2517e018fc298
SHA256 08be13532a01ed245510d836d83df4cc261bbfd31973565fa18de2188bf90b39
SHA512 5d9cefc519da4ffad549aca37a86071ccb9331a5a0a1e1cfcac5c0165979213633a0c94f5fb02d2724a568f2d6b70a7fab1ca5f595d4ccb738b3ab7f93414908

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f0610fd8530626c2f61d0737f116ea24
SHA1 9115941f279ca446afd4be977c42848010aa60f6
SHA256 5892fdeda4665cc96309a332fadb41793ebe94f9677f83d434774050e7ceeeeb
SHA512 b8d4d6fbc771e2249687cba2c28dced716cfcfa6887d609f46b5029876753282d5ff5236de093eb256d3512f41a52a3007b699a2356880d71f56e2d87739fd2b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b0ca39ae56eef8089bbe9546fa3faba8
SHA1 764637f906f9f1d93639f4912314095a1c6db1ae
SHA256 673207d6e69fbe68406969e61fc0c453173200f3e2fe96fb044b7f4259a46036
SHA512 2d7a6644c5e2eceb65481b8b3c2553331c8e9b809f207c5447b8936920f6fef7988c0349ef5fc4e2f57c932ffd77287abd0fd495a3a680f8917fc918aa11009b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8264e23802f7967fd7e4d5d2ea7096c1
SHA1 3d7c5a1ddca7acc944e78bf51bf68b8f9e600d3d
SHA256 916be53edd88aae6710411b37efec136009e5bc6f3574e9c57f1f5b2451c67ae
SHA512 0f1dd266ee9cb702ff2d892cd48425f118f918f888e780cb415edfa631b33366846f5967af221248f46489b8735abd027621a59b019149efc99a26bf22f63d96

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4b5134c341c83c2801c514a5a7cb36aa
SHA1 32dac64a1ec66b0f36575ddaee8c661f0f5c6c6e
SHA256 73a1e48c2df40d39a6741a067bc143a8a24714848dda41b2b8f792429078a40f
SHA512 59a5dc7274e88a5c73f7dbe06ae11ad4a136335382f68c0b7a6e1f11781e773a1798d042e602335b55a2c5962c5d53b2b4a4f8ba30c9d041cbf335a37254ef20

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 db0caed173561ff1d278b2c728581c56
SHA1 b9328a3cee4390beeff737c5ba854f2498fae808
SHA256 483e963c8cb9fb303bf5f36394fa75ba66142824d7958c16603ad9c5dbdb17ef
SHA512 c85bcf5adf016f0db0574c1b4ee8470a1de82f09f082d1eb2c4805945091d3124a82777a5af1ce1c7ed167d147b9fc905bcac9e1dde7495fba6a522ab55fee07

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 159a828c5ac68db8d78c39621e3b2fd8
SHA1 e3063fac36c2a46c754493ead63d0a5463a813a7
SHA256 851ffb5a49e29f85ea9f1ee5db86114ed76a47681df5c90c71f94bd5e6d798a1
SHA512 e5e0f3bf79fcfd8bcf69bcadc93bb57f06911d58fc758571cbd81ce1509113f566745884b1dccb8bfdcbba4b73cf4e794c0f2f850251b83634b422e6233df4c3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c644874e409fed450a36d26824e97175
SHA1 c42c967489f6ce8ef58560959bdec2d434058eca
SHA256 54a05b2b82585c2e1fc847d97b845866bef024fcabfa74e77c2c34cce9940d7d
SHA512 567768b8bbed7baba101b6ef7b9923d1a7b21aab8b051cd7db00beb2954c8079d4889cf7f1d301bf17f65537094817e9439188ca0c0d71378bc3d4375ac7a267

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e436c181b2cbcf9645651cc4924a49c8
SHA1 25c792f7e5214bec604d358e1f4aa378a5df1fc8
SHA256 c1b90df7cee0548cf5b70071594fa413ddc9c162e199526077172615358b6338
SHA512 53d3aedecd14fdc49738441853cd9eac1160ff74c9d3204172cb0291e672da241094bb331f33fe07470f1effb32cd43d33e1a6876e6d4b41b4e7456759dbd2c7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7228b8fbb41f957c9e2d613fe3d1a9ea
SHA1 42d490f9e947eddee087f51e44ade8be92f0261f
SHA256 0e9dcdee00daaef290a4d286dac49afa1b882f15cb0b8bb50fad4f9385641f2b
SHA512 97090a6017aa137c3fc4bd6e0d7c3e8b71fe3d3dccf10cd05e5cef6b358588b490e09d32db4253ca1316be226a0715516db1181b2ee8e4223a82e6a08012c32d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 335ef4fae403be2bf00914d1b25a4817
SHA1 f682cd80de7c796bc4ef049f0fd189f53a4c2a4d
SHA256 bbb11a100c13adb2e32775340dad682b0ed92a450895796d9f9af06994f91046
SHA512 61999cffd87b9fe5b9d93e59888e23998b121fe60187b40f5e374724e86e9e31f9155d9cfc51a163b609dffe5677c49af96a7f4854c354c1dcef98a27950c1a5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 949a7bd7ad6f020aa54c62f20f85e200
SHA1 46836dfab0137792deac02f7dd6224cca5f7d835
SHA256 d43e9ef1cf7f4690ee52436ccee40c659d6e038cffe37500cd7b88b9ad87e8e7
SHA512 a171d37581632473c3d02eaf3bf46b5df68d68ce1a73100e15439da2ff2d2ad82845a55e60af590460c76e1e4985f3ae892f2c5ac82dffd5969f43058a141ac4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1f2a6258071a7ea9375523669b295c7e
SHA1 4363e527f8fd43ec53799d6e39780e5736f71453
SHA256 e3353da8a8be58326669f9254d3c6052f420601c4e73142540a4943e4b01b443
SHA512 7079e9a7c9ccb9c2e9d5b998758df83875c9d76009937f093d32518e4f23e9bda91713c647558b0432f5abbc9a432483090c606b7f61a210010d5c1088d7b5e1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d0730c47b372bdbc0555d3a5db66e153
SHA1 bc20af0e6d8cd881332818d3a98ca0715e5bbf39
SHA256 1eeefb9bbe4ce0b7bba6c506ba0b3939ca18df162cc5eba5f35fa6fafda76f44
SHA512 d1392e6066e718e1885d9fee15f6a52a47dcecc809d5398d7bfd38433cba8312c37782e60af6aca494f33de6cfb96e566bcd95eab47661ab8e21b7200161d073

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3189ee73c6c599541a9ff224233543f9
SHA1 a6181a7c219e9e924aeb6f71c5dd597e5ac53d8c
SHA256 665dd3f7ef737f56186177ed94c3220a6812ede38c6e181965e25fe7504b3f87
SHA512 496f8789f0c3a517e23082bfd6243aa2211050797924cb12875851f4453d63fb066bfba37fc1da6c40039893453aa75f77b44bb1dca48014a87aea1f5727663a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f8ae29a724f81f17fc3dcf852ff83758
SHA1 f5e5ea938c9741346eb3b82a3de117f2b7709392
SHA256 1f5893b82e038d2839adb8cb13e569d993791d6aea09ed88da30631b5eeba819
SHA512 0f0654e26e34deb17f34dbe3192d1094d5c95bcb38877859de71f14ab44b1e28adadaaccf302926222247b98819bdf0eeb277bb328067bf482b7ec4631158367

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e925400393cba68700cdf1c878557246
SHA1 994e69c17c5b3e5a0a938a5b0754f42d136c1923
SHA256 f75a564f6ca91629b5c31440e19b7de8e40591a1583502b83075b6f293b4088e
SHA512 b55c7821a59aaae0d3d0a8ff508bef2103b3903d5352f93703ea945d14d470f55a12c961468638a17b125411af7c0de531c7f92e413817a7cf86c356f1044fea

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 dcf07cb6f60e6a089b4240a7776dd9ca
SHA1 6fa44777a8117683e343f824ff6cac0b252573df
SHA256 bd13f2d43f54b0eff62b0a60533dec47c295d610f400edc3bd101e3e1bf97778
SHA512 5f11493fc3d8bd479d5f7914afaa549df13118cb4c01012503f65b6e09839066aecb445c64ad79e113cd805ae8c898052af547d19501f61bc8345acf7d1a2574

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 14bb577104910b5b4c28654157745589
SHA1 84a57c4b59c9dbb3761ebc0c52baf3e99b500a2f
SHA256 0277a0cb22666d67b461a30dbc58dc0691bb26ddde3c3e3b8f6198ef83f0fac0
SHA512 372b81fea6ac13055ae385c6f885e92d5625ad092c72c9fcffa524f50f481ebbae1950ea579f5da1385164fc7b40219670cc28107956a2e13c545da7b4ceae04

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 cbcdf654c374c1dbb4a449cf0adf4ce4
SHA1 202cdf031d2d69fb6a4a85622d4676c691f34f50
SHA256 a3852e77ab1fb5d365bb591ecdb3b5a6f1892f61a2489481382a3eee05c52c0c
SHA512 33e65bf9f5aabde6850d41bcae4dff26d63e7af0d18ae189077180fcc51c6680f0da771ca6f2646befa1fc71f47430b062a9238a5f7cad8fe700adff166b3da0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d8a3f583bc0c11ef3a2d09e428434766
SHA1 1f6be8255ae529f3e8f8e1960c5407560e115238
SHA256 e7d927f7b970665d87de3d31dc5f685f3fea345fb460fa3cfad87de35c015a9d
SHA512 d4842138c0cecd95d0ef7e88eadb80287db83a496b69f797341ad0f495a603ef525532fed444259cb9332a6807ead7c1fb03b18db7c9e74fcd3fa26d97af48e0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 16e07800955c835d95d11f5bbe3885ed
SHA1 cd96acf6e4c8ff4a30ab929f8b9844d8920ed822
SHA256 e471848a3e802ba455173a3075f4794b53d6358d533445044ade13141d389383
SHA512 f6edacc6e337306c9c102d9516f7820b59b4030cbf4711d2a85a673ffda2a8b409c6473612edb4f01f0dc4d718bf2a9d8ed159ae981b5fb654329dab2991ac3f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ea0516f941954f844c8659e5af1c1ad5
SHA1 1150d0b5968762df53286a09d5ef1b5e6cd4db21
SHA256 a9f1f7185f0ce8c4a79d2979a4a3e672511a3773b72ea18a658d791f24074f26
SHA512 6fe405d8dc7a7445287362a6ad8fce2c35b8adee9cd6ce62a8795e15fb14aa9e3c3bc113bad8e53134b89d25cfd34b858377d5bf8fea6c7c464579b3b2e181b1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 50cb9f38a99076e87b232c61399034e9
SHA1 7cd3d81fef883c6b8799e37b23dd17d802310aac
SHA256 d1695787b7090a4d8df409f6482537a240ff4a81fcb90519d455ccbc524ea3cb
SHA512 4d882030d41df9ae37a2faf47278215e513f0b971e6b6609d08d8449fdb1e3abfe60b0c097c1a3774a6d8bda39651a036888b32de25ce342fc31d4ace42128e5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0de9335eaa591c25c9cb416e9e708e40
SHA1 b3d5bd41e817e16a981cbecb2ca16b01f302319c
SHA256 4bd669004f930d50bb711bd0d8f50b0b2580bf6c484ce67b85188812117b34b9
SHA512 66154b0b80c4868c459d491d1782d9b76c81d9130d08a7e4751d7a921394831efbb6458fca967b9cf206e77f194ab64c400b630e3f886f2c104f9e410969abaf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 09fc7f9de331d22cba720c4ee460332b
SHA1 b0b5db547c1534f6b101e159f5566b5d0f902e21
SHA256 b00b80c86133a1237dcce98e157617ac07209585da5ba5ef9195edd7980513fb
SHA512 9defaa4fb5ac1f2f460a88deb5b0eec2384b1c9657c593388c4429b793cf3ecffe18ad8687d51bd0ca5638f646536c4ef70db91f7ffead2ff194cfec0e963748

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7f87a92cce53a5f5ef475db791b53f13
SHA1 364593e7434cad1e74f2709e8f2265747cb05d01
SHA256 69ddb26b751b41e888ffabf685e6f23f9da2457992330613a25252596a7befeb
SHA512 40c9793aee6b710c731bab95fd1015436496235dc9f45debad071b6e2c3914c916fdc8ea37a093f58e654ba1f0307bf4fa961e6dd221f5bc7630e0c7d8d1ab2b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f54b3c3e283e1952d068b2f113427937
SHA1 739156f14812ab75571059607fb46f646f03c251
SHA256 ada06e51fa55a3e85ec6713f337dbce8f8aaad46671e62701c6a9b8ff9f453aa
SHA512 fb86ab9b5e5ff447bf2ef8a94d993f0acdd766723b4588a09b120a24b8d97e792f1cc8608de3aeecb8b8c433af5388123cc007aa4745c0ea9a81271afb3d3144

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 bb078e2ebd017f2687d0362efc5c2963
SHA1 fd7b8fefd4ced2094eaac0cba626bf81f10bb8f4
SHA256 e711923a49139be2a99aaeaf112b613ce92250de60cec96c183fa6da6945560b
SHA512 6960d1ff0e4b2208b54af124c9b35f52ca2cdfc3909d8c109dbb0283eb66b607aeb23a7ba7bc4a68984bf2f0590f7e810610f38863c34f82b63477daee27b608

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 dd69c959e0fd9539ec685cef5f2158b0
SHA1 5858407ddfafd6bf88d9c8ea2facf3ce1d6ce448
SHA256 7a6ac74f302f473717fc7a1c923ed959f1a62def7065bb62ec746ace4d249f1d
SHA512 81b34efd699555464b50da1e50c9656db004639226200d3893cc337c6c165096c3c18b4a12bbb9f7a1dde86219b510221e3472609a74b5a34afe78fe54150734

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7bd90c13cf97c5741cb29d37257a79d9
SHA1 fe5d9598d54ab4ba9164356d642e9cf47311a849
SHA256 8f808cdac3bcc2dfa71e5480fa5afe29abc2f7438915ba85cb03627262cc1ab3
SHA512 280326bad08b63ae6320457a848d1a24282343010e680ee51e93e80c7a20171a40c7a9df6e9b54d732bafa86f6bfe93318eb97771197ff4772b770614a0fa947

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d9459cb1ebf6e5b330dc956dfa9d9531
SHA1 e135109ec2f57fd8c4bf06203e99410ce3f7ff87
SHA256 46e0a656cf5c236de6abd32688644d323675637a7c2037e10d958ce0db54e054
SHA512 238aedd9bc9ff79109b08197515763d15523f63719f8c9c88e9be7277bbb969905b940f9ca39fefb5f1211cd6a52b7b07ff2cf6d435aef6d9da613b614792b2f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7cbf0c80f6ac31d27979bc4566c53bf4
SHA1 204de2a156be77f22270a6082263e5fb5e19f395
SHA256 3569a756a4a3d78edbd7ccfaab685606ec7349b01ac4c9aeff3e3c2aec9f94b0
SHA512 543e4baa4389adb1424c141062feb3e4e02fcd19f7da7f4a41de43e42d87289c4d67789c0ad2c18c3f2a88b33bbfcc7eda1200fe031289ba8ca89d5d91b43b24

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 956f7a687656efc96c358786556a8ae1
SHA1 902a360a452c575fe52ff566d5b54731f81139e6
SHA256 44f1ca4a484321792061194f5fb0145116d8b63f3686d11da9591211a0929229
SHA512 9a835a275c88b41396ed6f5b01b4f188008b1119d8e4f79d4db7941ee0426273bdd8c5d15c1bef528e5bf0730fdb9008a66b7b74d06f00e21d84be1d0d2bd656

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 622ed68fa0bf799d1899bc07a395c079
SHA1 52d1a72c86b6c9e3a0640cfe2e31de8cd472f5de
SHA256 8a9fecd8062d21aee915d1f14c1c1f48e3d22fa0b1e43d88ed2b8d81f8e9905d
SHA512 524e240befe082ec03943a9052392f0642f50a3010bfbfbd061c58fe1f8df960b5cf5dc2deba47b4b098d35a912f63a6cb45cd48b976f3991a250b68a655078e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 afc1c1d013680d9bed9689619a7189e5
SHA1 1849bf3a5aab4ef742159cae60882ab432398023
SHA256 20fd88d9fe98febc32d205ab95aa1356413e34df9f2c232160f2c8f88f02c1f1
SHA512 d023c056c1b492ff74f95598014c238615a6a4dab5b85082bc3ba2d611cdb70654995d7cfe579e6f0ab57c7222c500f3f5884ca983dd87cba580e526086b0616

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6dec6d4720aeaf8a6891abb595d65e3d
SHA1 b54025a45d80b967b9eb2d89f36cadd68d2caecd
SHA256 11dde4bff0089affc0e1213e46a5d0658b37b083081c744fa20896d72bd81007
SHA512 de2a0ad89373d65c17f478f962fb04fad9f5d3dd8f875e08ac549180403f29da0dc55907628870d672fda5d3951b03b0061599e2ca3c63be39230b8770331d44

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 03fab58305160af9d9cd733c80b77c2a
SHA1 64db22122c37965b810de202343de609ac887ddd
SHA256 d76747c12abf4dcd4056f7c18db4962aa2ae36648d26a33c772199df842bfefa
SHA512 08c8f85b442ffb6aaf04022ab3783be6b3a688b31d6151ef4787d24a11a8fe6d2b28f7dd517936eedcac4674abfd1210f4742063ca945aff0f09888de49567f3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 47647f3fe958e6a6686194343c80b5c3
SHA1 6408b0e15fcbd7eca1a8907abf1f56c1088e5878
SHA256 e0cf5a70240b7a0335f94b3556a6b9aa5ad862bf2258575bf7fe4298839ea160
SHA512 d67e5a4118364dc9f87dfd2939a6adbeb133c904f09631fdb631ca1b180202a8c778e990bdb58fd01020f0af4fcaf6f2e1e53ead85361d6f6b884af2b0822a8f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 bf81826b0a0d4b3aaffdcdc5f0e5a6ae
SHA1 31d930af6a1a500378b70283acfb877627c6cc7e
SHA256 92287e1d966aebcacaf81435d99ca3f8ef6759110b1016493d21800818326f38
SHA512 45e5c4139087ffc8290a73bdf73a09570950ce480c0c9ab76629bbfb83619c64168b4cd241adb4f704826f6807bdb676e47ffa88596b4e5952c2f0e89644c6da

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ce58d12e0b24e7be34e0fcb3c6b7d560
SHA1 d2d0734c474b3c7343dfdbedd1f1652ba16c3e90
SHA256 28e45d14fd5b64f6ae6704b14ce54c4d318513cae96bc2db639a1b3339358e62
SHA512 6e01960644c68a9cf73997b40431d21abdc874841a269d83eca814be3bbbe4dc26989f5bbec379dd11683c74dd159e8d6602e854187215aeb88491273084f051

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 209309716490b7972cf8f302996e6dcb
SHA1 72222522a1cf2f331bfe93473cdd8b75c411765e
SHA256 9596cf8f360ce36edaf4305029797f9e3728f79dabd72c5f1b70165699b0e59d
SHA512 fa5a34cd7684480da01119c544c4a20311caabb9105fa26a9b2e0ce605179c5170604eafd690dd57126cf11554eb2b7e6eb417d9b87db914b40e86532a62ca16

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1276d9878e597aed7e61c7428c8971ee
SHA1 3101b674571bcaf1e64b5b20c5119c57f9490530
SHA256 e8aeb1c719d2e0f08a0c241cda3c5ade9a8fc0700cd509008ce6f5885d2ce9ea
SHA512 0a4ae76de8e1d8f5daecc40901f4c74ac5f6edfe76bea9f06f9a2c08085f45547ce6a0bec77335daa0698b5fd87f7b3c890bde8102d600921ca99dd8c3f96672

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c7dba798f49df9c2d152796887735efb
SHA1 d1b5a4b7306cf7ff2f297772c4a96d693a3335ab
SHA256 345b276dc83ab6e1cebb1c3aa3a0ef19d62c44340396f8bff6c2cf5867b27c6b
SHA512 29bbdfb6c69a4bf920f62bdf23757f72c77cccb4716ef1dcc07667ae01f7bc724dd7f4d5d801b64c44a64258772e8dfa1bb48861cd211ca804fe240b75b55c64

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6b55b68a9173149853de575e3d88206d
SHA1 fb77f92da757dfbd5c431b32ee5c6cc75fbbffdd
SHA256 3a782c6308d1cbd7803db2ebb901fa72c0f45a33a7a9cb603a3a8f48cbce6305
SHA512 6ce9e5a438d808e168866b9d3269729f9fd2eeb2c5ae9bf055f46ec1a65976c8d49e6c44a82c84f791a84785f62ad8820d5356ef4d99a15c74d51cada1bb43a0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 72bb285ecfddba4a9e4cc05c2e085d53
SHA1 468c4f341da7730104a81a78678cacc52f6e6679
SHA256 2cff4947cc9713aa4ba5bff8279a03693aa6784c5a08e6b82292c217267f1b36
SHA512 6bad8ead6ee5b748bbbde60abc3d8709546b55ddecedacce7625df1b03a3a443bb4ccbfb73f47e8efb4f6d4bc355d9d63f5ad18670596ef0ca8d8571c590b781

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 180d034aa00c3c8d38b9e74c4e53bc11
SHA1 ee169d0be77b4e2ff4869bc343b0654c7e387d24
SHA256 429096e2a9f0205f6c37c6a0b1f68db9abf79d873173ae9e89ada14e9d4562ab
SHA512 61b6ff17c28bfcf162af61b326fa641afd32133ce95576da8a0e02b3c103161b8d05e1350ac55f47ddeff3983f1c8e4f75767359fb2bacd73a5b05670e4882f1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c87e15e02c4a871352e94ee3fdb1fc20
SHA1 4bad5bdbbdebe135d86c24949044c9597784dc00
SHA256 a26a5d28686b8de2e7861d150064ff20b2b534b68985f9227073187c4a90cf2f
SHA512 a5a42899717faf4af3e701fabaf9eafed15678e46bcab62bff02b530a522126edd7207514f39d70f1c098f41db07d147a50cbc37dbb9bee98f9e5577afa845b4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c16cbcb6667d5365dd16c6ab250a2fa4
SHA1 0e647df15db5ad44e3f9afbb148ce2917107dfe8
SHA256 363d4ab7027824d1b747e9bf3bb60df1851d3eceade75b3a52f481238758a129
SHA512 1ee23266c30f2c77fd257b4d0f77994978402c63d79137aa63af214afcf4f973bbf0817196ef4ac10005c6f7a5d9d8ee73599495247d3dbd960e24db3597b5e3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e7782402ae325db3ce996f9fbaf64fc4
SHA1 4a3e74372e85b1fe398fc56ca211030f16e006f7
SHA256 d950f9264ff23773f5d07ba5ac9a91bcd7e37e66529f7d8157d07c62d1d46286
SHA512 ee636fea373b40ca73307c843fb8d34c2bcd627d9bd72d032261de45ef78ba69db3f819226234b5ae692a0e010bc7eaf8e0080414b05d9bed7d392a77b9a3849

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 70ff2af5e7973e30af3f6c90c158bad7
SHA1 57a25f0f845297b485fbff02d6a03d983e1baff5
SHA256 f56021461878b12e6eadd6d07164b88dace0363f61e20bb9ce1aa81bc3c8ca2a
SHA512 3e8f0baf856e341cfb441d274069bde36882bad3b5ec812716a3b92dec08d875735cbf41d3b5d196b67ac26871fb44aee329e261e690d44bbd3c6cc0d097569f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a814f80b81cc49b0de3434426383bfa7
SHA1 da312617b8ddacdc150cfa3ee9b66c8da5198123
SHA256 a8fdebc5ce3cdbe0dc9985dfb689ef1bfa97c857cb70414526940bf60170ebc6
SHA512 388f0106663673d4fac798e51cec0c19302d6e92f4c2d3ad5cb09aff17707fcf710c854a8a76f3b0324be9c921a209fc485bf1074b8e576a8589210b26052d10

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ffbdea5f6d13d1cd08f152147045a0ed
SHA1 135035fbb89652ec0b9198124688dcc2433153a4
SHA256 5aaacca9d36de9a0bb2f31fbc0cd7a1f583f4a9291d6e7381071279e4ef747ab
SHA512 d4d2112529d9215aba3df4e278ed0b452cbdd1aa04b51cd899cf280088ca9e4b672f3c6c939f4fec1ec5a6fecb974fc05082a19193bbc32053a7c4619064c223

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6eba9a2a0da535abba9c417632a3262c
SHA1 1582760b434cba28104287a6297712acb17dc8cf
SHA256 6e73f2ac18780cee04d34dd1b5d89af31b363ca6db075a900e6bf4dc580338b2
SHA512 6b7e61cf7d19a9c331331bc300398e332965b5bb2b5ebdc090809abc8bd537beda653ee5cf105f97c510966215dcbdbb9d9fc0b3db95f5ab20bbe40e9afe28d6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3ce804cfa42692e01ba89be0f99699ff
SHA1 9bf72d245313b312ba2cae2df15bb29a55b0a0c5
SHA256 b676036945d69df2f8a5f107a45eeaa5aa78eda64a30a5d0e4732b47b90e7685
SHA512 9d4ea6e20cf8b2454ce9baff9564ab5f3f10733e07a20067d0398859cd606d0bcd688d7b6736687282a3bb9d3d1ab1f3c58c09b4944b8427b6b62635ab045f51

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 caee262c5069532312028aff3db07576
SHA1 7ca163a4f42c6840fcb340327dc228bbe5e99bd6
SHA256 208ab380b25f91db05c039fe20b4691eba1e3357ff3aade45a90c86301bc4e87
SHA512 4c7672a35d030f9b4f5ed0ba89f7dcde877ba4d33ab4c44318728b0fc8ce34a1116abc7fae74dec3773cc58477823cba896d98dabcf07be2ed15361e4c5a8e3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 20840a0859f7f12743f5546646b74652
SHA1 80f8767e385d6a62d1694f3de0fb2049c124461e
SHA256 cec35bcc76070bf077479923a8ea76dd5b5f89d57c2eac87c20726c2844a7948
SHA512 942dcd00044100c1f082a0166a4a1c34dc4b1995f6af3f1d8f059f0e3d87907ea5fdf9fff7673cfaddef7f7d8163ad5e5089798724720822626a210df64e84db

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 073d1d1670b11ff68ae1d80c059c7c22
SHA1 015f49d550fb3affa2469567c55b0a95f70b34d6
SHA256 9d23e961dc0f0d945d5a372eb751814022e134def7f0f2ee7fec0d98f5c47b94
SHA512 4ecefe52789ec08eaf02459c1b2722e75718df50d1e9a376b6574fecf481bd03de7413f08e590882cd2f81c6aeb02cf09a1c986aecea697b1af4a4682b2cf644

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 866141ad554a5f262ac6d18021be43ac
SHA1 46b5829c1e9b2d01538639f2c5842aa288002323
SHA256 848409cc7416325c9773ec11562a9b88c45b6745ebd7e2dd51cf6539bf31559a
SHA512 f187a44a017cbaa2ad14df8896b044841e434d40906802bc5c1fd9df613ff8454616fbb00d12dd840e119c72a1bb4bffa36025bb46cc72ab956d5b6974c17658

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d31583195d4b66b0cf33e41511e7ffe7
SHA1 fd79bdb29aa6702653568e7990771f6040742533
SHA256 56e0d94d6b3a15b46159e5da777315aa5f6079e38adcba9302850799f4487323
SHA512 fb0a8b20112b99f41638076e3902ccd62507dea0e37a446b9202808fa4b78e50395956d2f6032833eea7d43b18028f33788569034b9b4da64cff5299d0f2b664

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3d50e4cea01f79f63f7629eab9aed725
SHA1 e9f4f865c65f7814d7bcfcc911dd163fc88c57e5
SHA256 899cad163785fe8cda5357e7002b336d95472e67025adef1f3d3791201aa3908
SHA512 64b85ca84117c4934cb11119ea907795338527986f31c7ae7962d1da2e245eb6713062b16f52f8279897c46bdb0380f0253faffa52587a3ae2cc530f92125359

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 612ec0850f943106e4130176c461d17b
SHA1 bf678097a40cbf1cdcee16f9d39c1fc77f12910f
SHA256 b39a62dbac8309d38a1faf1ea335b894d8983128451631773f9a7ec9bb960bf0
SHA512 17c6456fc9a06dd0e9804cd248da5420dfc568ae35a82dffa67270a4db686c6dd58ea640db278d591138b3be04d0c2952a3939cd1f6346f5267023b78683905e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 dc927d2cb5a010697489607c55f2aaa7
SHA1 22f35cf5dbe41763055256d5eb3017c97dd59adb
SHA256 7ca68558a1d9dba0febef877a696bd7d08ea73f4bf1141643380447348493ef5
SHA512 afd276113a98fa527ba0daeff24bad87fea2024c0debaefeb6ba8bf32fca12190a74e8c0a27cc0bb6d5d839501cbfd35af9cfaaf07259e49ca4219b85a914ebd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 aa6eb02eaecb1541f6fc0f5022c8c2ba
SHA1 7d533ff3ee5ae2d62838f98e8fc9755717954855
SHA256 e41983b6ac2d4f4c8ee4510c90d4d5056f40f4136f891bfbf19e6409917ff7fa
SHA512 b3ce09636a764e2957b04738526c88f5167f84e058a82276c65adff640e901050257a12c468ee53a594e88528c9ec0c101890e01e46276a89e5fae795a321414

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 32df74e1cb52a4f39a2928e98bdc5797
SHA1 5ee0467757d3bdb44efb3bd875cf40934fa096cb
SHA256 25aff405e66fc770b773402a20256b83989098e04363747c226d5b213821a272
SHA512 b971afc07778bf930dffd19e47bf89a6367ffad6963e99e1bf03ff96e960417fdf5ddf7c3577bd8ae6878c7ea494937f36bc48849b2d0c2ee7a486cb37554643

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7e9f028eefc0b142c4bfe028df3d48a4
SHA1 d8312cf8491522c1cff52eaaaee52f3d858c1ef3
SHA256 078045910808c7d7d77333e379d9fdea0ff01e99ba426439baa872bdef03507b
SHA512 c602c56cb816110f125ef4ebd727d6926cf954fd778348ee633ef9ba7567bb3b36d05ae6998633748d30b247992539397790d8ad2f44a7150b24d29ebc5aa02b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b092ca5466ed46c3890f0ad630d64f2b
SHA1 a0cbe7f00f5b186bdf461795a303c07dc2589135
SHA256 6ce0aa8c5525377b5eb2812b0225757225a0ed3508bf7d92ab44058578ca4cb7
SHA512 4eaaa5c2b4b770c9442c9f5e70e5d112014f49064928df18c3f666b96f4e8bda998515b57211f0538e84298d60038c0b04e6b29635cad9205a8e4525e8100258

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e1a2d1e363ea1ef7d0314b6038fd6ea2
SHA1 7f03b1e6ea346530c013d8facecd7333a85212ed
SHA256 1a2b406dc49f48fc4e944aa5051bd05d5265d6b63bc54dfdabbdee38804a3658
SHA512 232699e524165642f2fccae6c13a7a0c5ac6d6d4bc1cb30bcdeda194519d1d10117016da88a8eb770b54b81caed5480f2281493e19a674cd6a3724428c6d65f3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3fdfe5891308fb0a9ceed4845d4cac89
SHA1 fabf63e3b358fc40cc0a0ce34dba7120aedac065
SHA256 2aa8297eb64be1c74bb3072d5e25c15ea1a0d937f770c2b8e52630288e45b92b
SHA512 eb2ef87c4cf126885bfe75e36f4b9c5cb9b9320d7a4013b6b756a0182d9d9bc549617f71cb921301ece781965807b36e75f1860a16ade1b27a2f4f8be8b63821

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ea35e88dcffbf53c8624daca512cf576
SHA1 6d3ff6742a40a16b630b9dbb0b84f22ccb91ed05
SHA256 89138f7e475a893983a5d6a4ecf71ae1f8298c9125c801109b9a298743960b09
SHA512 4d79fdc4259c0d1a82fa7187a2809f0321c6626235f1259690aa06305cefc804247ccf2482d8d1e0b588c16de0ff73cfdbda5b1c4f6489eb3c9df589d7534c4f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f368cb43c8d7ba3fb376a006caf17c08
SHA1 2a96e3aeccfa816350f64a21c4496cd3e02a5a83
SHA256 ce1cba5979e33e2ed095bb6048be79a9202bd009ceb2d0acab4c91adbc43cac7
SHA512 0b5ada99c24cde9ea08a0d5e27f9fdda60d6e093942855b7963050a9ad8f0ee0de2c0ff488366a9268389dc49f3f850ff25998b47f29b15ba138fb924ec57321

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4b0ab0518be32684255c2aa27cb96af3
SHA1 12d3c01c025e0bb5560f5f20544a8f92e6cea152
SHA256 a8cc32720ab7d9cb2b15e32cbece7fdb6d1a9a20eedb1d54e2bd015e5638a550
SHA512 22abb6559939e56e0d29eaf3625c360451bc3e8044784669e06a27c6fc1dfe5bce5935b070fdde1bd84c122a411e4dc75b2a775fbecff2c02b4fd762a67ecd39

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 00391261307238b35f96da2eca024120
SHA1 c9c1342e0507c60f11696efd15fb6d2ec0064d19
SHA256 17fefa1cdff0aa54276aa498602a1847e8e4f619055862311b20ae8430e97b62
SHA512 36299b6930da1ed8071745be9da347942f12733a292a8e0b0b976458c819695c8c081cd1a335cdfc37c984b962ccc76a43d1570dfed1e74bc4ec1d1ffce8664c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b57c8f2e10a24cde3d6695df40946c74
SHA1 d74d98f55313f239b04d6d161a2961c53e391689
SHA256 ab4b9d16cf825fa6ca70ce5eb11c33f3ac25361f074ccb21cf475a583affccb2
SHA512 401c8c2cd349599ba1c669704afc627a2aef20dcef07c21f535995044c2f423101ca2d05d086d67d2e8ed426a482bda8c91b4d15ec3f46656a88a4baec2fb393

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9df852a8ed0b960bba668aca43ef7c52
SHA1 4f8d9cb1cd67030e8d54cb71e44f6f4b11abc64c
SHA256 9cb589dfeb56cc0c5272b2e65b134e718e40b9f48164291bafde150ea7ea0067
SHA512 b569c7cee9da446f5621209813120391374a69a143c7301e2eef428fd7516116907da26046998d9362def1ee4094d1108d39e241d8f089aa3f20f3a5b67d918e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 65f256ff2edaf8ee9ad38200191ac199
SHA1 f7d2bc62dc18a99aec948101e8cda6fe6b6bebb7
SHA256 bb9c32f181f9b298fc42ac19b7094b91a5e1641de20893914a43d30ae55144f4
SHA512 6c8726634d6b982fadf149df62ccc3a144663197bf434490e583f5ad26811bc584dac4d62a91719b3860cd6cba1d7e6112e5040cbd29f40b9cb8a5aa970fc945

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 07d336a6101d72544e917f25e4372b2c
SHA1 85a273f260d2c80fb6c673c063f5c327ec59d80b
SHA256 e00414b02d9402f9783fdc0a295c14aad60ba06e05dd90ff29391598c4fafe05
SHA512 c642122fe54cb2d8e54aee3fe5c9c8048e6491bba6389967ed1b3b2ff20d1f4e635158934c96aab127d0bee28b1d39a8d83c32e2af0cd59f74530512351de14d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4bca1a67ee04699d5f68129d2573a948
SHA1 70818b25cff55c44a120fe978e4b4f4b8b25d75e
SHA256 eaa2c3c95e7a0e4a4af917341712f397d9dee8e67cf13128aca616f4168dace6
SHA512 e214dd6c52b4762901b6227121db208ff76e5be19eacd704a5b65ef2ee6ba4d21f9de4b13dad06a75d8bb0b81d4e6ea978ace379d2ae58fbdca0d0f6c62c355d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 68d249d693c448e245050704c359a95e
SHA1 a1f7a599d10e242a9120e9267f02cc55cc0863a5
SHA256 5803b67ec45da9d49093b73104cc73a932eca3dd1b413dedcbb9dd970644c01d
SHA512 9df1afa34b474be2e9518d5993d99fb2216fe79ccfb2d9aef897e811ca6f43b388f1dee62bf45b974555fdb8206fee56f12ba5424f830017c304f4c6761184ca

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a3faeaef76200420f54ffbb0f0cdc0b7
SHA1 cdf22fb1e8638e730df55ac6a22d031a9e2bc50a
SHA256 7295b6f781079388821d8ca29f87898d2ca48325aa75f569b8f7a39ceec1c4cf
SHA512 f449ec685d50ccf74708729a85f996213641a9929978e04d30d73f8987406dff9ec0ccaba083bea8bb73043ce48d2119866476e802759c878c7e142abac3bfaf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c67dd119db3a2463d4be68504f1d1ad6
SHA1 be9f2134f1e0596eee621d7993dc09adac812b63
SHA256 d6b62d865db325c5eaa92fde5dc5e9f61d4b3d6833b04686f22a88e199fb113e
SHA512 8217a49f6f3d964c6e1604d97f10c2a1195a8d64ec7930ce49b8ac54f6c5bd09add8600afbd6140e38a6e945a4c91fe22b24d77789305369b8386a6a3da5285a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 871102b4633c743ad58587110c9bf87e
SHA1 c8885f1fddb769c38075675e2035b4db9ce8eb7f
SHA256 932b04cabe07a19db83c68b0cb074b01319bb5761724738bffc7774474efe0ce
SHA512 b5ab1b6a914b0f2b4387ffd1e0821289f3b3e4fca1994573eb7d12da9599718f64daee9f215653fdf6dc04a1715da6376861377d8414b3fe791060ac2209bd81

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ca78fc1eb735d7c66cc536d419b5389d
SHA1 84ee00e863c221a291a95d317e392c761527f0db
SHA256 7fd6963c9c52f225334e105a331faaac5e2b493dc1958fe7477ccb14786aeabe
SHA512 cab08f6cee76eaa6354a94d9cbb98f70df547560c771f437f9a1d9614638c5b8813fbc253f6602e3626b04a508fd5fa3b72a4c2356a15e4ee01a0ff659d31b07

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3d280204f1b9dfec46e0d05a9442f04e
SHA1 90327037cceab91ed5cbdc78d834df1ca9085d0b
SHA256 31bf933d5067677b47a26eaca1e86ef0e6bafcee62501721b142f9fd47ad4a4e
SHA512 b53576402195c4a7284d738d8a1310600de6eff158b015e8db031786de0d29c6227f90c66c9f07d40a656e3a7fc219a46118b6a07f5975170c1e3a658cdfb748

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f1ec6aab12c6d151bfb2c8c910597676
SHA1 d6b988a2fff9a4b194305040c586bd4f37d28cfe
SHA256 67b90e2951411ed4cecb88e1c0a8df23843ae03614e818d0837f437a0f4bbad7
SHA512 a49b1eaa0f93f934ba4360258a62df2abbfa43113ea61e4ec33ff0193ef4bd77db0d91754f515cc9d35bb464437c91b05d7141059528611b3d541fa48707d4aa

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 56d74b33bbc1ecb617134735083728e6
SHA1 f4a58fd8677fc63a687cb236fe881592cc53c9fd
SHA256 77bbfabec8503446bc9aeca6d264be0693f69f830fbb060c40b898966975e8e2
SHA512 ae385c6ddaea5d758e335780b022ac09e02e5df7406551b098c5942f0f0a61cbf176db1fe3a8ade8cef426548cfd7552e8329cd7bba11ca94ed71fb1ea3bf65f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ef3d48e9352fd183e52ea56fd621fe5b
SHA1 64e077d10643c306fff15086ca07ae0571a9d3ea
SHA256 12df2f9f7ebf4cf1ad1e196a514c020a66998b35f24b16165ad20f36ab1c21df
SHA512 93deb7d049e44e9f88423a12b27a2ebffedb29e0525bcb3f362864c457419a5258ab0d310d0c114f997702ccd6ede33a781736c05f3044e02416fb37547e3e7f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d266d164a2b8a8e811f97ebba940e9ee
SHA1 647476d536086ac85a87b65cdcfb28220d688e31
SHA256 2657555ebdd8f653f326050fcf2717923f3a8932940c141d1489aded5d404863
SHA512 9cb297b375cf1c9cce6ecf00c9bca845284fc8fa5d39d867b35a78ffdd232dd96b6f35474f4154c581129e7c4999d4ffce8f2bd854b4c64a033ca87213f2dfae

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 acced50a71f4b147c6f1373e2c39e981
SHA1 46df6f2f0eed9034bf869cfc5a43fbdaeff6e5ee
SHA256 e54742724b590573b4e813ab56fbb94fd28df2382f4b56735fd98737911151de
SHA512 edc834219823a67fe3b3727443c75e55bff821782eda0e25fc1a43d543dca90312c220ea46386743875c53962a7f36c5b91de1d5b7c07c89c6a16facda31a783

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c48da6b2c472403c9096361b3921879f
SHA1 9e9a0e06a0541f90d0e962ea74b7b5e747619e49
SHA256 b5c8435a6e43428c251a519538fd4780e727564b94323edab458556c2b4bfc3e
SHA512 ea50179eced64a5b4b9d06238ba64752244daa323e92670abddaf8307ccf475187265989b3e5f6c224eee36d3425ab78f32996584ae836c11bb272e21db79105

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a0225402f59734c20dfbe58202c99469
SHA1 d4704948b86613a1627d88176b46bb09e1347e2c
SHA256 ba12d8101dce3e4a76e097c0bc48e2d5adb43756894ec02e9ff9b371b7eafd41
SHA512 357d4a5f3713c6ceea6a331343bc0cbf7f4578a4d91b370e573b08bfedd1c84ad5bc7945680c6d2bdad100a9c7a63311a92182c94662ba458b4e687801c16e31

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c8b23b2115809ba787b644ee884b0f23
SHA1 e08bb19f235029101f8d5be99ca514471b08307c
SHA256 2354fca2a6a8fb33d6429fac9a9ce5fc18ff54253efb9e284191380c36eabe5c
SHA512 6e7d8ca05fc1bc1d98a470330773b2768415128d67fa87733cf06c4c97eb9fb43114bb68a23054c454ada49d9f95f28689210a501229809404633f3ee7e05bd3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e9b1f28f9550f243d0c633070064aabd
SHA1 9bf51ae9854910f3feed9450d6534e6289245aca
SHA256 519a8e3dca5f667f3c3e0d171755e64909188634fb9db5236a3fa7b5515dee95
SHA512 2c1f15bdcf91e77b85a8eb25e46994b5642104bf8ff964836187a5757b40b5c568680aa6ea630882c851d21e4a18b1b0b8e363c2afa931d658b9fc7b14400a81

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 11856a524c45e4e30b3757c2ee6a4634
SHA1 b9f4eac57be6507b327b467a4f3a040d38980e25
SHA256 25f1554c148aca0ac689a0dc6c17d6597fe47da28050ed919a922d35bfbec734
SHA512 00892bed34c2754e88d7c123bb952c033fcf67f408e4aa71050d69ad43ac2d2d2d36985e61b1c31ae25b26a9156a45604b0fc2e1e6ce79c608ef1f04eb7924ca

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 34d9dd65ad633f02995074db0936e337
SHA1 5dbed1ff8c1e3acd7b225a7a0ef56b9a46c20460
SHA256 6296637805ef8fb923069637eb86fa2f9d745fc5fea5be0d5d961f06c6959e00
SHA512 2a6a4719182ae3a17be414f97b0d04cbf3fcff8238ed69dc373d5ace793835750b91687cab29812137df3b700c662c5aba364f64d4e63eb76bdf5fb467a5975c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 921ec1e5845f455e32bda292e5056b6b
SHA1 ec0146bea2dca52dd2437c55a62b91df3d3fe8bb
SHA256 310ef50425cca989664d1c8cb07d139e5f90099056b5cdeb7f9528cb47ecd70a
SHA512 d59f0a200ce4089f6c54d82c0d76d57dc6ed8c6a7f8d8a14436c8c5422439529dc0073c4abaf57d539fc122f4815d74d5c19baa05a9a25daff4d8cc560e3dceb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 460c4712c012790cf76c55a714d5e11b
SHA1 38db885229c746b976cca55fdc73d1d5150229f3
SHA256 e47f53b47ce304d462268e32805b377d0078901a25cf511f6709124eb387708d
SHA512 10c9eee235ed01f5301411586113910868481526400a041826af19a38b4f956f48c80efe01544d894fa3aab078ecfaa6966d6d7912974f7db85e470346000e75

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 91243733e44027cfcaef9e1e4031b10b
SHA1 edb5564264c103cbf0b40c24df3c7c17f570aa6e
SHA256 ddd0aea4f09917aeff32127fc0c999c2113948c340d5749a27269b4d76615ac4
SHA512 5e9375b505fa3ff4e223bfd617072a425443b05676fcb15338f0b2eac33d63c612aa801ee0c91dc46ff5e47e803ec3aad6a20944466b74563b9301c35f266033

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ec2e5a000e0861f31f45a38858f2a985
SHA1 1be9975b17249b5b65501c527253653e3a56ebc3
SHA256 8163a7abd23df82e863a51ddda32f79dfbd9237a90ccc0e17bb0cda0cd284e9f
SHA512 6e3879838cb3a9c67e3fade254113b88aafa460196296696d570bcee9d668e776520623aac42ae5e572f4254dd01b9ff4977429365fc51539b4b9bd559ded768

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e351390b9dc82e18d331da4322196813
SHA1 19ee7fada2018cb7a95f0ff46bd4512d829c32eb
SHA256 c0a0e1d4a01caa0541a0ae5594e56027bf6ca4338e3515454d0dab2b738bacd5
SHA512 7f2c09e2126556c402745a673433f8c05f5f9816bf2894934608d30602b9b09aa485f98ab00d95055bb41ad2e70e25ef4aa7ad43d6ea0493b759b05ef4c8c81f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2cb01445533f1c492d1048ee88c00b3c
SHA1 f8eb33511504a53284097c080f60beb2cb2ebdd1
SHA256 c1398144fce55473d3a77cea4870c3523081f6dfd938b310a1c18e0369eb0725
SHA512 9e969f4dbc4a8f2848f83d5bb684db08c465e128b791bb22ba923120fdfa08eccbb32ad399ad529c5db6f883ed9f8f62f6e3338ca52f84769e67913bcb12afae

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c259f5795c02619d7b18b18a55631c4a
SHA1 4996c5ecc46c5f6e1cbcba3513d040b3d900869b
SHA256 9f5481d2e1b24620fc13d1decb29f2757dbfaf0067366331e3710bdc744f823e
SHA512 491879bd2eaa33fc278a319efcb4f0ca2606d8e3fdd53362b862f532cde5797981235fa91c72368e9d29bf23825a8d3316271841ed9d20b928bee834ebc5751e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4a6119f5fd377aa121a9d7e3f1af5d19
SHA1 d38f64ea0065be72b2308d506a1d58c760645768
SHA256 be47302b2d177d3eb8e0fb9445c6bab88efb7e2a1485ff7e6965069f718d970e
SHA512 8967b943d4a047216997e0407d28da73fa5eac38509995726435e268440c18cdf29fb6d39ee1e246940ae8665eff8ff7e402399fe6e13c88663fd99eddc278ce

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 103a7e2d5847f873cfde22bcf3f26f08
SHA1 a667686a9e83c1e76b28ce3af76e5ef50dc53afd
SHA256 afe4e44fbdb6d4a92f7218320d036a6e45a34440162cac98a2cea0b83e078217
SHA512 85c8cd10c5cf3d3609878f7713019c7e57a1cd62c7843230510b09bdef8104f0b72bf006b2c1563e8b5c2511c5f2fe2d50d5b298730ce63a5423750de5d47a72

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3a223da5a58de12ca2052f0ca90bfef0
SHA1 21d24bf215800c44add5542b2b61a28f25454a28
SHA256 e1c5935595997b28d40578e9684aecc46a63ffcd476901615329d041154bc68b
SHA512 5c7770437466be6ffae6766281732567c39e7a2fedaec63c562f9bb1f5e3cd46628b9b6b9f889606292dd23025c5319e8ab4b5f1e19b32fbbee51a89d128ea84

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f27f8e179f247579b9d37e796f96da55
SHA1 a041ebcf4fc66f197178bad95dd2836a1cdaa63c
SHA256 dcfbb81e37e8ba77ee82b811e21fdb02266732353b931e5cf00f05d22b4ca010
SHA512 ba64642fde20a9e3424b59d69cd6d152170a8b41e8cb031e8b924c65303f4aa8632feb61893c58667b37c597c070fd6037fe2ef6a62d26dcbe835c3a0913efa7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 95f32cd69a9d61c7cf02f372933d43f1
SHA1 6261361db4bd70a5c5f88492d89e8949c0b2cb42
SHA256 1cf7e007a18d93323ce960278b7c94a0958a203caa841eae9e12596a8340e3c7
SHA512 7c1b1d11b95c8c78c20cf05d63500f90c4c2427268f448894fbfe6f6f3ef1139b84cfbccc3f2656c3af0286e6dfd66592b8c00dad653e1bd1b2ec17996cc1002

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b2fd5ba16afe8ef3200db5278f54bc0b
SHA1 f2a8e9fc3d2a9ddc958e2b0bbbfb371e4feab2fa
SHA256 d6f72098c90d9e4ba5256983771e1a4100b8d75e84b5f85a17558fedfc926635
SHA512 568ec76d1bc3ff96108df623c7a680afa11af0ee4d17c02b4414d330be22ccd5eaf81871e4c601ada58877382e19a90e50e449b1e786a6c82059257bb3bbcba9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 56c07fa583a455b5e6c848a380982e2c
SHA1 0dc9866c6aa266d7d38662223e19eafc0dfe8fba
SHA256 f0fa625a3e4418fdb0358f8c41d6715a8ff6a2e96efeece79a40814cccabc01f
SHA512 6352137c28ec831a3b31b3dddf4a17d047a74b1ac02159fec024f10069caa4df5cc3293d70fb676ddb28d32a43dbf4f07a50c80f34de78a81eca7735ddfff0c0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b232dd71c648c70eae4e14b61154275e
SHA1 89fe14b5bb0e156cc47ebdd801954e4d97d1751c
SHA256 a57b34399a9fa83e1f3afc0f3c1919632e756094eeb2ef26db0a649f99068875
SHA512 34af3cfa92061709da79338e2b6f5a42e534e36c4f9c6c25b160ea0329e0f25217953af37e80fdda7819d7b43cb78d9796af3f0c32ec47ed0f34dbc9c3ef5cf9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 36eced34e5b418706ef886efb48b87a5
SHA1 f48cb6e8895e2a1be333613fc287641278e3c287
SHA256 49b3e45a518fb6bd86ea25ae3d3f1f172de34e4d24b7e28bcd6cdd3e4a845bf5
SHA512 e141f52bb1d0e041d684311282ea083490193913ac29f9b78678539b03891fb5ec3564ad57f6714dcf3ecab20c7142a350b9c1a92fd55bb82b47fadc026d0ff8

Analysis: behavioral6

Detonation Overview

Submitted

2024-08-31 10:45

Reported

2024-08-31 11:31

Platform

android-x64-arm64-20240624-en

Max time kernel

2661s

Max time network

2696s

Command Line

com.android.chrome

Signatures

Checks CPU information

Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Processes

com.android.chrome

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 142.250.179.238:443 tcp
GB 142.250.179.238:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.180.14:443 android.apis.google.com tcp
US 1.1.1.1:53 webminer.pages.dev udp
US 1.1.1.1:53 accounts.google.com udp
US 1.1.1.1:53 accounts.google.com udp
US 1.1.1.1:53 webminer.pages.dev udp
BE 142.250.110.84:443 accounts.google.com tcp
US 172.66.47.98:443 webminer.pages.dev tcp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 142.250.178.8:443 ssl.google-analytics.com tcp
US 1.1.1.1:53 retired-jorey-malphite-node.koyeb.app udp
US 104.22.78.190:443 retired-jorey-malphite-node.koyeb.app tcp
US 1.1.1.1:53 clients1.google.com udp
GB 142.250.187.206:443 clients1.google.com tcp
US 104.22.78.190:443 retired-jorey-malphite-node.koyeb.app tcp
US 1.1.1.1:53 update.googleapis.com udp
GB 142.250.200.3:443 update.googleapis.com tcp
GB 142.250.187.196:443 tcp
GB 142.250.187.196:443 tcp
US 1.1.1.1:53 update.googleapis.com udp
GB 142.250.187.195:443 update.googleapis.com tcp
GB 142.250.180.2:443 tcp
GB 172.217.16.227:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 172.217.16.238:443 android.apis.google.com tcp
US 1.1.1.1:53 retired-jorey-malphite-node.koyeb.app udp
US 104.22.78.190:443 retired-jorey-malphite-node.koyeb.app tcp
US 1.1.1.1:53 android.apis.google.com udp
US 1.1.1.1:53 retired-jorey-malphite-node.koyeb.app udp
US 104.22.78.190:443 retired-jorey-malphite-node.koyeb.app tcp
BE 74.125.133.188:5228 tcp
US 1.1.1.1:53 www.google.com udp
GB 142.250.179.228:443 www.google.com tcp
GB 142.250.179.238:443 tcp
US 1.1.1.1:53 retired-jorey-malphite-node.koyeb.app udp
US 104.22.78.190:443 retired-jorey-malphite-node.koyeb.app tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.180.14:443 android.apis.google.com tcp
US 1.1.1.1:53 retired-jorey-malphite-node.koyeb.app udp
US 104.22.78.190:443 retired-jorey-malphite-node.koyeb.app tcp

Files

files/dom-0.html

MD5 d6d68b107a3ca538eee9ca5c6e89e127
SHA1 b4014c6f7760beae23db83c85a839276b8a35220
SHA256 a9cb607de810b85c860e9611497da3df2d4e5c9e0fc131a1740c5f879b11fde7
SHA512 177de005ad3ec09b24da23c56fd4f2e95f21a5bd459cc6835dae4af31e2fc00ffa0a1eafe944d18e89d9036ce928d6acd8f0868a920fd1626cd12b2f5a27aeca

Analysis: behavioral10

Detonation Overview

Submitted

2024-08-31 10:45

Reported

2024-08-31 11:31

Platform

ubuntu2004-amd64-20240508-en

Max time kernel

2699s

Max time network

2688s

Command Line

[xdg-open https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5]

Signatures

Changes its process name

Description Indicator Process Target
Changes the process name, possibly in an attempt to hide itself gmain N/A N/A
Changes the process name, possibly in an attempt to hide itself gdbus N/A N/A
Changes the process name, possibly in an attempt to hide itself glean.dispatche N/A N/A
Changes the process name, possibly in an attempt to hide itself IPC I/O Parent N/A N/A
Changes the process name, possibly in an attempt to hide itself IPC I/O Parent N/A N/A
Changes the process name, possibly in an attempt to hide itself IPC I/O Parent N/A N/A
Changes the process name, possibly in an attempt to hide itself HTML5 Parser N/A N/A
Changes the process name, possibly in an attempt to hide itself HTML5 Parser N/A N/A
Changes the process name, possibly in an attempt to hide itself Backgro~Pool #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself Backgro~Pool #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself IPDL Background N/A N/A
Changes the process name, possibly in an attempt to hide itself IPDL Background N/A N/A
Changes the process name, possibly in an attempt to hide itself Socket Thread N/A N/A
Changes the process name, possibly in an attempt to hide itself Socket Thread N/A N/A
Changes the process name, possibly in an attempt to hide itself Netlink Monitor N/A N/A
Changes the process name, possibly in an attempt to hide itself Netlink Monitor N/A N/A
Changes the process name, possibly in an attempt to hide itself Timer N/A N/A
Changes the process name, possibly in an attempt to hide itself Timer N/A N/A
Changes the process name, possibly in an attempt to hide itself pool-firefox N/A N/A
Changes the process name, possibly in an attempt to hide itself pool-firefox N/A N/A
Changes the process name, possibly in an attempt to hide itself JS Watchdog N/A N/A
Changes the process name, possibly in an attempt to hide itself JS Watchdog N/A N/A
Changes the process name, possibly in an attempt to hide itself glxtest:disk$0 N/A N/A
Changes the process name, possibly in an attempt to hide itself BGReadURLs N/A N/A
Changes the process name, possibly in an attempt to hide itself BGReadURLs N/A N/A
Changes the process name, possibly in an attempt to hide itself Cache2 I/O N/A N/A
Changes the process name, possibly in an attempt to hide itself Cookie N/A N/A
Changes the process name, possibly in an attempt to hide itself Cookie N/A N/A
Changes the process name, possibly in an attempt to hide itself StreamTrans #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself StreamTrans #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself TaskCon~ller #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself TaskCon~ller #0 N/A N/A
Changes the process name, possibly in an attempt to hide itself Worker Launcher N/A N/A
Changes the process name, possibly in an attempt to hide itself Worker Launcher N/A N/A
Changes the process name, possibly in an attempt to hide itself BgIOThr~Pool #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself BgIOThr~Pool #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself Softwar~cThread N/A N/A
Changes the process name, possibly in an attempt to hide itself Softwar~cThread N/A N/A
Changes the process name, possibly in an attempt to hide itself Softwar~cThread N/A N/A
Changes the process name, possibly in an attempt to hide itself CanvasRenderer N/A N/A
Changes the process name, possibly in an attempt to hide itself CanvasRenderer N/A N/A
Changes the process name, possibly in an attempt to hide itself Compositor N/A N/A
Changes the process name, possibly in an attempt to hide itself Compositor N/A N/A
Changes the process name, possibly in an attempt to hide itself WRWorkerLP#0 N/A N/A
Changes the process name, possibly in an attempt to hide itself WRWorkerLP#0 N/A N/A
Changes the process name, possibly in an attempt to hide itself WRWorker#0 N/A N/A
Changes the process name, possibly in an attempt to hide itself WRWorker#0 N/A N/A
Changes the process name, possibly in an attempt to hide itself Renderer N/A N/A
Changes the process name, possibly in an attempt to hide itself Renderer N/A N/A
Changes the process name, possibly in an attempt to hide itself ImageIO N/A N/A
Changes the process name, possibly in an attempt to hide itself ImageIO N/A N/A
Changes the process name, possibly in an attempt to hide itself Permission N/A N/A
Changes the process name, possibly in an attempt to hide itself Permission N/A N/A
Changes the process name, possibly in an attempt to hide itself IPC Launch N/A N/A
Changes the process name, possibly in an attempt to hide itself IPC Launch N/A N/A
Changes the process name, possibly in an attempt to hide itself SandboxReporter N/A N/A
Changes the process name, possibly in an attempt to hide itself SandboxReporter N/A N/A
Changes the process name, possibly in an attempt to hide itself Breakpad Server N/A N/A
Changes the process name, possibly in an attempt to hide itself Sandbox Forked N/A N/A
Changes the process name, possibly in an attempt to hide itself gmain N/A N/A
Changes the process name, possibly in an attempt to hide itself Chroot Helper N/A N/A
Changes the process name, possibly in an attempt to hide itself gdbus N/A N/A
Changes the process name, possibly in an attempt to hide itself pool-/usr/libex N/A N/A
Changes the process name, possibly in an attempt to hide itself gmain N/A N/A

Checks CPU configuration

antivm
Description Indicator Process Target
File opened for reading /proc/cpuinfo /usr/lib/firefox/firefox N/A

Reads CPU attributes

Description Indicator Process Target
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_max_freq /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/online /usr/bin/nautilus N/A
File opened for reading /sys/devices/system/cpu/cpu0/cache/index2/size /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/cpu0/cache/index3/size /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A

Enumerates kernel/hardware configuration

Description Indicator Process Target
File opened for reading /sys/bus/pci/devices/0000:00:04.0/vendor /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/irq /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/vendor /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/resource /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/resource /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/resource /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/pci0000:00/0000:00:02.0/device /usr/lib/firefox/glxtest N/A
File opened for reading /sys/fs/cgroup/cpu,cpuacct/cpu.cfs_quota_us /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/irq /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/class /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/resource /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/class /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/system/cpu /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/pci0000:00/0000:00:05.0/usb1/1-0:1.0/uevent /usr/libexec/gvfs-mtp-volume-monitor N/A
File opened for reading /sys/bus/pci/devices /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/device /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/vendor /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/system/cpu /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/vendor /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/device /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/irq /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/device /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/pci0000:00/0000:00:02.0/subsystem_vendor /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/pci0000:00/0000:00:02.0/subsystem_device /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus /usr/libexec/gvfs-mtp-volume-monitor N/A
File opened for reading /sys/devices/pci0000:00/0000:00:05.0/usb1/uevent /usr/libexec/gvfs-gphoto2-volume-monitor N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/irq /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/pci0000:00/0000:00:05.0/usb1/uevent /usr/libexec/gvfs-mtp-volume-monitor N/A
File opened for reading /sys/devices/pci0000:00/0000:00:05.0/usb1/1-1/1-1:1.0/uevent /usr/libexec/gvfs-gphoto2-volume-monitor N/A
File opened for reading /sys/class /usr/libexec/gvfs-gphoto2-volume-monitor N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/device /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/device /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/vendor /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/resource /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/class /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/class /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/class /usr/lib/firefox/glxtest N/A
File opened for reading /sys/fs/cgroup/cpu,cpuacct/cpu.cfs_quota_us /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/resource /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/pci0000:00/0000:00:05.0/usb1/1-1/1-1:1.0/uevent /usr/libexec/gvfs-mtp-volume-monitor N/A
File opened for reading /sys/devices/system/cpu /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/irq /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/vendor /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/class /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/device /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/system/cpu /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/resource /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/pci0000:00/0000:00:05.0/usb1/1-1/uevent /usr/libexec/gvfs-gphoto2-volume-monitor N/A
File opened for reading /sys/bus /usr/libexec/gvfs-gphoto2-volume-monitor N/A
File opened for reading /sys/bus/usb/devices /usr/libexec/gvfs-gphoto2-volume-monitor N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/irq /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/device /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/irq /usr/lib/firefox/glxtest N/A
File opened for reading /sys/class /usr/libexec/gvfs-mtp-volume-monitor N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/class /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/pci0000:00/0000:00:05.0/usb1/1-1/uevent /usr/libexec/gvfs-mtp-volume-monitor N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/device /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/irq /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/irq /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/vendor /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/class /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/pci0000:00/0000:00:02.0/uevent /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/system/cpu /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/class /usr/lib/firefox/glxtest N/A

Reads runtime system information

Description Indicator Process Target
File opened for reading /proc/1780/cgroup /usr/libexec/gvfs-udisks2-volume-monitor N/A
File opened for reading /proc/self/mountinfo /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/libexec/gvfsd N/A
File opened for reading /proc/filesystems /usr/libexec/gvfsd-fuse N/A
File opened for reading /proc/self/cgroup /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/maps /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/bin/sed N/A
File opened for reading /proc/cmdline /usr/libexec/dconf-service N/A
File opened for reading /proc/filesystems /usr/lib/firefox/firefox N/A
File opened for reading /proc/mounts /usr/libexec/xdg-desktop-portal N/A
File opened for reading /proc/1792/cmdline /usr/bin/dbus-daemon N/A
File opened for reading /proc/filesystems /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/maps /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/mountinfo /usr/libexec/gvfs-udisks2-volume-monitor N/A
File opened for reading /proc/1/cgroup /usr/libexec/gvfs-udisks2-volume-monitor N/A
File opened for reading /proc/filesystems /usr/libexec/dconf-service N/A
File opened for reading /proc/self/fd/70 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/maps /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/107 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/mountinfo /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/81 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/109 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/task/1738/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/sys/kernel/cap_last_cap /usr/bin/dbus-daemon N/A
File opened for reading /proc/filesystems /usr/lib/firefox/glxtest N/A
File opened for reading /proc/self/cgroup /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/libexec/xdg-desktop-portal-gtk N/A
File opened for reading /proc/filesystems /usr/bin/sed N/A
File opened for reading /proc/self/maps /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/task/1704/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/1828/cmdline /usr/bin/dbus-daemon N/A
File opened for reading /proc/self/fd/73 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/36 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/maps /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/47 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/108 /usr/lib/firefox/firefox N/A
File opened for reading /proc/1797/cmdline /usr/bin/dbus-daemon N/A
File opened for reading /proc/self/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/1568/cmdline /usr/bin/dbus-daemon N/A
File opened for reading /proc/1780/cmdline /usr/bin/dbus-daemon N/A
File opened for reading /proc/self/fd/32 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/task/1578/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/104 /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/libexec/goa-identity-service N/A
File opened for reading /proc/self/mountinfo /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/113 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/95 /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/libexec/goa-daemon N/A
File opened for reading /proc/1808/cmdline /usr/bin/dbus-daemon N/A
File opened for reading /proc/self/fd /usr/bin/dbus-send N/A
File opened for reading /proc/1562/cmdline /usr/bin/dbus-daemon N/A
File opened for reading /proc/self/fd /usr/libexec/gvfsd N/A
File opened for reading /proc/self/fd/101 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/115 /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/bin/sed N/A
File opened for reading /proc/self/cgroup /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/task/1716/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/1400/attr/current /usr/bin/dbus-daemon N/A
File opened for reading /proc/filesystems /usr/libexec/gvfsd-trash N/A
File opened for reading /proc/self/task/1642/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/1495/root /usr/libexec/xdg-desktop-portal N/A

Writes file to tmp directory

Description Indicator Process Target
File opened for modification /tmp/firefox/.parentlock /usr/lib/firefox/firefox N/A
File opened for modification /tmp/tmpaddon /usr/lib/firefox/firefox N/A

Processes

/usr/bin/xdg-open

[xdg-open https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5]

/usr/bin/dbus-send

[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]

/usr/bin/dbus-launch

[dbus-launch --autolaunch 4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/bin/dbus-daemon

[/usr/bin/dbus-daemon --syslog-only --fork --print-pid 5 --print-address 7 --session]

/usr/bin/grep

[grep = \"xfce4\"$]

/usr/bin/xprop

[xprop -root _DT_SAVE_MODE]

/usr/bin/grep

[grep -i ^xfce_desktop_window]

/usr/bin/xprop

[xprop -root]

/usr/bin/grep

[grep -q ^Enlightenment]

/usr/bin/uname

[uname]

/usr/bin/grep

[grep -q ^file://]

/usr/bin/egrep

[egrep -q ^[[:alpha:]+\.\-]+:]

/usr/local/sbin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/local/bin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/sbin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/bin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/bin/sed

[sed -n s/\(^[[:alnum:]+\.-]*\):.*$/\1/p]

/usr/bin/xdg-mime

[xdg-mime query default x-scheme-handler/https]

/usr/bin/dbus-send

[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]

/usr/bin/dbus-launch

[dbus-launch --autolaunch 4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/bin/grep

[grep = \"xfce4\"$]

/usr/bin/xprop

[xprop -root _DT_SAVE_MODE]

/usr/bin/grep

[grep -i ^xfce_desktop_window]

/usr/bin/xprop

[xprop -root]

/usr/bin/grep

[grep -q ^Enlightenment]

/usr/bin/uname

[uname]

/usr/bin/sed

[sed s/:/ /g]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/usr/bin/grep

[grep x-scheme-handler/https= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/usr/bin/grep

[grep x-scheme-handler/https= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/usr/bin/grep

[grep x-scheme-handler/https= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/usr/bin/grep

[grep x-scheme-handler/https= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/usr/bin/grep

[grep x-scheme-handler/https= /usr/share//applications/defaults.list /usr/share//applications/mimeinfo.cache]

/usr/bin/sed

[sed s/:/ /g]

/usr/bin/sed

[sed -e s|-|/|]

/usr/bin/sed

[sed -e s|-|/|]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/which

[which firefox]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/firefox

[/usr/bin/firefox https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5]

/usr/bin/which

[which /usr/bin/firefox]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5]

/usr/local/sbin/dbus-launch

[dbus-launch --autolaunch=4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/local/bin/dbus-launch

[dbus-launch --autolaunch=4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/sbin/dbus-launch

[dbus-launch --autolaunch=4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/bin/dbus-launch

[dbus-launch --autolaunch=4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/lib/firefox/glxtest

[/usr/lib/firefox/glxtest -f 13]

/usr/bin/lsb_release

[/usr/bin/lsb_release -idrc]

/usr/local/sbin/dbus-launch

[dbus-launch --autolaunch=4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/local/bin/dbus-launch

[dbus-launch --autolaunch=4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/sbin/dbus-launch

[dbus-launch --autolaunch=4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/bin/dbus-launch

[dbus-launch --autolaunch=4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/libexec/xdg-desktop-portal

[/usr/libexec/xdg-desktop-portal]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -parentBuildID 20240108143603 -prefsLen 21691 -prefMapSize 235269 -appDir /usr/lib/firefox/browser {59f242e7-10a8-41ac-b9f5-8627b2efcddf} 1495 true socket]

/usr/libexec/xdg-document-portal

[/usr/libexec/xdg-document-portal]

/usr/libexec/xdg-permission-store

[/usr/libexec/xdg-permission-store]

/usr/libexec/xdg-desktop-portal-gtk

[/usr/libexec/xdg-desktop-portal-gtk]

/usr/libexec/gvfsd

[/usr/libexec/gvfsd]

/usr/libexec/gvfsd-fuse

[/usr/libexec/gvfsd-fuse /root/.cache/gvfs -f -o big_writes]

/usr/libexec/dconf-service

[/usr/libexec/dconf-service]

/usr/bin/nautilus

[/usr/bin/nautilus --gapplication-service]

/usr/libexec/gvfsd-trash

[/usr/libexec/gvfsd-trash --spawner :1.8 /org/gtk/gvfs/exec_spaw/0]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -childID 1 -isForBrowser -prefsLen 20430 -prefMapSize 235269 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser {df204d4b-2de8-4661-a4e2-d09b8e7c336a} 1495 true tab]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -childID 2 -isForBrowser -prefsLen 26797 -prefMapSize 235269 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser {01a372fb-4275-4f4d-ad70-581035355c54} 1495 true tab]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -parentBuildID 20240108143603 -sandboxingKind 0 -prefsLen 27302 -prefMapSize 235269 -appDir /usr/lib/firefox/browser {5702c401-cdef-4b29-bda8-d4818ba95bcf} 1495 true utility]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -childID 3 -isForBrowser -prefsLen 25395 -prefMapSize 235269 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser {139c3917-c008-4d77-94d9-9db24c60ff69} 1495 true tab]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -childID 4 -isForBrowser -prefsLen 25395 -prefMapSize 235269 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser {aa058bca-7142-4329-8465-10b098d5d152} 1495 true tab]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -childID 5 -isForBrowser -prefsLen 25395 -prefMapSize 235269 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser {7c99a927-23db-4fe0-8fd3-635ceb67fb11} 1495 true tab]

/usr/bin/gnome-keyring-daemon

[/usr/bin/gnome-keyring-daemon --start --foreground --components=secrets]

/usr/libexec/gvfs-udisks2-volume-monitor

[/usr/libexec/gvfs-udisks2-volume-monitor]

/usr/libexec/gvfs-afc-volume-monitor

[/usr/libexec/gvfs-afc-volume-monitor]

/usr/libexec/gvfs-mtp-volume-monitor

[/usr/libexec/gvfs-mtp-volume-monitor]

/usr/libexec/gvfs-gphoto2-volume-monitor

[/usr/libexec/gvfs-gphoto2-volume-monitor]

/usr/libexec/gvfs-goa-volume-monitor

[/usr/libexec/gvfs-goa-volume-monitor]

/usr/libexec/goa-daemon

[/usr/libexec/goa-daemon]

/usr/libexec/goa-identity-service

[/usr/libexec/goa-identity-service]

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 1.1.1.1:53 webminer.pages.dev udp
US 1.1.1.1:53 webminer.pages.dev udp
US 172.66.47.98:443 webminer.pages.dev tcp
US 1.1.1.1:53 location.services.mozilla.com udp
US 1.1.1.1:53 location.services.mozilla.com udp
US 1.1.1.1:53 prod.classify-client.prod.webservices.mozgcp.net udp
US 35.190.72.216:443 location.services.mozilla.com tcp
US 35.190.72.216:443 location.services.mozilla.com udp
US 1.1.1.1:53 spocs.getpocket.com udp
US 1.1.1.1:53 spocs.getpocket.com udp
US 172.66.47.98:443 webminer.pages.dev udp
US 1.1.1.1:53 prod.ads.prod.webservices.mozgcp.net udp
US 1.1.1.1:53 getpocket.cdn.mozilla.net udp
US 1.1.1.1:53 getpocket.cdn.mozilla.net udp
US 34.120.5.221:443 getpocket.cdn.mozilla.net tcp
US 1.1.1.1:53 shavar.prod.mozaws.net udp
US 1.1.1.1:53 smiling-tilda-mono.koyeb.app udp
US 1.1.1.1:53 smiling-tilda-mono.koyeb.app udp
US 172.67.24.44:443 smiling-tilda-mono.koyeb.app tcp
US 1.1.1.1:53 tracking-protection.cdn.mozilla.net udp
US 1.1.1.1:53 tracking-protection.cdn.mozilla.net udp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 1.1.1.1:53 firefox-settings-attachments.cdn.mozilla.net udp
US 1.1.1.1:53 firefox-settings-attachments.cdn.mozilla.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 attachments.prod.remote-settings.prod.webservices.mozgcp.net udp
US 34.117.121.53:443 firefox-settings-attachments.cdn.mozilla.net tcp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 172.67.24.44:443 smiling-tilda-mono.koyeb.app tcp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 retired-jorey-malphite-node.koyeb.app udp
US 1.1.1.1:53 retired-jorey-malphite-node.koyeb.app udp
US 172.67.24.44:443 retired-jorey-malphite-node.koyeb.app tcp
US 172.67.24.44:443 retired-jorey-malphite-node.koyeb.app tcp
US 1.1.1.1:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 1.1.1.1:53 ciscobinary.openh264.org udp
US 1.1.1.1:53 ciscobinary.openh264.org udp
GB 88.221.134.155:80 ciscobinary.openh264.org tcp
US 1.1.1.1:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 1.1.1.1:53 attachments.prod.remote-settings.prod.webservices.mozgcp.net udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 91.189.91.49:80 connectivity-check.ubuntu.com tcp
US 1.1.1.1:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 1.1.1.1:53 content-signature-chains.prod.autograph.services.mozaws.net udp
US 1.1.1.1:53 content-signature-chains.prod.autograph.services.mozaws.net udp
US 1.1.1.1:53 attachments.prod.remote-settings.prod.webservices.mozgcp.net udp
US 34.117.121.53:443 firefox-settings-attachments.cdn.mozilla.net tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
GB 185.125.190.96:80 connectivity-check.ubuntu.com tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 91.189.91.48:80 connectivity-check.ubuntu.com tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 91.189.91.97:80 connectivity-check.ubuntu.com tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 91.189.91.49:80 connectivity-check.ubuntu.com tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
GB 185.125.190.98:80 connectivity-check.ubuntu.com tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 91.189.91.98:80 connectivity-check.ubuntu.com tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 91.189.91.97:80 connectivity-check.ubuntu.com tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 91.189.91.98:80 connectivity-check.ubuntu.com tcp

Files

/tmp/tmpaddon

MD5 30082ae40dc48af6343db2fd22cfc645
SHA1 3eb577555ee638e8beb01173e8f29e172747a728
SHA256 85d4b95f9b2075daee9b0e64bce8d9d7343d0dda10e6072d7f9485a68472ee76
SHA512 53a58bfb4c8124ad4f7655b99bfdea290033a085e0796b19245b33b91c0948fdac9f0c3e817130b352493a65d9a7a0fc8a7c1eedc618cdaa2b4580734a11cd9c

Analysis: behavioral11

Detonation Overview

Submitted

2024-08-31 10:45

Reported

2024-08-31 10:47

Platform

ubuntu2204-amd64-20240611-en

Max time kernel

0s

Max time network

0s

Command Line

[xdg-open https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5]

Signatures

Enumerates kernel/hardware configuration

Description Indicator Process Target
File opened for reading /sys/module/apparmor/parameters/enabled /usr/bin/dbus-daemon N/A
File opened for reading /sys/kernel/security/apparmor/features/dbus/mask /usr/bin/dbus-daemon N/A

Reads runtime system information

Description Indicator Process Target
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/filesystems /usr/bin/sed N/A
File opened for reading /proc/filesystems /usr/bin/sed N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/filesystems /usr/bin/sed N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/fd /usr/bin/dbus-send N/A
File opened for reading /proc/1578/status /usr/bin/dbus-daemon N/A
File opened for reading /proc/1594/cmdline /usr/bin/dbus-daemon N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/sys/kernel/cap_last_cap /usr/bin/dbus-daemon N/A
File opened for reading /proc/mounts /usr/bin/dbus-daemon N/A
File opened for reading /proc/1573/cmdline /usr/bin/dbus-daemon N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/fd /usr/bin/dbus-send N/A
File opened for reading /proc/1578/attr/apparmor/current /usr/bin/dbus-daemon N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/filesystems /usr/bin/sed N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/filesystems /usr/bin/sed N/A
File opened for reading /proc/filesystems /usr/bin/dbus-daemon N/A

Processes

/usr/bin/xdg-open

[xdg-open https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5]

/usr/bin/dbus-send

[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]

/usr/bin/dbus-launch

[dbus-launch --autolaunch f2de92a803c744e586bd87567a26b68a --binary-syntax --close-stderr]

/usr/bin/dbus-daemon

[/usr/bin/dbus-daemon --syslog-only --fork --print-pid 5 --print-address 7 --session]

/usr/bin/grep

[grep = \"xfce4\"$]

/usr/bin/xprop

[xprop -root _DT_SAVE_MODE]

/usr/bin/grep

[grep -i ^xfce_desktop_window]

/usr/bin/xprop

[xprop -root]

/usr/bin/grep

[grep -q ^Enlightenment]

/usr/bin/uname

[uname]

/usr/bin/grep

[grep -q ^file://]

/usr/bin/egrep

[egrep -q ^[[:alpha:]+\.\-]+:]

/usr/local/sbin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/local/bin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/sbin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/bin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/bin/sed

[sed -n s/\(^[[:alnum:]+\.-]*\):.*$/\1/p]

/usr/bin/xdg-mime

[xdg-mime query default x-scheme-handler/https]

/usr/bin/dbus-send

[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]

/usr/bin/dbus-launch

[dbus-launch --autolaunch f2de92a803c744e586bd87567a26b68a --binary-syntax --close-stderr]

/usr/bin/grep

[grep = \"xfce4\"$]

/usr/bin/xprop

[xprop -root _DT_SAVE_MODE]

/usr/bin/grep

[grep -i ^xfce_desktop_window]

/usr/bin/xprop

[xprop -root]

/usr/bin/grep

[grep -q ^Enlightenment]

/usr/bin/uname

[uname]

/usr/bin/sed

[sed s/:/ /g]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/usr/bin/grep

[grep x-scheme-handler/https= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/usr/bin/grep

[grep x-scheme-handler/https= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/usr/bin/grep

[grep x-scheme-handler/https= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/usr/bin/grep

[grep x-scheme-handler/https= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/usr/bin/grep

[grep x-scheme-handler/https= /usr/share//applications/defaults.list /usr/share//applications/mimeinfo.cache]

/usr/bin/sed

[sed s/:/ /g]

/usr/bin/sed

[sed -e s|-|/|]

/usr/bin/sed

[sed -e s|-|/|]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/which

[which firefox]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/firefox

[/usr/bin/firefox https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5]

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

/root/.dbus/session-bus/f2de92a803c744e586bd87567a26b68a-0

MD5 60c16fb6fc2c560e464e13e517cedbd3
SHA1 ab90c702e7fee1bbcf590b6bc9f27f4c6c722d65
SHA256 538f4c14ee980c02e4f71cbefc63660803fb70f3f6e1adcf6a1bac79caecf936
SHA512 c2d53ad9745bf176bcb807a30ca18c87f9030de8302280216b24ebee9b7bb5a64119dbf63d2e8ee6d245b5fa3088d0cc72037b00036df4aeb201825635fcb4d2