Malware Analysis Report

2025-01-23 15:03

Sample ID 240831-rdvh3axcpq
Target https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5
Tags
discovery evasion antivm
score
5/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Mobile Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral5

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral9

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral10

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral3

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral11

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral4

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral8

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral7

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral12

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral13

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral6

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
5/10

Threat Level: Likely benign

The file https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5 was found to be: Likely benign.

Malicious Activity Summary

discovery evasion antivm

Drops file in System32 directory

Drops file in Windows directory

Reads CPU attributes

Checks CPU configuration

Changes its process name

Resource Forking

Browser Information Discovery

Writes file to tmp directory

Reads runtime system information

Enumerates kernel/hardware configuration

Suspicious use of FindShellTrayWindow

Modifies data under HKEY_USERS

Enumerates system info in registry

Suspicious use of AdjustPrivilegeToken

Checks memory information

Checks CPU information

Suspicious use of SendNotifyMessage

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of WriteProcessMemory

Suspicious behavior: EnumeratesProcesses

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-08-31 14:05

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-08-31 14:05

Reported

2024-08-31 14:57

Platform

win7-20240729-en

Max time kernel

239s

Max time network

2697s

Command Line

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5

Signatures

Browser Information Discovery

discovery

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 1644 wrote to memory of 2136 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1644 wrote to memory of 2136 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1644 wrote to memory of 2136 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1644 wrote to memory of 2804 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1644 wrote to memory of 2804 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1644 wrote to memory of 2804 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1644 wrote to memory of 2804 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1644 wrote to memory of 2804 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1644 wrote to memory of 2804 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1644 wrote to memory of 2804 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1644 wrote to memory of 2804 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1644 wrote to memory of 2804 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1644 wrote to memory of 2804 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1644 wrote to memory of 2804 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1644 wrote to memory of 2804 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1644 wrote to memory of 2804 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1644 wrote to memory of 2804 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1644 wrote to memory of 2804 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1644 wrote to memory of 2804 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1644 wrote to memory of 2804 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1644 wrote to memory of 2804 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1644 wrote to memory of 2804 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1644 wrote to memory of 2804 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1644 wrote to memory of 2804 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1644 wrote to memory of 2804 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1644 wrote to memory of 2804 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1644 wrote to memory of 2804 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1644 wrote to memory of 2804 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1644 wrote to memory of 2804 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1644 wrote to memory of 2804 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1644 wrote to memory of 2804 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1644 wrote to memory of 2804 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1644 wrote to memory of 2804 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1644 wrote to memory of 2804 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1644 wrote to memory of 2804 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1644 wrote to memory of 2804 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1644 wrote to memory of 2804 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1644 wrote to memory of 2804 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1644 wrote to memory of 2804 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1644 wrote to memory of 2804 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1644 wrote to memory of 2804 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1644 wrote to memory of 2804 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1644 wrote to memory of 3020 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1644 wrote to memory of 3020 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1644 wrote to memory of 3020 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1644 wrote to memory of 1956 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1644 wrote to memory of 1956 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1644 wrote to memory of 1956 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1644 wrote to memory of 1956 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1644 wrote to memory of 1956 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1644 wrote to memory of 1956 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1644 wrote to memory of 1956 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1644 wrote to memory of 1956 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1644 wrote to memory of 1956 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1644 wrote to memory of 1956 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1644 wrote to memory of 1956 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1644 wrote to memory of 1956 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1644 wrote to memory of 1956 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1644 wrote to memory of 1956 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1644 wrote to memory of 1956 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1644 wrote to memory of 1956 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1644 wrote to memory of 1956 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1644 wrote to memory of 1956 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1644 wrote to memory of 1956 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef7c69758,0x7fef7c69768,0x7fef7c69778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1164 --field-trial-handle=1304,i,6063960767943951926,11586442246777386894,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1548 --field-trial-handle=1304,i,6063960767943951926,11586442246777386894,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1596 --field-trial-handle=1304,i,6063960767943951926,11586442246777386894,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2204 --field-trial-handle=1304,i,6063960767943951926,11586442246777386894,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2212 --field-trial-handle=1304,i,6063960767943951926,11586442246777386894,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1124 --field-trial-handle=1304,i,6063960767943951926,11586442246777386894,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3652 --field-trial-handle=1304,i,6063960767943951926,11586442246777386894,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3504 --field-trial-handle=1304,i,6063960767943951926,11586442246777386894,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1044 --field-trial-handle=1304,i,6063960767943951926,11586442246777386894,131072 /prefetch:8

Network

Country Destination Domain Proto
US 8.8.8.8:53 webminer.pages.dev udp
US 172.66.47.98:443 webminer.pages.dev tcp
US 172.66.47.98:443 webminer.pages.dev tcp
US 172.66.47.98:443 webminer.pages.dev udp
US 8.8.8.8:53 retired-jorey-malphite-node.koyeb.app udp
US 104.22.79.190:443 retired-jorey-malphite-node.koyeb.app tcp
US 8.8.8.8:53 smiling-tilda-mono.koyeb.app udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 172.217.16.234:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 apps.identrust.com udp
GB 88.221.134.137:80 apps.identrust.com tcp
US 104.22.79.190:443 smiling-tilda-mono.koyeb.app tcp
US 104.22.79.190:443 smiling-tilda-mono.koyeb.app tcp
N/A 224.0.0.251:5353 udp

Files

\??\pipe\crashpad_1644_OUXGUYXJJGHDGSFV

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000007.dbtmp

MD5 18e723571b00fb1694a3bad6c78e4054
SHA1 afcc0ef32d46fe59e0483f9a3c891d3034d12f32
SHA256 8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa
SHA512 43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

MD5 f50f89a0a91564d0b8a211f8921aa7de
SHA1 112403a17dd69d5b9018b8cede023cb3b54eab7d
SHA256 b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec
SHA512 bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

C:\Users\Admin\AppData\Local\Temp\TarBC33.tmp

MD5 4ea6026cf93ec6338144661bf1202cd1
SHA1 a1dec9044f750ad887935a01430bf49322fbdcb7
SHA256 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8
SHA512 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

C:\Users\Admin\AppData\Local\Temp\CabBC30.tmp

MD5 49aebf8cbd62d92ac215b2923fb1b9f5
SHA1 1723be06719828dda65ad804298d0431f6aff976
SHA256 b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f
SHA512 bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 0b0cca47004bbcb2f635b33d4dc6773d
SHA1 3bd3f265b28333db17bd6601199c1d9dde8c912e
SHA256 96987418aa1bf4ea7bbb59db6029ac3154414bee5b0ba4f01a4a74c48a17336d
SHA512 c028dd57544bffae7f74223fac945b84e8ffb400ce5522bf6b0a2259733b825c3d68e1200a41a9ab6c1282cb3ad7250c5e466b07bdd96582ce53e7bb19765c2a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 96aa189a804f1e67906948d667e804c8
SHA1 da777fa7a17fb5533119c043cdadfa7c5e650359
SHA256 230ca878d110a995ed0d1996c6f9b2a895c9c375a72d92dd750d0aeae8a861ad
SHA512 cdee9d94c43e32000fda609972d5b2e4988fc06cef71a2e3df1605bbe2dbe87589cf5be5e293d7c7f3ce2bbfb8cc0cbc789120bc93b4f438b65a5d03fa800377

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4206ac3e6b80092e2a9361c6e0217fb4
SHA1 256d94e6606a3d41028c5c1de61f261e671fdbef
SHA256 75869ca3f6c864a4492f6f8d74441f6d052ed65b39e036c0ce1e308a7bf4f477
SHA512 745d7c9ac1b1e1db13b08d244976d526ca4d7f60db3516445124565fbab90d38619361d454ab98ba9fabfe85313b76c5ae23c91568a19f25f90594b9477cad31

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 4c0ab17f0e4be275040e06e8454c7779
SHA1 0fffd4e497822d5607b8890019b0b064dbe198e5
SHA256 9804f3432cf6f8bfc245988e8add7e55b8bb337656d2844e1b7ff5572b2ebf75
SHA512 82b9d44ad036f05348707d05d895388fb8d5f335f15598fd3ee06cbbfcb4cb1e3ff9a6caf83d417aee7fd3af6530932a4cbdfb581962225d3cf448b2477ff8cf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 af5d192ee8da9dbb6d70f51641d4e087
SHA1 a8ccee9f929deeb8b0583ad513704a2b69338f95
SHA256 e7b78d4a084c869ee45cfaa6b1eaf335adb0205db9ddf286f44850c7a614a742
SHA512 bea0c6dca74eee8ee8bf6ee0b3b2e62ac64650b63cd85624e9b1b66e52e65f99f4df68193ced442159830422dcf03d7e7b72bbe4737dd5edb8b495cefd4844bb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 75763b98607ccfa716f515652abfad37
SHA1 c06e2e269ac2d566a39dbd8d909553f561eafa4b
SHA256 ed184ac21993c4620c45153313acea65aee087e0275c370061cbb43c7a571f04
SHA512 070637c1232919b360a09613b2fa704ef8cea271776cb172fe5b250a807123edf7fcb031a74de0411aea5072d01fc0460c2336f48d1eb906a3d39814b31aad00

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\f92d9775-3b20-4726-adce-2c1f5972719e.tmp

MD5 f60500cb9154d3d14b272563ee8c8cad
SHA1 5be2d5cf156e6e6caba6d9fa1ab1a0895d80676e
SHA256 5fe7e01091e00e10e80d50cbbdd5e9912669db344e10ed0d52cc4c3cfe4e7c36
SHA512 9cc924bd02e0737257fe22c52cc622dd211d4de21aa3a4cf4a985befc2f4086c17cab1e46e0a251198abcb0d0a8b26a72a18ff7e6c07390bd5bebaa381208a48

Analysis: behavioral5

Detonation Overview

Submitted

2024-08-31 14:05

Reported

2024-08-31 14:14

Platform

android-x64-20240624-en

Max time kernel

18s

Max time network

22s

Command Line

com.android.chrome

Signatures

Checks CPU information

Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Processes

com.android.chrome

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 accounts.google.com udp
BE 142.250.110.84:443 accounts.google.com tcp
US 1.1.1.1:53 accounts.google.com udp
BE 74.125.206.84:443 accounts.google.com tcp
US 1.1.1.1:53 webminer.pages.dev udp
US 172.66.44.158:443 webminer.pages.dev tcp
US 172.66.44.158:443 webminer.pages.dev tcp
US 1.1.1.1:53 ssl.google-analytics.com udp
GB 142.250.187.232:443 ssl.google-analytics.com tcp
US 1.1.1.1:53 update.googleapis.com udp
GB 216.58.201.99:443 update.googleapis.com tcp
GB 142.250.179.238:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.180.14:443 android.apis.google.com tcp

Files

N/A

Analysis: behavioral9

Detonation Overview

Submitted

2024-08-31 14:05

Reported

2024-08-31 14:16

Platform

macos-20240711.1-en

Max time kernel

52s

Max time network

55s

Command Line

[xpcproxy com.apple.var-db-dslocal-backup]

Signatures

Resource Forking

evasion
Description Indicator Process Target
N/A "/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Frameworks/KeystoneRegistration.framework/Helpers/ksinstall" "--install=/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Frameworks/KeystoneRegistration.framework/Resources/Keystone.tbz" N/A N/A
N/A /usr/bin/tar -Oxjf "/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Frameworks/KeystoneRegistration.framework/Resources/Keystone.tbz" GoogleSoftwareUpdate.bundle/Contents/Info.plist N/A N/A
N/A /Library/Google/GoogleSoftwareUpdate/GoogleSoftwareUpdate.bundle/Contents/Resources/GoogleSoftwareUpdateAgent.app/Contents/MacOS/GoogleSoftwareUpdateAgent -runMode ifneeded N/A N/A
N/A /System/Library/CoreServices/loginwindow.app/Contents/Resources/LWWeeklyMessageTracer N/A N/A
N/A "/Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Resources/Java Updater.app/Contents/MacOS/Java Updater" -bgcheck N/A N/A

Processes

/usr/libexec/xpcproxy

[xpcproxy com.apple.var-db-dslocal-backup]

/usr/bin/xar

[/usr/bin/xar -c -f dslocal-backup.xar dslocal]

/usr/libexec/xpcproxy

[xpcproxy com.apple.pluginkit.pkreporter]

/bin/sh

[sh -c sudo /bin/zsh -c "/Applications/Google\ Chrome.app/Contents/MacOS/Google\ Chrome --simulate-outdated-no-au='Tue, 31 Dec 2099' --new-window https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5"]

/usr/libexec/xpcproxy

[xpcproxy com.apple.gkreport]

/usr/libexec/pkreporter

[/usr/libexec/pkreporter]

/bin/bash

[sh -c sudo /bin/zsh -c "/Applications/Google\ Chrome.app/Contents/MacOS/Google\ Chrome --simulate-outdated-no-au='Tue, 31 Dec 2099' --new-window https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5"]

/usr/libexec/gkreport

[/usr/libexec/gkreport]

/usr/bin/sudo

[sudo /bin/zsh -c /Applications/Google\ Chrome.app/Contents/MacOS/Google\ Chrome --simulate-outdated-no-au='Tue, 31 Dec 2099' --new-window https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5]

/usr/libexec/xpcproxy

[xpcproxy com.apple.systemstats.daily]

/usr/libexec/xpcproxy

[xpcproxy com.apple.loginwindow.LWWeeklyMessageTracer]

/usr/libexec/xpcproxy

[xpcproxy com.apple.newsyslog]

/usr/libexec/xpcproxy

[xpcproxy com.oracle.java.Java-Updater]

/System/Library/CoreServices/loginwindow.app/Contents/Resources/LWWeeklyMessageTracer

[/System/Library/CoreServices/loginwindow.app/Contents/Resources/LWWeeklyMessageTracer]

/usr/sbin/newsyslog

[/usr/sbin/newsyslog]

/bin/zsh

[/bin/zsh -c /Applications/Google\ Chrome.app/Contents/MacOS/Google\ Chrome --simulate-outdated-no-au='Tue, 31 Dec 2099' --new-window https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5]

/Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Resources/Java Updater.app/Contents/MacOS/Java Updater

[/Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Resources/Java Updater.app/Contents/MacOS/Java Updater -bgcheck]

/usr/libexec/xpcproxy

[xpcproxy com.apple.sysmond]

/usr/libexec/sysmond

[/usr/libexec/sysmond]

/usr/libexec/xpcproxy

[xpcproxy com.apple.audio.AudioComponentRegistrar]

/System/Library/Frameworks/AudioToolbox.framework/AudioComponentRegistrar

[/System/Library/Frameworks/AudioToolbox.framework/AudioComponentRegistrar -daemon]

/bin/launchctl

[/bin/launchctl kill SIGTERM system/com.microsoft.OneDriveUpdaterDaemon]

/bin/launchctl

[/bin/launchctl kill SIGTERM system/com.microsoft.OneDriveStandaloneUpdaterDaemon]

/usr/libexec/xpcproxy

[xpcproxy com.google.Chrome.3056]

/Applications/Google Chrome.app/Contents/MacOS/Google Chrome

[/Applications/Google Chrome.app/Contents/MacOS/Google Chrome]

/usr/libexec/xpcproxy

[xpcproxy com.apple.GameController.gamecontrollerd]

/usr/libexec/gamecontrollerd

[/usr/libexec/gamecontrollerd]

/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/chrome_crashpad_handler

[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/chrome_crashpad_handler --monitor-self-annotation=ptype=crashpad-handler --database=/Users/run/Library/Application Support/Google/Chrome/Crashpad --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=OS X --annotation=prod=Chrome_Mac --annotation=ver=101.0.4951.54 --handshake-fd=5]

/usr/bin/profiles

[/usr/bin/profiles status -type enrollment]

/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Frameworks/KeystoneRegistration.framework/Helpers/ksinstall

[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Frameworks/KeystoneRegistration.framework/Helpers/ksinstall --install=/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Frameworks/KeystoneRegistration.framework/Resources/Keystone.tbz]

/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/developer_id_certificate_reauthorize

[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/developer_id_certificate_reauthorize com.google.Chrome]

/usr/bin/tar

[/usr/bin/tar -Oxjf /Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Frameworks/KeystoneRegistration.framework/Resources/Keystone.tbz GoogleSoftwareUpdate.bundle/Contents/Info.plist]

/Library/Google/GoogleSoftwareUpdate/GoogleSoftwareUpdate.bundle/Contents/Resources/GoogleSoftwareUpdateAgent.app/Contents/MacOS/GoogleSoftwareUpdateAgent

[/Library/Google/GoogleSoftwareUpdate/GoogleSoftwareUpdate.bundle/Contents/Resources/GoogleSoftwareUpdateAgent.app/Contents/MacOS/GoogleSoftwareUpdateAgent -runMode ifneeded]

/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (GPU).app/Contents/MacOS/Google Chrome Helper (GPU)

[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (GPU).app/Contents/MacOS/Google Chrome Helper (GPU) --type=gpu-process --gpu-preferences=UAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJgEAAAAAAAAmAQAAAAAAACIAQAAMAAAAIABAAAAAAAAiAEAAAAAAACQAQAAAAAAAJgBAAAAAAAAoAEAAAAAAACoAQAAAAAAALABAAAAAAAAuAEAAAAAAADAAQAAAAAAAMgBAAAAAAAA0AEAAAAAAADYAQAAAAAAAOABAAAAAAAA6AEAAAAAAADwAQAAAAAAAPgBAAAAAAAAAAIAAAAAAAAIAgAAAAAAABACAAAAAAAAGAIAAAAAAAAgAgAAAAAAACgCAAAAAAAAMAIAAAAAAAA4AgAAAAAAAEACAAAAAAAASAIAAAAAAABQAgAAAAAAAFgCAAAAAAAAYAIAAAAAAABoAgAAAAAAAHACAAAAAAAAeAIAAAAAAACAAgAAAAAAAIgCAAAAAAAAkAIAAAAAAACYAgAAAAAAAKACAAAAAAAAqAIAAAAAAACwAgAAAAAAALgCAAAAAAAAwAIAAAAAAADIAgAAAAAAANACAAAAAAAA2AIAAAAAAADgAgAAAAAAAOgCAAAAAAAA8AIAAAAAAAD4AgAAAAAAABAAAAAAAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAHAAAAEAAAAAAAAAAAAAAACAAAABAAAAAAAAAAAAAAAAkAAAAQAAAAAAAAAAAAAAALAAAAEAAAAAAAAAAAAAAADAAAABAAAAAAAAAAAAAAAA4AAAAQAAAAAAAAAAAAAAAPAAAAEAAAAAAAAAABAAAAAAAAABAAAAAAAAAAAQAAAAcAAAAQAAAAAAAAAAEAAAAIAAAAEAAAAAAAAAABAAAACQAAABAAAAAAAAAAAQAAAAsAAAAQAAAAAAAAAAEAAAAMAAAAEAAAAAAAAAABAAAADgAAABAAAAAAAAAAAQAAAA8AAAAQAAAAAAAAAAQAAAAAAAAAEAAAAAAAAAAEAAAABwAAABAAAAAAAAAABAAAAAgAAAAQAAAAAAAAAAQAAAAJAAAAEAAAAAAAAAAEAAAACwAAABAAAAAAAAAABAAAAAwAAAAQAAAAAAAAAAQAAAAOAAAAEAAAAAAAAAAEAAAADwAAABAAAAAAAAAABwAAAAAAAAAQAAAAAAAAAAcAAAAHAAAAEAAAAAAAAAAHAAAACAAAABAAAAAAAAAABwAAAAkAAAAQAAAAAAAAAAcAAAALAAAAEAAAAAAAAAAHAAAADAAAABAAAAAAAAAABwAAAA4AAAAQAAAAAAAAAAcAAAAPAAAAEAAAAAAAAAAIAAAAAAAAABAAAAAAAAAACAAAAAcAAAAQAAAAAAAAAAgAAAAIAAAAEAAAAAAAAAAIAAAACQAAABAAAAAAAAAACAAAAAsAAAAQAAAAAAAAAAgAAAAMAAAAEAAAAAAAAAAIAAAADgAAABAAAAAAAAAACAAAAA8AAAAQAAAAAAAAAAoAAAAAAAAAEAAAAAAAAAAKAAAABwAAABAAAAAAAAAACgAAAAgAAAAQAAAAAAAAAAoAAAAJAAAAEAAAAAAAAAAKAAAACwAAABAAAAAAAAAACgAAAAwAAAAQAAAAAAAAAAoAAAAOAAAAEAAAAAAAAAAKAAAADwAAAAgAAAAAAAAACAAAAAAAAAA= --shared-files --field-trial-handle=1718379636,r,11404411284943829947,10734512572911036122,131072 --seatbelt-client=26]

/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper

[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=network --shared-files --field-trial-handle=1718379636,r,11404411284943829947,10734512572911036122,131072 --seatbelt-client=26]

/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper

[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-GB --service-sandbox-type=utility --shared-files --field-trial-handle=1718379636,r,11404411284943829947,10734512572911036122,131072 --seatbelt-client=26]

/Library/Application Support/Google/GoogleUpdater/128.0.6537.0/GoogleUpdater.app/Contents/MacOS/GoogleUpdater

[/Library/Application Support/Google/GoogleUpdater/128.0.6537.0/GoogleUpdater.app/Contents/MacOS/GoogleUpdater --wake-all --system]

/Users/run/Library/Application Support/Google/GoogleUpdater/128.0.6537.0/GoogleUpdater.app/Contents/MacOS/GoogleUpdater

[/Users/run/Library/Application Support/Google/GoogleUpdater/128.0.6537.0/GoogleUpdater.app/Contents/MacOS/GoogleUpdater --wake-all]

/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Alerts).app/Contents/MacOS/Google Chrome Helper (Alerts)

[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Alerts).app/Contents/MacOS/Google Chrome Helper (Alerts) --type=utility --utility-sub-type=mac_notifications.mojom.MacNotificationProvider --lang=en-GB --service-sandbox-type=none --message-loop-type-ui --shared-files --field-trial-handle=1718379636,r,11404411284943829947,10734512572911036122,131072]

/Library/Application Support/Google/GoogleUpdater/128.0.6537.0/GoogleUpdater.app/Contents/MacOS/GoogleUpdater

[/Library/Application Support/Google/GoogleUpdater/128.0.6537.0/GoogleUpdater.app/Contents/MacOS/GoogleUpdater --crash-handler --system --database=/Library/Application Support/Google/GoogleUpdater/128.0.6537.0/Crashpad --url=https://clients2.google.com/cr/report --annotation=prod=Update4 --annotation=ver=128.0.6537.0 --handshake-fd=4]

/Library/Application Support/Google/GoogleUpdater/128.0.6537.0/GoogleUpdater.app/Contents/MacOS/GoogleUpdater

[/Library/Application Support/Google/GoogleUpdater/128.0.6537.0/GoogleUpdater.app/Contents/MacOS/GoogleUpdater --wake --system]

/Library/Application Support/Google/GoogleUpdater/128.0.6537.0/GoogleUpdater.app/Contents/MacOS/GoogleUpdater

[/Library/Application Support/Google/GoogleUpdater/128.0.6537.0/GoogleUpdater.app/Contents/MacOS/GoogleUpdater --crash-handler --system --database=/Library/Application Support/Google/GoogleUpdater/128.0.6537.0/Crashpad --url=https://clients2.google.com/cr/report --annotation=prod=Update4 --annotation=ver=128.0.6537.0 --handshake-fd=4]

/Library/Application Support/Google/GoogleUpdater/128.0.6537.0/GoogleUpdater.app/Contents/Helpers/launcher

[/Library/Application Support/Google/GoogleUpdater/128.0.6537.0/GoogleUpdater.app/Contents/Helpers/launcher --internal]

/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer)

[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer) --type=renderer --display-capture-permissions-policy-allowed --lang=en-GB --num-raster-threads=1 --enable-zero-copy --enable-gpu-memory-buffer-compositor-resources --renderer-client-id=7 --launch-time-ticks=329640220 --shared-files --field-trial-handle=1718379636,r,11404411284943829947,10734512572911036122,131072 --seatbelt-client=62]

/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer)

[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer) --type=renderer --display-capture-permissions-policy-allowed --lang=en-GB --num-raster-threads=1 --enable-zero-copy --enable-gpu-memory-buffer-compositor-resources --renderer-client-id=6 --launch-time-ticks=329680931 --shared-files --field-trial-handle=1718379636,r,11404411284943829947,10734512572911036122,131072 --seatbelt-client=62]

/Library/Google/GoogleSoftwareUpdate/GoogleSoftwareUpdate.bundle/Contents/Helpers/ksadmin

[/Library/Google/GoogleSoftwareUpdate/GoogleSoftwareUpdate.bundle/Contents/Helpers/ksadmin --productid com.google.Chrome --print-tickets --store /Library/Google/GoogleSoftwareUpdate/TicketStore/Keystone.ticketstore]

/usr/libexec/xpcproxy

[xpcproxy com.apple.SafariLaunchAgent]

/Library/Apple/System/Library/CoreServices/SafariSupport.bundle/Contents/MacOS/SafariLaunchAgent

[/Library/Apple/System/Library/CoreServices/SafariSupport.bundle/Contents/MacOS/SafariLaunchAgent]

/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer)

[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer) --type=renderer --extension-process --display-capture-permissions-policy-allowed --lang=en-GB --num-raster-threads=1 --enable-zero-copy --enable-gpu-memory-buffer-compositor-resources --renderer-client-id=8 --launch-time-ticks=332854951 --shared-files --field-trial-handle=1718379636,r,11404411284943829947,10734512572911036122,131072 --seatbelt-client=73]

/Library/Application Support/Google/GoogleUpdater/Current/GoogleUpdater.app/Contents/Helpers/launcher

[/Library/Application Support/Google/GoogleUpdater/Current/GoogleUpdater.app/Contents/Helpers/launcher]

/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer)

[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer) --type=renderer --extension-process --display-capture-permissions-policy-allowed --lang=en-GB --num-raster-threads=1 --enable-zero-copy --enable-gpu-memory-buffer-compositor-resources --renderer-client-id=12 --launch-time-ticks=333326344 --shared-files --field-trial-handle=1718379636,r,11404411284943829947,10734512572911036122,131072 --seatbelt-client=75]

/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer)

[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer) --type=renderer --extension-process --display-capture-permissions-policy-allowed --lang=en-GB --num-raster-threads=1 --enable-zero-copy --enable-gpu-memory-buffer-compositor-resources --renderer-client-id=10 --launch-time-ticks=333738485 --shared-files --field-trial-handle=1718379636,r,11404411284943829947,10734512572911036122,131072 --seatbelt-client=75]

/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer)

[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer) --type=renderer --extension-process --display-capture-permissions-policy-allowed --lang=en-GB --num-raster-threads=1 --enable-zero-copy --enable-gpu-memory-buffer-compositor-resources --renderer-client-id=11 --launch-time-ticks=334212334 --shared-files --field-trial-handle=1718379636,r,11404411284943829947,10734512572911036122,131072 --seatbelt-client=75]

/usr/sbin/system_profiler

[/usr/sbin/system_profiler SPConfigurationProfileDataType -detailLevel mini -timeout 15 -xml]

/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper

[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-GB --service-sandbox-type=service --shared-files --field-trial-handle=1718379636,r,11404411284943829947,10734512572911036122,131072 --seatbelt-client=103]

Network

Country Destination Domain Proto
US 8.8.8.8:53 cds.apple.com udp
GB 2.22.128.162:443 cds.apple.com tcp
US 8.8.8.8:53 help.apple.com udp
GB 2.22.69.78:443 help.apple.com tcp
GB 17.253.77.202:80 valid.apple.com tcp
GB 17.253.77.202:80 valid.apple.com tcp
GB 17.253.77.202:80 valid.apple.com tcp
GB 2.22.69.78:443 help.apple.com tcp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 clients2.google.com udp
GB 142.250.200.14:443 clients2.google.com tcp
US 8.8.8.8:53 www.google.com udp
GB 142.250.179.228:443 www.google.com tcp
GB 142.250.179.228:443 www.google.com tcp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.4.4:443 dns.google tcp
US 8.8.4.4:443 dns.google tcp
US 8.8.4.4:443 dns.google tcp
US 8.8.8.8:443 dns.google tcp
US 8.8.4.4:443 dns.google tcp
US 8.8.8.8:443 dns.google tcp
GB 142.250.179.228:443 www.google.com tcp
US 8.8.8.8:443 dns.google tcp
US 8.8.4.4:443 dns.google tcp
US 8.8.4.4:443 dns.google udp
US 34.104.35.123:80 tcp

Files

/tmp/com.google.Keystone/.keystone_install_lock

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C//mds/mdsObject.db

MD5 d3a1859e6ec593505cc882e6def48fc8
SHA1 f8e6728e3e9de477a75706faa95cead9ce13cb32
SHA256 3ebafa97782204a4a1d75cfec22e15fcdeab45b65bab3b3e65508707e034a16c
SHA512 ea2a749b105759ea33408186b417359deffb4a3a5ed0533cb26b459c16bb3524d67ede5c9cf0d5098921c0c0a9313fb9c2672f1e5ba48810eda548fa3209e818

/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C//mds/mdsDirectory.db

MD5 0e4a0d1ceb2af6f0f8d0167ce77be2d3
SHA1 414ba4c1dc5fc8bf53d550e296fd6f5ad669918c
SHA256 cca093bcfc65e25dd77c849866e110df72526dffbe29d76e11e29c7d888a4030
SHA512 1dc5282d27c49a4b6f921ba5dfc88b8c1d32289df00dd866f9ac6669a5a8d99afeda614bffc7cf61a44375ae73e09cd52606b443b63636977c9cd2ef4fa68a20

/Users/run/Library/Keychains/login.keychain-db

MD5 9851e4e325c9fa18cc037496f9171913
SHA1 f8b878fa3928dc0594fef0a4b8c3b16975295d92
SHA256 69e4c7783d02480338f73cd6b7c1d1ab0fafe7671b428f254e750d5502e50050
SHA512 a853d60c8a949318df52931511b7941132af46d545e2ee19651e02dfcbf878393f2353163750a2d67ecf15c43c2c59a920f0bf78f60de0adf9706e2e63026244

/Users/run/Library/Keychains/login.keychain-db

MD5 64e9b97a523c803a4d6c19c10abd5715
SHA1 8d534f028d312a7256283b09e75dbcfdbc672c12
SHA256 31746020027df9c8617ba365fd06db243ba74e2d343cbe4bd86f964c3591505e
SHA512 ea32fdd4b8787c101138bc586a5f3b5a8a7e8836742aa0233728d9f7d3aa0e82abaf9c32e9d89bcee25dcb9c399febc3cea47262b0b9c98d2b1787d5b244cd67

/Users/run/Library/Keychains/login.keychain-db

MD5 8d23849c8134eae8130c1e7e7f10e876
SHA1 10865f056737a21a4581898632d5bf513c9c88de
SHA256 a07f72bbe86ce68d67d89594c3e55f95e15dfb9769f7687a013745ecbd1f7f5e
SHA512 4a2ba7300f704572373034348eb4598cf2185f46b12080eb86546799b26b089e3b76beaeb4faffc9e70501b9fa34d9c18a7d39bb54b83a5810abb32ad64fc667

/Users/run/Library/Keychains/login.keychain-db

MD5 52886ea3d0c07469bc78e12ea0462d6d
SHA1 f8ef975d48e2207abc0c4d7942b90355e69064f7
SHA256 269950a95a59cd3b2c38b986ec855f40d3f6da6d2724181b15c3e22071570050
SHA512 0d4ad9dd20eaf6178934ce7432c2a5c7208f354026d5f319e7dce97b19e8c8aea99efbf79955458913c11445fd5283caa0c827a889abc10dff8fd1505a68d834

/Users/run/Library/Keychains/login.keychain-db

MD5 4c7807482e9b29dbb075b0e14a9ed78a
SHA1 8742a179dbddc455e411085d8a1dca6e41f4a80a
SHA256 d8e0a20bb655c02f51563671fb0b7929808dd18c5cd7c4723f52335e6202e54e
SHA512 81b52ce29887ced7279dfe4b4645b35e332dfede861a53d09a21d983b2adb351f4727ca8975027d82b6d6e43d0769c4a013b8d8c982e552ed565f82ad2708016

/Users/run/Library/Application Support/Google/Chrome/Crashpad/settings.dat

MD5 fcb4024c6dc53a5b72c492fd960762d7
SHA1 82c43024d9e274bf2b8a5d1e505d65cf3873fb92
SHA256 5cca682cfa80faa97838327d83ef5a2cc39e21b0cf16639aa7c4f095bf1be4e6
SHA512 5373007f40ec378d18770218163ffc2870036bf8c0af1128194a60c6ed6d944f2e3833bf151fb5bf4aee9325c1fbab56bacf3f6437daaa59efb0afdc5c5eed8b

/Users/run/Library/Keychains/login.keychain-db

MD5 f57b9f4ce5d91d02de70b529e1efdc7f
SHA1 8ac37361535b16163795995dfb2d5bca694cc1df
SHA256 ead28506ffd5a49513c5fe06fa5dcef52b5781377cb20b7f10fa3474a3ee5711
SHA512 79d63722cf3e3be63c84c89f15cb940d8ede806f5f0f7d8aabab8a04274cc4a95905926e1daf559f32dc1993cc679d901fe381c04657a025eb7e6f37534ef3bb

/Users/run/Library/Application Support/Google/Chrome/Default/Sync Data/LevelDB/000003.ldb

MD5 fe382e791274914bee5950777e4f1fd3
SHA1 53b523b5fc87e66f2520a0b5f9ea080072668f4d
SHA256 935d36c021d0e08a5648c622f3f6fde376e3310013680ae598c0e22dc943d132
SHA512 a5f608fb4f0a1dbc4c5d1b739b1a5b6f50cac1d6a61312b19abf9f601882a291d73524ac55bbe183e4e64db8dcc203d4bf3cedc734fd04bd448cb825d98d1e67

/Users/run/Library/Application Support/Google/Chrome/Default/Site Characteristics Database/000003.ldb

MD5 6487e04972ecffd0aabf7b61bdda8119
SHA1 26f0b11a2529a35f6970a914deadfcf2e2d23286
SHA256 241a349a63252a8026016a5ef0d713fc18f76735dd0c10963f9a693bfdb9b172
SHA512 44db500fa4549808a5ed1db5516fe4d412cc4e3898d102399fa6f467a2ed3fa79f133a0afcc5e1ab91f480267027ea11e48e37247d24513542286310ab2d47ae

/Users/run/Library/Application Support/Google/Chrome/Default/Extension Scripts/CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

/Users/run/Library/Application Support/Google/Chrome/Default/Extension Scripts/MANIFEST-000001

MD5 5af87dfd673ba2115e2fcf5cfdb727ab
SHA1 d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256 f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512 de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

/Users/run/Library/Application Support/Google/Chrome/Default/Local Storage/leveldb/000003.ldb

MD5 61a867b6e4a24cfcfd32ddef25ac3229
SHA1 87cc4516fbce1700174d8ea27c9d2cb70a60a1fd
SHA256 9cc80c0d1dfe7205c6530402c3240171966e72b6df8ef0e8571660fb18652cd5
SHA512 3678cc5f913c7f6c179be8d8483240a1c9aabbe5b295d6aa2b8037c60a8f2aa473f1fb56a7ee7093aaa8c24b968d32fed99972f6f837868f86b53b45de13f4dc

/Users/run/Library/Application Support/Google/Chrome/Default/Session Storage/000003.ldb

MD5 b5db1f091948de93d7fc96e14aef6da3
SHA1 74745f991e3dfe45037366e55c2e6df47d8e6593
SHA256 b7600cfe0aa091e9ab8540869b7ea120a62b36240acc0370c3fd62655b58bf4e
SHA512 d116ffaa01fa29545758fbe273c10d57879a91983d6b5a86ed410a0ac79cc8370fd2552284afa56f363a75ba6a89cc5c9a33f99071012dba2f2f8298ad0cac34

/Users/run/Library/Application Support/Google/Chrome/Default/shared_proto_db/metadata/000003.ldb

MD5 b47a44bdd1b765b6af56b347447fd1b7
SHA1 8599a1870656af91e432bb35e3497863e34ddfbb
SHA256 79b1150f1008ed3fbde59417e9727bce33a34ee2ac5b407eec1a82beabdd2c06
SHA512 bfa1d967125878a40068e4d5ec4a4bed4f211373ef2ca839a51cb9a29d2da5afcc65755134af2ae732dc03391a636fbb222b4ae481315e4213ceb8d74797c9f0

/Users/run/Library/Application Support/Google/Chrome/Default/shared_proto_db/000003.ldb

MD5 e0f65ad85a40a32fa91e551005e193ce
SHA1 a145766d5df23ae5fcd23dbb6937606f280f3502
SHA256 18b5270537241fdd8a8de2f4435bb9a19acc82d565bf629678c07360e0fa89d8
SHA512 bfcf2075ba3d99c6bf4840d6c7754668ac65e7b88aced5c727f99de68940783424b6e9755b4d90c28f489f87d88eda0f2b5194c292c7bcd0cebcb6a66adb2425

Analysis: behavioral10

Detonation Overview

Submitted

2024-08-31 14:05

Reported

2024-08-31 15:00

Platform

ubuntu1804-amd64-20240611-en

Max time kernel

0s

Max time network

2698s

Command Line

[xdg-open https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5]

Signatures

Enumerates kernel/hardware configuration

Description Indicator Process Target
File opened for reading /sys/bus/pci/devices/0000:00:04.0/class /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/irq /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/resource /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/resource /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/vendor /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/class /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/resource /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/resource /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/vendor /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/vendor /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/vendor /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/vendor /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/irq /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/resource /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/device /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/device /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/vendor /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/class /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/device /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/irq /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/vendor /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/class /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/class /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/vendor /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/vendor /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/irq /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/device /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/resource /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/device /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/class /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/vendor /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/vendor /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/device /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/vendor /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/vendor /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/vendor /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/irq /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/class /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/class /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/class /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/class /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/irq /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/resource /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/class /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/device /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/device /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/device /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/irq /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/resource /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/vendor /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/device /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/class /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/class /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/irq /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/device /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/device /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/irq /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/device /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/irq /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/device /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/irq /usr/lib/firefox/firefox N/A

Reads runtime system information

Description Indicator Process Target
File opened for reading /proc/filesystems /bin/sed N/A
File opened for reading /proc/self/fd /usr/bin/dbus-send N/A
File opened for reading /proc/filesystems /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd /usr/bin/dbus-send N/A
File opened for reading /proc/filesystems /bin/sed N/A
File opened for reading /proc/filesystems /bin/sed N/A
File opened for reading /proc/filesystems /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/task/1648/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /bin/sed N/A
File opened for reading /proc/filesystems /bin/sed N/A
File opened for reading /proc/self/task/1632/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/task/1661/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/stat /usr/lib/firefox/firefox N/A

Processes

/usr/bin/xdg-open

[xdg-open https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5]

/usr/bin/dbus-send

[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]

/usr/bin/dbus-launch

[dbus-launch --autolaunch 11c67417355f45d397f6be11f62e85a6 --binary-syntax --close-stderr]

/bin/grep

[grep = \"xfce4\"$]

/usr/bin/xprop

[xprop -root _DT_SAVE_MODE]

/bin/grep

[grep -i ^xfce_desktop_window]

/usr/bin/xprop

[xprop -root]

/bin/grep

[grep -q ^Enlightenment]

/bin/uname

[uname]

/bin/grep

[grep -q ^file://]

/bin/egrep

[egrep -q ^[[:alpha:]+\.\-]+:]

/usr/local/sbin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/local/bin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/sbin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/bin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/sbin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/bin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/bin/sed

[sed -n s/\(^[[:alnum:]+\.-]*\):.*$/\1/p]

/usr/bin/xdg-mime

[xdg-mime query default x-scheme-handler/https]

/usr/bin/dbus-send

[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]

/usr/bin/dbus-launch

[dbus-launch --autolaunch 11c67417355f45d397f6be11f62e85a6 --binary-syntax --close-stderr]

/bin/grep

[grep = \"xfce4\"$]

/usr/bin/xprop

[xprop -root _DT_SAVE_MODE]

/bin/grep

[grep -i ^xfce_desktop_window]

/usr/bin/xprop

[xprop -root]

/bin/grep

[grep -q ^Enlightenment]

/bin/uname

[uname]

/bin/sed

[sed s/:/ /g]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/bin/grep

[grep x-scheme-handler/https= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/bin/grep

[grep x-scheme-handler/https= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/bin/grep

[grep x-scheme-handler/https= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/bin/grep

[grep x-scheme-handler/https= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/bin/grep

[grep x-scheme-handler/https= /usr/share//applications/defaults.list /usr/share//applications/mimeinfo.cache]

/bin/sed

[sed s/:/ /g]

/bin/sed

[sed -e s|-|/|]

/bin/sed

[sed -e s|-|/|]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/which

[which firefox]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/firefox

[/usr/bin/firefox https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5]

/usr/bin/which

[which /usr/bin/firefox]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5]

/bin/grep

[grep -q %s]

/usr/bin/x-www-browser

[x-www-browser https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5]

/usr/bin/which

[which /usr/bin/x-www-browser]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5]

/bin/grep

[grep -q %s]

/usr/bin/firefox

[firefox https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5]

/usr/bin/which

[which /usr/bin/firefox]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5]

/bin/grep

[grep -q %s]

/bin/grep

[grep -q %s]

/bin/grep

[grep -q %s]

/bin/grep

[grep -q %s]

/bin/grep

[grep -q %s]

/bin/grep

[grep -q %s]

/bin/grep

[grep -q %s]

/bin/grep

[grep -q %s]

/bin/grep

[grep -q %s]

/bin/grep

[grep -q %s]

/bin/grep

[grep -q %s]

/bin/grep

[grep -q %s]

/bin/grep

[grep -q %s]

/bin/grep

[grep -q %s]

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 185.125.188.62:443 tcp
GB 185.125.188.62:443 tcp
US 151.101.1.91:443 tcp
US 151.101.1.91:443 tcp
GB 195.181.164.14:443 tcp
US 1.1.1.1:53 1527653184.rsc.cdn77.org udp
US 1.1.1.1:53 1527653184.rsc.cdn77.org udp
GB 89.187.167.39:443 1527653184.rsc.cdn77.org tcp
US 1.1.1.1:53 spocs.getpocket.com udp
US 1.1.1.1:53 spocs.getpocket.com udp
US 1.1.1.1:53 getpocket.cdn.mozilla.net udp
US 1.1.1.1:53 getpocket.cdn.mozilla.net udp
US 1.1.1.1:53 prod.ads.prod.webservices.mozgcp.net udp
US 34.120.5.221:443 getpocket.cdn.mozilla.net tcp
US 1.1.1.1:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 1.1.1.1:53 shavar.prod.mozaws.net udp
US 1.1.1.1:53 tracking-protection.cdn.mozilla.net udp
US 1.1.1.1:53 tracking-protection.cdn.mozilla.net udp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 webminer.pages.dev udp
US 1.1.1.1:53 webminer.pages.dev udp
US 172.66.44.158:443 webminer.pages.dev tcp
US 172.66.44.158:443 webminer.pages.dev udp
US 1.1.1.1:53 smiling-tilda-mono.koyeb.app udp
US 1.1.1.1:53 smiling-tilda-mono.koyeb.app udp
US 172.67.24.44:443 smiling-tilda-mono.koyeb.app tcp
US 172.67.24.44:443 smiling-tilda-mono.koyeb.app tcp
US 172.67.24.44:443 smiling-tilda-mono.koyeb.app udp
US 1.1.1.1:53 location.services.mozilla.com udp
US 1.1.1.1:53 location.services.mozilla.com udp
US 172.67.24.44:443 smiling-tilda-mono.koyeb.app tcp
US 1.1.1.1:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 1.1.1.1:53 prod.classify-client.prod.webservices.mozgcp.net udp
US 35.190.72.216:443 location.services.mozilla.com tcp
US 35.190.72.216:443 location.services.mozilla.com udp
US 1.1.1.1:53 archive.mozilla.org udp
US 1.1.1.1:53 archive.mozilla.org udp
US 34.117.35.28:443 archive.mozilla.org tcp
US 34.117.35.28:443 archive.mozilla.org udp
US 1.1.1.1:53 ciscobinary.openh264.org udp
US 1.1.1.1:53 ciscobinary.openh264.org udp
GB 88.221.134.209:80 ciscobinary.openh264.org tcp
US 172.67.24.44:443 smiling-tilda-mono.koyeb.app tcp
US 1.1.1.1:53 retired-jorey-malphite-node.koyeb.app udp
US 1.1.1.1:53 retired-jorey-malphite-node.koyeb.app udp
US 172.67.24.44:443 retired-jorey-malphite-node.koyeb.app tcp
US 172.67.24.44:443 retired-jorey-malphite-node.koyeb.app tcp
US 172.67.24.44:443 retired-jorey-malphite-node.koyeb.app udp
US 172.67.24.44:443 retired-jorey-malphite-node.koyeb.app tcp
US 172.67.24.44:443 retired-jorey-malphite-node.koyeb.app tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
GB 185.125.190.96:80 connectivity-check.ubuntu.com tcp
US 1.1.1.1:53 content-signature-chains.prod.autograph.services.mozaws.net udp
US 1.1.1.1:53 content-signature-chains.prod.autograph.services.mozaws.net udp
US 1.1.1.1:53 firefox-settings-attachments.cdn.mozilla.net udp
US 1.1.1.1:53 firefox-settings-attachments.cdn.mozilla.net udp
US 1.1.1.1:53 attachments.prod.remote-settings.prod.webservices.mozgcp.net udp
US 34.117.121.53:443 firefox-settings-attachments.cdn.mozilla.net tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 91.189.91.98:80 connectivity-check.ubuntu.com tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 91.189.91.97:80 connectivity-check.ubuntu.com tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
GB 185.125.190.48:80 connectivity-check.ubuntu.com tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 91.189.91.98:80 connectivity-check.ubuntu.com tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
GB 185.125.190.96:80 connectivity-check.ubuntu.com tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
GB 185.125.190.49:80 connectivity-check.ubuntu.com tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 91.189.91.98:80 connectivity-check.ubuntu.com tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 91.189.91.49:80 connectivity-check.ubuntu.com tcp

Files

N/A

Analysis: behavioral2

Detonation Overview

Submitted

2024-08-31 14:05

Reported

2024-08-31 14:57

Platform

win10-20240404-en

Max time kernel

2699s

Max time network

2698s

Command Line

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5

Signatures

Browser Information Discovery

discovery

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133695871733098593" C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 2856 wrote to memory of 4400 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2856 wrote to memory of 4400 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2856 wrote to memory of 2536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2856 wrote to memory of 2536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2856 wrote to memory of 2536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2856 wrote to memory of 2536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2856 wrote to memory of 2536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2856 wrote to memory of 2536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2856 wrote to memory of 2536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2856 wrote to memory of 2536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2856 wrote to memory of 2536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2856 wrote to memory of 2536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2856 wrote to memory of 2536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2856 wrote to memory of 2536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2856 wrote to memory of 2536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2856 wrote to memory of 2536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2856 wrote to memory of 2536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2856 wrote to memory of 2536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2856 wrote to memory of 2536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2856 wrote to memory of 2536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2856 wrote to memory of 2536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2856 wrote to memory of 2536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2856 wrote to memory of 2536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2856 wrote to memory of 2536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2856 wrote to memory of 2536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2856 wrote to memory of 2536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2856 wrote to memory of 2536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2856 wrote to memory of 2536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2856 wrote to memory of 2536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2856 wrote to memory of 2536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2856 wrote to memory of 2536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2856 wrote to memory of 2536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2856 wrote to memory of 2536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2856 wrote to memory of 2536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2856 wrote to memory of 2536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2856 wrote to memory of 2536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2856 wrote to memory of 2536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2856 wrote to memory of 2536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2856 wrote to memory of 2536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2856 wrote to memory of 2536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2856 wrote to memory of 4000 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2856 wrote to memory of 4000 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2856 wrote to memory of 764 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2856 wrote to memory of 764 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2856 wrote to memory of 764 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2856 wrote to memory of 764 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2856 wrote to memory of 764 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2856 wrote to memory of 764 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2856 wrote to memory of 764 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2856 wrote to memory of 764 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2856 wrote to memory of 764 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2856 wrote to memory of 764 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2856 wrote to memory of 764 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2856 wrote to memory of 764 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2856 wrote to memory of 764 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2856 wrote to memory of 764 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2856 wrote to memory of 764 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2856 wrote to memory of 764 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2856 wrote to memory of 764 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2856 wrote to memory of 764 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2856 wrote to memory of 764 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2856 wrote to memory of 764 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2856 wrote to memory of 764 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2856 wrote to memory of 764 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7fff1c899758,0x7fff1c899768,0x7fff1c899778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1520 --field-trial-handle=1836,i,10551189020818426097,1968407408084688005,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1760 --field-trial-handle=1836,i,10551189020818426097,1968407408084688005,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2044 --field-trial-handle=1836,i,10551189020818426097,1968407408084688005,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2860 --field-trial-handle=1836,i,10551189020818426097,1968407408084688005,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2868 --field-trial-handle=1836,i,10551189020818426097,1968407408084688005,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5212 --field-trial-handle=1836,i,10551189020818426097,1968407408084688005,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5076 --field-trial-handle=1836,i,10551189020818426097,1968407408084688005,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.15063.0 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3208 --field-trial-handle=1836,i,10551189020818426097,1968407408084688005,131072 /prefetch:2

Network

Country Destination Domain Proto
US 8.8.8.8:53 webminer.pages.dev udp
US 172.66.47.98:443 webminer.pages.dev tcp
US 172.66.47.98:443 webminer.pages.dev tcp
US 172.66.47.98:443 webminer.pages.dev tcp
US 172.66.47.98:443 webminer.pages.dev udp
US 8.8.8.8:53 98.47.66.172.in-addr.arpa udp
US 8.8.8.8:53 smiling-tilda-mono.koyeb.app udp
US 8.8.8.8:53 retired-jorey-malphite-node.koyeb.app udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
US 172.67.24.44:443 retired-jorey-malphite-node.koyeb.app tcp
GB 142.250.200.10:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 apps.identrust.com udp
US 8.8.8.8:53 44.24.67.172.in-addr.arpa udp
US 8.8.8.8:53 10.200.250.142.in-addr.arpa udp
GB 88.221.134.137:80 apps.identrust.com tcp
US 172.67.24.44:443 retired-jorey-malphite-node.koyeb.app tcp
US 8.8.8.8:53 137.134.221.88.in-addr.arpa udp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
US 172.67.24.44:443 retired-jorey-malphite-node.koyeb.app tcp
US 172.67.24.44:443 retired-jorey-malphite-node.koyeb.app tcp
US 172.67.24.44:443 retired-jorey-malphite-node.koyeb.app tcp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 43.229.111.52.in-addr.arpa udp
US 8.8.8.8:53 6.173.189.20.in-addr.arpa udp
US 8.8.8.8:53 240.221.184.93.in-addr.arpa udp

Files

\??\pipe\crashpad_2856_KXKPLVAZAGHYQGLX

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 b0c23cc5ac8970c8d1733216db1b7c78
SHA1 113f35fade0b476594de438452a5712100e23098
SHA256 27dd640a3d9258185a87c782645c43f865b4c34c1b0dd3a359148b688b778bd6
SHA512 c3af0e3180183fc4331c1d653c127572838dabb60c05b28484f1862b2d886eefcf0fe08af0fc9482b17f56732a332b4e26d17cccb320109eeb71326fd4a4e971

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 17ffc2d50000d1efbb310c8f5c15a72e
SHA1 71f9b8a79aeee0e6734f8f5524befcb9bceb0548
SHA256 e56a626c6a2d4f7da81832eeef2809d0c85c8f42e2c8107a0ecbdb5b415df3ec
SHA512 08253167277126b78a76b488de83d3eff1524d513a72249720dd1a483bbc13ab822f514f97c03868bf4edad2aac01464812f3befa4df2a84effd3cdbe77b5801

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 dbf442c6103091189c2993d4273000cb
SHA1 03356090df3c8cc206420c3979d01cbcc524060b
SHA256 1091439f3201a522031654c7c4c941a2a0e57bf099bce035af0ce6d32af0de39
SHA512 4f2d22e9d3347d1031c1ae1d8679fdaa66501dabd7258fad666c0ee3371acf0072f8f9efbde7aa3482140c2d1cda2e28673ce3dea6e6e8d0492ecf9e95c7b9e7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

MD5 99914b932bd37a50b983c5e7c90ae93b
SHA1 bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
SHA256 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
SHA512 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 58c7208e01a0d65b6e96b5590d97670c
SHA1 e88c00407a4f33fbf2ae7ca11783da1620dd0172
SHA256 48e77c4912bd105da7926bb443bc1cb993e3a545089c9697e69af54e865c2383
SHA512 0da4812b05c5b6725155fe3e1bdd756eb42b80327c80de041ce4fda9b6ca8d917e9d4eeac8f2e09d55a3b1d88d932217ea0ae94737cbf0a398307b5147c67556

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 78becf5f81f955137a604f32d4868ecb
SHA1 0532a64c27e460caed32d569aa17c14aa7b8e1c9
SHA256 83e0c507c861776d2d27f57ce3edba8204179b5f0b3eefa73db38a1540e1e73b
SHA512 41571b05e3bb577f764d5208fd7eb7b803839a53a8b6ee06ed38bc9ff64e70a7c1274521a20eaa7b724a46170a440bee7f299eefc38fda2cd5240caa03e0b77a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 52eb52512e93f0493e76cfb6524602aa
SHA1 51ba3c55a682a76811e63df31232734454c870db
SHA256 947d46a39a59cdf3ad9e284c8e6b5b0353bc0c962f081cef96a1c63848eae885
SHA512 34731e1a7bbef81b8aed558e09e22eadc5a52bc347dbca6e6cad7cb3e4ca0a77f47031e6f1c24e11ca177f03c08f83332b831edca9737743ef72102a56f55712

Analysis: behavioral3

Detonation Overview

Submitted

2024-08-31 14:05

Reported

2024-08-31 14:57

Platform

win10v2004-20240802-en

Max time kernel

2699s

Max time network

2696s

Command Line

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5

Signatures

Drops file in System32 directory

Description Indicator Process Target
File created C:\Windows\System32\DriverStore\FileRepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created \??\c:\windows\system32\driverstore\filerepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Browser Information Discovery

discovery

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133695871821281735" C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 3428 wrote to memory of 2168 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3428 wrote to memory of 2168 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3428 wrote to memory of 384 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3428 wrote to memory of 384 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3428 wrote to memory of 384 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3428 wrote to memory of 384 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3428 wrote to memory of 384 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3428 wrote to memory of 384 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3428 wrote to memory of 384 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3428 wrote to memory of 384 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3428 wrote to memory of 384 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3428 wrote to memory of 384 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3428 wrote to memory of 384 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3428 wrote to memory of 384 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3428 wrote to memory of 384 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3428 wrote to memory of 384 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3428 wrote to memory of 384 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3428 wrote to memory of 384 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3428 wrote to memory of 384 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3428 wrote to memory of 384 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3428 wrote to memory of 384 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3428 wrote to memory of 384 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3428 wrote to memory of 384 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3428 wrote to memory of 384 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3428 wrote to memory of 384 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3428 wrote to memory of 384 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3428 wrote to memory of 384 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3428 wrote to memory of 384 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3428 wrote to memory of 384 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3428 wrote to memory of 384 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3428 wrote to memory of 384 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3428 wrote to memory of 384 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3428 wrote to memory of 4908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3428 wrote to memory of 4908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3428 wrote to memory of 4148 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3428 wrote to memory of 4148 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3428 wrote to memory of 4148 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3428 wrote to memory of 4148 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3428 wrote to memory of 4148 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3428 wrote to memory of 4148 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3428 wrote to memory of 4148 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3428 wrote to memory of 4148 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3428 wrote to memory of 4148 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3428 wrote to memory of 4148 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3428 wrote to memory of 4148 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3428 wrote to memory of 4148 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3428 wrote to memory of 4148 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3428 wrote to memory of 4148 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3428 wrote to memory of 4148 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3428 wrote to memory of 4148 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3428 wrote to memory of 4148 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3428 wrote to memory of 4148 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3428 wrote to memory of 4148 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3428 wrote to memory of 4148 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3428 wrote to memory of 4148 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3428 wrote to memory of 4148 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3428 wrote to memory of 4148 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3428 wrote to memory of 4148 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3428 wrote to memory of 4148 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3428 wrote to memory of 4148 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3428 wrote to memory of 4148 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3428 wrote to memory of 4148 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3428 wrote to memory of 4148 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3428 wrote to memory of 4148 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffcb34bcc40,0x7ffcb34bcc4c,0x7ffcb34bcc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=2064,i,13068330944382426206,12935866772453506315,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=2060 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1868,i,13068330944382426206,12935866772453506315,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=2096 /prefetch:3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2236,i,13068330944382426206,12935866772453506315,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=2436 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3116,i,13068330944382426206,12935866772453506315,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=3144 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3120,i,13068330944382426206,12935866772453506315,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=3172 /prefetch:1

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4824,i,13068330944382426206,12935866772453506315,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=4836 /prefetch:8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4780,i,13068330944382426206,12935866772453506315,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=4600 /prefetch:8

Network

Country Destination Domain Proto
US 8.8.8.8:53 webminer.pages.dev udp
US 172.66.47.98:443 webminer.pages.dev tcp
US 172.66.47.98:443 webminer.pages.dev tcp
US 172.66.47.98:443 webminer.pages.dev udp
US 8.8.8.8:53 133.211.185.52.in-addr.arpa udp
US 8.8.8.8:53 81.144.22.2.in-addr.arpa udp
US 8.8.8.8:53 98.47.66.172.in-addr.arpa udp
US 8.8.8.8:53 10.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 retired-jorey-malphite-node.koyeb.app udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
US 104.22.78.190:443 retired-jorey-malphite-node.koyeb.app tcp
GB 216.58.212.234:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 14.160.190.20.in-addr.arpa udp
US 8.8.8.8:53 190.78.22.104.in-addr.arpa udp
US 8.8.8.8:53 234.212.58.216.in-addr.arpa udp
US 104.22.78.190:443 retired-jorey-malphite-node.koyeb.app tcp
US 8.8.8.8:53 57.169.31.20.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 26.165.165.52.in-addr.arpa udp
US 8.8.8.8:53 198.187.3.20.in-addr.arpa udp
US 8.8.8.8:53 107.12.20.2.in-addr.arpa udp
US 8.8.8.8:53 196.249.167.52.in-addr.arpa udp
US 8.8.8.8:53 172.214.232.199.in-addr.arpa udp
US 8.8.8.8:53 43.229.111.52.in-addr.arpa udp
US 8.8.8.8:53 224.162.46.104.in-addr.arpa udp

Files

\??\pipe\crashpad_3428_OLOGLOXPTKWQZFCF

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 f07d76b9b9232d88e8d2884b6da52190
SHA1 3c88f0e806170568d2a18841532e435a242288c5
SHA256 3cae5f38da4c40b658aa993ff8a685c2861104d5b1ff75cb387a7b0078247f61
SHA512 b7655713517e2cf7e248e5292bdbe46325fb5c13e7bdeb8d8ea42861a4d8c07aff22ef3c54dcb815e7c585422b9a8f4dda4b5a3803f33ac5f5f5543a078e70a7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a4dcadde5ac87ffa5030468d48367d6d
SHA1 44a1fe13bb0de04144e08d3d383e21e247ea1fa1
SHA256 b750c597e89364a5df25f7aa101043db64b8c420872aac08c0db98a8b9ced7b1
SHA512 521573c16df44fcd83ab3b85d52228c32358577f0db4b92b10745844a26bb13fb2d8786b4d8b94e992a1bcd69c27575ff9024b079cfe7ad4e9c85003d08eb6cc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 93ef23153fd382c292e51a9b24dffdfa
SHA1 e46682977049d65bad0e824ddadb168fc1b53c22
SHA256 75e6b2ea660f3750d1ee2c01234d557b8b03a1d8f3c3df559415aba330bf8fe8
SHA512 1e1a68d1e5384033ad5ed89f970bcf5102ac5b473a7aa5c3e982273561504c3fd7c334b7e637f80e73cfc21e10f0c5a5f41856fd5702e8d40449f58b0da3340f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 504c525312bb87c807bbd591a1963eeb
SHA1 0512433239996afa98bfaec4d55c13b877eb57d7
SHA256 8fd27e48a8c3217879f88a455671d406e24dcaa2bb7080b22851f1323d4ed027
SHA512 d90da1889e38538fb8551c25f9516fe443811d54d83276ddbf8def11fcd3d2d14e267cafe9089cc62b4af14f21da2bfae0eea9d00c68f8ed976e3f00e87b8316

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ec31a40b73097bf6990833d98f6142fe
SHA1 f57c06795103bc09964e690f08b68a62fd29e1b7
SHA256 a15a7a2b2a79cf07183e465f6476dae2caeedd20c93c3dc48fa75489a9dee361
SHA512 5904a605918e8ac07533b464070ee573bc40eba461ed2bf5c112dedd8b8f6aaed37afb61cce89b2adafa3a80838434b69ad97373c94feab0d198c45a96512c88

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

MD5 57b5d6209a22b0184c8400ee203957cc
SHA1 dd6e4a63ef8fd6a1edaff1953f85a5545dbad56a
SHA256 de159ad2eeea59d4e9f385f75748124624129528492f566ad2a2c940f86661b4
SHA512 f7b6388ffc06d6fab79f5369661e6c1fedde266586bd0f53dda7cd3c9e546328e473d61e5314ff34dc821db36e299b233635add72a1bb98bd567b6e1f8409fb4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 37f1ed660d31e3e01280e59619c293e8
SHA1 70c8cb5b0178c6786b32847fc34b5b13f9aaf1b2
SHA256 16714f0926d88660a89921a44dd2f9db82346ef6edb9a1e279565db38bacc468
SHA512 c8e0298fe39676dfae2338c4111c138583f13f24c4053fe6c987755cfc176ca0f139541abfbaa0d46be90b089c4cb841e15b6eedb693914cedd62c8cf9bfa458

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 481e2d7469e06c3a6ed8bd756bae6979
SHA1 9ca2930221d025c4a80c4c4ec3184f8a4fedd789
SHA256 204295f789fd23f12bb03abd775548eb46230debc6405f65b1879342fa550cb9
SHA512 22db35cbb73ad4ac907ecaa5c132035833432b16645ea38f1836f6b54b22e7192b231dff02701671984fab93c634277f28518e5da7269e068eda301862a68708

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b25512e0c79e248491265ad15d1dada2
SHA1 3da21effafda5a5e0c047f45bd4dfbdb9b2635f6
SHA256 f5331d7c52421c977994afa7e146e711b5b0170cc2457e68d68ba39aeb282081
SHA512 b3ca4ca35ac17d86950dadd92944329d9a95cf4a53ceb52abfc85b454805bbe43a1bd278163eb583928733995b62b2e8c44b8ab4065611f38140c3d1ceb97b4f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8ed6b06776a99839eb1553141f2bb68d
SHA1 74d1f1566336e448a881f8ef5814bf123b43b5a4
SHA256 1583c985c5ac9d7ae9727d9e60e2a97fb3282e4002d845e73379eda215edc47a
SHA512 d574d76e4bb430e13e758fef453bf3197b6e8e9708f1eef8f626aabb2575d7760358a09a46825ce2712008c8defa12279e9ad4d100e940233a7d84f3364af612

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 5bb72c7032c0ef0ae3b5dd219381f40f
SHA1 79ada9aa8c3d5f92553131dd73dfbd433c088f54
SHA256 dd9c7a47cc414ad10024c955b580ec509b644fb085366ce194b872fb62d980e6
SHA512 74cdbe05a81ee0e493029e3a004d132efd1c4dc31446110b4a4c855eb7f146704f225536c4fd008b3705ca0abae919aa7655bc76a567e823f85e65d00a42c4f3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d8c14812d32c5df2d11f18e4f8aed889
SHA1 624056cde5cff570f63bae494dec84e08411b446
SHA256 d194b4ce47e4ced1873721469aafbaf29845759704def06924a227004eb20b88
SHA512 5c0bf2711fa3edd3a7b843d32d28dc422efe22ddf59f443e6dd927c1d36c24ad9891fa38323f167d0a11d6c43ce7e85cc354f76eee22625f535bb4abe1ba1041

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6bd698d1777f5b0cbff77c5edc1d28c9
SHA1 19b8edbf48ec88fa07eb1e6eb34708f6d1872c30
SHA256 ea2fd4e637e152f36c0b3649ff20f7973564f829e55544414725269348df9f83
SHA512 0d50f175857ff056642c928aa68739a7a0e6c349cbdd24cf11c309f82f560f5fd44a90dd327c77c94f30c747a1a233da95f0b4eb35f18417f40c45fbfeb7c46a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 26794a18680a3a55686c28bdfb3d1383
SHA1 6388b23e8d75f82a177dd6a3a6a2822bf04cb73c
SHA256 0afb40a79af44b66bd92696f91451d9dfbf7509fd42ceab53deb54113e6685a5
SHA512 e1e6250b61573d9afd991aef5ab2d7987f45fa674f212f78720eb9991a7aabc3d6fad2790f9e136504df0bce433a35cd8e25f5060732fe8ecb59d33c67e499b1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6ae721b0621f58d36a992128e77ee11b
SHA1 78adb3ba99bb69bbea0d4661b4252bbd49265ef4
SHA256 01908531cb949a49eea9b6c931200a9750d690dcbf9a47e787268412d7bbe241
SHA512 e4f71703662b4736ab46d71061d575ad2226e219055a57ae302663d8af3f658cdc10db0d662fe0a552536ae491f55a5ef3cf96d9b8b350b7ee6cb67b5835ad5b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 38ee9594a5bc7891674d3adf0427cbae
SHA1 29917f0703444fc6e9538a7120475f820eee02c0
SHA256 83303a7d8a21a72539569de958ddf1e56a5b6a387ad62ccbfe2ebdf20816b6c4
SHA512 43601bf66794977b669c10f3dc8d9f02e997bbe33a2afa1a3d10f9b7e2084b768bc725546a192a5daaaf078f4e2eb558f1e1f791c63c89da4746190744e7cf6c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 30fb56195cd593e3dd51f01176ee7713
SHA1 60f0ee6dd67f3ca67458168fa2e151988a54782d
SHA256 ff17069b875a1c54de2fd0da891977f199c744c63dd6de39b73c06df393760d0
SHA512 2a95377c2d2142b91ffa4fb3ddf2f2fc7a79b11f27262c21b8cb36c41c586cc7da745ddccaa9d645e2e9bf6ab788428fd6e20abe69ab0972e331cab456750153

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d463d793df24c3d328bed16dfcd164eb
SHA1 e57d452aaf818cc810ff15438527f6748fe23a2a
SHA256 843375ecdf3ff07548037070ef230bec30298db98b1770fd138d2b66df2844f3
SHA512 418e178045cf3ded636cc601a93c0ebae5a530b6e5f93e1df7563d39c71e84fea8768100309a91fba1a3e99844142e2cf6377914fbd924de8a5959341a7bc361

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 bb571938227d7c018424ac30e18b111b
SHA1 ea2b2ff7006b7504e317037b34a5f3d69752cd7c
SHA256 7264c8b0eb2769236b2a64c3cdbfedf713f714c14203b8d1fcf2dcce3c909f9a
SHA512 ffa0095d23fd9b7bb5b3a29cc73d87a49bebb62594500bee85bd07de253cb97237d673fe16e1d5f333213e4011d44d69acdbf7c6c60c1226918c560f61c2cff9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f03e77471f66104a9aa392c7e3ba0f38
SHA1 ed2c1fa608927f024dbfd0f8fcc9af420b85df0d
SHA256 e927d2ef98c78cb7f822b3c6b88be8d4f7d627400273464d6d230e9314022dbf
SHA512 7316b65f46586d96a5baeca59405e8dd91452d07c6beb801ce3cfbce8d118cc658b1d9451ba532eedafe0c4e922ef9e01328ba1a7199224e430ed5c378e50787

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 703c925c90fc144c205921974c561e26
SHA1 786b74eb4964021a0455c442beef8442e84fb836
SHA256 ea19faa76d6b86c06c06ac573e83dc5d43426d53f0ff38b421fe3000919e312d
SHA512 6a8f6a205f2838c8bbbbf743190a1e3fbe84d9f4b24ab70590488b654a1d0afcab9d9ca2fdc0338a06651ea6d7ba6b1ec742d71cca6a3c20782585c445588c90

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 49115117f90fc0aebaa73dd93fd4ca25
SHA1 ff7058d34fd3f037b3a699ecd01f5af2b8acb472
SHA256 7ae2ac3bc985a3d21c9c0ac64d513bfd892261b6f88d31be0d93e6c0728ca175
SHA512 e5cf62f494de6f7a92484bc8cf484300e93b7857d9754aefc5335e42f5623be5dae9ed81fb27c08dbb464f2f40d03e8b19df0cae11f8b34ee94e2692a3cc25e2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ee285dcf2486fe7061e835d7891c47d4
SHA1 704f987aa12ae8808a35a157773faa5b8b80e041
SHA256 80cbddd4ce95f50110ce1b0c6e18205b58239fad51649f6c87e0c9d264bfc270
SHA512 4959fadd4a34024fe9a177b486200fbaa052682860421aa5834b0ce48b03010dbb57bc7bcd5d45961eff4233308d97d4f1b5f27e81f557774c8290e6df998d03

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6b94ddb6e8f3562f8937709142fdce3e
SHA1 50f8c4848c8082d195c3e53a07fd21459edcb2a9
SHA256 d5ab2153ecd1c32b6e0db7e3139174aa76c717f7e800a11a6ce3aa4a86d8cbb2
SHA512 f004b4c797e22aceb03ae419c6acf6c8fe8cd2e3e2d758a9d17e8bca16a199abdbb2e20ef9f10f8c861bc17e1828e276a8167b4397e8669af656c9e1bf019084

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4302dc350819ad96349fd5a9bb4ce565
SHA1 50b9ce1f652b359365e3c1fc1bc11655721a4478
SHA256 0e73dadd9fa28d1895e60aec9726a8f0d54475e3f8ffeb334ee76c99639d41d0
SHA512 17238e1f88c7a896441dd4bd50563c25e1bf486d76c834806e9792b9896f30a611191e609422c14b53b70a5861b9484daf3d7e47ace0e43a3cfcc91c4dd7b8ea

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6e8f2f6a82803eadcd247dccfc9770c4
SHA1 ca20f830fa8b8f6a11f216e311831916f053e60c
SHA256 2714ac51a13f30131930db77d67c089db1d068b8bd4f93c88006e7fba8c96e4b
SHA512 77b3c617c808a91293c32b91b1387ff36f76d00fc493c864ba89d5985bc1028b6f9a2164123d971167e49d95780d4293e780ee25e762ad988ef719e5a8c87b4d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 af0a77d96f7492493fc296f2c95979e4
SHA1 909ebf9599a66b76d7499c69fd044f1388c0f9f4
SHA256 7abd74ee52c3a298d7d06b784b327d59e3a92026a70236833d20db787c1c471d
SHA512 ba01bc71de5d0f2141f5ff5b96d988026ae289a0f5c6b3199cd702809f71818d7e3e740c800c6aa249886998833c39ad4fbbb47764756635ef92c92809332397

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8065a43f14e3266d4d95b94e8a5be937
SHA1 608385e7126942fe787384fde17b9155e773dafe
SHA256 0d270647310cf6589964cde328ead9659a60044516d6a2cf130f7359c40b9fe2
SHA512 e9f406fdd56fa3f2bbd82496efd3528ecfa0b5980c0bdab836f22b22b8f441541d41ce7be478281ba4afd2de95952abdf3638cab60d536879e642cd0482a6991

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a07112bc7424e80428138ce085d38e14
SHA1 9b0e1ec8f57421567f35cffb3bb73130af92d01e
SHA256 c774fd2edcfd99572ffc888cc00270709939a511415e879dc2fc2c3db7ecc2b2
SHA512 4b21f7445454a5c2760dc11821b7c61c290a3b32df32a7938d484146d919ab629a7310cd81ad34988e7d2ccbb5d12c246f4a5d20fdceefc0ec70d53ef9042d3b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 224437fb8a9ac273f40d2e6785b49b00
SHA1 b5bf551f72b5426d160c494f2924fb641dae2185
SHA256 6e260fb515d23cfdd40ea53260a94647d87f2f1dfc625a30682b72f27900f198
SHA512 c4960058d33449a7404ad7443a63736356f7d352fccee53a421941d2ff697f6f9c4f1f5b231ab63b279d20b184c2f9073ca14d3b481b213968cbdff4e118a424

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3053ee45c62f50f4611a0e8a94655d73
SHA1 ca9b116c7b397c75bb0e0e14b4087543f3bb4c7a
SHA256 ddd7c95985462b57ba175fbbcf9f0e0463b67fe3131823af4c347d699b0f59b2
SHA512 b642dbf9c43b83f94646d4bcac03be5a156cb5a65252c683431c590fc23be007067879ae021eb47ebc50eee55b7ff0808b87eb40354293bbe15671c3bf3a6efb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6fdc7fc583d249793ef92d64d4b9f960
SHA1 dd012aa31afe431023e4508f2912a7d991a03f97
SHA256 dd43a098308aeb061a2203f88f916e159edb38e5c6e19f21d7a72fa4677f0b9d
SHA512 faadcf4f2ccf80b312cfb1aa422d9946ea0c31db4b18ace5aa5366344a352193e931bfa8a1f28876608a16f004e0e5d1dd958dd04cb25d1ece405e44fe7caede

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 cf9d4adf4fda78ba1be47c28b3dd114b
SHA1 8297cbd4e61a5bbb5315ad4acf6d6506ed1db47e
SHA256 237fe8c19026f922c0e8877e2128c05a2435c2000eeedd78b6e00cfd786f218e
SHA512 dc6037d750749614771f8ce5d4394ec91e340c1d73f52bd8a36b477314a3f7863619c4ff105f25c1e71fa5f63f8b6a6edaaa9f46ad2fa7a3fe7f5516c4f4c9e8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 09463d1e3d3874477a0fbcc944402df6
SHA1 af2a12e37bdd519ab72e0c7ab43c40b2bc802ce3
SHA256 7f017db6766bb77db1f48e6bc2085cc45cc5473ec8ad93a1df9cdf010d5265bd
SHA512 ce8818a516bed8bd178b2243d6dcfdc78af5679954744e8719f5fe5c820a5a4c8c52b7e3e0c47ce9929636f0bc1e33d4211c214b43a0094bd3158b9108c1ce68

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2c8658d29de9add766ee87fc042bb104
SHA1 7ac19be30ae2e7b7a792caa92de34a90b7584d80
SHA256 5ca1fcb861671296d4c193a5c26137120b98ad474920b6cff0215b8df9d8b985
SHA512 14a433982b838409c6837a574129fb9612736eea33d297fb6b9c474c808e9124d1126720bd4d75054a66d076d1929eb17cf05004216715b57b7c851955675562

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6d023a1520a49186077c0938d502cdb6
SHA1 493936560512b5db29df53ba1210bbd4597ee7ef
SHA256 1b0e446c664121855a99f7645d31a768de362f75cf2d10eeaed84ad2d96245ad
SHA512 20b2b6cd836882c64c406f2cef0b1c5e7daad901b940e20d4606ea73ea60d7595309f08d7101b21192958b494a8247aebc92189ba6b6b120d3f212a7da30a2c4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a5d2f603829f6eda91dc6b0bf59fa44b
SHA1 abe1ca163dd170ecd961150b0941b4779b4e5678
SHA256 e19b3d52b3190ae670831eaddce5197fceacb9d140481a924ef45b47ea60e0fc
SHA512 829e87c6b69304bc157e6351a8f7ee1e7990095562cde47e6b0d0b45e96efd9bab0dee629aad8cd37ec92916a9188790ec7082ddc20606eeecc9e7baec87aad5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8730252a3f58a3e0d2a3744f051c4a92
SHA1 a4e358446b5c12b3999069cdca6a4aafb966b507
SHA256 f367b68d6f126291f4326b6cc45e68f6612147658841e47e8d760c92c5d22104
SHA512 7730f4d06987d9506bfa2fe9561baa4f749a22f8bbe34a9f81577c5650209956cf1af99703b5c86f4779f74b1063614b99d7327415b3c395db517b9aae43cd88

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 aa9f92d4118e5de9e0218636d89ea0d1
SHA1 b31fe4d762c380d0d207571cd33edca5c9c82615
SHA256 0d6f43c25260c865337057ad670f29fa09de0100523260c3f4c45a9f4a8ffe39
SHA512 2905e4ab71671f0a84ba9988ec8e51f52fd6e185a5f5ee50e030dd180fab627e79127449182989e9729e7200b0bcb3047d7a5d9dddec63916f491d1fdb6899db

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 71cc2494c99e84450966a1ecbf6c63a1
SHA1 5cfecd015c0d7242540b8f60545a01b783310672
SHA256 47061fe8a232c556a19b58dd6408f407b5cd4e5f9801f2829d1200502ded6ee0
SHA512 3139d296db40fec4017bb1c918ab3cf6c79b0655c76a5792f3c9cbe4655ac0b4a1497f022a7b768c3e0486babe2991fc2a36734acdd6b6f1b1fd3774e61e437d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5608b0fdd8e7b7d94db9dd6c7151f9a0
SHA1 06546194c2899e60cc2efa6d135dadd36caee194
SHA256 97f1488840d8a2bdfaa5d76e2bf68f7c90aeeab7cc4f2c64f7203ac330992688
SHA512 4f1fd9b3fcd282b0b9e1a040470ecd38124a4b3633e1532bae019e352a4ba44c624b1a11e9f513daa1f0bf16ea5dd1d693587f2bce2f552f6437f3d0f8b4d820

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5dc30a8cf62fe6e4dda3a686e15f1a79
SHA1 005233763f2635bbcc3d2b21e1a3628f5a1fa482
SHA256 c63ffb90cfacbe33247c9f5287113b8c77c3a28e2a704533fdf57e97c2cb0e49
SHA512 91d5805b715b088ee87fdfde90184beb795eccce2a5aefcf60eeedc171da8a38a1cc7d62f1e2793ac302219748472a5b9dddd7be5b8cdf14dc6bc98f2f93775b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9a90dcce72c70b014394a719bff8d57c
SHA1 d0df42f10c0f74782853815b3e35576ed3104a08
SHA256 99fc90cd2be8b931d688444b33d223ee5f633ad2ad4ce03a9e8562bd94452c4c
SHA512 bc3930e1326ca28bb57d5afd68044446982f2d42d953d84fea737bf36200aaa5fe5e74b600b41fdbf81200353015a790c1c83da1384fee4d955a1942ba6ee33a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c3701bb247de5560205396d03ff0a55c
SHA1 4e05a426975d2d35e19cef24e0a2ec37f85f60a2
SHA256 919432c21301453786192d646cd48973988722a4f000b0dbc658cae40f5c4c49
SHA512 83b36115a4ebfc1d740f31989d122eed80301e39494ba4b95e1c31e4631c859c2dc119074970c816ce7bc3f447a69f3df7045fa6823f9bdaefdbbc2a872d7db9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5e79baef7c58dd21ced590043492e313
SHA1 778509c3f7cfa7acfc8394fd3e4909268f7e07b0
SHA256 36aa48fdad571c4ae690e414838c711fb76ad8160a9d89b58b502341dfc288e0
SHA512 20bc6aa07931745d5eff57c58e1c784602cac45d81bfeeeba123b237aa3f057a9e3cd6d1f874a973fe2a934cd99c86be6bb3dfc4b0b433085ba24b15cd04c60a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1bcae7100b1145eeff8bcc9284cf6fa6
SHA1 1819d09404c296ee7a1f886e3621566bcea747a2
SHA256 fd169d44b8b09e389f4fb6e29bcdde38e6eee504bc0b34482eed39161e1b3eae
SHA512 4996fde307b23c0bf43d2a1ad530ee89a8d158649b7705aa1aeff731b346b6f59e723bce2d4473702bef93d8723e980d5cc1eee496edb2168e79a85283a34fb6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2eaee46d6e4451498d31f30b1ff025d6
SHA1 a733dead96be62637dffb8349f71d8f49bb6f5e0
SHA256 fbe62833556e83764fae33ddbb0a762e7c1b15badd3ff204c46239a3fdc60bfb
SHA512 129ff1c8015efcdf5ddbebc58800bc1da428e4f277e36bf6b0fa283d3e9036917df80cd8c4875daff19306c6d03512f44e2c9311a54e8fd09c42a30c8a21eb83

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2668bb426e317ca94ebe53ec6b634cab
SHA1 d422b3a7010a39b0c1597192483b1676e1ed826c
SHA256 eec7cc478bfa921620cb6a26fc6dc18ef199adaba754869ced3cdcdf986d59b3
SHA512 c5ed5f64c0c1889a43832be000bf17da550b69c6dc75456ef1a3d264e08a98fed3211ab889d1a2dfe5be79cbdec120e0d207e47af834ff2ab5155230da6c2050

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5a76a5550eb952b45fc268c06b8011b2
SHA1 afe5b30c5d4a733059b7b8e24ea06e7fb4a0409d
SHA256 f221cccfb99a89ffc6ce3de5337554ee3c08a09305d5fa8334ece73a3dcbe715
SHA512 96ca35beb8552c94358cf4a6ae938e45575a5e5effb55c6037f79f56fbde854057dc5ffe773f271d0e1e69f31b2cd2e4c65de0eb8ff0c0fd4c964ee6a5600c3f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f4dc1f01b769f0886bc0c3169439c9d0
SHA1 f7012aca1292e6f662b97069c1b905934214c85c
SHA256 2a3fff75d3960a545cbaad64d9b569c0df8ce7e820f038a4ef0ee55d57974deb
SHA512 b5a122c84f25d718559bd0fd40e7aeab4fff97dd8b783e74395c2ae005fd83eef7764d5cf6bcb18b59b133b22075d8a444669e597129529afcb6c33e8ba00452

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 741391a0ce8a50680cdb725b9bf3fa2e
SHA1 7fbf362fef348d3c902c6e1e759603c743435511
SHA256 748a10fb385fbf695d8f9873b02b8fca86449a6effa018a11c47bb7f51977415
SHA512 74672409f79751d60dfb33ce69c2578648a7900dcdb7ac4056f95d8ba30b95012a52a907b52de636c6b981ff2aa8e70292a24493a958576fe04d96dab904537e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a2131f9bd956c79aece759e8bc814003
SHA1 098f615b749bf05c0a40ad561ceef477fbe4c7a8
SHA256 730d10a2d5ab7a1012aabbd4cfb2b031c6c4c48999133eb99898d7f85be53026
SHA512 fa340d9e487b3a8c8a8044a8358a549f6e173a35c90171e29b603d4f6891a416ad60353947f134f71d77381ef47cb46a5f50fdc992ef131655386c1de5af085d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8ec5abf23c5d15b6b6bbac788bc0fdca
SHA1 39c69a8c6f7a0eda050fdae17b7f855194f0a2f3
SHA256 04cd8c26f500808253b75ff9e3902e501cdb381ef0e58d9ccc852f20be53e010
SHA512 8a748cf37d00ac8c860820ddd002dc59bfa82949449e5fbfbbffa68826a33cfeb46fb7182901cb087929e298dde3202aba9e65431a4ca4298bb527ad1ae8c10b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 830333011a35bbb930c8af47dedb4a2f
SHA1 5703c14bb8076ce6911b3b6d8f32a006c46bcf19
SHA256 cb3e1cea08cd861a40a8bb5a284b5f66a1daa85fbe4f5ef6732b1f6bfb23cd3f
SHA512 291d3abfd3df5c815f050a661fb4993402c379ab42dbb894c85cf42d79a7c35bd91305dab47d7f8e15ce1c34f5bd7fa8f4c0c700922c3b26e0025b764cfb4acf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1cba0bfe75112a243765270a44c69476
SHA1 98ba1391a0b267fa2684d7f72ed5c70533e6813f
SHA256 27a1a1fcfe0047f8a91911a23521d11c715a63161a32ac608874935973929fa3
SHA512 41a9f405ed4efe2121292709c2d5a895235dc89fb79b4b845eea18119edafcf497d4f533c54130bd4051dabd97211f640334d7c2a4e3dd28d64c090c547b5e5c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 dfe04c866c40b4b52241689c89c9d044
SHA1 4f829ad086355ea4426721d629e62180124723ba
SHA256 d1fe02d0951422f80981c24a73436f77d4890118e36cc67b09b8333853f50f45
SHA512 808f8a0eb894871f6c95e40949d9f501c5caa3f62aebb630e3ca11fb665b8838a7584d11b208c14a5423985ea2d243b2aa944fd12484c151bcb077333f383df5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5754c65ca41878184ab197c33f802048
SHA1 b2a25b658b69ee358c630907b881689194cdfff0
SHA256 715922fde2a07ac458327671abfb97750273a176081220c0bc9dc38b9d4654ba
SHA512 87708ab458c48bad7ae4d7b2d1596a05fb73e49623d641be65d60730ce1f2a586948abf82edf3d4d5fbf27da22916cfe486c694f29a3b5962b29769861ca6452

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3576c8b60266e0e9e8afd76edcba5999
SHA1 53febea6921f028d239a892ba3771241ad17702e
SHA256 bab0a193c76ca0b09a994f9efb4279f5eb869a20b7d2c04636bbe915cffd0127
SHA512 039833cc1f452879241348a10aed727e1a98008638ab91f594d0ecdfd6995a7686fc04b2f5e5c3cf3ab2c620ce796ac0e8959ef6d0cf728bcd473f99467b12c8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b70bf2d7128ac75f2c58d5cec1f94057
SHA1 7ee9474129fec69a5f49ef8ec323116af2378e32
SHA256 9bdd31ef7e507a4763aaf70ef530bf3562fa21ee6dbab7114194b83612f1bb97
SHA512 d34a9941ba9192010df312dd559ec3baafa27c2a9b72b3ccf1edc887311a572a5faaa0181adce21245aa08ebd7194312c32da884158c4a0d824e09be4d6a96f0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2dc9ec83b309b1421db24fc767d3f78c
SHA1 a8f897fcb255b38e928b6ff038744579da5b084d
SHA256 8b05d757d3a4413a5101fe2585539e7ea8a99f1c7248afd445bab0807c8ffc90
SHA512 fb3f31b3a80b18c4bb10fc3b5e405bf6215c833e9f1db7c74312c1f6f399e41a4b8eb20f4b63e52cf60ddbe4175fb74544b4d3bb90de02bdda5bdc78aba6cceb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 516dddf095b5d1df679826202fada0bf
SHA1 20f52e161cb0f621d86c3c8a42d5df09ab66447e
SHA256 96b8fe3231f250159c9d26ec5b7e326b2f0cda5cc9bb31ea8c73ff9f91df7c3a
SHA512 33a2bb7dde1e2082040250e6e8d1c9f731df7b7e3cc6d6b2a2dedca71b77abdb55c51157f174dc3ee8872448378a0305068e96169cbc49d77b36118bbc9162f7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a3fa7bcd6f34085c3032b8fe7d3e7fea
SHA1 27b2c0e700e170844158fc73418897c55fc3ebc6
SHA256 b7207ca203aa75c3a11d4eb0f391790be0fb949d13d54dcd5349dd4fce067c76
SHA512 403766a76c3beaed9c382f2738f0942ebd880bc1065bfba5c885d69542fa5cc7fbf563b2249bef2198d13b69ad01371f981d707bacd8c35c47be39ac29489edf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4e8d73bb70cea3a2e8376bb0e6b6bf13
SHA1 42649ec5724326013d9e067bdd32e266606de478
SHA256 7c61ce5dc205a3f30b71f96cdccd7edeb5e65c95afce3ab6784bb4ca92390b3c
SHA512 e01f1a5a7a6e18601c327841476a8c866ec238de463ec51f1803fee62c767b09fef204088beca20dade66c49bbd4371b28603e7ec78968ae4163b81061c35545

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 badada82b8d9bdf0f2dd64ff1c5a79b1
SHA1 060dcf97e1c194f7f5cc53df45c0f96e1e838893
SHA256 95a142c7a68c02f181b957376a794bd88280fda9e9b4f988d8462c46171a9a7e
SHA512 8a3442915a56ccaa3ced011edbcb1a84d9bc5fc6e26a97ad1ec7119a1b1329025ab077af76c8352b35bd6566800b72eb41aaca7eb938bbe2d50f1bee23847752

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8089abfe7f24453d30f303db4dbe0a42
SHA1 b0b97c4d6fc33f9b33921e30e685b9069032d828
SHA256 e2fb0269329db0f6b10419a2284091601d94b7ba84ee21b9e3a92a9826154e51
SHA512 75876d4a87a8a366d7de656e76719974cd6aa31f592ef2277aa9aa721b5bddd868465e51b63712218619fe9b2b762a2ec06f1b56c266295d2c5e746442bed466

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 13259190310110c9280b94d540167942
SHA1 ce7da5e62ceb446210ccd951e68244d6a7c1043a
SHA256 8c33b8c20a845ebcbc14ac24664f204d6b09d8615d323fd2c975bd6ff95b7a0e
SHA512 3f3cde03aa9d6864cabb94796482f0ede7d195e0e63a62a76d3263a9b2febc48461ae93b0165d9bf96985cfe69df4738413c9e2bc10d9d563324e68325adfdae

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\72ccf30e-ed99-4d56-89f7-94e5e7036125.tmp

MD5 a36463258a3c567d1b65fc33b704cabc
SHA1 4dd2fdc4faebe6ad1fd5ed9eedb619e794ddd449
SHA256 aa1e095a55040357bf2ccbb1732f1877488bcb1c3f30b871ec3ebedd33058298
SHA512 e2b8ce3b544b2fdcbaf49258790631e3ce378751f50ecf39fc864b4b016ab281719363460f99b659eac29e870b1b972adc1578eb1bc0c8640c3c6a3422c22397

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8cc0da90667437f5455e1b7aba689ddc
SHA1 09f62ab2a7f94fe611bab3a6ccc6320ad78ac7df
SHA256 cb3cbbc8b7fb8c3dfa866cee7c0e72e4b14da0a840afe2068a764dab402e7ef2
SHA512 a86c4c719be3554012bb7808ef47efb353bfd55b40a5baf17759ed79350e201fe5c32f44e614d1efdd6a77b15e91b15768fa5157bb26e8c6835fb6e9bf2e2def

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 953e333be377e29a6a777c6602df11be
SHA1 4d61c1cca0f0975c7ab1144222a5563cdda2ffd3
SHA256 130ccd7cc0e64901a74eadc0c9e889527cd2998f4de1824e8cf5dcc7f9e42ef1
SHA512 bee921d4b2c4db566e4108cf3bdec19c978d450e2f17ddc1de5352359b1744cbd37fcca235e51a12e3146b9d1c751b02b3f34cbb2a37e58d967dd3ca1c8ae427

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6f0ac027ae49fcee49ad66ebd03a37db
SHA1 d2b31a6af070c2a5a075adeb761dbb276663d3b5
SHA256 2e38ff40981d2a52376d83bf35f04de4ea31ec1c798051d6dbf712af296a8888
SHA512 7ec0a131126f650655fb08df5532469a1367f759f59df4456f3d9a1774bf81bd729708436e5ade29dc59424142ee0e1a6298419b52ad78e5b5d2733c95d5edfd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 31d39f05ea1583273a0f3ec2a49c6b32
SHA1 a2a802904c396ba54dc8865dcd8fe63d9baa7b44
SHA256 1c300e8d191a6b9369781669f5ccd410d1edc824fabfaa0a66ca5ae11537bbbb
SHA512 ffc72a7d5ac163371e950201f0624b3024ef433fcdc068fcc8c32e0601509ac1dd7660897b2ebefd2f8ad9aa37483b0c9b1b024c75dad65834e644d67014a9ae

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 636ab8b2a2b7437561e9fb97b11b08fb
SHA1 b02f3f95b51363e9d2bc6d2f3c9b998198ed8468
SHA256 175b93960c69f64eb3526207919d7a41a012469e7052c7c3a469e73457c5ae69
SHA512 0c8b5d05c288390c6a7535e412ae279287f8c84797a6d529caacf78ce3c39c5629239f850053f197ec49899a6b26b7e10ca956430258469ea0508651963b2ea0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 60ebac5c516d8ef5e243c224799478b7
SHA1 a3723beabb82485fa47d75d69f2f5c9c54cca984
SHA256 f4e728a44a717876df2a4ca31fe5eba87bfe59e66c41ecd8fbb9f879e0aecb88
SHA512 274654140e64383ec4753d88204029a3fddf3d5bd6dc179af50bc1c2af9730518eccaa2873e03d5aaaf3b376a5c74c57aed97a85141c6a8e474dda553adbbf74

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9199d125e05c025fb700bc91d89d137b
SHA1 22715f80031bde5e49b4ce8925d2baecd2830ccc
SHA256 f6e76ed77b32f353f7882d0bf907c9ed5c61df39e642e354fe6b52c83ae69c3c
SHA512 9ff3d506c23a66e65617d6d2771ce86a63c56bb9577a3adcc20509f048ee24a1d8f811dda9334396b8629e6b7431f88c48d3daf20a1041973b97ec18c4ea8184

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0dcf0bca8a9146121402c1d4e2f8491a
SHA1 a1fd46667796b1ac54a14eb426f4322b9a165189
SHA256 ac5934e2b023c8df061e9d16fcdf6e5cb2c167192d11400682aec08b7dfb2e0f
SHA512 9e08cd841fd8e4aee07857ba193fb91eafa3bee551b40bae8a7065e8d0403ba606f86b991be44bcd2a1c2ff760c21e997938b05c3a6beaa32f6db35492c6f282

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5498441272d9eb3e37dbbce8e4963b49
SHA1 c9f45c1c17484019dbc2fc6f14c1a99fadd3f4bb
SHA256 db643ed238ea0f8baf1f88c5f4c3dc3eedeeface49e40e96e7ae5299e821ddbf
SHA512 471dfaa9ad804eaa46275af9cd0763044b7cacdffacecf7cf5efd87531e24e390e2ea0fb9e8c1cfa321e38c69eb0bcf3a16fa03c6eeb84c6d4598109cee451cc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0189f60110e9cd3789632ab2c32bb224
SHA1 b78e8c4c10a9e1e8a63cc2dd5fc167d62f093689
SHA256 ab52ae3d5dcc645af4a9d91c52dd7def1abc091d5feaea4ace2ebaff6d476d27
SHA512 5456e7bf9a3529a5445932705a15eaa76fde48eadb8ab3cabbb3492635cfa4cc789ed96f5a3b33871f0b7eaaf7c9b77b02919f9a30fbb96fd9a412ee34f46e63

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 de62c92cefb47952ed860977218144c8
SHA1 92f94b952a0af7686a53f3f65cd216b8e0b7946f
SHA256 a6eeda7e813614d755a43f79de3b56d4aa2ade6be94b649435a8a19c8cb749a6
SHA512 6a0511c95842ce0fc2f2b863903e47578c0371932dcece12bf2d0375ab03743fc4eac98ee832545ff5466988c97cb2be936400587d90bf93cf36bfe3bf6ddeb5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4ffc67bd4f60b7bdd68775b3e6b9e804
SHA1 f23cd4fa4090ef66d3b275e29ecf027dbb408f6e
SHA256 795a1ffeb77b3a9e03654260e267a5b9cbdbb393e2327dd12c44b3c767d9fad3
SHA512 f19c431a2064ff61fd70c5236d782269ca822bc0773e13c1fc8ae5da3444277294937bf1286eabaf84535b574639e1354dc358163c3e8aa23ceaa328e76d3741

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0ce401581d6d22055237547d0b7478a6
SHA1 5d80ac037f7de19848b01ee6cac076ec0f0d922b
SHA256 7bae04ef734f97fced4bd6d7b0b3d78259be3b809594c7675c3cc9d379088232
SHA512 8da4a35d9ee0edeea56ff3c89a74f905451e68455b743a51928da2854b06d90bc8a4b31743aa5f0be36e0a8e483486d38162997944c788cb01724aaf26c42c70

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f559fd8c10c66ed3e2d17b6da2b90092
SHA1 e1b6d577bddc25d442defc5013d0e091d674b56b
SHA256 3d942a420a4dee24bc0e978b59b7d7406b116c02fa026bac3db5de26b5d310c5
SHA512 9ac7dd5e807521d076e5359fa507f72614d9a59435ea6fa2e450b62f7d686b86399b3299c30fa773500b34fe272733fffa96a5155e94c2a8600e91d68114cbe5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 07be5e247cfd114aec935e0e7510153c
SHA1 a3f4202ef5cf1af814126a00fed10ecc6a9b690c
SHA256 f3a517d60f35604158159e8906f6841baff213cd03809a4fc9d94b87773dbdd6
SHA512 24e7b00fcc95a37b843d0d78867bdde7f6d211fb4ce4953b1a77b2c1996df925945465814abb1c66951e23857f898732b14c6330173b24cdb8e86a55414bc2e9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1d9058acc829bd01414278627eea81e9
SHA1 8ab51197c1a8bdc22d0a10d0a06709a05b348646
SHA256 49f39ce5b7e2ddf2bb83519b1454e2e95ca712bc4136581c3b18241a45a6b5eb
SHA512 b251d5f0fe40a6e270c38d76c9bb07e39daff33815537a7c61c600c033bb58ca32f9c487272ac438ac462c7cd63651e9c10210048c6f34d25af8bbedf2981834

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 86a4e6158359ea7375467ac6a18c7897
SHA1 8edbaf9132222f68ad7687e3d3bd6047c2e47b2d
SHA256 03c90f2996281326545712218ec953940fb9fd53c18263f7394dc20a3e49df24
SHA512 eb4a8cf11d43ae7f3f11414a4782c505807bbfadf188ed5c2a4947d1b01686413adbefe7209abdee1db568e0d21e527f900364867b6d98e2d6b4c0687c2dd50b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ab294367d90af375034c3083b574eebb
SHA1 3f4f5155925929486dbcaaba4ac575cb7c785b92
SHA256 8a01308a3f5813c339cea5288da3f917567926165b6bd6feb998ec2559a30437
SHA512 34df56a4c1d309ebf04829ea7de3937235bb7ffaf76cf5f60485138df2612db3bcba123e35866abf31adf46a04d14c524badb5dae046f171de9c1e33d3c3bb13

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c3a5e31bc710742ff9d3c4b1dfff67ee
SHA1 54e6e01b29cb9bfe13e8a18b91675f46a256929f
SHA256 e6d775c075dbfc719dff7b89304a7636096de08f431e4265f799f22a3d9f83ed
SHA512 01cd19d0fd882ea4a24746f686aab03bfb07018906e296cc21e2e16119d01f98596a3d410631685e3e1a22ea2b1258e5079187ae73b9d136fb235217b2069d25

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 bbc70104f15d35610eaa306852578e0a
SHA1 07f86c31a2f6ea544522ff128042823207911053
SHA256 af470c7b411a45320c8648516cd98f294902bcd76da20864f45f0aaf249153d9
SHA512 d421e9da8985463320f734b44ac5544be572fb15e5ceba3207cf3df4f8c60a6149461a7216046cc417ca35e4e4b0867bdbc27cf2e37a2a38661f37ad5690ba2b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 848c8aa97e23530107375ea79f97e17a
SHA1 7c126f9fdc420242beda44315737bec86bfc5b01
SHA256 f732b38b1b35a16133e114bd51a2de31bc480aabe473c835ddb259ed2544e8e9
SHA512 6b5c406ca03302fa07481a993a20d0617de387ac0274b3e5fa594d2a12f1cfd294ad4d1ee6fe292565b3bc0dfc6e80004240686dd2ad0b39d8fd10e0020e5b50

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 15eaadc9e6c8295ddd3bbb5de78ffc9f
SHA1 2a50fe4d65dae606a7c8b0e93789e82b28dc21f4
SHA256 70d4a1f26863eb21da5f888612256ce9ec79c5f2f8bff55d07d1413a6f178df1
SHA512 67b9158f751759a65dc826a14872c2b2e4acb5d7d88abe2e39fdbb118d91cbf76d4945b1baaf7843987706235fc3cd462869d50cd9579be440b7c3aecf80ca53

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5e41d7edf39085d3e3925e6a6c048464
SHA1 84c4ecb84e13637137d662df830a1a35e609a192
SHA256 6c628680b8bfd2e5f47e007b52c57ee9c7c94665c4e3ba778207e1e92650b9e3
SHA512 9ec51a7f3b9e98cff848eb39c8fa0b5fbb6f716f6be236c472355162fb70321c2cc0910710f536420a2ccb9f1b53744e48d9180180cfff74bb509f3feae0003a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5b75d7ea6a652b33f23d6d0d121a0a82
SHA1 eee3529c75e045dbd5258f7df6f2587458dffdae
SHA256 2126a1c2e113a84c1d999b9dc7d15baa6f7669a3875c38a5c9c70357d4c5cdc7
SHA512 d75a54fc746b82c334f6f236579cb8ac80d4b860f10168ef92577b9adbb82d59750df7a6f6d299b6f927efe30dc05adb7190ee471b30c6075997345164db4db9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3007e28d8f318e81e292bd220163fb89
SHA1 62abdc570615a3ac119ff82f56eacc57cc6f3685
SHA256 74c48cf3cdf3920c4c4e015993224718da33339dc77ac0ca7796d13c936d3aad
SHA512 943248c95bcef862c5586a0a76c470e52b9572ba0239ea75312087e8306ae5f7c66922dab931d4cf8ea50bc1fa634f8606923b354df76846d78c609893d03947

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9bce4d28df7786f1d929e1cb591c6065
SHA1 400a83b9a94e053724545cfc01ad3312e89370a9
SHA256 4338c2ce1e767315029c8da5fa8a0b78ce9424e1700f2a100ceae6021771b42d
SHA512 5e82cf645093a9abb89e17a525bbece38aacceaa841ba93f9f46fba54feb8caef933e189e3e6b4173339d02bcd62ce94cfd70b65a9a8d4058c0b710333887cab

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d04b4fa64a07d8f0ab31c67a06f2afa1
SHA1 15d008eb285447e62f66b964f233a54d9ed31e6e
SHA256 50de53cd797bf4715e82b8549fd7f235b10e5934baa600fb479da42b166f0901
SHA512 963c69f4f0362e547b486a3e4b7ade00e157e692fd200a5849220b10b165af3940314335509efd0dd4dee052fefe7593c068aace1e9556c676baff8cd12831fa

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2015d02a3d1a44acd8a305b4213eaf1b
SHA1 4bd7b373c88568bd1bbb6fa7d13c987fb25a77eb
SHA256 1a999bc26e57daf16f434c6eb5751a31ac1d6d92d4df5581cc2d9115d01c475c
SHA512 f17d91d77f8ad612ff1356f6c564cfa51855435a520ae5c804fbd238c280181dd7ae15e2f5eaa19a34161c2d9a5ced9df80a3f051cf05c7ffcd9df5d242144a2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4c77429ba3e41e0b81f7ed9aa5580b19
SHA1 d3545f852ace9b42bb21476a380fe32f546deb91
SHA256 7bc7f390c58f6b27e53c3b3940e51fec066d66d6a19694000f2fefb2a19304bd
SHA512 27c9b05dec9a1f4e90d670f1c652c17d971ab82579cf0e63c1a5c40cbf47b16d25be71aebd897f5a3e3bbb483264abaa8ce5435808010d53241e4b4545c9177e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 36d914988afadec374727e6b39cb04d3
SHA1 e52912ce1fff4d62bc8c3d6a3898b4426a74afaa
SHA256 226ac4a0d009c52d59c464b444b1d9766f19851ba584ea020158dc1c7ea8498d
SHA512 668b353cb677e27e7e17dcad228b4eba0e38ae495f7df92f3000d769a72b505b38b10531ab8d02126fcaccf03427b6aba5aadf3bf448f1e1bb04ea641c029ce5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 25a3617178a71b3f5a2ff3e030649ea9
SHA1 f18916245c9e637781579df9f0b0e9a927473fab
SHA256 c64826ca0ff808f557f40b70792efc9becf4319af50fc0526c28dda964ee4b96
SHA512 7ba0390a63ff6a046517dbe2e0c7b199c804bdc3457538a50727b83f623f55230d52963128827606d88f42ae4c3bee05e051f5263c72e791ebab6801d1397abf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ceaf14f0f03593bab85a57b85b499ec5
SHA1 ebc94a6317f8d14c43cad015a69133c531e46254
SHA256 554d930616522a925ccde84fe247acaa07a2aa862d463d2e8420a6d3cb56bd22
SHA512 15c38a42d7fe310d6724f2b893c205554ed5ecc01a1db9d2c80048215106ee7de5185c38b79e4ee13e4ab97d39fd00203190125b051e09cb5e897abed24846c6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c1c8d46fcefd213650b5445024d7723c
SHA1 e1194feb58cecca29bfffcb79168d916d0a6239b
SHA256 2f36e35e04c2962991a9d741dc7d4a9a8ccf228c20279e29bbe93b3b6c288e92
SHA512 d9d7c89e8e334fa1d2edb4c8e13a3e5ab0558720be395d29e2ff26e628364ee9fcdedda035b6bfeb9bd0ca27b1cd5a4b37e470a1056e589664edd54cd5c2eb62

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b0cede970d89fa378d81dd10ed9c364a
SHA1 38b7ddb830e6cacf250f39a86cebfd7c3d623e2d
SHA256 816a332217790ce9e8ffcad131b84aa1ec66da752d5061c4585ef831a14b9f35
SHA512 34d308551722433a31763402524232ca8a7a5acf16fabfada3bce450b5ab0412d83401da0727e36ff574fa83b375910035640fc3d5bc074b4f0ba2822a248a1f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 328d694daf58cbfbf460596844af0201
SHA1 34f8e4eda53abfdc476a4685ac84c5e4d567f2e5
SHA256 b4462c474220304c242db072117068ad4cb4104dcd15d8b8f8ecf03cbba8c228
SHA512 c63352ece22fb2b2f232adbb88b7fba3bf33fc59127a9ee97bb19378018d808742b919d6d773580856c4b9f38438ef0b574dc47580321723794fd9ee5e3967ad

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0659cd6629f39bb974e45db341487674
SHA1 ef4d1af8b4fa818594eda77ca4a8256ab01aa707
SHA256 5e10739a5c07e894edac42ff53ee10253b0c8240e2670ba4a68780083f5b46d2
SHA512 e09920afb6da679fcf3c1f989deef700300e3c5b21eb141a7fcbf1d7397a77fe24be9a7cd7f4bd9042643a5ca028aab8946208d3e26ff1310398ee9c95b8396c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d3d61cf3d4f5739c187a7ffe3f5f639c
SHA1 f903debda3da0a6f1a02e4ff8abc84c99ee74d46
SHA256 bc6db1969754c9136832749fb4c4a0c6db2560db07a53c74a25125eced7d5b67
SHA512 202e1b8b273686a3e0b4a38c3e4a4504de938af458e4016517043149f286c52395d1e57437ceac055330630d690e2e91ea4de7635211b807bbfa23212a8a53ab

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1f344a7c645c32df125669014ac93a65
SHA1 e8ece74793eacf55f32bc6027be522e649c16e27
SHA256 6890353e61d63fd7e64c2274a0ba96203450ccb25a842c77870915cedcd9dfb9
SHA512 24b18c097eb4538b9d8bc99ffcb4877538a6ff95691e4f266d364834388c5c56264605d2c67496ae1ac2cc0aad4f2f4778eda115cf5541293621117cb510c96d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8df173b289f7b1ed7e88bb0a79cfc692
SHA1 1414c9139deb7d3b87a228bfa8a69a6237bb4525
SHA256 457bf1ca787dc3a3b0957aca6759c74e90343b1702a496e46dbe7524a67ad3d4
SHA512 7c38c87b0a749f8883efb3dee12c37fc9a4ab81fd857b3311fa51e0955d9d17df2da2384fb64b130e5904cbf5c407d07e0aa37d25cc1fc48d14cdce81ae9321d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 664be1ba72b9974194d9d39d468facc0
SHA1 2bee7390139fa37c21623ac9724347d3b52f5f4b
SHA256 42a535ed312b0454dc4148ea702a1b60d1af41bc55c1d7a205f6383d6bf348d7
SHA512 82cb9ac43e9f633828de5fed725b0e450916a485dba3ac182ab90a8fbd05144bf0495953ec092fd896a9e6bc68e069708131fa7dbd7eb36089fe54bee57a729e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 86cd27359467418c42bfbdcdaa1303e1
SHA1 13b5ea755a5c63659559ea0282b4e7a85b2039df
SHA256 68214ce26b155a8b066dee38e6d4e5b3eebd53c76b6b51c0073f720f94ee4a23
SHA512 c5f0981f2e3c857ec1b05a1f1fb1241699b1fc232837d9c55872e77c84f4f741e6e308007ae7757a27a313c5aaa286edea49d884afcd2313660936eb8e1e0c4a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 97a2b6d2d4e487e1036969acd5bf0c22
SHA1 7d3f6e676b69ecd3b3c9458da6b147249ad716a4
SHA256 a5be4df127f284f6e7c3af5438772b3b4f9cdf2e06309adcb81936245f87e3ec
SHA512 96a4052d139cfac90b7ef1f17d47922e3b9f70ffe61b746c3461f847acdacf1bb2a1a2c6e37486bdacbb8d5ef14261293e0177e3f9c93a0a39ee370a030ebe45

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e1c8d26388fb0fe3a16cd1e93713b2ed
SHA1 29ee33bca22e6db77c614b618d75c512bc1ce2d0
SHA256 1b3e68aaa6ef722bef37a259169a8c143c3b086863526b719244589d9063a852
SHA512 23a35396a2f39373fef9b2070d13f45386c314f55b4508c797871029dfb1cc32bbce582ff1a0ff39a0fbf127fc8e0024c21eec6e7c982976f5b1b2be76f10c96

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 403518b86b1044c141236186c6acb734
SHA1 3212b2c3ede84a2998e0e709889fa8a6b53db8fa
SHA256 65dc697ba03934a180ac86aed8d6ee22146c1fa7bdfcd25944cd40dd36ad38d4
SHA512 75c5066e49e5d678941ac1c7a60bfe6c751033be79ab08fa4e3068367531987034981e9e598b3187729b3f52a0004cde7b53824d0457f05f05e141d5f334efe3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 30c71d6268b027690b05f3e3464fcca0
SHA1 dc6d01fbe65e5f3bcc0cd580756df4ad3725e2d6
SHA256 dc9ae1d3ba71b88e033c5ad48712891dd95ba98fa4eb2dd7634c7209aee6f0d1
SHA512 4671c013bff105ff7c04a5e5c1fc01f49f75e04363452f77fdf8bdbe4e728976ad2f33541b85e110f5d6530dfa8d2a559f8eeb74d049f1de5218455c2e520803

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e95ce9b774542dfc59fc83fe42570d2b
SHA1 f47ddbdba278985cb29991b68d9fb45b3c47de85
SHA256 ffd05a71ef7c69db8279d5812bd6253a2e946b3efeeec2388d9dd53c3fc12244
SHA512 523aacebc0dca63d04583a0597986d66559c7db1a38fd41aff2b65998a126a7ff76d442473d9c256ccef9fdd65d47b323febf56da58fd76335b32ed1ce3d753b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6e5d2d058df56d6944cd60cbd696544c
SHA1 fa9f4537f98a35ae18d606786325a226fd9d6d75
SHA256 c948bc030a3b015ab6dfda9761f7016daa93e55262f97fd6f54cca775210dabf
SHA512 b0f08c5934a0829e58929c18dabb7682089d41b6f690975e739428e98cb376baa0c153789fa48d742c24ee8ac8a3d5135ea4636a25c2491478424bc64a051422

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3c6920cd745587833af9da4a3f2d6d50
SHA1 e23a02e516a2887781d00d31d3f0122cbb849823
SHA256 f0a2fdc5aa2c4f4f1ba9b8a10e1cb5ab7e5c6c44dc88b3478f006d68b70b4493
SHA512 9017379b3aec116e36e06a8c2690f4e1da84cc3b225d2cf13c1b8e608464990572771856cc191af1c7e6cfa4d2af170f919dad923884600a1cf7be3f69787f41

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 997b40e0d1bee18208792e00a1536dd3
SHA1 213b5addcef1a90e9794706e5e5266f236170d51
SHA256 6ecfed8159bc9c5d94bf0d456f8f6bb246490386282e531b9f340b13de21dbb2
SHA512 94609c13e1eb106a9cd7983b8fbb51845aecd2154ab35d6a90bf54cb9db3974addb6d5d457e7e8a27d9fe175d474c18132d4050f9b88d642cc4f100904a7bbb9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 405df173ebfa1bd852ab0ad4f30c9680
SHA1 96544b61c38fffea31d1a6e7af5ac95295556d8f
SHA256 e1126700aa34e48ca912e511cb17c985f69a66c5f1e0c87b9694ffcfc86dcc0d
SHA512 7284b3f2a904380186b35fa878696968df0b65e23886cfebbbe0822a3180697389462ba010696d797021cd9663a3cf3b03a7880b20427de1f2065a9a7e66a041

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e862fbe216be28c7494892a37b559dbc
SHA1 8c3b565b47a4101b306ad8eb24c8e1603e504c76
SHA256 7b9a8205ead166c3f8c7ae05cb3a624f11258ed0d38ba0ccd45cef1092fb36a3
SHA512 3bccd916ee5c332e3529ddf235df7303ad53402cc24bc68f365ba1d3634018bcf699085f26eb3bb8403c9530f9d9f37cf20fc3021d562a80c2d88d293abe639b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f1f1a09df53c86ce3ff7d0246ffdb524
SHA1 e204b426fada26d6c6bd91b13285c687c23f6323
SHA256 c3f83172a2b4b359d613be5552ec2c70a6bd8f4413c708e71ec87b7611e8d507
SHA512 4cf9b4a862374646e6465a57c774b6f19768787f76f6d8248c5c8b9c44f01ca39bc229eaf5c042c729b05260f21cf3f2c119f696b3f63d97346dc4c4209ffc60

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 774338ea038c5f2b58ec42ac443bbf1b
SHA1 631a8efa2a233b127f066884288a88c3226f298b
SHA256 519ac321c6c17c4209a38db17585058813854db9b05e8f1ac07526bff4a9d605
SHA512 19172e93b6ff21472290fb0cd8ee8b58a894015806dfb573417f4a7af1bcd177d1d32e3e83d8dd5125add390eb683ab5d5f2db5fb6464c7c16e91333b9f6ba71

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 497437751a2fd073ed5dfbcf95550056
SHA1 bb31fea7f42930d14b9b8236ddaec371501a28cf
SHA256 f241eb27dfde81af8be0006c8f80801331adf599141fa4ce6d4ca0a3a6864aee
SHA512 751d1b181fc9b79cd755643286f677fc81d622a4a315687fe8fd3fae453df5f721036cee4d75ba996a9a478d7e6f3a794b223cc8e68853caad20ebbe79593219

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 33925a4ab9391672f33abfcd237764bc
SHA1 db721c2b4d3258bff35b01774cf4d262748f6b2e
SHA256 7283a7f6b0e03cf31763b08782ea362e8bc20d0997fa38351e50439caafdf6b4
SHA512 2c646fca38a7a23b5c29569bc21df05808a76c1a5a184a4a9c71ce776803c3d9b5176c80d79d7f2204cdc281a591c8b5b7f307e91073622a76f8bf443a3fc578

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 95368ae825192204a3dcce821e5bce2a
SHA1 e09c549c84aa4c0b37c0862d2212738fe0a6915d
SHA256 9eee4911e396cc0b671d544aa1cef94c7605c82a4ce01ea240782561ea80a698
SHA512 439bcdad217f1d3bdfed2e02499bed3ab429f1088393d4e7a32c8845a7da3f3f0fb2b380f347b358cf37b762bc7c778ede82e18596f7daa6cac2ed1df80b1c31

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9584daa6c6cfe22ef6d5e34518847dfc
SHA1 79f2056ad17917221066d4ec2172ef30c1cc4349
SHA256 d0153b0ff12342a0707c3049583fa8d3a993e2a62971ef3a63f174304adccb1b
SHA512 c51f4b0f505dde0b52d8317ee3b50bc9f9596c32febfcbac36f40acc63d2f44126180acd17fd5e19d749333b3cbe3268a6380d8304c02f3054234d51a84d4554

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d972df62af1a450d1197522428dd39d3
SHA1 510fa6845d445c1ac86278d14aed4fabd510a123
SHA256 05a2d000b39bd2ac57c7b159e55286f2f326dc7f823a442ef0cf5918ce7907fc
SHA512 069be25e5c5017a9825ebc1430f271278b6f227e5e8e39b6da51ec4e3d48fea4b405cc58c5b47fc19371bce9a27539a8e43f131dfc65b201af78a0c794dd7034

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 70a0f7cd29ee35f3e11814582d75fdc7
SHA1 5fe7d4276e3ce3bbd045cf5ed64dc3df9aca4529
SHA256 a4467b40667a718a359d4879388ea1cfdf6e57eef4d25b3e6633e732ceb0af9b
SHA512 156832929fff3276608ba4c16daff495b1aa0e2c062ab6b59a2524388dcb143a992b1365404a01084c7e374d0eba4105405ec9e282855645c5466dfdb57b0b6d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 cd8e5c6776495424448082a4dedbd67f
SHA1 002cced27b5c0c8205baeb65c0081fd4abcc7de9
SHA256 69cf4291c6fd6ed72180b480a48af75c954b86b20de7939cb219090fb4431d5b
SHA512 246e7718b190e6756856e08593f67ccb50273a841ca57fd0b0b4be66e47701b6ff0d701ad0d27ec8f7699768f30adc1eb57c50222c1e8d2001cb680736dec3b5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 67f543c916d74a1cf6e2bdc3be0d5afb
SHA1 7a1953bfe88d55d1203bf844c4e28114dffea13c
SHA256 df4aee58d3788c8bc2c55da61145bc0e25e041d2e8021882581c8b2dc0092787
SHA512 eb0976cb5c095e0294440ed99a2633dca774a78d57ef7ddf51242e3d1edc411b1d2ad9bd84fe6a54afc5a17926cca0f59b01b890f7538b861834c822e3f2aefd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e68f364d40cd284ccc6822ab0819586d
SHA1 4cd9016cbbb3b16e3f94b7e814ce81652bda5e72
SHA256 ae4d64081aefe0fe9a98411f75eafa6c7f3a0497ee962c799a468b3e81e10fd9
SHA512 50a634fc9fc9cb4b7a15053a735a1e28baeb5209fe453fb8eada3c24c6df75f220bb35de98f04e2033ea62ead8e558d806addfcafc0bc49e32338fd4edcc5534

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 505c5a5ae5cb225b2a968e3bc412f201
SHA1 7b3ab012e49917f32ae094cc431854078e186088
SHA256 41edbdc790b957800ca5b92cdd3bf41dd2ade52fa4fc3f7b151d580f5366df18
SHA512 108663cc8a172a056b2bcf0c1e9f80f133a82637126d7335955bb96e4dced7c8fd0645c47a6ab8b1753332365b2fd91c0a7334535f396e8c7fa0103cff3d5302

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d63cc81bf25447049936e2641563242d
SHA1 552ffb5a4c9748453fff84695c4ed9070eb5b526
SHA256 6e688825c51e68aa83159c31d424a73a35eb9a4661ca05ea67cdca4c3bc9756a
SHA512 f48f16ea494ecaad6e56b87c0f3bf10fa9f0b25b61cadaf7db0048541ba41f2ce3b25354bdbe3ea035eaca0d58243229892c51a1247d1e2e052b44ea1b2f55e1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a47790a3999219611558a5266830a2aa
SHA1 bb84410f12a2f372723c4152ff4eaebd791f2538
SHA256 c8790af6b5a5afa6ab118cbe547a23808643eef35d8c8a7ed7315335dd75709b
SHA512 bc823975de5128d660d9cd4c632cb1f93f33bad08fc0e63a6da17f0d1b7a195469345d492e51fad66e670da48def7904d3cf2c3bf959fa84b07d3797f26e2468

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3f5390b2dce70b7ac727c764d79a7879
SHA1 061594b2af8aabf6e2cb1f987bfca0810400c44d
SHA256 eb58727bbf4ad572bc8e82a44f77a4f1b90dd49880541f287f78a59667d98a75
SHA512 5ec0b90d7a3a535b1db32885ff9ae1f0ea99b9dfff7b5f2ddcf24edfce63b918528f51efa187befb5d0b891959bfe83650e31f4178701ee7213eae36c2421aa6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 90d277f8de4c84092d9e68e0ca68334c
SHA1 fd1be5c9c65d49111c378e43a1bc1102959ec052
SHA256 c16d75c7d014e680da5b5c847252d4f380e871e53c3120d0c0944ddcc60a9961
SHA512 e6b07ece7438917c2b7d3db8074ac47e00573dfce8cdcf5ffc7befba53d1dade3c4b16e3a604da3660210e9366a76195467af90888ee9056640b7bb8ed43c310

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f83bfb6233f6a62504b82d47bba06245
SHA1 02536d52b7778801bc56f47db5547924f27835bd
SHA256 28151dc0370619b460e7ccf6599cdfb6ea80413e3e8c4492f33d3fefaeb249ab
SHA512 a87f26d620ad3de0fed9cfb44b6afa1abb16bf2332e15003fb65bf4b21ccc4be351c9fb84cc8b7046fb1d7a31eda9449c8136e82e1e88dcf00885699de32218d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b22d2a882f33cab884edfe97ea0ac4ab
SHA1 cb2c0b4b14a535b04053f45e81b9f4beededbbe8
SHA256 7a627e5e261a0d820e14e529f00e69e8dc38af4cc0891f5697716de20e376d5f
SHA512 287b3e46b6024d63b3d960df29560acba8b43027f6276aac053047478f85f9ec83678106c1abd1f19c3fb21574e147118c6cfa3ccb6bc2b98bb8e14a986afd61

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8a0921289801cf302f3c7c56e59350dc
SHA1 f1f469b3589e6e990c8b024f52688963ebbe7a09
SHA256 71e706284c59d9b524dc7a0f02ae60343591d5055d62481d8be8064379c4b7b6
SHA512 54a7aea331005a8a01ef6d7b181e5424a64309a02b5955809b5438d25f534756e43f0d354ceb4412ef50f458e4e72be97e2a0001c4e2445df27fa3f01402dad7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 cfa01aabeddf81b628bcf5c0991f1a64
SHA1 c4c273a8f0ee9c7a2433ab2d11bbccc2676036ce
SHA256 d2114f8049e46c8e99e66377e8f5fa6f5fb2b3e450e3f644f968a85bbf572f0f
SHA512 ec8b9c3c59c5b9020507160a31d0fccaf66755e115da0894a514cc827df482be68dde23f1789a7feb21dead71e3d3edaf1c17fb1a82c7a325e577be243f35079

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 33b7552f60a5b33c7639c32a9d5e7738
SHA1 2b56794500c5099b1c50edecff6d09982e7168b4
SHA256 4644a32392c22e8c6e21aaf447f34bb717e04d4c1f13535dcb525882d5f58b99
SHA512 2c4689c00ec9cc1f5a04ec23a43dc6cd7c159a95ccadc4b513196d18c69d24caa1ced3b5793f7401209bb415d56c6cb68222e22f9b5df509e8d9c4b2ab3fa924

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b170c0844ec6ba9c6ae38421b469d23f
SHA1 083896be5b81fc53939637760b8acdfcb9cf5549
SHA256 91d43b51100e409719fff3e1672284e751f6a0ad7e1a4471a777b4c44aafdb4d
SHA512 13e906e489dd1dfccaad5704b8e31dd0235e3db5fd2da04a114c60bf7acf3162a7a04b26ac4e701b9b5db19396f42ef17a4e97d19211bc5991da77a19af8d3ee

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a8429775188862561d9c613fbc307bc7
SHA1 c01f36ba370f03400a97c3e9b7df8de14ed4fe52
SHA256 3036da05ae8b718c47369bca4ecd5e78522d3346c3ace758f4be1b5444ac7ab5
SHA512 e1beff97a20d40dc26b68da0014c4384eac385a3889a13547a0644a35a44999230e89638a82fcfb29b4d5e9ed6ca1495683d35740ffffcc82a338468fe486468

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8a2e4ae65532c6344bb2196b9695ce0f
SHA1 fce12430a32021965a0607ebf25afb0531efa1bc
SHA256 ee8d01e13e6901b13076b564fec1c4c582b1c2781c91356ee07ca0538be7c26f
SHA512 4c8396047c14da4b36e9af0e8296474482f7240fc5bfe3ddb203aab172d8a2fd85d2e3e7ade65154eeb3e4cc7e7b7d310294463fa62e258091ba21dab39c5b19

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 002ce91320e1cdd600b6ed1f41c4d53f
SHA1 ba637b54bf0df4fe6b73d917647fee78daec34b3
SHA256 fc80e59d9791a3e0841f80a69809c5bbf06b9c71b4b187f75e677431092a3fae
SHA512 4704e7962a6b6cbb44475d6633e8a8774b3be32d0736f392ad7e1b780242c8e13160024d078bcde27da81d59a199c4c29297388a1d4fc8c69a6980fb6e1bb4e6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 eb07c6e3fa4eff35d66c3ae79b2ac127
SHA1 252f791ae7ce26a4d3c2098bf54a3be22abf673e
SHA256 ae13e0696e2901c437a6b516bbab901b878108c905582903bb0932dd70932891
SHA512 68ba680a03a78b27368a7b9edbe1b9d2e3e961b90ab1d0300f885a1e154af24e6afd57c928061e6a802afb4eb6a1315e460a25b5946cfb7db45fb2fad80b9c9c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 faec65814c9a4ecc9835b08d45a3cee7
SHA1 aa31a68c3ed355769f32a105e570ac77d0579438
SHA256 3964006ca60dcf1bdd7dc367d148d1c3e787067c4c065e316f9ecea30f4670b0
SHA512 a950b2df8dfbc22bcc10597c730a05a76a766cb7e269ba12023a3d4bce04bb1282433e7e240d4f6d6ba01667d5d0ac48ca50e966cf7f7a75804f2b7cc1bb0788

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 472924c38179f96bcc03d958f3ca7ad6
SHA1 19eb84711a0404d7830ba6b46482aa64834c64b9
SHA256 f81730ef55c88088bc4b63656634e83b7e30edacfbf33a1dbf38328ac63b353c
SHA512 56b19751e8a460b4874d655fe6b604cb0b0e9a2c016829b84d6915fe2373e25247f82b7d88d5f9e48140acb4f32cbf7fad1101a11f736980b15e0d5d553ac129

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c0806c73bcc6b11c96f6a9f6280e78a4
SHA1 0c18eee3a49b53c0cf8c302d6d3e80b425e62313
SHA256 40eb081c0f96d2a8e6104e1fc8a3cee41e7042f7a2939f071824e4a93ae6d5ec
SHA512 4c4da5c62f6399de0a3708a2246f6d128509dd5ba51db6004082cdb8b9654f49ac501ac9ba3e0b5eef92569febe1ee3c671f539467f93623c12bdf27aa97b152

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9ac3357071bb3be33f8fa0c6cd108ac0
SHA1 bc53cd039e2737fc49059a53771328060b541fc2
SHA256 f88bba46ffb6f7c5712f20b9e8a53759e9f8524058adba0bc4e54928626b7309
SHA512 8878dda855269394f2a556c2662b31fc8998fd04202a60b6e81eeb36004a95a00bf3c1c4923e320f363e2076fdd8a8e1c865911f3577b69c75b10589828e1533

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9884298236697cad57b7d2f372bf7f16
SHA1 c6c447f1eb246e4c64b825e5b60bb5d4630ea77b
SHA256 4cfe184c483fea6f7caaf5dc21d515438705a78572fea7e945684f8f156e944c
SHA512 c5dcd91f261e9cf55bde4b96055954aea9faf3e9c4cb2ab2c27028f6cfd65e45b6b6867e6e71beb938452b734b6b218508aff4c0cb197dbd2a4651857fc058fe

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2fb935b6ea3080e2faf8e1d8f45901bd
SHA1 02b0c019dd891135fe1e6bbdf28b3c4433c35164
SHA256 dcb60ed4cbf11c6353c707c7423e4c50094641c7124475e8540a2a9ee6618cad
SHA512 387e8ce780cf5fc727f4255acddf778f3b05189a1125c583a0bf834bf90f6a3ef533953c194325b75eaec04b42444067cf4f71007bcada7dcb9b216c0e472bce

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4119ca6ed0cee5ad4d2a68df3a018cf9
SHA1 1485ef1886c97796ff452b87a4f857cb98c641a3
SHA256 36250c442a54987ba46d55f4b04ca2948fe649688d4d2056edf77ca5786b18b0
SHA512 6500823d5de371f5c1199d7e92a8618cb272bafa49385cb6f35e075b1792c34efd89f4dd11e59a42a7f2f6fac1f3cb0972c99bb8e2cbdb6f0d57118e46486954

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3ff74d12564424e88c15ce4a556ee71a
SHA1 09e1e847b1b4cbd33b3fbd137087fe9238bdc594
SHA256 a3086958e028e86529be7f691d658594f01bdbb266b25072deb8e8c6c161769d
SHA512 70bc301c386571b564d0bf82e286de340a049fc919f2c276c7411444b217b09041906e9b3bae9827f6e67a56d73e77ba1d03854b821e3f07f3e3b38c43567074

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e250f00f039a6ec128d0ead8c7503cd5
SHA1 bfcc2c7f35eca27d05ee4c331ddfabc7736b8584
SHA256 b709da69891b82e518ee6748eb3bb133d042553158b7c067adceb93885b36ba6
SHA512 e9fc022d2251804df0f7ab141001f9f8c90055d716a05bcc6a51f84b3c3797d8324a87196a9b1e06a2f87bf9e234cde0887c399a57d10a7b89963fbc6c2ce747

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2382bb84d2aad2266fdb3a1ec6963ee0
SHA1 04ca8777fffe5f4812781251e709613aded40030
SHA256 93c2aa6d921e81c46f4d16728f2d7f3b137d4a233d5b360b5b89d4fe38622fa4
SHA512 cb91f01dab12213d49cd224678103507029cfa6a2cfc02cb98970c7c33b768a1ec5d70308bc081642af813e81478a9485b28ec8a4f952a2b5daf7c297ba7073b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0f8c7621a9c6664ea9d6330fe7bdd115
SHA1 d736894c940b4694be4346b340180a4db9f6a5a9
SHA256 0896f6b9ac312155f92a9ab53126e55927d9cd056c9c3e6d508269a7f3f146c6
SHA512 91f3e25fd842e629969a0f734303caf98ea1f6d70d4827cceae8bed708c1c798e4fb1c5826f4914011f2d2d232e029281d5e05b29da42930155c1dfbdb332b9d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8e72775dc465bf87ce6dcbcae2828b1c
SHA1 a6239babbc188ff6ab3adc1be953c2a398eec5c8
SHA256 6774930b88903ad14bb7761de3c1aab6eb6ce71ac7a92ccd7403ac3d5eeb61ac
SHA512 f4eaa20990918e65d7bfb2825778d40224139d4435e28724d73cc0ffa5d4f2a869c35554ef1f4e53e32304eb5d8cc145f815be58a152cc1d9da0a8b035405c68

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6314810ed7c8fb017e4f2e39d6ddbc2c
SHA1 314d79f8d112d2b6cb1097a6560ffe1c7a4580d4
SHA256 5b33ab07f4e4f6338beadaa9a620f96c7e46490dfb281a7874f91f248c6c7c7c
SHA512 22378ba8f4a02f036b0b5b105f2b25cddcef634f36a65877aa6da9fd2bbca562dfdfcf49eed2f69cb06ec1a5d3fc8e83bd3ed37632b12993906c73292cdaef4e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 26ed94474bdd313eb4a4ac35c7e87303
SHA1 4a4e82be7285ba8f841d1b20ad465041f27e8079
SHA256 609b981a66273878f674f4e3ff72fa73dde73d3ba858ee304a13e4e78f5d6879
SHA512 d48a51cb5d2102b9c978c804ddf6880c55a51ee2def96d9ad5efa47ef22597baf4e3d0086a4e242529a447b302ad3394b31eabb9f582026b341d0d02fe02030c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ef6a74d2e59d302b199d6c8bb6a6528d
SHA1 a39f963cbf5236d9017c463432d6a83d9d3a6f38
SHA256 d03dfefe180a19567c32a4224abad0fd8861d2bba5eb4a2ff9fdef087e3d1623
SHA512 ed7721627f76b82250229b5f23b05e024e5d3770680849f616a3256d803d3ba0746967386d5aabddb81cbbd1337978418a4af3feb2e0d2e06fa5eecf7f02216f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 fd77c5ea3bc17363880b6e7d52535bf4
SHA1 a1d6ffa15ecff2726e515e716216d2e3760870c8
SHA256 eefae48e2fa9c8590d63ee3ede2bea483cc54cc5e347dcb8c520333ea640e817
SHA512 a8a07e7bef7c47f7111dcfaf7d114aace385dbc9f5bb39bb44d38440378baeaa7d90614f43999b0760c53ecd36a25b2c58b3c00595894fc9a180cd6f0ccd226c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 af9a3e7ad0d5d0cf994ec2a9bc62264b
SHA1 41fa67f729afadc6f3f31f478b2b4c5284f994b4
SHA256 b6b43ab167f7dab08cc88b68d0a15c1050a9fa6581beef5a2c96cd39b24b864f
SHA512 7972e3e408dd51fd599f2383f4218ed319cabbf2471d5000764fca0f01b839bf92ddb842fe3dbb6253cf1d2d8dd3d271bc5c97a7038b033348a7693126eadd81

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f051e8890f168f22e1fe60b358b6be7c
SHA1 461856eea6e105e8658be5d1f3da048d079c2127
SHA256 785d7fdfe343da78c62b1d0eb9d34de4dbf43fc051a2645a9da9e5101fa6da09
SHA512 c003aee7c3b764b5870b5d02e98af765173ca5d81bf047d837f2ce2cd2b3b405cc44d97078dc42372474fa563a3659354040cfaa600c3a62d49a24c69dbabaa9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 58699e0949d880dfcb87a39fac4e1911
SHA1 4b5da72c489c4e43ee16abea3e8442d253152f1f
SHA256 813eb24db150d4d8d47610a1590269793d4895a576272be8ccf0b930b9ab1139
SHA512 85f0ea0f66485c1ebd85d06b957c436b818f7e96b65aad7f759ace4ee45cd458bdba4327c7925906f1c89fc2465e0a48dc49dae431796fb465f90efcd3e6085c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 47a7543d4d14f98e4781951ca5658380
SHA1 bd2e494e8b0022941393e5cf0a8073d1708700d5
SHA256 72b0fcd3fdc78cd4c63c4132df302c33a9966c9c2963983448860140527b1816
SHA512 06b40fd675138648ea7bc06d0aaeba0bbe0d461e6951ff32d9b0b21ae91ea37f7fa4e69dbcc34f8cab38c3ff202802b9d3037a5e757529af8b7ce37dfd9f5565

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 083ed27bf5a82e5eb6bfdd145dc69540
SHA1 def5903908ac843a19841085fd4c18a948983350
SHA256 9d5c7be92acc93f1a70ed27d7fc79dddf94f9829811b66123587f1c619bc3755
SHA512 ceb4c8ca9b858f456a4c97a2d8724c34ccc3fdcb556e1e6a4da76f864e29b8dc15c45d7f4205cd21584b72dd266192cba4721c3d4a1a4c6b521aeef20ae0562d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b313a5e6e5deca1c4fccd8275819d6ce
SHA1 c609a8950963ad59de4e3b175da5d7bee2b66f11
SHA256 e61ada1cd6644dc70e9fac1b5d00378d5743a0b1aed838c226b9d037490eda70
SHA512 a85d8c714a3ff3ec7a5e4d381868086fbb42983b023e054723f4eeea173aa988864e4dcbf79f45bf117ded5681bc6784512bed0e45064b8d9b169f235c4cb3aa

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 537e9a62677c50df4cd14bbd73253329
SHA1 d31d254973b7cad7b45979991f8f91f5554a5d46
SHA256 e02d7ea72253addbc23ad618f8495a8ef468294dbabcacbe18a812696c82df1a
SHA512 4aa51af66b2b3e8bbe64f7e461ebf315dc6ed2afb7dd809adcc519f9bd25497d535f3061ec15da8209204584a5f518368564f325970ad422fae9e3a6a2e2960f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 48765cfa18b9e0e407d84106b2c340df
SHA1 089a4655bdc1d2266e11758edd464c1e7d37dc16
SHA256 0fc12eeae1cb30f16b5af4f20e36b0f99bd34517f3deffe86d3c96e1d0fb610d
SHA512 4773021044a81b1e705022d1c85c44fc9bb98522814d6ae59e36f8186f249ca6b6338587316e46a56011d6e7fff00026c9c1d01149793ce8740e30ece88ccbbe

Analysis: behavioral11

Detonation Overview

Submitted

2024-08-31 14:05

Reported

2024-08-31 15:01

Platform

ubuntu2004-amd64-20240611-en

Max time kernel

2699s

Max time network

2704s

Command Line

[xdg-open https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5]

Signatures

Changes its process name

Description Indicator Process Target
Changes the process name, possibly in an attempt to hide itself gmain N/A N/A
Changes the process name, possibly in an attempt to hide itself gdbus N/A N/A
Changes the process name, possibly in an attempt to hide itself glean.dispatche N/A N/A
Changes the process name, possibly in an attempt to hide itself IPC I/O Parent N/A N/A
Changes the process name, possibly in an attempt to hide itself IPC I/O Parent N/A N/A
Changes the process name, possibly in an attempt to hide itself IPC I/O Parent N/A N/A
Changes the process name, possibly in an attempt to hide itself Socket Thread N/A N/A
Changes the process name, possibly in an attempt to hide itself Backgro~Pool #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself IPDL Background N/A N/A
Changes the process name, possibly in an attempt to hide itself Backgro~Pool #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself Socket Thread N/A N/A
Changes the process name, possibly in an attempt to hide itself IPDL Background N/A N/A
Changes the process name, possibly in an attempt to hide itself Netlink Monitor N/A N/A
Changes the process name, possibly in an attempt to hide itself Netlink Monitor N/A N/A
Changes the process name, possibly in an attempt to hide itself Timer N/A N/A
Changes the process name, possibly in an attempt to hide itself Timer N/A N/A
Changes the process name, possibly in an attempt to hide itself HTML5 Parser N/A N/A
Changes the process name, possibly in an attempt to hide itself HTML5 Parser N/A N/A
Changes the process name, possibly in an attempt to hide itself pool-firefox N/A N/A
Changes the process name, possibly in an attempt to hide itself pool-firefox N/A N/A
Changes the process name, possibly in an attempt to hide itself JS Watchdog N/A N/A
Changes the process name, possibly in an attempt to hide itself JS Watchdog N/A N/A
Changes the process name, possibly in an attempt to hide itself BGReadURLs N/A N/A
Changes the process name, possibly in an attempt to hide itself BGReadURLs N/A N/A
Changes the process name, possibly in an attempt to hide itself glxtest:disk$0 N/A N/A
Changes the process name, possibly in an attempt to hide itself Cache2 I/O N/A N/A
Changes the process name, possibly in an attempt to hide itself Cookie N/A N/A
Changes the process name, possibly in an attempt to hide itself Cookie N/A N/A
Changes the process name, possibly in an attempt to hide itself StreamTrans #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself StreamTrans #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself TaskCon~ller #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself TaskCon~ller #0 N/A N/A
Changes the process name, possibly in an attempt to hide itself Worker Launcher N/A N/A
Changes the process name, possibly in an attempt to hide itself Worker Launcher N/A N/A
Changes the process name, possibly in an attempt to hide itself BgIOThr~Pool #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself BgIOThr~Pool #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself Softwar~cThread N/A N/A
Changes the process name, possibly in an attempt to hide itself Softwar~cThread N/A N/A
Changes the process name, possibly in an attempt to hide itself Softwar~cThread N/A N/A
Changes the process name, possibly in an attempt to hide itself CanvasRenderer N/A N/A
Changes the process name, possibly in an attempt to hide itself Compositor N/A N/A
Changes the process name, possibly in an attempt to hide itself CanvasRenderer N/A N/A
Changes the process name, possibly in an attempt to hide itself Compositor N/A N/A
Changes the process name, possibly in an attempt to hide itself WRWorkerLP#0 N/A N/A
Changes the process name, possibly in an attempt to hide itself WRWorker#0 N/A N/A
Changes the process name, possibly in an attempt to hide itself WRWorkerLP#0 N/A N/A
Changes the process name, possibly in an attempt to hide itself WRWorker#0 N/A N/A
Changes the process name, possibly in an attempt to hide itself Renderer N/A N/A
Changes the process name, possibly in an attempt to hide itself Renderer N/A N/A
Changes the process name, possibly in an attempt to hide itself ImageIO N/A N/A
Changes the process name, possibly in an attempt to hide itself ImageIO N/A N/A
Changes the process name, possibly in an attempt to hide itself Permission N/A N/A
Changes the process name, possibly in an attempt to hide itself Permission N/A N/A
Changes the process name, possibly in an attempt to hide itself IPC Launch N/A N/A
Changes the process name, possibly in an attempt to hide itself IPC Launch N/A N/A
Changes the process name, possibly in an attempt to hide itself SandboxReporter N/A N/A
Changes the process name, possibly in an attempt to hide itself SandboxReporter N/A N/A
Changes the process name, possibly in an attempt to hide itself Breakpad Server N/A N/A
Changes the process name, possibly in an attempt to hide itself Sandbox Forked N/A N/A
Changes the process name, possibly in an attempt to hide itself Chroot Helper N/A N/A
Changes the process name, possibly in an attempt to hide itself gmain N/A N/A
Changes the process name, possibly in an attempt to hide itself gdbus N/A N/A
Changes the process name, possibly in an attempt to hide itself pool-/usr/libex N/A N/A
Changes the process name, possibly in an attempt to hide itself gmain N/A N/A

Checks CPU configuration

antivm
Description Indicator Process Target
File opened for reading /proc/cpuinfo /usr/lib/firefox/firefox N/A

Reads CPU attributes

Description Indicator Process Target
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/online /usr/bin/nautilus N/A
File opened for reading /sys/devices/system/cpu/cpu0/cache/index2/size /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/cpu0/cache/index3/size /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/present /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_max_freq /usr/lib/firefox/firefox N/A

Enumerates kernel/hardware configuration

Description Indicator Process Target
File opened for reading /sys/devices/system/cpu /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/pci0000:00/0000:00:05.0/usb1/1-1/1-1:1.0/uevent /usr/libexec/gvfs-mtp-volume-monitor N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/resource /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/device /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/resource /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/device /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/device /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/class /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus /usr/libexec/gvfs-gphoto2-volume-monitor N/A
File opened for reading /sys/devices/pci0000:00/0000:00:05.0/usb1/uevent /usr/libexec/gvfs-gphoto2-volume-monitor N/A
File opened for reading /sys/kernel/security/apparmor/features/dbus/mask /usr/bin/dbus-daemon N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/vendor /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/resource /usr/lib/firefox/glxtest N/A
File opened for reading /sys/fs/cgroup/cpu,cpuacct/cpu.cfs_quota_us /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/usb/devices /usr/libexec/gvfs-gphoto2-volume-monitor N/A
File opened for reading /sys/devices/system/cpu /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus /usr/libexec/gvfs-mtp-volume-monitor N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/class /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/device /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/class /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/pci0000:00/0000:00:02.0/vendor /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/pci0000:00/0000:00:02.0/device /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/pci0000:00/0000:00:02.0/subsystem_vendor /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/irq /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/resource /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/vendor /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/vendor /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/vendor /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/device /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/system/cpu /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.3/device /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:03.0/resource /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/vendor /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/resource /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/device /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/pci0000:00/0000:00:02.0/subsystem_device /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/class /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/system/cpu /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/vendor /usr/lib/firefox/glxtest N/A
File opened for reading /sys/class /usr/libexec/gvfs-gphoto2-volume-monitor N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/irq /usr/lib/firefox/glxtest N/A
File opened for reading /sys/fs/cgroup/cpu,cpuacct/cpu.cfs_quota_us /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/pci0000:00/0000:00:05.0/usb1/1-1/uevent /usr/libexec/gvfs-mtp-volume-monitor N/A
File opened for reading /sys/devices/pci0000:00/0000:00:05.0/usb1/1-0:1.0/uevent /usr/libexec/gvfs-mtp-volume-monitor N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/resource /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/irq /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/pci0000:00/0000:00:02.0/uevent /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/system/cpu /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu /usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu /usr/lib/firefox/firefox N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/irq /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/class /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/irq /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/usb/devices /usr/libexec/gvfs-mtp-volume-monitor N/A
File opened for reading /sys/devices/pci0000:00/0000:00:05.0/usb1/1-1/uevent /usr/libexec/gvfs-gphoto2-volume-monitor N/A
File opened for reading /sys/devices/pci0000:00/0000:00:05.0/usb1/1-0:1.0/uevent /usr/libexec/gvfs-gphoto2-volume-monitor N/A
File opened for reading /sys/class /usr/libexec/gvfs-mtp-volume-monitor N/A
File opened for reading /sys/devices/pci0000:00/0000:00:05.0/usb1/1-1/1-1:1.0/uevent /usr/libexec/gvfs-gphoto2-volume-monitor N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/class /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/class /usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:02.0/vendor /usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/system/cpu /usr/lib/firefox/firefox N/A
File opened for reading /sys/fs/cgroup/cpu,cpuacct/cpu.cfs_quota_us /usr/lib/firefox/firefox N/A

Reads runtime system information

Description Indicator Process Target
File opened for reading /proc/self/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/70 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/maps /usr/lib/firefox/firefox N/A
File opened for reading /proc/1808/cmdline /usr/bin/dbus-daemon N/A
File opened for reading /proc/filesystems /usr/libexec/gvfsd-fuse N/A
File opened for reading /proc/filesystems /usr/libexec/gvfs-goa-volume-monitor N/A
File opened for reading /proc/self/task/1537/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/1535/cmdline /usr/bin/dbus-daemon N/A
File opened for reading /proc/1808/status /usr/bin/gnome-keyring-daemon N/A
File opened for reading /proc/self/fd/35 /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/libexec/xdg-desktop-portal N/A
File opened for reading /proc/self/fd/88 /usr/lib/firefox/firefox N/A
File opened for reading /proc/1843/cmdline /usr/bin/dbus-daemon N/A
File opened for reading /proc/1612/cmdline /usr/bin/dbus-daemon N/A
File opened for reading /proc/filesystems /usr/libexec/gvfsd-trash N/A
File opened for reading /proc/self/fd/121 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/maps /usr/lib/firefox/firefox N/A
File opened for reading /proc/cmdline /usr/libexec/dconf-service N/A
File opened for reading /proc/self/task/1749/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/libexec/xdg-permission-store N/A
File opened for reading /proc/self/fd /usr/libexec/gvfsd N/A
File opened for reading /proc/filesystems /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/bin/nautilus N/A
File opened for reading /proc/1606/cmdline /usr/bin/dbus-daemon N/A
File opened for reading /proc/self/task/1741/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/1414/status /usr/bin/dbus-daemon N/A
File opened for reading /proc/self/mountinfo /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/36 /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/libexec/gvfsd N/A
File opened for reading /proc/self/fd /usr/bin/dbus-send N/A
File opened for reading /proc/self/task/1745/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/1580/cmdline /usr/bin/dbus-daemon N/A
File opened for reading /proc/1832/cmdline /usr/bin/dbus-daemon N/A
File opened for reading /proc/self/fd/30 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/libexec/goa-identity-service N/A
File opened for reading /proc/self/fd/75 /usr/lib/firefox/firefox N/A
File opened for reading /proc/1821/cmdline /usr/bin/dbus-daemon N/A
File opened for reading /proc/filesystems /usr/bin/sed N/A
File opened for reading /proc/self/maps /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/maps /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/127 /usr/lib/firefox/firefox N/A
File opened for reading /proc/meminfo /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/libexec/gvfs-udisks2-volume-monitor N/A
File opened for reading /proc/filesystems /usr/bin/sed N/A
File opened for reading /proc/filesystems /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/60 /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/task/1586/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/bin/gnome-keyring-daemon N/A
File opened for reading /proc/1/cgroup /usr/libexec/gvfs-udisks2-volume-monitor N/A
File opened for reading /proc/1815/cmdline /usr/bin/dbus-daemon N/A
File opened for reading /proc/self/fd /usr/bin/dbus-send N/A
File opened for reading /proc/filesystems /usr/bin/dbus-daemon N/A
File opened for reading /proc/self/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/135 /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/task/1778/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/mountinfo /usr/libexec/gvfs-udisks2-volume-monitor N/A
File opened for reading /proc/filesystems /usr/bin/sed N/A
File opened for reading /proc/self/stat /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/maps /usr/lib/firefox/firefox N/A
File opened for reading /proc/self/cgroup /usr/lib/firefox/firefox N/A

Writes file to tmp directory

Description Indicator Process Target
File opened for modification /tmp/tmpaddon /usr/lib/firefox/firefox N/A
File opened for modification /tmp/firefox/.parentlock /usr/lib/firefox/firefox N/A

Processes

/usr/bin/xdg-open

[xdg-open https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5]

/usr/bin/dbus-send

[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]

/usr/bin/dbus-launch

[dbus-launch --autolaunch 4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/bin/dbus-daemon

[/usr/bin/dbus-daemon --syslog-only --fork --print-pid 5 --print-address 7 --session]

/usr/bin/grep

[grep = \"xfce4\"$]

/usr/bin/xprop

[xprop -root _DT_SAVE_MODE]

/usr/bin/grep

[grep -i ^xfce_desktop_window]

/usr/bin/xprop

[xprop -root]

/usr/bin/grep

[grep -q ^Enlightenment]

/usr/bin/uname

[uname]

/usr/bin/grep

[grep -q ^file://]

/usr/bin/egrep

[egrep -q ^[[:alpha:]+\.\-]+:]

/usr/local/sbin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/local/bin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/sbin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/bin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/bin/sed

[sed -n s/\(^[[:alnum:]+\.-]*\):.*$/\1/p]

/usr/bin/xdg-mime

[xdg-mime query default x-scheme-handler/https]

/usr/bin/dbus-send

[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]

/usr/bin/dbus-launch

[dbus-launch --autolaunch 4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/bin/grep

[grep = \"xfce4\"$]

/usr/bin/xprop

[xprop -root _DT_SAVE_MODE]

/usr/bin/grep

[grep -i ^xfce_desktop_window]

/usr/bin/xprop

[xprop -root]

/usr/bin/grep

[grep -q ^Enlightenment]

/usr/bin/uname

[uname]

/usr/bin/sed

[sed s/:/ /g]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/usr/bin/grep

[grep x-scheme-handler/https= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/usr/bin/grep

[grep x-scheme-handler/https= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/usr/bin/grep

[grep x-scheme-handler/https= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/usr/bin/grep

[grep x-scheme-handler/https= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/usr/bin/grep

[grep x-scheme-handler/https= /usr/share//applications/defaults.list /usr/share//applications/mimeinfo.cache]

/usr/bin/sed

[sed s/:/ /g]

/usr/bin/sed

[sed -e s|-|/|]

/usr/bin/sed

[sed -e s|-|/|]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/which

[which firefox]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/firefox

[/usr/bin/firefox https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5]

/usr/bin/which

[which /usr/bin/firefox]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5]

/usr/local/sbin/dbus-launch

[dbus-launch --autolaunch=4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/local/bin/dbus-launch

[dbus-launch --autolaunch=4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/sbin/dbus-launch

[dbus-launch --autolaunch=4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/bin/dbus-launch

[dbus-launch --autolaunch=4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/lib/firefox/glxtest

[/usr/lib/firefox/glxtest -f 13]

/usr/bin/lsb_release

[/usr/bin/lsb_release -idrc]

/usr/local/sbin/dbus-launch

[dbus-launch --autolaunch=4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/local/bin/dbus-launch

[dbus-launch --autolaunch=4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/sbin/dbus-launch

[dbus-launch --autolaunch=4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/bin/dbus-launch

[dbus-launch --autolaunch=4816dd152e8c48ff97e9117d197c13d8 --binary-syntax --close-stderr]

/usr/libexec/xdg-desktop-portal

[/usr/libexec/xdg-desktop-portal]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -parentBuildID 20240108143603 -prefsLen 20597 -prefMapSize 234708 -appDir /usr/lib/firefox/browser {bcbb53c9-ca5a-43a5-933d-64336b71ad13} 1535 true socket]

/usr/libexec/xdg-document-portal

[/usr/libexec/xdg-document-portal]

/usr/libexec/xdg-permission-store

[/usr/libexec/xdg-permission-store]

/usr/libexec/xdg-desktop-portal-gtk

[/usr/libexec/xdg-desktop-portal-gtk]

/usr/libexec/gvfsd

[/usr/libexec/gvfsd]

/usr/libexec/gvfsd-fuse

[/usr/libexec/gvfsd-fuse /root/.cache/gvfs -f -o big_writes]

/usr/libexec/dconf-service

[/usr/libexec/dconf-service]

/usr/bin/nautilus

[/usr/bin/nautilus --gapplication-service]

/usr/libexec/gvfsd-trash

[/usr/libexec/gvfsd-trash --spawner :1.8 /org/gtk/gvfs/exec_spaw/0]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -childID 1 -isForBrowser -prefsLen 20271 -prefMapSize 234708 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser {7307352c-45de-4d60-bdf8-d57be5e54bca} 1535 true tab]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -childID 2 -isForBrowser -prefsLen 26979 -prefMapSize 234708 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser {54a269f6-5cf7-40bc-8a57-7def34679591} 1535 true tab]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -parentBuildID 20240108143603 -sandboxingKind 0 -prefsLen 27923 -prefMapSize 234708 -appDir /usr/lib/firefox/browser {2e850286-cb2e-4887-87e2-1e1e06b89d3c} 1535 true utility]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -childID 3 -isForBrowser -prefsLen 25923 -prefMapSize 234708 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser {f1e47031-5279-428f-9013-a06a6d3e18ca} 1535 true tab]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -childID 4 -isForBrowser -prefsLen 25923 -prefMapSize 234708 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser {c85acfac-27e7-4271-9ab1-12bffe00cdc0} 1535 true tab]

/usr/lib/firefox/firefox

[/usr/lib/firefox/firefox -contentproc -childID 5 -isForBrowser -prefsLen 25923 -prefMapSize 234708 -jsInitLen 229864 -parentBuildID 20240108143603 -greomni /usr/lib/firefox/omni.ja -appomni /usr/lib/firefox/browser/omni.ja -appDir /usr/lib/firefox/browser {7896ec12-ebc2-4daf-9c14-a2c25cbf90b1} 1535 true tab]

/usr/bin/gnome-keyring-daemon

[/usr/bin/gnome-keyring-daemon --start --foreground --components=secrets]

/usr/libexec/gvfs-udisks2-volume-monitor

[/usr/libexec/gvfs-udisks2-volume-monitor]

/usr/libexec/gvfs-afc-volume-monitor

[/usr/libexec/gvfs-afc-volume-monitor]

/usr/libexec/gvfs-mtp-volume-monitor

[/usr/libexec/gvfs-mtp-volume-monitor]

/usr/libexec/gvfs-gphoto2-volume-monitor

[/usr/libexec/gvfs-gphoto2-volume-monitor]

/usr/libexec/gvfs-goa-volume-monitor

[/usr/libexec/gvfs-goa-volume-monitor]

/usr/libexec/goa-daemon

[/usr/libexec/goa-daemon]

/usr/libexec/goa-identity-service

[/usr/libexec/goa-identity-service]

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 1.1.1.1:53 webminer.pages.dev udp
US 1.1.1.1:53 webminer.pages.dev udp
US 172.66.44.158:443 webminer.pages.dev tcp
US 1.1.1.1:53 location.services.mozilla.com udp
US 1.1.1.1:53 location.services.mozilla.com udp
US 1.1.1.1:53 prod.classify-client.prod.webservices.mozgcp.net udp
US 35.190.72.216:443 location.services.mozilla.com tcp
US 35.190.72.216:443 location.services.mozilla.com udp
US 172.66.44.158:443 webminer.pages.dev udp
US 1.1.1.1:53 spocs.getpocket.com udp
US 1.1.1.1:53 spocs.getpocket.com udp
US 1.1.1.1:53 getpocket.cdn.mozilla.net udp
US 1.1.1.1:53 getpocket.cdn.mozilla.net udp
US 1.1.1.1:53 prod.ads.prod.webservices.mozgcp.net udp
US 34.120.5.221:443 getpocket.cdn.mozilla.net tcp
US 1.1.1.1:53 shavar.prod.mozaws.net udp
US 1.1.1.1:53 tracking-protection.cdn.mozilla.net udp
US 1.1.1.1:53 tracking-protection.cdn.mozilla.net udp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 retired-jorey-malphite-node.koyeb.app udp
US 1.1.1.1:53 retired-jorey-malphite-node.koyeb.app udp
US 172.67.24.44:443 retired-jorey-malphite-node.koyeb.app tcp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 172.67.24.44:443 retired-jorey-malphite-node.koyeb.app tcp
US 1.1.1.1:53 tracking-protection.prod.mozaws.net udp
US 34.120.158.37:443 tracking-protection.cdn.mozilla.net tcp
US 1.1.1.1:53 firefox-settings-attachments.cdn.mozilla.net udp
US 1.1.1.1:53 firefox-settings-attachments.cdn.mozilla.net udp
US 1.1.1.1:53 attachments.prod.remote-settings.prod.webservices.mozgcp.net udp
US 34.117.121.53:443 firefox-settings-attachments.cdn.mozilla.net tcp
US 1.1.1.1:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 1.1.1.1:53 ciscobinary.openh264.org udp
US 1.1.1.1:53 ciscobinary.openh264.org udp
GB 88.221.134.155:80 ciscobinary.openh264.org tcp
US 1.1.1.1:53 prod.balrog.prod.cloudops.mozgcp.net udp
US 1.1.1.1:53 attachments.prod.remote-settings.prod.webservices.mozgcp.net udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 attachments.prod.remote-settings.prod.webservices.mozgcp.net udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
GB 185.125.190.98:80 connectivity-check.ubuntu.com tcp
US 1.1.1.1:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 1.1.1.1:53 content-signature-chains.prod.autograph.services.mozaws.net udp
US 1.1.1.1:53 content-signature-chains.prod.autograph.services.mozaws.net udp
US 34.117.121.53:443 firefox-settings-attachments.cdn.mozilla.net tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 91.189.91.98:80 connectivity-check.ubuntu.com tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
GB 185.125.190.97:80 connectivity-check.ubuntu.com tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 91.189.91.49:80 connectivity-check.ubuntu.com tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
GB 185.125.190.98:80 connectivity-check.ubuntu.com tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
GB 185.125.190.97:80 connectivity-check.ubuntu.com tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
GB 185.125.190.17:80 connectivity-check.ubuntu.com tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
GB 185.125.190.98:80 connectivity-check.ubuntu.com tcp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
US 1.1.1.1:53 connectivity-check.ubuntu.com udp
GB 185.125.190.98:80 connectivity-check.ubuntu.com tcp

Files

/root/.cache/dconf/user

MD5 c4103f122d27677c9db144cae1394a66
SHA1 1489f923c4dca729178b3e3233458550d8dddf29
SHA256 96a296d224f285c67bee93c30f8a309157f0daa35dc5b87e410b78630a09cfc7
SHA512 5ea71dc6d0b4f57bf39aadd07c208c35f06cd2bac5fde210397f70de11d439c62ec1cdf3183758865fd387fcea0bada2f6c37a4a17851dd1d78fefe6f204ee54

/tmp/tmpaddon

MD5 30082ae40dc48af6343db2fd22cfc645
SHA1 3eb577555ee638e8beb01173e8f29e172747a728
SHA256 85d4b95f9b2075daee9b0e64bce8d9d7343d0dda10e6072d7f9485a68472ee76
SHA512 53a58bfb4c8124ad4f7655b99bfdea290033a085e0796b19245b33b91c0948fdac9f0c3e817130b352493a65d9a7a0fc8a7c1eedc618cdaa2b4580734a11cd9c

Analysis: behavioral4

Detonation Overview

Submitted

2024-08-31 14:05

Reported

2024-08-31 14:57

Platform

win11-20240802-en

Max time kernel

2700s

Max time network

2696s

Command Line

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5

Signatures

Drops file in System32 directory

Description Indicator Process Target
File created C:\Windows\System32\DriverStore\FileRepository\display.inf_amd64_01cf530faf2f1752\display.PNF C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created \??\c:\windows\system32\driverstore\filerepository\display.inf_amd64_01cf530faf2f1752\display.PNF C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Drops file in Windows directory

Description Indicator Process Target
File opened for modification C:\Windows\SystemTemp C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Browser Information Discovery

discovery

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133695871902772981" C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 904 wrote to memory of 4044 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 904 wrote to memory of 4044 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 904 wrote to memory of 1772 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 904 wrote to memory of 1772 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 904 wrote to memory of 1772 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 904 wrote to memory of 1772 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 904 wrote to memory of 1772 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 904 wrote to memory of 1772 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 904 wrote to memory of 1772 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 904 wrote to memory of 1772 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 904 wrote to memory of 1772 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 904 wrote to memory of 1772 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 904 wrote to memory of 1772 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 904 wrote to memory of 1772 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 904 wrote to memory of 1772 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 904 wrote to memory of 1772 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 904 wrote to memory of 1772 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 904 wrote to memory of 1772 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 904 wrote to memory of 1772 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 904 wrote to memory of 1772 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 904 wrote to memory of 1772 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 904 wrote to memory of 1772 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 904 wrote to memory of 1772 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 904 wrote to memory of 1772 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 904 wrote to memory of 1772 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 904 wrote to memory of 1772 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 904 wrote to memory of 1772 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 904 wrote to memory of 1772 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 904 wrote to memory of 1772 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 904 wrote to memory of 1772 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 904 wrote to memory of 1772 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 904 wrote to memory of 1772 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 904 wrote to memory of 4780 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 904 wrote to memory of 4780 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 904 wrote to memory of 1092 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 904 wrote to memory of 1092 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 904 wrote to memory of 1092 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 904 wrote to memory of 1092 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 904 wrote to memory of 1092 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 904 wrote to memory of 1092 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 904 wrote to memory of 1092 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 904 wrote to memory of 1092 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 904 wrote to memory of 1092 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 904 wrote to memory of 1092 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 904 wrote to memory of 1092 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 904 wrote to memory of 1092 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 904 wrote to memory of 1092 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 904 wrote to memory of 1092 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 904 wrote to memory of 1092 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 904 wrote to memory of 1092 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 904 wrote to memory of 1092 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 904 wrote to memory of 1092 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 904 wrote to memory of 1092 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 904 wrote to memory of 1092 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 904 wrote to memory of 1092 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 904 wrote to memory of 1092 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 904 wrote to memory of 1092 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 904 wrote to memory of 1092 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 904 wrote to memory of 1092 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 904 wrote to memory of 1092 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 904 wrote to memory of 1092 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 904 wrote to memory of 1092 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 904 wrote to memory of 1092 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 904 wrote to memory of 1092 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff8170ecc40,0x7ff8170ecc4c,0x7ff8170ecc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1840,i,13863540069636236477,9971058768432918767,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=1836 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1380,i,13863540069636236477,9971058768432918767,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=2108 /prefetch:3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2184,i,13863540069636236477,9971058768432918767,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=2196 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3076,i,13863540069636236477,9971058768432918767,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=3104 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3092,i,13863540069636236477,9971058768432918767,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=3148 /prefetch:1

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4772,i,13863540069636236477,9971058768432918767,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=4784 /prefetch:8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=212,i,13863540069636236477,9971058768432918767,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=4728 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4948,i,13863540069636236477,9971058768432918767,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=4960 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4864,i,13863540069636236477,9971058768432918767,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=4528 /prefetch:8

Network

Country Destination Domain Proto
US 8.8.8.8:53 webminer.pages.dev udp
US 8.8.8.8:53 234.212.58.216.in-addr.arpa udp
US 172.66.44.158:443 webminer.pages.dev tcp
US 172.66.44.158:443 webminer.pages.dev tcp
US 172.66.44.158:443 webminer.pages.dev udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
US 104.22.78.190:443 retired-jorey-malphite-node.koyeb.app tcp
GB 142.250.180.10:443 content-autofill.googleapis.com tcp
GB 142.250.180.10:443 content-autofill.googleapis.com tcp
US 104.22.78.190:443 retired-jorey-malphite-node.koyeb.app tcp
US 104.22.78.190:443 retired-jorey-malphite-node.koyeb.app tcp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp

Files

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 4b6089beaa106d04c141a6066ef8884d
SHA1 b736deff76bc3c554c97fa2c1fae21bf05542688
SHA256 b34b50aa811844b0dfc9b796994bfe8a1e7314ba926357874ba0bd0bc87f62a9
SHA512 d31cae861558249ca091eaebc5a53b394e5982bc97362d2b6088bd351b6a8c238bacbc254783d51d7180bd1813c6af8bfa3893a0ee13d40a32d8b10b11331895

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 67ecfb5bfd34145063896a109f62366f
SHA1 d0cd68a22b0db0c1b8571e0853c87e319da0af14
SHA256 e858d171e3be4aa1c2f368f77f3d5f5b11c6899723d9ba00d5c0295ce31e453e
SHA512 ed96ad5691ef4f57330267e0d87054ce998c930b5bd4c5bf594d9ab2394c578dea0d10872f22880493023553976bf8e5c8b8e78e73d18cd551f273358d8e2f26

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 0a49c952f9700848ea65225780eef853
SHA1 5c86b4e357b770e33df3289aa292b7429b10f141
SHA256 d7fc51e13f4ce4c5c69bd4d04ae7656d7639880152632d497929e700acd83734
SHA512 5c7eeb4d5cb66f28d906967b02a064628ed1c30f4a56ab31fe55bc76dfa69bba12d332a5dbaea2db26fca9031ffdbaaf3b3893deb23eb8973ad88deedd1c741c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 e66aa759da96f24b42288abfba8b2137
SHA1 89ba238ab82c987c23891581f09cdbc40c85692f
SHA256 3fe90851de3c728c1e5982660b074b322bfb13cf337ff391578cad2bd43eb620
SHA512 f3bf9413a6832c3ff8335029fd7305329c0b8331a3d8fbee202f69afc3fd1fe146a6843325c34219fc9db47bf212c810417fb6ce7926dffde37ee78fd7363178

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3910e19ace22bcd75567e90286646f31
SHA1 ed15a1975e6e513f46ac537f3844ddf322f1f917
SHA256 97dadb1e5b7ce262ea0686ceb8942eba3a5ccff59763ee4e6c93be958f69dbde
SHA512 785806b1b07bc60cc978a0ad8f3776376ecbe02153872a5c028061b1bc73660117efb19acf6dd3f677ab7f2a92e77ed2ac9b07ea0e641fc85ce3f3ea78ac5d40

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

MD5 476da081a6d2e58d2040b9f4893e3150
SHA1 0ed4e8f2910c38eff2437dfbb33a890990df87b3
SHA256 de70ad63f6040bd12ecc120284d506461c14419b4ec5c475b0f5ed060ea82db1
SHA512 2f9e939a1f5465ef0f71691fd32e379db31a1ff8a55da90cdd5099af35e7bf3b09e4064fec60feab1626d44e9db265d408bfe5217651426c89a3ccb741ca98b4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 52bfcd1a58a8d99fa7e2a923064ccbaa
SHA1 6cfcc18fcbc4983e955a673b4d7e0d84f8209f03
SHA256 8291577958f5d46ebc79ec3d13a530b743e1ae1d6408f2342defda4dfab81725
SHA512 380101a9d367755cf97afa3c2076ec6e0278288269de37d7ac28ce8128ae17546c0da5ea6af41c6597aa3ef12122cef0e616f78b29e778ed05781c1cfa434eb2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c6626448de3e0cb8cad93076a077c349
SHA1 c2fbe143f106ff5900962b85722dc864b41d8ba2
SHA256 3e16154bbbaea2e54637a2342d281b1f1491a576bc9abde4c1925e211b4d9bbe
SHA512 5491754e65ab53df938d47d73cd5f99abab9be2d47b22fd8fd17d2297ace721f025eda115c003b6be3440ea8930801f767e907a1595e795b583f684ffa8c0f7f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 80b95009796a7454edfc857300f10c90
SHA1 4e25ab376604eed06ae6a2956d04e5fb07c8c8fe
SHA256 66328dae89bff23989b8f9acbb21b5041c070f5324ad7cd3369c3b861aa4b88c
SHA512 0c284a2b04fe86ceb913836f1ee59532bf72f57f30e59dc90d0c77bf24d7552d1fe84629422d17ab4fc1f9a8cb163f16f0ce90d6fedfb3233456f45b97f5c6f4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 98a643fb356ee9052d91e9affb8be38e
SHA1 1eed9a8a481b533d278086418a21a2c99b6df2bb
SHA256 dc3ac165cf49749d5f58926b6ee331141c91c75f7ad5ccc4fd0fe036173531b2
SHA512 12a82180b54e18d46306e8b7267a5c9e9cad0bf56f2f0690d890111cb7cea02bd8cec8bfe7a40cde8c5c0638a279e086abf260834cba20db52b49901d60fb872

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 45872bb57d38757f9112ea9e478fe1b6
SHA1 5e989ded899211a21e18b39c2ec852ff4aeb7a8e
SHA256 98de307faa6eb2112e0d79c4a7dd12ea3b944133397a86942e0e905532a55869
SHA512 4446475229811b39af5b46a9c8abbd755592addc4c43614c0e366ee3ed1eb53dd629afc93918e20406433d464d8f462aadb3f106bc0eea5eeb4d37764382580d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 f855dd5d20d8561e923dcdcade90492f
SHA1 eb83e8ea902042496e5bd0744ec5ee614dad30f8
SHA256 7e17e455a2342ed98ad40c30fc2f3c154fc9a5a5e7f09447c0397a597b87430c
SHA512 c3505bfa6753de83a1c6867b2a0436deaf7399ddf519d997d7ce0d1f4dd361c08542fba6574ca03342bcbb3f27ec736a653a8fa8e2933a5fff3955d94457a007

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 71ccbf36090e9782c87f24f9b449ee6e
SHA1 d028f8cc7038a8aa383b79e7979e6bb92080f233
SHA256 2dd0ad93940072d2197b52ee57535131df52e73f335d2494b8f2f2b1a04f9d29
SHA512 3cd99b77e77e8efc7c5c4b5aaad257e38d4f51bac2a270454b3a9b17b4a8117d56c9d697f1b20d828f739679f34686124f59c54b56b1ca3ee44d32e233f16ef2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3ce36b484f3f1185e6d6bef344572da3
SHA1 8108e8c52a0ae8bdf145cdef08c279d565134e88
SHA256 c3de6b407323e741a4a39e104ca544716d647015536d9ac8520597275481e1b3
SHA512 90778cb4f7a5edc89387a8c2d8ed1eaadaed6dd8e67e343eed1b26b3a1ef715a05a75c2178a569e0bae8482b71ae200705787784d0075e7d285357c3be8f9b70

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 281b21dd35882a394341f8f7d8b50ebe
SHA1 f79dbf1d44751d3116b9589f3cd70d90053be866
SHA256 81659138e29727aa86ef57a70911839331287f1fcedc4aaace24d9985a816f80
SHA512 05976fd516bf96a4025b35980da245c90701266a7319ce4182f110e03694b5652451da4e0c537333272b9773ad962350d02a4b81a71fce9aded2d31af5e44374

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8f7f51bde7601052d8228ea8e3d348b7
SHA1 08753386f76d526940cffde27bd86c021c8a6456
SHA256 2e346b6411373831f645ca652627a75afbb30c3a9ec9221b210a52d5ee45d55d
SHA512 6bab9a6456e52953765b2958352baec60fb3650aa95b4df432a2cf27c0a2da1ddfc9c97da8d6451b5fcb8bbcc07e952d15e34c0cac3129ff93c017bb567a7979

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock

MD5 f49655f856acb8884cc0ace29216f511
SHA1 cb0f1f87ec0455ec349aaa950c600475ac7b7b6b
SHA256 7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba
SHA512 599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx

MD5 b5ad5caaaee00cb8cf445427975ae66c
SHA1 dcde6527290a326e048f9c3a85280d3fa71e1e22
SHA256 b6409b9d55ce242ff022f7a2d86ae8eff873daabf3a0506031712b8baa6197b8
SHA512 92f7fbbcbbea769b1af6dd7e75577be3eb8bb4a4a6f8a9288d6da4014e1ea309ee649a7b089be09ba27866e175ab6f6a912413256d7e13eaf60f6f30e492ce7f

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val

MD5 d222b77a61527f2c177b0869e7babc24
SHA1 3f23acb984307a4aeba41ebbb70439c97ad1f268
SHA256 80dc3ffa698e4ff2e916f97983b5eae79470203e91cb684c5ccd4ff1a465d747
SHA512 d17d836ea77aeaff4cd01f9c7523345167a4a6bc62528aac74acde12679f48079d75d159e9cea2e614da50e83c2dcd92c374c899ea6c4fe8e5513d9bf06c01ff

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e0a6265cf732dde596b44903905e03bd
SHA1 ec5d4f39b1416db5d0fe2fc514a04cbb3c1e53e4
SHA256 1c548298be61c6bc280c9b6aaa847c79879bf27ba4f60689bb2b0ef485493d2b
SHA512 ea5accd72356618a6aaedd262354f756db334c1430dbfb651c2d538ea306637e2620bfe3d360363b640996f35e7a7fd52ec708c441050a953c1acd74bed5e19f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d41abae5e406f2c48256873103f89189
SHA1 f8688b05d557661c4bc1f0169e501eb12a6a4aa0
SHA256 8d62573fa747e69aa960316d16642dd259a5a5f6f8293d3a2b3d8141c6fd32d8
SHA512 2b5ff7630c08dfac162039b3ed409bdacd9c467d72fd9e813ff4b99a210fe72e7a095b1e9c50dd4bbdad3173c81af05af0e20eaeb273e97d03b30126ad091c02

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 633661588ed49494b623840ba55f127f
SHA1 d6692f03c46ff0d448b2efe540998f1ffb781b6a
SHA256 40653dbfaa61413cf04c1a8bd1a8034ac2ddd00d1373231f4cb7a1119f62b424
SHA512 d70ec55f56837553f99044680c7ee57eb6eb56ea2d3baaaa9d22568d5c6c4c9345d328904831569a2d79f888186f2f27375176053c8dfdfed93d9e16989c7974

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ac08f1de7da3790a7f92a6149816db9b
SHA1 46ccdbf78bf1de968131ff0f99094a5b1d4305b1
SHA256 927d29f74c368d722ed27be72dbaacdeea8dbc1fa3e5eaf382a0078e96c66532
SHA512 f4d6b08c485c5c547683b213b3a875af0f192af633483abac7a865fc61da19d5688b80a61ee6df5752886d7a51f2a0192cc4f4aa2c490756614e4de6722b5ba3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 27b7a914f9c84c134995d961c02e77b1
SHA1 3e3bdc7ab919e7be7f120688d7c9e9028959e93c
SHA256 8b015c7712211850366208691e17f42fbba81d9cf2b9e12ee755a3ef2b20632a
SHA512 884a4a3a73da361410081554b0d713f8c51938c49d0ce15e701077bba57ccab73641607fed9513cecc6d068f7eb181d436173f285468a565cd900b3bc5f2d777

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9f0d5c2addd57d8d795a00dfec523618
SHA1 ce8e87917a1220444035c9f38d50558c63fc6405
SHA256 cf09a6bf53e1bb6a20d78ff5af2756150901ae7d421d3bddc443117d78f93d47
SHA512 bd26b0b336a946ffbbe23054b1e4371ce3f595f0e8e4f76ac0e21f750c1c9e53f644179a13d56b924598dc5535e75e7e0aedb5e679902e9a2b25614c88b42fc8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a3cc875be2f68e92629cc2a203257c29
SHA1 aa4d867a865b31b2a613385c7589cbba12464a3a
SHA256 9354b75fc3ca94e5d769d920b791e5cf504b0042fe26fdcbd0512743c2536946
SHA512 6495f29b8ec5ebfb23137d0287bd7fca2110278eee77bad27556088634ab95fe787a45d6fe8a28502c800cac78b4b53416a2594a0ebf5811ed4d11bfcfaa3a67

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 aba076962a262656357220f98ee6b973
SHA1 137a277a2f0aac8e1dc1a0254ee4cf58285da6d0
SHA256 13020458df2896970ebd796bdf2fbabcb5910be2740b3158a167df268ee46b0f
SHA512 94da6230954b5d3096c8a8ce418bfa0fcc8449979a92a298e066f343366335ddca841f131d1e6d5630e5e062b8714cc908f9e50ea2331659fb85a3c313e0b472

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4d07e577bfb28d970535ba4b5fa1b385
SHA1 cc69e95e32a4c72f829afeda34140eb6d5a9ffb6
SHA256 afb91b97a085c52a7a37146389abb5e189675d147d6a4cb1ddfdfeddac8a38e4
SHA512 d810e2fa416a2542450677860e175a55733369cbb5915d0a0ec27944f6d2d2c6bcb7f7f0c7818447a45b0b71f92f6d4e5e8a59c4a0af0dc8dce08f4d0949aa3a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8ba5cee2222ff855e2e4948198aeed3e
SHA1 06b5dc6555ecf02ade2035ad2fd6027dd0609143
SHA256 7603e9d123b984f9b5d08e0e41ada02d8384f9596b6d081a70289889a0519343
SHA512 8fe8ae2e85cbb4820e86376b35e6005e95740955a0539c632b84693766cb3fba5e94d61412fa94679d9be00ab0091f2bd115ea174bd9024fc256c2effc665676

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e59af86decc39ab02c4b2a4bc15ffaa4
SHA1 167af180d668892d8658a2efbccb661638db19f2
SHA256 4212f93ef29d761253db891cfe7f3984b9534e75c279b1a7e68c7209c3f52fbb
SHA512 d3af2b379af63c1a9e8e42dc22b64e7bee838f794189c5e7177b8182682338f1e2d2908edbd99a2ff04f4145c36789b550216d6c01a511a92015a1dcab7061de

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0204addec1bd52569f6b3b5b4e184663
SHA1 274eef7ffaa56b18da456726b065713f02f5f7cc
SHA256 b6ecbb1cf29836c0aac64ec3b2e2247f2959c6f9ebefbae32cd44ec98514923d
SHA512 2e644780a18e923d0d34cf261a8c6141e7ee77ea8c0abbdf4d2d2e0f6640f529797ae072d63a7830977d129713e597da0c57ce296cdeb3343ebfe73a12d4437e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2c55468350a02cc676e132b3cafd283a
SHA1 a4d86de1af5d2177932a4e3b89d1e4e4c153d119
SHA256 1a82e727eff0b68d22c16a7552ca873a9fd3bbe97d95378bcbd50714b5b31f99
SHA512 ea153dde17f693923e6ec708547ce2473acac8621d76772b035825087c8f614cd7a1c6b4be877f079b08246c3befbb61f31174f49c87df5f68ef1d807d93f5d1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7880343279d615c9598a42f3f53bf3df
SHA1 4a89c254454211ba7fda9eea024c667fc4c26629
SHA256 f99f240c874c2383e0439260f8484812bfeeeae8b99ea30cb683bb9d7f96b621
SHA512 a5f6490f73bb97f646ebc2a10f05dbfa3cbe43746f6f3556cc94e2c12197bc28233c7c6e9a3b717a860063a7c46aa63a13239adab604fd312736a19ed3c40c81

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1c7099548d207d03acff404c0d34a5f0
SHA1 8c70806ada083c07a5fb16fd251f196f3078b700
SHA256 aa8a88edf1cd458fa0fe46d8de8421085a5f5f77057df6d893965ecef7df02b1
SHA512 5e77cc017bfc261d45cba346433e76f2eea3ce498376ca43bc9d5bda9f7641046da2522c89da8961bd8b930664ecb2a2e7f19b79f22f9ae9facfd876b3eb9462

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 851596c0b4cd0f1e93250dd8ed224fce
SHA1 43b8da72cc3730630d5f64a5fd51b4dc7eb6b9dd
SHA256 2f57793bf04a3b27577f086c7a89c0dae58b02923c2ac112834952dc541888f7
SHA512 4ffe5ffe49569a2f770ff1a8259fdd647d6dc7839fa160bc60ca4bf20b7bcbffa53056e8ff616363ed5bc9153c5e828f1c0816d1766349ff9a74881ef681dc05

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d132b997a63d03d4495aaf54ff19246f
SHA1 1336499a6362220fdc280791bcc16cb4ae73954d
SHA256 5194a25c06012e58e368cb13a36e151f19a52d08cc3c5a756ec5feeaa7c1bc65
SHA512 ccfbea9cd6fbac468acae114a5530f0b8047624d8ff02116014db1aa6afe74200cf2dc4a8e786a5d88f416e1e093a1c6265abb39ab614d23e0e42a52210a6369

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9d6ac6689804d769611a35dcf1a38337
SHA1 fcecb89918af34f65ad947b012948baf754d28ed
SHA256 2e68c6d216aed5209525bb7907164a7f07aee2abb434790ac9c80cee12b6ba87
SHA512 c90da9ed58b1542df60045766393aefbf06ede43d5696187795329e91332e5475c384322c56877d79bdd0ca4ee1952820a35f6c75e3923c7301440157b024a19

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8e4c90eac45da42e1201ef3141953b35
SHA1 906d9710fd8ea9d70589674d834e7b3161c6cc0f
SHA256 0268c44abb958044d8e83e2f9bd2caa025fa3968669c2906942c68cbfbf61f5a
SHA512 d4e1c3a2addcae21404abb9e0c0a79021d9e7ae61f5543b4a23547992117864d2e82fa8181eadedce6c28302b4684633e5e17925dbb34a9ac2d9ab3484039572

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3abf27617597ddd7bc539da3a1806606
SHA1 930194f65e7e46f4203420a66e6da8d0df05e219
SHA256 1bdafa51ea0c8d2e674bd274b3c198ed729c7461ae9d1d1270582829c49564cf
SHA512 aef5aaa3e87138fd50672802123f4d1aab88147af544e078669d3058ffe8795c6ec203b24efdbe7fc39f1f5f4847be5103af1f8ad8dc7b9f1b75d061d811b85e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ed8e992a41ccae3ee61ecc6d4938bdf5
SHA1 b7d375b15b78b659f00b0af3165d2ad498344fc9
SHA256 8850607c07333785fe65aecb7a2a2e6c12ce6c4c19eb533a243b546dda812d51
SHA512 c3d951d7f0848259bf5baa436e9c7e9a8b25d01cca0ffefdb05ec38f57101c331083e207cb29b3fad20ca7456831125c64ffb84755def0a68fb3bdd8f6a75308

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 fef99b91c951036f77e1156f470d36fa
SHA1 52bfd0c7874d462641130a4207d3efa15e0c6b4d
SHA256 db327c22d6fbd713b14f15bbaaeb36d55eae40801ad7f95aeaf24ee698f53412
SHA512 7b01e5095aee5fcc0695be7bcd8ea90e41a64a3de00e54e2ff63596bddf74644a3e82019cee88940c864e7a9f4ec5356d1a0bd279f2908e977bd1fa6b84f3f98

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 eec71e565a12b4446cba496cf3446280
SHA1 482becc54e2febd1270439d89e134999ef6af17c
SHA256 4d5608328c8ddc9679822f7fe9889372c731cc2783f103e556aa8868b0acd300
SHA512 a16906f87e5bb3aa930cf8845fb0c1272343259ef3e6cf34d92e382477e40200ab33f2c4e6d5152f4e23bfe43ac6e10e41f56b21aeceb20afe0d4b1ba3de77ee

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 080743ce53b5d01fe3f4ca143753bbf4
SHA1 4f766b588476b3454f806e6220a5ec6995e18c3e
SHA256 55418ee1b92f5ee5f581c0cb6c1e977fd6f24c54d106196561474205a914eb4b
SHA512 2c0ff1f35860b0ee3115aca49529b8f665dd85047136cff5f91ace3a214ec7cd9815da09fa239a1049dc479b818a3755c2e4ffa36b8502bbea3044ef67ae1035

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 dcd5d90eefbb1fafb78475c71a501331
SHA1 a853c99b27a6ccf6a3c55919245f698cf2f4dbfd
SHA256 2e86eb8b14f9c0c3b622bb03975e87671a0dfc5aa574089edc74df14386f8616
SHA512 a6e4defecae96af4c4e0cc47fe75d875808a2016e9ef6ef57cd5068f70806b455299c32c825dbd88620bc5c638a37fec6565e795cba4fb1971a9fde4561f7eeb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6e8cdf1971988b44b675d1d0f608783f
SHA1 6a8540bbc86fd4aaf76664813f96070c58218551
SHA256 469e74b4f7d797faa1598a796a0e37acfcc98f9ac7965a2fa4b7f4f30b00f469
SHA512 244be97d0bdad5bbee31826d6da2a9be946b3721a96a368d4bcdae4e0aa63c3477967fbc5aaa7deaf9fd8e432ac0b3c04577ddf1557f917d05da3cb4bcf43515

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6a6ab7e62e1cdf31d85f01db20a49250
SHA1 089e5e2bc84a4edf81cc85e54f418aa18fe0dbe7
SHA256 3c1980ad859e8b28e463ef64a5e3c82bdc97d7bf213959ee266bdeca66a5c94e
SHA512 3c1fe2811105b0c0f0c601494151d53db7d2a81970212ee16ef426a1d80c090c40ee358271438d8c57a24e483134a3fb4f0ea5a1d61578133df16460d48b0a3f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7edbb47ca92acbe2bf838456298eb9b1
SHA1 9ad0b658648053b167c0d2bf82efd21af1cd8cf2
SHA256 eb7aca5c0105acbbcc08e495dfbe88c160f417a653fcb2d940d1288f972bf54c
SHA512 0f07ac180f6353efc70f84ccfc6d97073243d9cf6c28f45ae321583fd7e12d78fa80c505780b6668a06eb1e5247d9e67506c98c3e7fc6a09b794431756ef6821

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 eac06ce8682e36216daafb9499be8e1d
SHA1 f0b760e21fce7e9b33c8c6a9e0c0bbf517136951
SHA256 99f0398237394988023ac9be4a170ada5e5e4ce7ed3002609abf13810ded5fae
SHA512 a290aa105b23412bf6c05b2db36ec817247c9494a669b7bfb2dd1f17be27fe5c756a69bdbdcb3a590c94ab6c276de26c3cb1df3c1ede1779e68b22dccd8b072b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a335cb2c345ba279578a48c62e08b0c2
SHA1 216c97b978baa88de484770909013ba26cd4ec87
SHA256 96313d89479ed893983a0d7423f0930efffd63f11fcc465fe4fbc7661fdf8545
SHA512 5f6cdfb26dbd8f4fdad71319dd2c159c9b7bdcb88b23af6dc801859aa73991499ffad7ee70457f632009dd84c7d8a7da60729fe9b9eff335d0b695faf2d071ee

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 89c219e1d73e7c621e8fa88e3ddc38f2
SHA1 3a6f452ba4b522e0520c817537124d2199ad9949
SHA256 877b1d68b67cfad730e8f10ef0e8626e41552a7bc9598a10528d32c102cd6029
SHA512 5050b211d1f4f2e5c6b27917608fef942ca50bd86f71b7c7b3e9fe2627aead37bd28bae99437a8bdd9e3da276dd03675b8f4a4ee79bd8fb21271c2209d2f91b4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 876d936ab0f8c75982bef3806307ede2
SHA1 7137302fb22209c866f09f6830a3ba098be4b407
SHA256 4e4c799ba7175ffedab1ebb76941d56b822314a104f1b4984c34a1ea12a57e21
SHA512 86019f083b63c518f6b1e5bcc747a965e8f4a2c3ddbf0583557c4938e1fca06a633270ad855228326bb6e5e482d0f72fd9937f38a9ed37161310f04624a134b2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 106fcc9f261205ef0513ae05dc7f04a6
SHA1 d541daba274cd33debcd41f379b05f2f5efc91cd
SHA256 fb7356779a165697734306e3af5acffaccead56173030a1e3527534450666ff0
SHA512 e5c5ef83c4df9bb3f8cfb3b6f71a2c87e43f1a2486c0282a0699f350f91002d6da040b7026cfe0a62b13ab1bbaf80a662db8ead71b9bc24dfd3cb061c22b5255

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 81b0ba7ae8b9163665ceccef2ab51d5b
SHA1 54e269cbbf10ba9e01ee9fa7e375a217101973d9
SHA256 a9f66ebdd460f476c4bb00e17089b8e60565df69bb92c91c7f3767c6dfd12ce6
SHA512 f59803c0cfb82c74014ae4665b6815e345643d6c6477592c9f2edb496bd8e21a26e9419bc13fcc3b3f812d3da4dfdfad0795f38ee7da7a17ca0f0934917e99fc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c84b105d40d4740e6b9a3c24e0e6bccd
SHA1 c22d753ea48736a0d1f1a4c1eed2d3017b267d51
SHA256 53475e2d1dfee1eb178fff9f0c6a75c4fc7626268053e46a349a6273acceeb52
SHA512 2a1e654a7ae44f1d6158ead9bd71fd3331d6ac6c536430b44c9ab0f1f19408dc015251f1294b4a025398432a438bfbdf7e48dc5fbd40dcd7723838813e87ba84

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4a58e3d469e92df31d56446e4ba4ad44
SHA1 0b2b223a9ec3f033c5a29ad6164336b5b291a4ae
SHA256 830ae71ef77d4093c360db909972969bc1cc21440a945a3e5f61ab16e1637db6
SHA512 f0462ec8cc92a82353ec8119703194babe7d943253b2e9cec8b53280d05d0101c6816187becbcc32e1962309ef08329213d095ba0f4d39d379540db9e8c01e34

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 85324ae1641d7ddc07531eb4bdb8bb99
SHA1 092361a76fb72d6498ee2b6f4464b70a4d2ee4f1
SHA256 405ab12fdc9c09d5d4bd410ad12815b0a5064c52092c12cd450a19dc9f0072d2
SHA512 dfd95f0367d30724570f012e6003b8fe269adddc0e3155b3b621e83085791bbf4d12bdc841a394bd4103e314e1dbd2e6baa10eb4ee7b8a037737e442a58d40de

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 083039f9cc24cb4f7e998e64ff80f929
SHA1 29d97412c86ab2f846118633e4ba0929526c763b
SHA256 fcd6b7d00039294fea7107c9c162ac7908961a3fd541357ae37341a43c840c7e
SHA512 22093dbaa4a71f83697e76b24143a4a54d5bb77c731434c73a348699a237ff193fe19c6d5f8f4f384308284f7c7dd781b3fdf0e5253c4af467f587a7c720624c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ee0be5ae2086eecc5396a6002e8caaf8
SHA1 bcc0352114595b789a431d6aeb22ea6ab6d9f293
SHA256 feaa0d3caa73e6e5edbdb64209301a32d13c883cb4fc365aeeda546d2e417965
SHA512 ba3a7d5c67dd68226e7889d512288ce4caa3fd99630436e89a6f997b4cf40e039f76ffe10133b3e1f1d23a57d72091e367e276d2e0926d9b71c899d452622684

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 bab31444570b2738902f264006cc6480
SHA1 fa3ace2e86b881faa731332c65e8b39ef3e9b4d0
SHA256 912d451308303f2d6629468edbe1bcbbc2811bcef6d57fba2de621577a699292
SHA512 577718b593393cbfcf23cf604b79022e2464f77dfe297ffc2edf4dd8607e4f2e1fe293d8aa8aa85f437eafeb65651db674160f7af260d2c5028cced67422d4b0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9fe05a824725418f4bca4b80a007ca3e
SHA1 cd11d1cafceb5a8dc6ae0d54949edb936aeb7bc2
SHA256 9e1b7ed2701c67941751978a2bfdeab39c968789c496763a184a0629742e99c3
SHA512 fb13178243d3165728e7c50bcec8774a7c6b3e5cca20f1b2dff29f666d5bfa678d155b6e6bb3545f754207ad6a01bdd76b6872d21653e08a429733b8b5c1d322

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 494fbc11bdb9322d57a3509ccfb0ec93
SHA1 e541b4c5801755c80855430154f9bdf26e9b6aeb
SHA256 a3c1b5384611e7835ba47d6a6100677541df1fd1e4aa06db6d070bd35cfde387
SHA512 abafcf35911fa8b704b1033a2544f6f865fb82ff436637d7b6555469d967469c04b3df98154ab753a4712864adbee11d0a1f6a011f001e0fefbf82776d6a756d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e0727d84fb10234e7da178708552f0f7
SHA1 28ced26c5acdafb8978f93ea9b82920b380e7b98
SHA256 734228c0efcfcd7ab28b43553030a6ac89e20c1685416a9a1cb8500a68f631e0
SHA512 76478cdd443aa6163ade2e386c33cc6a638e6435c90bb745fa132093f9a4bef06511759b1efe55a01f8b1250900113ff615e96bfaf52ba31f9dc90c0de1e3554

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c0bb8a8a6c5363761357be137aa8a76f
SHA1 f66cf65a4a8bf92b3434112c4ef43677d55f8ab2
SHA256 e7b6d231f03adfad5096ddde11b4eca223ca02a527538d8d1bc75dd17ec29b82
SHA512 22c16b6a952bd05e09c30e703b12e4ef54f8b0470c7492b6a38cfcd4225203791513ad9a138ae88ea50a67098ede34ab0a48b77beb7f9eee5e867c1284bbe67d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8e89f6ba6574ebc3f259134c4aca4781
SHA1 1498e2d192d4bb92a203e660fdc0a08dc8efd8bd
SHA256 f2eced7f489d3e28a24c3247b519370749809cdbd506ae53feec4a483974634c
SHA512 db0a92411fcd3da43afbc2437643c4dc0565209ef4331763bd44ee6226610406e296beb75d1ba5bed98aeb592b339bbcd7605dc328635305b96513cbcda2691e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 db7e87a4c0c46f09b7279f0ea7f18c1e
SHA1 038824e66708df09a69567f9af397a5fa713d307
SHA256 58f17e12a131d3a65e6909095e542af37863e3fd151562b9057c52e69dd64e5c
SHA512 c0d4de424e5194b3eb86c2441d3452792a27c7436911e09f4b887f589859105483095e8818d112e381a68aab390bde88328b45b7796e9529eae9488feaf8712e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 66eae2c0d18183437fdbffc650314231
SHA1 bdc4149ae6ad343d72de9a6d8289bd43b1c7d57a
SHA256 5ce85e1c86703fe5513d52f0f9906d87d645dd6d9e34473f40c2d342e501ce5e
SHA512 1b37b2df38a9e1f989cebdcf99bed288a97d0fbf011a144da610eb0f30fe40af5e50c66c74c64d06344ea6ea550e2601a5239256fe4fde58cd8dfc824ad1c07e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 db2a3443414d09d5f9685396565ef4db
SHA1 0a28e7e3a36c41cb22ee1d77873230096dff8558
SHA256 3c80aa90b80a97e25dc26404310d5b6ae6c54f37124cfd2a81aad0eb3a4592c0
SHA512 8707d0268b8935931c6ad97605bf4e5c7820153a4cba0bf58b02bdab197a0ff465f1097cc1dc98ab2b9940329d508f13c291f1b6cdc041cca286dc942e0c8274

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4255c7bb51c053f48d485663da1a58c9
SHA1 333605726b0878ff1cfa6212c42e2c30fb0ed912
SHA256 6393e674197c3175aeb9d087ca1fb5b8a9d43cbadb89f48093399266456591ed
SHA512 6e8222f6b492a97a27ff130ef4248a453529739de5f26209fd0e2a09b185fa58ed70d16b2457e4526138aa3c625a4045352b1c4bc8aca2239a64c86c899be32e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 40738ad98ffe1a820606d7fb79cc6ebe
SHA1 48e304ed5ef087dab5408ea6ecc72a3297b9a034
SHA256 b117536d70f412f44b7630f065e5762154774c00ac2183043484a60efa76d6db
SHA512 f71c927bbf1b017ab62309828eac8f23c96745c8de3b4bd2d667bf6a5a7846b54d18690655e1bf6927e855569a4a344037ef03469b72246fbbd2a3586d8da4c7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9e1218617993f550147a19e769ae3e14
SHA1 b8e48965df210ad558f964db6e8749a51c57f882
SHA256 8720da9955c06d9e4366171f6527bead355c80a0dd522360dee29abb95120d96
SHA512 cc729b8fe579c170a8d29da466003c74ccb7200ee2d4437e6eaf1fb8d4c5d5bce9f284d2bc6ec5002df983ca18d8cedb0e83577ecd4481c49f84dc41c87306f9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8441dcf7ebcbfd0062b0161ea6915db3
SHA1 cf342d0d964d60078b19a72666b713a10788f696
SHA256 e73776f4d0f8a9f88985228930ec1645b3884a1ecdf5df9d240d9a84f906b7d9
SHA512 adb8f38eeffeeb2fe9fbd23a06dd32f8c911fc6e19b7e9c0da794e7fe2b77d004dc03f6ccd3563f5e73bf5707f09a4eaff107d67497d6c71cd22d4eb710f80ff

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ced7873fe02791ec410c655f1e69af4c
SHA1 01aaf3a584f1f347e15ab1a9c79dc795ef1b16f8
SHA256 489e02136cec3185bcba2a8d2ebaac8f30748928501499df023b630329706a93
SHA512 11e0a357f4e1e446b43f55ad85baaeedddcd89333a3ed6ea332156a06c241ad7898a2fdd9394bd13dd9b4f982d90287a6aac42b34b0b2265934e9edef88a5c3a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c42d50e27225c00859b0c5fd1526c6c2
SHA1 e1631c0e83c9919928787916e2b9076feedd5b28
SHA256 81eafe6e05712262fa03602f12cded9122c61ffdc28c54e919046ebc84f8ddb0
SHA512 e7a4aec35588067b67389e26bc8ecdd31fa41446ff1d5f5a91726de2761e6cf4ddc8b5d3d7a5b9c9f1ad1f04c43efa4258beef55ee450fa4552beeb967e8796d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 857cd23bc53dabd726826d553a8b662f
SHA1 58d4c4e324b64020321ec06a89829827a1bd4db8
SHA256 61ebdadd910e2753b868161929641cc7080e7a2cec161cd08a3bdbd397a6c6a7
SHA512 8eecf8c749c832ef41394b2735d2a2a2e74570091c14fe6428b7b81b0af4adc6ad9d6cb11d69b24171aa93b195de61e4a4f8b57b1c26088d13acf2d8b9c56e43

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3e0a478f32f3e6070834e66d0cc03a2d
SHA1 4842fdec66cfceebc587ce65a2ab88be155c6656
SHA256 a1468e81c43c2494da2aa4da03760949a65b22377c3694da51ca3d59388b200e
SHA512 1617ae910af1aaddd8f05b47836eef655d480e74ce137a3d0bd11551d49bcf3cf672b4f2a092619732dec187700fc180d3fb26e542069449156eff1804b1f5f7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 54307311dea1061c907bd18c45299b69
SHA1 1035eac722587a82719638fd18b67e97b8352c7c
SHA256 d7985eb6435532d186dc77a959e369e4e7fb331c136788f2b097f98803bcbecd
SHA512 455811e9918a3f4d2e279484517bb5f7c55f12d78c15e1688042f71c6f3afef9cc635e36e5323276b19a64a043ebce6e0b29348f0302f7adff7c64271f3a5019

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b12fd9b33c52d1e58e1ba3002e756713
SHA1 454c0094ddab844780438e819e2027153eeb0aa7
SHA256 0f6914d8c3fa4d3d49a521e7d4b7391697af903816cde3b449ea2cc991764a40
SHA512 7773a8f271024eb469ecf8af97a5b35bd362cf3cd74ba2fcdd34898b7d01e435df07c31a3b0acaf7ec3c7602ba82f568e2f18019e8d99c3be40998a968cf7ba1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8a016a8ecc0838e454fd6c23a64eebb9
SHA1 dbc999da8031131731459b28ba4691ae5be1dd86
SHA256 5f1afd4f749b7de17229b2e42e6b6eee41a403140c093bcdf0287be685a3934b
SHA512 b1600d6c95c104ae8a9936554eb3ca6f92ad2c0b7293f21fbcfd58aa0f721bfadd5bb8c620d4a8c3d525d8e8880aa4ec8ec91939558d5ff9d884e5b2fb506255

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 09a273443c19d43d90217e59591b316c
SHA1 f818f691af3ada79c20113ba7926c51ebbd0e566
SHA256 4e04c4a7defe1b9ef4269fd009b2192bacd1bf5e79655da9fcfd9cc0d738598e
SHA512 8981166b22d38b43d5f4f4d8431b6ea4ec56390fefcfd322c3438497ce74ff9446cbabb48677ba2654f8d185a328927cca517c76fa7a26163c58080554bba3b3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6b04630d02b1f44fde58337d4aed32f3
SHA1 bc7d566274cf80608aaac10c6b0db5e688214ce3
SHA256 209e84d11f008cd807d16e5b90e2b87c16521ff8fdb4044cbf767d3cab7e13f1
SHA512 c9da51990df4c1b4599af41d746aab9bd41d17b7b6d410824accd4566f42084b4c6337f72c95b133c9ee4c1464209a3d4f505be76882e8c9b0d8739b2848cfa6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 376d1e8417987b511717cbf2a9f3d58e
SHA1 3f707565fb2f4425afa3ad767e4afb68aa34eaa2
SHA256 212e51e212988c3c3fd72b42fc19c5f9ecfff8e4ecc35357ecb83f5b8e02456d
SHA512 c7eae8489b51e7f586dbb837ddc57ab6be082fb956fead7d7ad0abf0bd4c70aea1173159d96fd1f1482f86618b95ffde1bed04611bb5d7949e8b3eba896e7014

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e97ad4d5098641e7977d26deaeee80a4
SHA1 9c1ae4aa0d725e9b4a154c62d1ca785fa3752c9e
SHA256 a618f644abec85664a46160b9035e47915442b7c7e62984701d6c7cf4d2a7e62
SHA512 ddba71079294335ef828f6295cd91af19ae12ab9e09bc543cf50b5235e0c767b6c66c5fd7ac0c85e8a8f9294ceb4ce39b1692cafc813d680c2c51dd68f4f505a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 cdd0b5162303f1a62ab37a0533e41dc0
SHA1 6b496e7f9d35ed250c940298277f89b04fcd5815
SHA256 8b212656082f9c87b4692e6a1a2fd290c5c1d17b8d641c883d00b46a4ea1ebef
SHA512 aed38bf02bc3de4eeae15e09d2b969e9df34301d9f8bd4d83ac578ea052aac58be4e4673034b326f851dd8cb65c143ab98c9990cf7f57c715546f0c971c18d41

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 40579578be0eddf7521d4ab16a7010ec
SHA1 01900b141c85fa060954870804b65efad561e160
SHA256 112017d9ed1ae3eaf1451da5cca1b088c65899fd65926daddfdf0262c73fcd10
SHA512 10573808a79ab9441e819c75bf707d4b139631fe39782f1607696274add81a94a3a34d779cbc50050b77e2844a9e0788fbbb07f557db23a21a981ec612403285

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 37dd0e10d32cc789b459a8eaa7be8b58
SHA1 f06565e3951f42719c4620d66566da89163cbf02
SHA256 2685f347e79a5ee875cd2ef7141350695e2949f93b452eb0bcf5211afc0d9ebf
SHA512 2ba22276afc83000691a516dd55a7b04da5e2de45f75fadbd983b303db3d452022b9d95ff7a8323ed59814fbf14bcefc7cc6cc6c893236e89fdd22f6239f4b9c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9096d85805771a944d02764024708fba
SHA1 897ddc7b3350a21d41ecd249e06179132ac28ff9
SHA256 1fc87f7e94ea065456485641e173e42d166e138a1bd6a17e1ad4fcb8924ca268
SHA512 6f0224372c8a884b60071a87f39b54b164b62c65cb8d31ac9bcf523217e0a591193d02ca131f016fea5ae0725f26f386b208f04b5428c2a9bf71a07e8cf68d60

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 16053890ec928bad3dbd08f06433a41e
SHA1 668dc7d4a6c03315e2e28e1ea5c470d5c6407851
SHA256 646cd934b00f97973fcc6ad410cc22516b3936bc0511c9f7cf257c3c6a1d62f3
SHA512 fdf4d1218b95dc06037b68a89de00fbe5337e54b7c01b0dd56c944a80454e98125a3759fbbb0e8affc1d0d1dc97923cc4c39a12481a8346e79c1c5ffb2320e35

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3e74be3c6ce24fe29ac052ee2fefe59c
SHA1 d56e14d33fd97b37df60ca06c2831db84a170704
SHA256 0ae69ee5b4c6c4b425cba0e1173cadc45b6170574ef7043826a4fe5ef204dc57
SHA512 4d6a0d8fd369e2f8a9dc24f2947860b45c4135010a5d709506e273dc6d3c4dca5654803dad04873f4126dcd5227eb511d1894bbbb0ed0f0bfb512d2da49c8f3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1967affb64cbf3b2ace16847ac1beddd
SHA1 551e4c462f8cfdfca05560373f1f3c18633d43cb
SHA256 b45c777cfe608efe34228a19ed7d3b6ce38d7cb5ad41a8c3543b14b3130e09eb
SHA512 40f46afb4347992fc71143554ce4d31401b917a292ee3dded32d53ffa8ab8aec10213825e7170aba9e416df10c6d984a2089834281507b4291fbaec87c0be498

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d168e80a73e2f99ccbab62ee6ab934f7
SHA1 40f98c60963104322d954ec24fbc9a0229f31474
SHA256 bf489739c5c2aefd8b46e4ddb67dd139b2f59c78efdf208a7b70dd9a54b987c8
SHA512 b3b5e7d8ddf21977e2c49ad2a08040de3c14f13f42f09ccecdcea7df1b383a40ce78a9d35cee4947c1e72c007895488f7d1e3e6673796460117695ae9f2d3368

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3202b87e9c690896475f8b45e1e6dfba
SHA1 16f60661472f84184b24de4ffe5552b55e1a0bc1
SHA256 b3524af351093a6f497da7fade76c2b4bf499612ba44801aa4e6be240d789d40
SHA512 55cdd2948da5e88b661e9daddcb38a55d653a66f3d39342d0eb9b7456c36b527b32d9151045ac30a10dc4f445e49ef2dfdc7cf728fae7fa40050c14a54fe4542

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ffc156a0e39566b0aa50b02df3b5d1c5
SHA1 31794a602618fce03f12ec6ac3a8a62867271508
SHA256 97f6d394e905dce0ad9edc7cf4fe8dcdbf946d354d49f0f83ea1f28dc6dafdbe
SHA512 20fcd1a914f0a0faf24fe5634440a4432875c3ed6038ca14b021d4fcc56b001040fc6a5ef06f2e7714c75b6d322bcc90d91b65b0a0653e3a4cb9ba8c4bc778de

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5e7a8191242dc41739da63fb780d0e41
SHA1 7a659f76224f4b4cb08d999ac2dacaa85509997b
SHA256 d4821d768a1e98f79031746313dc1aa2c36cec9cb587e128ed0acea061ccf3f1
SHA512 fba30118bf1883b543e385aa7156f1edbd9b2046929ec417ddf4b1d34982baeb2572e8cbd404516a218bf4b33f103fe68d934f240d4fdacd4e55edf2c6148c26

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9375c08ffafa87b44b99b7c198cad81e
SHA1 c9ce348c41c8a1a20bb4c3916e6bc6e0b974b445
SHA256 eb48ced8cb180c6938e2e64d9941aeba53c4d5fa7962b99a3d9ed10c2a5c9d9d
SHA512 7d19c4d3b8adac53a39c6b219029344603fa352aff4b2355eea3efbe226aab4c2c98c6ddb51701feea5abc994840f4165a79a3cc142d25b48e8fb540b431fc37

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f2d51084bc66984f172a5a19e861dcbb
SHA1 2dd2169cb0d94bdde9724c96bea1f3baa4fb6f36
SHA256 b60a8a865f4d51e72d679cc76b6df8b1178019dd22a4c17d1e38552572b3c988
SHA512 eca081beb22a450e96cb93f51bcd4f33af167288b968e3c269684ea653158d0580ba9e518a4453ef31cb0a0e97fe2556d76bcd38fe17bfc00093c8fc887dfd6a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 fcf167e26fde037332ff138a3db759bd
SHA1 80b13643aba3d42351fecdc5ac8eb96118866e67
SHA256 11d2fcf5a4ed726937a1e52d8f9bebd12e7f232d729b56c25922ac8cae3cb12e
SHA512 14f1cb9957aac3d4775c20aa64f7d40f7839dc7d868a5ca3f87f1844e0ebae839fb7b4c2cd53046916fb5b786b98785856dac60de0fbd78f4f83b46751122618

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 af0097d0254fc39cd421167bbc6210e8
SHA1 6ddae117eccb68a37c2e2572a01beb3dfe1c02c2
SHA256 a747c215e1dbc80dca1185fc55133e6655a04b858e8acc4e9fc77c1859d6aa1d
SHA512 efc299d7480c3e6f53f82bab271b893c6a3cfff061ab01e63c8ef7ecf7b84e058c2b5a90d9b40947960936cf3845b520273a584008d084e070748d37df3c7246

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 13d6deb8603dd2456797a8d980b6b727
SHA1 8e5ba083b292b5ff2f29b5a111ea628240ff04cc
SHA256 ec2f2cfe086b86e3e1f0a8f031e374314b4b1599cf5f17dc46ff8376046736c0
SHA512 fb36ab57e5399edaa585759ba108fc7929e0421edbf86f4a644881fd5bfca5280c9b3961ff764e53e3582a27c153ddf469c646873c4afe85f07fdf8ad1bb7a46

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 424da4eb65aff9dba1820f25fe82e95d
SHA1 9ee51a796fa88f9465083f216bdfaae472ac1f07
SHA256 e3dc7a42f0d958b8f7b06be74760e5b76352565157111a13d0e215a12be821cc
SHA512 4008431527430dd9e9bc80d73ccbb943942f6bda3a836813e3f0276f4097ee9ee9566a25d8ef47e9d9219210152d6761ac498c6e11c73d42f0f3663a5c0378b3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f76e17f49f954632ee529fd7874e2f2a
SHA1 a054d8ed723f372fef2d6af5b73faeedc0c2dd49
SHA256 cd8e1d0da4aff51e33ad1460914756b3604d86b8ffc693ff7120e7eb86be0979
SHA512 84bc87bbbb25e6203e890784868660291f6cc139e0c8471bc33fec68eba29a3507a4cdc6fb8dee0822461c8084ed66be3a846a3a2f664e8161f779d4b58a25bf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 83444d87ce7bd241429bc2092e9cfe33
SHA1 198a56d0722748650c2f17bf1795d68b14ac68c0
SHA256 3aaf13eaf27b2454fe8f142bdf1d21088dbf7849845e8fed0d352e46869d5a1a
SHA512 12e23bd0fc20b045dc5ea9018e3498f0c1cb95d82c025ad8d59ae9afb03d28901e21e644ceaa4bb44a182065ba9d94303d7a083deff2a7853f55ecd6b9279f53

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e36ae2f92cd0bba6767e24d8e259a01b
SHA1 aba575b8c0d0e7f6de4beaa3f838f9eef7413fde
SHA256 9aa8300d7a2b14b749f6cfcb7ca97e3570b88c07465b9fd0d0ac2522486412dd
SHA512 73e11f99654e7856bde32b6f3ee8d4c2dd74f1d47b8ea8d756bc1643b9596af743575b8363d88a807fe8b17b194d06171b9d6f57f070e77466dd2aed533b61f4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f2c7377d1bdcfec01a89b8e1c2274c2c
SHA1 94075f820a414cde714cf2ebe0737844aa18b285
SHA256 afacfd9ea427b6fa33f1b9fec51463b638a7663058f38f75e25cbba06dfae7f1
SHA512 19522f783e6d1a0b3b290c41a72411ce2eaab8182051c7dfcd83a6013e5862d328ca47153a66c3fcd06f1238dd8f620a99ed32ea07ec761e0c6b96fc42eb139f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0814c24458ae8d5d926a9aa2e2cf3784
SHA1 bf19a357ffb9e53d08251562d7fc8c3e414cc394
SHA256 39f330f84d85342ad345783021809e57d8d722a2b27f2826e5b7c80d19cbe91f
SHA512 34a416f3bff6b4b78560701607dde7e9839845a45e7dee6c26b11af1b2c60ee0f35bd50c3f79888d0e0eb3c1cad150d5833f3e859810b577026235541bbebd2f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 19f1219cbd195f8ec839a3cb1cc16261
SHA1 9b28543688a230c32ba604f2b9cf79c1505c4b4c
SHA256 b52e01de6b7e23a475b8c92ac5ea5d3a4429f6730c6b5cb73cb2c1549f91c9f3
SHA512 695148bfa90964754ebad642039b3ba04bba9430a99a0822c8e0efd396b1d71f94ae12689241256b6050fa9843679fdf89ebcf920c01344ffe53e64cb3e60d4b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 84b4b2ae175ba35835c9a22367b3cd0f
SHA1 010c33eabcc3c8d8a59eab1364761c74954102a0
SHA256 43bd8257dd763264ca1e38731439794196a509885c8ef8fe182991ec33efef51
SHA512 aaeae914e665f17b82fb3a3d8eb9192bc10b9fa8b2c2d9dc688eef87e7299e67393ec466040731f07f8d7ddfa7d64b372039fbb2966eaf6feb61eb6227075c12

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3036ea1835847d0e7f849195a7396e08
SHA1 3a5ae5fd57a3e09ff36839b7ee219ba4bc7065bb
SHA256 8a4af239f32365f4a72ca1114f2fe25d59fc550d16b5bfe80c74e9421e49e1a7
SHA512 4817a621c98f35a65d1f00b74b793cca2bfc0127685ecb7766b30086bc87830b01ed0c5752bac845fa37c5dd581853bda4af18e59266d647969ebdc43eb9f154

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b98f8100be00a97ae0366530b325f9ee
SHA1 89294ed9d78edf08e36c2d5cbea8ad37af02d496
SHA256 0418442580ec0229172a9d5e31e2ac6977bad2a707311c38989edb3abc3d46bb
SHA512 67f5a3e4a71c1c93300bba120c3690318bafbec3b0c0910f7436c31a372473d20d171c27346c82a358b4e679ec34747612317a4c80f4a6c1aadc7be00553cf0b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 72abb23c3f489b6a548407b95a2d7f9e
SHA1 d7828cf414397ac87727e8bb0935475bddeb2c9b
SHA256 db7ebf2e0d646d5b34d20b38ba18395d081ab1b90eef42b44287fef9e86e5d70
SHA512 1566e21a0f326cc028bdfbc2b10a7134000b7ac6893801c6693df523030fe9e9ab0eae0e1cb51a01cea8417bd0d8b061505268b91967ca72ba823d4f2531cc42

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d9a981c5672db0fec1b51c2f816a82d8
SHA1 f92cce5c37297d84d60b60f6af09259bf737a468
SHA256 8c8acb31b2abd825f63060e9eced301b043c68d7f5319312e7a36815099ce3fd
SHA512 ab7dcf3324ddee452a3c0cd5fb49a523731563169b8671a1ff20b07148b9d9c9180bee834d5f8491948d845ffc582049b03fa8b3701e0880d4e039cd1d7f7a02

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3f4c1b24a2bf721c12a33c7144caedf5
SHA1 3a6d1827dc4b38605d657602430993267a799ea4
SHA256 095d5cabf57d10ea3c1419e9481159837faa054615c9dee4230eba5c49cb3341
SHA512 5b4e1eea307de66b368f1167fadcb5c4acc5ab26a39d9e956b1e51fae673c117e356314f6a2f20dc9dbffacfe03ecf02ef316ef4e017495c207913354c2a7e5d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8ac675e3470b5567aec03e8200aad357
SHA1 d41549614e0f2357d6aa37a3587321ee2055af65
SHA256 e705173561eef763a1ff291926ca25e905b5f05fea3af90ed2f1a5936d74e59f
SHA512 3fea854251ed0b8eb240cd5a7aef68e3b8a68f9c5cd45d8ca1a5c773ce32ba511f6e9e72b9b33fbb69238c11c2f87a6ebf34361f3d6bf8fa801c9b786bd63349

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b0e037e32b5e184f572d7c63930bb6f8
SHA1 b947c86cd32b7f1da28d704fa810adc9826364b4
SHA256 71e8810157bd08f178ffe89152ad214969ea733e8eb7ee1e188bf64441f1eb17
SHA512 f133359cd6796b1d07d9c730fd2b9b9ae63410e414a41c8b6e7ccf1af93b23f0c12e548d6342045803664cb3336b5d97a3de108b5fa24a177f42d218ff2fc4b0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1d517c17d6407c817a8a3fc0b0468151
SHA1 c511e6eef2b3bcd327492404111cb4d1bba13bcc
SHA256 0b69fe01b97e1a40e53be264a432e682bf6b45cf97d683511c7f558cdc3c5c40
SHA512 b45264e6e2f4ceae9b27f65f8ecf5b1a0f66ac474582b5f3208e9e626b90ac1b5ffa253c22b681debbdc5d9c7eed612591a28befbae9919504f222261b0fdd98

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a75eb172df8b011d8f11e21c8d920c14
SHA1 41b60cd234b6657fd46cf397ae511b51ad2fb145
SHA256 25605169b4e3dea2630557a6e31282cfba27452661186c059b63e3048585611f
SHA512 da5a0e85de65adccbd3f50acaf95c684a4dcfedbd9d5fe5f7f2d12a8e3f82ca67f1d5bbba5869326c912797c84b422128e90cdefa7353ffd6073e8fd57c8d7b5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 61a0f8326e6c4e99fb39ad62cbf7df13
SHA1 922423f8fe7fd44cb32a9aeb2b7cb3e1bd150764
SHA256 b0781397c511e74648116a6b18679c6153613fc2fb3ef94365e4025a567bf710
SHA512 863126d97d182fdb4ca7dc448313f3ac90bda0e9d32d5c7ec6345b176767194b89a3930f1fc20ceae6188cd5eefd257b35639b7664ee86e8882f0e8c8103f84a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 173d707ac42ee766952e1d83b29a1070
SHA1 0d833364e62f3cdb9b1aa1117ec1f01a4b84c90c
SHA256 6eccdcaee1499317837598b46b944eb89a7ae1bf5aea84fc40b2210c86ca9eb5
SHA512 510b7e9c0e16ce4c8648b09c30680157de11ffbb040368cc1919445b98075adb2ab42772b12105a737641ca5fdc8264788c11ffa98808e0aab6392740cf2ab87

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4f8545fe734d810208895c4d0d075771
SHA1 95b5d40edacec4adac595edf9b2509b44191f2fe
SHA256 8d81ad62d67ad8dd3a297ab6204bf75454ae14f023c85d23a3deb9d904c054a4
SHA512 bdf6584e1e5f00d787323f726cf149bae92269c784d96d0e16b37186323bb957ccc1bac55aa0d9213c9a49a9b6f874a825df6bda6bf6e4c76a807e51ac43461c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e5eabfd94add0752c245b33439f48b99
SHA1 b6d32158674bdbe2ba5e75d3c8980126c06fae78
SHA256 dad40bdfe94efc10a704cbaccc64f1cfe3bca410bc7920be73f894370fece4e5
SHA512 ac304b2527f4c51a3040696e9070acdb03430d2e530fa36eb3844804ff32d37b87e489e5a375a65b76013e277bd4dea44e1a0f7a08c1c63a131fd9bc9e6f9e9e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2426ac7c30d5d355ebd6b461a5e002c6
SHA1 7f9d0f9e8f90357975297841120e196d21da8d4d
SHA256 91d17086bce541328f6ec57a7b1b005aad8a5fbe10e492220224cb7e6bc06357
SHA512 beb255914fa9f5b94d11f9c6b057c2bc60ab00e69b0b885e7315e7bd0d92f8f79eaa26a761772c17c85195cd263021137ee98d4e301c92126bdabb4fa16c182f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4ca1370c2b1193e024ef286b8c0c6399
SHA1 506cb89789e7d0cc07eb8da1b334b30523c87c49
SHA256 1d8da617d05593deae68e6eb7b7fd81c31ace62e79526c7a1602f61ec0ca4050
SHA512 a72a7670b4385699ad7ea1339f0058ab74804b38163b3e2a8c6992fcb983b7441091aacb9fcf45b3626ccad5d2aee2218962d1dd7e6c0a2f2e77b68fa490dfe1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 95a6a660aafd9df2844f8b03d4a1bf33
SHA1 2c3b5a91ed031d0b8c044ad2ef873fe4fa127198
SHA256 b85408d52c7d1cfeb25cb6720da9dccc8300667020f82d4263c148be5174535e
SHA512 48bb9f6ab61e514d06742441cf793f69b8c7d7c2718512f4e79d58b9a908a3c9313339e9520f15b392191f478d8b1a1efa714744761baca0dcdc71a8a84ff15d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ab634908237c6ff30bd0c512cdf8baf5
SHA1 4145b1a0967742211e699b34d4b81b07e4a7495a
SHA256 66293e7d37334055cafd6b184fb15ff18959da7f3749832e8c105c0122f170e3
SHA512 4675dcaa058f2a6af117ba9a4e658622a28d299a7ef40586df93fcebf9f8fce744a2809ce0cedbc3acd1cf42e5443c6377d47cb3f1484913233e081131c2eb76

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 88bf2068c6d8fcc6b99c37e4ee118494
SHA1 dd10a1eb138c30bf1d88a3709c38010475f38b15
SHA256 4d4fc5414eefb67dccdf2a983fefe51b3038204d090ae84d83418b9119707c87
SHA512 c817951abbfb7a815f44a0ee3a56011e7a2d94f228cd68b5e5c82973836641d91f41d039c36f98c370fd804c27eca30a4b29d578290169eeb7d3365b91245dca

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 bcd74bf7874791fa99850992c6c580cd
SHA1 ed642c50141bb05bf2ec88c8c94dd475aa2266ef
SHA256 81e18a70f8e3b0d907a7d91cafa6dc7a80e26a48c3fc92e17628d4aeb5e5772d
SHA512 122321584374261e64857d41716312b85a33c8e07f4d9363164560c53e41b10cdaebf9e18d91b285d776c54925f95bc0abd4a01e4e0e9945c1e9d2ac8129accb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a831a45364846c2d00a2905520d13488
SHA1 194bae48d3352ee64244e5d0a69bd8f29e632958
SHA256 a4ed1dcca0458f88e0681c8c00052b2da22c6dc6a43d77d793f2c5d2a4628649
SHA512 151ef01209f75357e5c3cbf42abe5e4cae2d1afe4aad509180b9671ef5c41eb51e04007c299417251ffd2c411726c4f7b674eb6b2dbc3f7455db9c0d15e7d33d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 185dc571dc69bb5427e7565458b9b471
SHA1 bb38e8906793458c6bc23894674e67792ed18d20
SHA256 cff888c3c5f9b8401d96cb4b36c06c1817218099596d81bdd3b68bab97cddd12
SHA512 8f4a0023bdf4c7d80cdac33a0879653c5f6c5b3c34b5e1e1c4681733300dcc4e4aeef9a03794a403a069a542add66211e2370b9b815f97a7ccfce71afdff5536

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 aae630d611228e081bec58610f51b9a7
SHA1 5cbe03368bf94fb4f885a528d8ce65e54362aa90
SHA256 4e33a45656f9978cee34dbf0005274f8968c2c6ce586182d48c3a6132b8da46c
SHA512 132155ed2738c0624ee20de8470d2af0cfa1c57362d48a6cfc7906c53122addca6c9b5a4145384dfe88bd56a7cb0176fbc6aaf764e73beae83c197597433340f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 74e600f93a53ceeb024790bb85e3ff1b
SHA1 8cd4658d25ffb3d7bc0560fb5438daf088d06dc1
SHA256 774a8857fb99f569b179825c658ff9a7d645380406ce84436b330f518ae7d546
SHA512 1fef331118c100eb9899fab10f45bf1747a81de75d18876907dd9f2952bebb31552b0df0823974490604e2b6dabf7cc657aea958be595d9f17a154767cd1059f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 94a191638ee58a9a6674bd280fb08c56
SHA1 c25a8f1208055114887f8d66864422e8b85a7bbc
SHA256 1f978ae6db7aff6a4cf1d01c5bc14d9e7e649fceeec3d5635aa82e8d645a4021
SHA512 71f3ddd2386bb7bfd8b5b7d5523c52ab36ae91f9ebdcc35ccf68f71596f827022305117fbdcaaa79b1e9eee6af2450a018ed72d25d9aaa3febc9ad30a95c0ee7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 46d93dd88156df9bf41d030a1d46705c
SHA1 a57d675549bb0b4b5130ad1eb938564273fbe5cd
SHA256 0fd7d7c8ad37ce17406c511eb2f390c7ad5fd82ab89bb77a2e7ff469934d7ba1
SHA512 0f86669e4d1c4a062dd191dbace44446c50d83fcc0a6c690679478adbd5bd3f2a3c682f0294fa893f81b14893d0c6f7a64a5bbf54afe248de133c1fbaf52d1b3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 155cf3a8677fde655d4b98919d33a1ea
SHA1 8bf2318def11d16a70e2f7dd4b01fa25c58c506c
SHA256 df5aa20fb141b818a14f5736c5ec294a5b74b1fee8ab553462c6fd179d47be6f
SHA512 65dd8981f97b767af6cb7bda0bd3c66bdf6a88aee389d28c5a4eccc6327c8b98fde531997e2d551cc5f9e40eefc1254d430824b1b550ace1480e30676e1c1a57

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4ff22474696c76254bfa34cf8f8d6b5b
SHA1 3922608fb1bb7bad4c7dfdc0aaf362ce4c31649a
SHA256 03f1982c79835ca50a711acb0476d9d55f6f0cad58cef233d97c7f11b032a7d6
SHA512 b161f7bbef2058e3f929a22f37c2d2a07dfc707712449dfe2ba476cd8fb9853edf659e6e9c7ab7da0cc6c5f6a7328d7cc2b0d847ad6cef99dd89e4ba93707661

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 177e7037d06a6590f636eecd63ec41de
SHA1 0d4c6efd7f4ab41397d4d0e9021168bddbae205e
SHA256 b387612f55e1a5ca06999e720563dcf48c2eea41f2ef05a95e4afe345b46b20f
SHA512 d7594f15ebb998464aa73e368b875ace6924610a87609ea209d8a1b832d485d03cd6e7462ed3c4ba5da64d3210f95627b08cfd6107b313ea178eeb9c437c1bab

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5168f4dc04cacf2c78d79989861d387b
SHA1 9bade8d91b00f715f1e88101562eb90f0e8ccd0f
SHA256 75f7fd3264efa68d47ef544aacd36fedef61af94692b98c40f449171dc9d3774
SHA512 a2f0224a758fcb3216e69d1d2ff53d305ccb7936eb5142d0e7afaf03c52fc73999fbe042fa176463999ebc4b9daac1e345dbc30666ecdba2979858472c0d68c6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 59610fa280895bd0542aff47dbe2470e
SHA1 8d902ddd9b3478179a9ada550cf02c3fe817125d
SHA256 be7f211427139894df6c519f8c8e1a09177cb878e0559495e0d587d0a09a526b
SHA512 2267edc92b370321bc64f95cfb1c95ebf003cbb6498d977e0211bbed1cabbb2b1e012fc76825df2928d1b88d601fd3430d6bfb750361fb00197f40800ef56d2a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a49448f79cc846bb69fade4e4de1d8da
SHA1 d121e73356fc65935b29d007a5acef7b6d88045e
SHA256 f33d1ba4dfcbc2b41cc20f8516d20b20cf459a008a976763fe09aeece7028aef
SHA512 41e952bbab758624615d70f23da7b77df42fefbdd4571a09b97ae4ea2de5ace12429b9f96de041dfcb48f0b113c9f9b08d3d4a71e2c96a01743f12ed94094911

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9a12c1aea73a29edae0c95fcc81c302c
SHA1 c3304062158db3cd71c945f9f36af24d58b02486
SHA256 e68b0eeeb86a0c3dd3d1ab37f57f46391f1c40b8c8018ae7b3af4acc561847a7
SHA512 c698782f26ed7d9190825b97b245e655cc0b5f36d19207277b1f1d02debc100af16dddd1c595a4585293ac4eec2a05237a57c29c74f0e651c071512e35d662e2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ea448cf828a2f7c90f67238af7e6185c
SHA1 9187bcff86fead1c502e38646c4195c4b20f8201
SHA256 8c9a1178192187c4b9edc0341cc0e1eb42b63903950e61ef3a7fd9c08fc18f24
SHA512 04b865087648d6eed46da310cbb9f0b463604f7d4ab8ca0c8b10e33d3691f9aeeba22426b3921e437ceb54d62d7def8f5013b40c8bea5ca44eed4c38fda679d7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c16e716de1eae38062daffb83489637e
SHA1 dfb3222f56bcdad5f24f399343ba002426a7ef99
SHA256 d8c887cc8e1336daf8778128222364de45fb7d319819a8e37a2b96f34d76245a
SHA512 23a8d530d94c4dc2ae4ebd1f0a4b2b3df0c663c2a309fad05f1fe46b6270b32c2c27eede16cd97f4ded4c7e52a50809a46391720b4105f728bc4258dbaa9b215

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 81ad0079452dddf49101fdb525266bf4
SHA1 2660a3f3f716c3bc981aa26fff4b2461dace33b8
SHA256 05afb08db1ef166ebcbf26b7b99a95009f885d6d730b480a91bc405433d379c8
SHA512 3bed64fe2af3b9e05ac175da38a068e770b3857b79602e7fcca1449e4a14fab80793a85fc4e0d1862f4f3df220f85f08de8acb29358c922549d9668bf0c174d2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 40757d494365757efd66093f1478790a
SHA1 03c15a7624f24bf828e00c7b84da89f84bec2a31
SHA256 cdbc9e266e4fb83090e9181bdfa22dc280f0ebf591aa69c01f4cd5045a87fa28
SHA512 d888c09adfcb51b6caaecdaaa6c264623b2bd4996205f830347a18b54f6154dcd55f17515501fc22cc0b045980ca6877d599d222c637057901ef0a25fdad9a57

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 19d222e0c8e8d7be024493cf5c156fe1
SHA1 5fe7f44b4250d5a11879e5f1b57a29d06dd54016
SHA256 fb1e5abaebd0cc1751ee98cc306f34d07fa9d3b31c021e165752f1511e96384d
SHA512 9ca6ebfbcb5651dfcd0cbce0f9535289a6322b7c48d1a3801a17dce87137e6aefbfd3997cfe2faaa4d4d143bd02628f15acb3110057555937047b54e71a2b3f4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f4fbd3d789fdcf82a92ba1361b5fe284
SHA1 ecc7d3710d75f5897e59fad38817da5297a457e5
SHA256 196f6d7cfdf473cd163bd8853a8f35e739277699668203829457d6ab27100b14
SHA512 fd944e2c9941ab90da1208202699d52c3f773afa77f93710155d1fbc695184976b9673e5b97aa4329f5616b035a8d037483a92bba54b33990bd01938ccfdd5ce

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 744c5dd34d7442835c74d292f818db00
SHA1 dad1985d2f144f552631ed10da499cd1aa5924a2
SHA256 89790d29f39716876d785455c6cebfea73efee589cb36e952c058294e9305b65
SHA512 11eda7aa7b06581570172620fa9290ee72b4aab044d4acbf1d0f3679630860f7c279989e54f7cd5e0cc19c6e009305c8bb2854051c47c5f4d013ca0cfc73594e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 38504924c66e38e685fb73792a639125
SHA1 351b5268a8fa2600755f271cdce0d93e9fdd5f51
SHA256 52360f7dbbd1d7308503d7539c482b25adf44e6c9c7d14701ae14395970048ca
SHA512 121709c92d33f8fc79180942cab882a479beceafaf40bd2293a81b31a88b2b905f1b81f9dfcf2077332e335e64f85e309b7feb5a5eaf0d0c23555e7f6209cdf1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4d515e85f51f8426aeb849bc194d485c
SHA1 a7e39a1cbadc6bfb71a3df93df0eff050ba4dd0f
SHA256 2817042e4c143fabb5e7a9e8ca99c3029ba961b2cc10275ed3a107c9653b539b
SHA512 f23d9b3e85738c8f68e33ad66f40e8697138a303e77b0f55c145abceb42f594c4dbfa21ad03f1c6e422daf11fcd48c79edd9a8adda8b9a40554ac675613d19c7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c7e03e5db309f0b5262f6ea082a1fd48
SHA1 db72419952492d4d143bb27ab0a66a05073c0ce5
SHA256 bef26c5fa9baff444b5f58ba8ffe5fd22ed32e11cc4654b700824b81f27df7cb
SHA512 b856f359280fae2824189d0a0bdba5ed48a935096a5226fbb74302e277f3a5e4ddafd08cb75f4aac2b5ab0a51bd7edf8ea473d492c671813ee43fda16f23a723

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 68b8b0990536a3123c5a429317099b0b
SHA1 49cde28e9636bc01b544299ee0c073a581ead973
SHA256 acf8ab12d383a210212a6b0c610ca18bb245dff14fdcff4712587e80fa8b0b14
SHA512 329da74c09f305e3a90b500be9c7a53bbdb1f2e88dc01ffba2a4bd545e24ec83d99af2d77cb5d8a006248b8c704d659d23cc5df7df990d370500551cde2d47f9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5d4eaf9f552fe80717bff2ecd5e689aa
SHA1 9724e63d5f11fee887dd4719a74c4560a3021366
SHA256 09ea36096f0e78ecfe38b93c27c42309d093288e93b937b5adcd28e9799c6289
SHA512 7da934a0db211763d0e93c66406f3b88574879886ee88cb23048b6769d0c4ce62fdd886875a5e17b666a4f49a62079e6918aa6ec93ea19c20382305f7767ccd2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 70bbed8c4f095f1ea816ebcbd77fa6eb
SHA1 4ad621140ae420c32be925eb8594a7dd0ea10451
SHA256 9dc7a71e9399d423375249276a534e9c5e8b7c20acf8fba43815e7240c3c5bca
SHA512 4c04b11e9a79ea00f0d7a1d9e482c081a8cb2588970306ca24afe9160095c6f4025493ab764bd5121b9806d9ff47ce756ef0b294a54d49f7cfbf0abf6a329141

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1497adc811f5b345752772e483f64abe
SHA1 2e3bee8ad24e8935f8ffd89b1b0be4776b8cd82f
SHA256 ec2f4bdfc9cad11a1d747b92a7391249aae47f0fc4d95450aabb592d6a2c748f
SHA512 f956ae71f55161127ce3c9c93c49eaa8379bfb0cc90d57838d913054c48ec41638be114f65b06d209764e01c33960ab3d7aadbba2ab67c84e03f94f079fec17d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 19bf70bf0e6fc5674dc88ce0e4480e47
SHA1 1b23d0baed3131380646764d5391998dd6dba189
SHA256 db5fb2f63b3ca86279167d7ac9f510f541b1df273d8fb27fc927ace3db1f4329
SHA512 1f14bf119cb70b68e2be6d3b838a0957e4846dd3bafd02290002518de99b7d003ec00564787a0c47295b0017ed0a11f174fac49f72a25f452ef036172d512c53

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2fbd8ef1b37e1a354cc319688e9d171e
SHA1 06a9bc9b1ee4c5fe5862bc34f4af6d7bab2bdfd1
SHA256 9008be7d242d8b076aed580c4748b1ec965c51213085ba5a21cc0c2d22941821
SHA512 7d72d1add3ae3ef1f478164c6a5b9cd91b4e7017473d5aa9c7239f50b850dc5a0a83bfb04efb8dcf9c1ecd8c50d180d3f9626298651be29b94ccb80a94b22c7b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 166dec2224fda2dbc5621a3d5cb7f5f9
SHA1 d43eaac3b59e69f153784ab9bf4769f7e3e47343
SHA256 f7409a88aacc79fb175c920787e9f6c1197896fb8a307690198dcef3131f121c
SHA512 2af182235a28c24d2707d14885df9451c4cfd747b9c58b434abf6211b20d36259ddb1969c8499d23794565c6e7d9d84a17e8b8a2c77565a66ab2aca2b57b67f2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f709fa26665dbf7be8261676926900e3
SHA1 e86e992caaba46411bfb90b27323402e6a0122ca
SHA256 a82d112395d19d9becf3a357772cb3b9d3ee8510c52dcba67211b1d0e3dd3390
SHA512 d7934deb5247c9ffb3a852dde86c7863a656bb38cae77c1e44df9d5d6de90c6dec77ae6cb449bbc73c776cc57c3df7362bda958ff627f6693abf1734496455f9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 db5baa10e863548b126a1e7095b889c9
SHA1 468bc5e410009555491165d9d5bc5c80deefb3d8
SHA256 f8d7ab9b852872f699442102382f65e2e6c63d79ed3b825a1875027f1767317a
SHA512 684b098d3d80a89dc213ebee45b046fb88033e48d653e0cdaf9889cb917f3da9925d98cbddbaad2f4f71645a597268acc53d23ae102bc55b4da2b09d09777226

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 89c4d6202fe9e6d9b53c8d5b44a3acdb
SHA1 7d2dd61fd8bf668a163e8dbc6a753aef6c7471a9
SHA256 0405c950b153fc11fb111b55d0dac90847e727ffbb5bbb15656594a15180507f
SHA512 1ef78e4658acfd8036e5e629b5963a4d6dda4a09a9fb1247c292591343c6cbb037ce0ac7fec460669f0bb2bf088499071d4716d068ecf989f617b62db5e776ee

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 969ed233a08c11d242e8bf5f13f787a7
SHA1 5e45b006dcdc04b7e198e1a2e7bcfd7a13d949ca
SHA256 cb1cdf4b6b922fb919511f8c392c4b9443a0b92f39760aabb88222c8ea347fef
SHA512 2c25ac7973366e59d397789a7f1def9dad1955b4922d505569b2dbd778a98037fa30e7ce8808395bf8aaf6b00d51afacddec714cff2d386d22f32f28c5efe544

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 11fb4272a29531c4c7c0c144ebeade8b
SHA1 4036c3aa323ee1dae6997d8a3362e44f5692c49b
SHA256 71ee80e36f5ab6a77b59be441e868029378cb283aebb1a9b2981b04ed45c7652
SHA512 e7c48e436c15d61f48141c9dd1c8603a77d88ff786099fe424791fc92aa006615b12ac3d8cb03a4e9d27900d3d0741b7d65d51b051dd04f1df48848ef1225617

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 76e45020ea1d1e9a656e47849997990b
SHA1 a29d936714f0a4f0b3635f9947c64e7091bbc126
SHA256 5d95dc78c2efc1fc266ae1d21a4e11cb1f2af9d98e06fd1da843f8ffb2c782bf
SHA512 78a00e99d55357baceda1d6c90d3d64c0476b817d833320109ba116cb2d06a4893fd22a74e7432c5b7ff68b971ce41d4ac56d74bc085695d539423a290374c55

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2455c30c4815289c4a2c2c689eda1f8c
SHA1 39960bf9a02a480583687a1e8f2b4505a3eb9da8
SHA256 0d7f7090d4ea4a5f96d8072017ec24ecfac88565563becff97f0c2d9f0681a5a
SHA512 5742f847494464368d60fb290f1f1de4137f861ac6016d9b5a16efb707843889c361f8f0f17d181cc97fa597f3b1220d023994207686287ab965eda9dd3ea0ca

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 332d5aded1e6661e675411f5de4e1414
SHA1 adaf06d4c298aa32b2493a0b8fdda8a4f9c0c46e
SHA256 a571230b64542deba1eb7c7d3625988bb141edf835cdb18e38e91a022aa142df
SHA512 4db6bee0351b8ebfe8bc36fe85c384a1018f90aab77c1b51bc983e5e0a157229b62db7eebfca6701311c33ea5ccf416450e60fb0b0145bced410e6848329b045

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c40145c377b746f0430233b11297f4c7
SHA1 9e609616e32fce87d93fa39b6befcff392109dc3
SHA256 0b7c65c8402496f62e652598623c68622212bf20d74ebfac8a8be3aee7d81175
SHA512 91fb566cd1a46690845dbb00fc03aa3b11eada7a2e03be16fa93baaf9a50776605c0c4507ece6a25bc00fa4e7e5d6538a357c6e70876ce69ecdf149ed86fa299

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 189df9ae196e64c6e96a6a8112a16612
SHA1 46806d87b5562b40f72f3e574931bffab62449c5
SHA256 dede7aa3ee1703d20e42884b85dbeffb466a65fb53bdfc130854dba6a6e78f4e
SHA512 2ddb380b983620393f5f406b3c74efc8149c9238e9034ca12c77b11cda1b44654ef146ef05a7353aa464a55970e48ba6d14c9e580809954a28e4d71737911db0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e0625940538f543fe69e098809a3ed22
SHA1 1f0368d5aba7d9a98ce23f2169121230bf1b6e30
SHA256 08d01ea62be4b31b844be8da07fffe6ab305dbb1eff4b8494ec58e4086b53034
SHA512 ee315a9adbc96536bfba10c3d1612a4f5a70b1a544d97592ea0d3f22e445f37e33f0ef28096b7e00618eb240c8510f3faf2953712da56e48484cad994b3ab961

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0087eaadfa8d49bb744e48a316c0b022
SHA1 b4b351789fe81dbdd9f2001362f263117effa621
SHA256 82ba95a54aafe1752d5bd9013adfc983f2186f8f83a4dd3e88d0af12da0ec104
SHA512 e96cdd2077af3700e703d68f34442a6401dbf4861e5cc00e686a11f4528366037b0f726ab9a29340a2da1ef53cd7b65728c8bf66f73ad021c776b8a334e1086b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e1e96ddcb052cc301a4bf5249a1980ee
SHA1 5da0a99f4c3c5b457726d490c02e9a7dbf15f40f
SHA256 4f180a79d4d5ed6df24df199b2afd888a1c2da7a7a0fd987b381054c3b4b4b3a
SHA512 24e69a832096c93a594be56aef3409d72aed88db0e0b4b665f46ca6c47f5fd5c1ce7044555496c1e984e5ed00a8c1b4fe367a423d3aee15f0b7e2d55252640d5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2abc435f599e19a11ee4dcec97c64a99
SHA1 e48deea120e3658aae35e5d29f2691364cdca7c6
SHA256 f7c1281657e0ab71407066e65c060a0bb7e06e372844752d786d3bb948277095
SHA512 3f692d110ed9e74d3d5f42f77f4ef5f6bd85ba28b7881a2a1200cf9b987b5996a81baae2e4475538825676c059461c8ab07cc421ee9c918f0d5fa5d2721ae713

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0242f952170dedb609c86cd9544759ae
SHA1 3ee18174d2431b14b45cd4f5f8d6e23689935b71
SHA256 3aecab127a4a3ec819fb9d544a11f5591b95c36ec5267828935fdc0584c7537d
SHA512 8fef76c612b904b5c744defcaaa598726997cebfd5da376ad712111bffd8467540bbde09070fba406c59cb093f3309140acd3f2212e6aaff0dd20f9b63d9014c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 481644deb750274832e24f4abe58df80
SHA1 bf7582d26378eee108270624cf0b7c107cfdb182
SHA256 3c826edfa772c1d4a781b2324aff0458d6c94108fcf4258404b3fdefca6bc7db
SHA512 99fe944b4392030ecce96106f7e435a26673f63362ed8f77108bc60c8afebbfd1c3ec506b5631af22d923d818ac4b54aefbdde2393b457a8ff7d765d8651993b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 bd8a44cfec4dd6b503e616839c1667bd
SHA1 f3194751666a8e5033426003c389b799ef639a40
SHA256 f2577fc80e788b9ea22a237fead6d0a1fcbbc10d7b1ab788e09474089b1de61a
SHA512 98fcff7d30a9b2b4f50cf3ab3b7501e33a65792861bd6d722be67595b354d32c7e6ccc0a9a0c1f726994f96cc5f9ec1d74c0ac1e5c2719ff259c923f5ff99565

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1e2b641adf3fae9d6a5098c253830967
SHA1 b52ff3ef24a9bc194d4e346fd3aaa30672e50c91
SHA256 570541b9988b4f5b9f44ad7a33225992a05ab1bc5dd3ef0fdddde087ac518c32
SHA512 37f67f0d14d5f235445a1f7dbe50a84911ad4b6643f6257a1f95325833cd43642ee837add21e6afb0a7291655bffe77e736531b76b8fe437f129a9b5cfc38888

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 049e65be0992a9a80314558718547092
SHA1 0ad76b4b286312e258a49688591364791f368329
SHA256 18b1f53c7fdbdb2aa22472b397c682190f337607796cc527b003d1a21eefb121
SHA512 54b971d701658fbbfe1433e33fc14596bb9d9c721106da51daca68d8fd2653762aa3416ff145864bcf44313afc9931c8639f881e42d86d76b7782247f3560ef0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0b49ebd1545a61965d9bab5be8f890ec
SHA1 5381b6ddb4b2669bb511be012188d3999afe42dd
SHA256 549658f49803761a374e8f130d3a7f95c205715e2aecfbca4c07e3ba4368a122
SHA512 ada32e12dc566ca6ea9a72537701ec225e17de34617de1a6cdb2441be71b165287d29a3acb4980872d8f419258655de495c67e324add8008567d409d44d4e65b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 66b86d8443b943d8c659ce5f78686151
SHA1 c72c31cf2982b3a917ed5d85400b6be03d4ed6ff
SHA256 e926863be09ef6349616bab485cca42b66a7ebbac268562ceb0f9074d608aa12
SHA512 cbda70a4bdde876fff08ae25bb57f5f343823d4b8f638e94eff4bc828f5e9db0b263a16691849bd868543be082124f4ca8f4214463a5876dbe8e46f1cde449c9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a16582a406e3e39a24187474259e45d8
SHA1 fab4b0c87ba1253f47d26a6bfdfa87465a5283f7
SHA256 b608c0649fdca14d7acedd248a2e2e614741b500d87b0004068372a30e3f4100
SHA512 54b27d0ce1f242dd2c6129de9ec5b5ae9166b2eb73677b64c67330b3cc7641827b7b5da38d014980acc150175b29c3132d13f253af6939c3f419c43aed42098f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e14c50a0b2efcc5a6b5a67a3c65ed1a1
SHA1 4513d98a3453a3eac4a97b4a7105f14739d94d30
SHA256 ce02c12d9ccc51bb7bcf26916ee9dd16f8ad91a245b39ebd911d1a465c67f2b5
SHA512 05b04a90f520d2652a49f1b724869293b6d12fc0fcdbe12b1c924778beb8500a82e9e1e1170cf083d2edf658590cebf8dc6eaad70a7bcb16544e4486a8b167a8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ec81942c89df9e0aa165668ed3e1724d
SHA1 f1c126c7f22cfb5e4be4c1b5833c34e48467f6ca
SHA256 904efc5b1c14c1e3d7c1c562d64a94537b817033afa33fc8290b4356c5a4adf1
SHA512 29418871a26b05d054034f8df5972a2ff36bada503a1a13177e1b9d399c1df996137e6cd5d40874210ba34cc5837c2405c05b8169d536324a163eb3d09b0f29e

Analysis: behavioral8

Detonation Overview

Submitted

2024-08-31 14:05

Reported

2024-08-31 14:15

Platform

android-x86-arm-20240624-en

Max time kernel

50s

Max time network

44s

Command Line

com.android.chrome

Signatures

Checks CPU information

Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Processes

com.android.chrome

Network

Country Destination Domain Proto
US 1.1.1.1:53 webminer.pages.dev udp
US 172.66.47.98:443 webminer.pages.dev tcp
US 172.66.47.98:443 webminer.pages.dev tcp
US 1.1.1.1:53 update.googleapis.com udp
GB 216.58.213.3:443 update.googleapis.com tcp
GB 216.58.201.110:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 172.217.16.238:443 android.apis.google.com tcp
GB 142.250.178.10:443 tcp

Files

N/A

Analysis: behavioral7

Detonation Overview

Submitted

2024-08-31 14:05

Reported

2024-08-31 14:15

Platform

android-33-x64-arm64-20240624-en

Max time kernel

37s

Max time network

48s

Command Line

com.android.chrome

Signatures

Checks CPU information

Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Processes

com.android.chrome

Network

Country Destination Domain Proto
GB 142.250.187.228:443 udp
GB 142.250.187.228:443 tcp
N/A 224.0.0.251:5353 udp
GB 216.58.213.10:443 tcp
US 162.159.61.3:443 tcp
US 172.64.41.3:443 tcp
US 172.64.41.3:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
US 1.1.1.1:53 webminer.pages.dev udp
US 172.66.47.98:443 webminer.pages.dev tcp
US 172.66.47.98:443 webminer.pages.dev tcp
GB 142.250.179.238:443 android.apis.google.com tcp
US 172.66.47.98:443 webminer.pages.dev udp
US 1.1.1.1:53 accounts.google.com udp
BE 64.233.184.84:443 accounts.google.com tcp
US 1.1.1.1:53 www.google.com udp
US 1.1.1.1:53 www.google.com udp
GB 142.250.179.228:443 www.google.com tcp
US 1.1.1.1:53 chrome.cloudflare-dns.com udp
US 1.1.1.1:53 chrome.cloudflare-dns.com udp
US 1.1.1.1:53 chrome.cloudflare-dns.com udp
US 1.1.1.1:53 chrome.cloudflare-dns.com udp
US 1.1.1.1:53 chrome.cloudflare-dns.com udp
US 1.1.1.1:53 chrome.cloudflare-dns.com udp
US 162.159.61.3:443 chrome.cloudflare-dns.com tcp
US 162.159.61.3:443 chrome.cloudflare-dns.com tcp
US 172.64.41.3:443 chrome.cloudflare-dns.com tcp
US 172.64.41.3:443 chrome.cloudflare-dns.com tcp
US 172.64.41.3:443 chrome.cloudflare-dns.com tcp
US 172.64.41.3:443 chrome.cloudflare-dns.com tcp
US 162.159.61.3:443 chrome.cloudflare-dns.com tcp
US 172.64.41.3:443 chrome.cloudflare-dns.com tcp
US 1.1.1.1:53 update.googleapis.com udp
GB 142.250.187.195:443 update.googleapis.com tcp
GB 142.250.187.238:443 tcp
GB 142.250.187.238:443 tcp
US 1.1.1.1:53 remoteprovisioning.googleapis.com udp
GB 216.58.213.10:443 remoteprovisioning.googleapis.com tcp
US 1.1.1.1:53 gmscompliance-pa.googleapis.com udp
GB 216.58.204.74:443 gmscompliance-pa.googleapis.com tcp
US 172.64.41.3:443 chrome.cloudflare-dns.com udp
GB 142.250.187.234:443 gmscompliance-pa.googleapis.com tcp
US 1.1.1.1:53 rcs-acs-tmo-us.jibe.google.com udp
US 216.239.36.155:443 rcs-acs-tmo-us.jibe.google.com tcp
GB 142.250.187.228:443 udp
GB 142.250.178.4:443 tcp
GB 142.250.178.4:443 tcp

Files

N/A

Analysis: behavioral12

Detonation Overview

Submitted

2024-08-31 14:05

Reported

2024-08-31 14:18

Platform

ubuntu2204-amd64-20240729-en

Max time kernel

0s

Max time network

0s

Command Line

[xdg-open https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5]

Signatures

Enumerates kernel/hardware configuration

Description Indicator Process Target
File opened for reading /sys/module/apparmor/parameters/enabled /usr/bin/dbus-daemon N/A
File opened for reading /sys/kernel/security/apparmor/features/dbus/mask /usr/bin/dbus-daemon N/A

Reads runtime system information

Description Indicator Process Target
File opened for reading /proc/filesystems /usr/bin/sed N/A
File opened for reading /proc/sys/kernel/cap_last_cap /usr/bin/dbus-daemon N/A
File opened for reading /proc/1568/attr/apparmor/current /usr/bin/dbus-daemon N/A
File opened for reading /proc/1584/cmdline /usr/bin/dbus-daemon N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/filesystems /usr/bin/sed N/A
File opened for reading /proc/self/fd /usr/bin/dbus-send N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/filesystems /usr/bin/sed N/A
File opened for reading /proc/filesystems /usr/bin/dbus-daemon N/A
File opened for reading /proc/1568/status /usr/bin/dbus-daemon N/A
File opened for reading /proc/self/fd /usr/bin/dbus-send N/A
File opened for reading /proc/filesystems /usr/bin/sed N/A
File opened for reading /proc/1563/cmdline /usr/bin/dbus-daemon N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/filesystems /usr/bin/sed N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/mounts /usr/bin/dbus-daemon N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A

Processes

/usr/bin/xdg-open

[xdg-open https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5]

/usr/bin/dbus-send

[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]

/usr/bin/dbus-launch

[dbus-launch --autolaunch f2de92a803c744e586bd87567a26b68a --binary-syntax --close-stderr]

/usr/bin/dbus-daemon

[/usr/bin/dbus-daemon --syslog-only --fork --print-pid 5 --print-address 7 --session]

/usr/bin/grep

[grep = \"xfce4\"$]

/usr/bin/xprop

[xprop -root _DT_SAVE_MODE]

/usr/bin/grep

[grep -i ^xfce_desktop_window]

/usr/bin/xprop

[xprop -root]

/usr/bin/grep

[grep -q ^Enlightenment]

/usr/bin/uname

[uname]

/usr/bin/grep

[grep -q ^file://]

/usr/bin/egrep

[egrep -q ^[[:alpha:]+\.\-]+:]

/usr/local/sbin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/local/bin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/sbin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/bin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/bin/sed

[sed -n s/\(^[[:alnum:]+\.-]*\):.*$/\1/p]

/usr/bin/xdg-mime

[xdg-mime query default x-scheme-handler/https]

/usr/bin/dbus-send

[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]

/usr/bin/dbus-launch

[dbus-launch --autolaunch f2de92a803c744e586bd87567a26b68a --binary-syntax --close-stderr]

/usr/bin/grep

[grep = \"xfce4\"$]

/usr/bin/xprop

[xprop -root _DT_SAVE_MODE]

/usr/bin/grep

[grep -i ^xfce_desktop_window]

/usr/bin/xprop

[xprop -root]

/usr/bin/grep

[grep -q ^Enlightenment]

/usr/bin/uname

[uname]

/usr/bin/sed

[sed s/:/ /g]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/usr/bin/grep

[grep x-scheme-handler/https= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/usr/bin/grep

[grep x-scheme-handler/https= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/usr/bin/grep

[grep x-scheme-handler/https= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/usr/bin/grep

[grep x-scheme-handler/https= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/head

[head -n 1]

/usr/bin/grep

[grep x-scheme-handler/https= /usr/share//applications/defaults.list /usr/share//applications/mimeinfo.cache]

/usr/bin/sed

[sed s/:/ /g]

/usr/bin/sed

[sed -e s|-|/|]

/usr/bin/sed

[sed -e s|-|/|]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/which

[which firefox]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/cut

[cut -d= -f 2-]

/usr/bin/firefox

[/usr/bin/firefox https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5]

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

/root/.dbus/session-bus/f2de92a803c744e586bd87567a26b68a-0

MD5 5d4cc43e2576eede1f4d6e832681fd0c
SHA1 063f1540cd037d032612c55c8312fcf1069414d1
SHA256 3ae1e3adb6ba8e4c8bf7fe2b4fb4eec8297463c3581ff4668e15f3cd8f2b8ddb
SHA512 688f9c5986f08de1c8477327bc221faf6c6e0ae464131762ad99be1095ed7fd618cc12139e37f579f2759fab8acafcc88eb909200c883b187bc629e61404daed

Analysis: behavioral13

Detonation Overview

Submitted

2024-08-31 14:05

Reported

2024-08-31 14:18

Platform

ubuntu2404-amd64-20240729-en

Max time kernel

9s

Max time network

14s

Command Line

[xdg-open https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5]

Signatures

Changes its process name

Description Indicator Process Target
Changes the process name, possibly in an attempt to hide itself pool-spawner N/A N/A
Changes the process name, possibly in an attempt to hide itself gmain N/A N/A
Changes the process name, possibly in an attempt to hide itself dconf worker N/A N/A
Changes the process name, possibly in an attempt to hide itself pool-spawner N/A N/A
Changes the process name, possibly in an attempt to hide itself gmain N/A N/A
Changes the process name, possibly in an attempt to hide itself glean.dispatche N/A N/A
Changes the process name, possibly in an attempt to hide itself IPC I/O Parent N/A N/A
Changes the process name, possibly in an attempt to hide itself IPC I/O Parent N/A N/A
Changes the process name, possibly in an attempt to hide itself IPC I/O Parent N/A N/A
Changes the process name, possibly in an attempt to hide itself Timer N/A N/A
Changes the process name, possibly in an attempt to hide itself Timer N/A N/A
Changes the process name, possibly in an attempt to hide itself Netlink Monitor N/A N/A
Changes the process name, possibly in an attempt to hide itself Netlink Monitor N/A N/A
Changes the process name, possibly in an attempt to hide itself Socket Thread N/A N/A
Changes the process name, possibly in an attempt to hide itself Socket Thread N/A N/A
Changes the process name, possibly in an attempt to hide itself IPDL Background N/A N/A
Changes the process name, possibly in an attempt to hide itself IPDL Background N/A N/A
Changes the process name, possibly in an attempt to hide itself Backgro~Pool #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself Backgro~Pool #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself HTML5 Parser N/A N/A
Changes the process name, possibly in an attempt to hide itself HTML5 Parser N/A N/A
Changes the process name, possibly in an attempt to hide itself pool-firefox N/A N/A
Changes the process name, possibly in an attempt to hide itself pool-firefox N/A N/A
Changes the process name, possibly in an attempt to hide itself gdbus N/A N/A
Changes the process name, possibly in an attempt to hide itself JS Watchdog N/A N/A
Changes the process name, possibly in an attempt to hide itself JS Watchdog N/A N/A
Changes the process name, possibly in an attempt to hide itself BGReadURLs N/A N/A
Changes the process name, possibly in an attempt to hide itself BGReadURLs N/A N/A
Changes the process name, possibly in an attempt to hide itself Cache2 I/O N/A N/A
Changes the process name, possibly in an attempt to hide itself Cookie N/A N/A
Changes the process name, possibly in an attempt to hide itself Cookie N/A N/A
Changes the process name, possibly in an attempt to hide itself StreamTrans #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself StreamTrans #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself TaskCon~ller #0 N/A N/A
Changes the process name, possibly in an attempt to hide itself TaskCon~ller #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself BgIOThr~Pool #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself BgIOThr~Pool #2 N/A N/A
Changes the process name, possibly in an attempt to hide itself BgIOThr~Pool #2 N/A N/A
Changes the process name, possibly in an attempt to hide itself BgIOThr~Pool #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself StreamTrans #2 N/A N/A
Changes the process name, possibly in an attempt to hide itself StreamTrans #2 N/A N/A
Changes the process name, possibly in an attempt to hide itself StreamTrans #3 N/A N/A
Changes the process name, possibly in an attempt to hide itself StreamTrans #4 N/A N/A
Changes the process name, possibly in an attempt to hide itself StreamTrans #5 N/A N/A
Changes the process name, possibly in an attempt to hide itself StreamTrans #5 N/A N/A
Changes the process name, possibly in an attempt to hide itself StreamTrans #4 N/A N/A
Changes the process name, possibly in an attempt to hide itself StreamTrans #3 N/A N/A
Changes the process name, possibly in an attempt to hide itself StreamTrans #6 N/A N/A
Changes the process name, possibly in an attempt to hide itself StreamTrans #6 N/A N/A
Changes the process name, possibly in an attempt to hide itself StreamTrans #7 N/A N/A
Changes the process name, possibly in an attempt to hide itself StreamTrans #7 N/A N/A
Changes the process name, possibly in an attempt to hide itself StreamTrans #8 N/A N/A
Changes the process name, possibly in an attempt to hide itself StreamTrans #9 N/A N/A
Changes the process name, possibly in an attempt to hide itself StreamTrans #9 N/A N/A
Changes the process name, possibly in an attempt to hide itself StreamTrans #8 N/A N/A
Changes the process name, possibly in an attempt to hide itself StreamTrans #10 N/A N/A
Changes the process name, possibly in an attempt to hide itself StreamTrans #10 N/A N/A
Changes the process name, possibly in an attempt to hide itself StreamTrans #11 N/A N/A
Changes the process name, possibly in an attempt to hide itself StreamTrans #11 N/A N/A
Changes the process name, possibly in an attempt to hide itself QuotaManager IO N/A N/A
Changes the process name, possibly in an attempt to hide itself QuotaManager IO N/A N/A
Changes the process name, possibly in an attempt to hide itself IndexedDB IO #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself IndexedDB IO #1 N/A N/A
Changes the process name, possibly in an attempt to hide itself SandboxReporter N/A N/A

Checks CPU configuration

antivm
Description Indicator Process Target
File opened for reading /proc/cpuinfo /snap/firefox/4650/usr/lib/firefox/firefox N/A

Reads CPU attributes

Description Indicator Process Target
File opened for reading /sys/devices/system/cpu/present /snap/firefox/4650/usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/present /snap/firefox/4650/usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/possible /snap/firefox/4650/usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/present /snap/firefox/4650/usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/cpu0/cpu_capacity /snap/firefox/4650/usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/system/cpu/present /snap/firefox/4650/usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/cpu0/topology/core_cpus /snap/firefox/4650/usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/present /snap/firefox/4650/usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_max_freq /snap/firefox/4650/usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/cpu0/cache/index2/size /snap/firefox/4650/usr/lib/firefox/firefox N/A
File opened for reading /sys/devices/system/cpu/cpu0/cache/index3/size /snap/firefox/4650/usr/lib/firefox/firefox N/A

Enumerates kernel/hardware configuration

Description Indicator Process Target
File opened for reading /sys/fs/cgroup/system.slice/agent.service /snap/snapd/21759/usr/lib/snapd/snap-confine N/A
File opened for reading /sys/fs/cgroup/system.slice/systemd-networkd.service /snap/snapd/21759/usr/lib/snapd/snap-confine N/A
File opened for reading /sys/fs/cgroup/user.slice/user-0.slice /snap/snapd/21759/usr/lib/snapd/snap-confine N/A
File opened for reading /sys/fs/cgroup/user.slice/user-0.slice/[email protected]/app.slice /snap/snapd/21759/usr/lib/snapd/snap-confine N/A
File opened for reading /sys/fs/cgroup/user.slice/user-0.slice/[email protected]/session.slice/org.gnome.SettingsDaemon.Sharing.service /snap/snapd/21759/usr/lib/snapd/snap-confine N/A
File opened for reading /sys/kernel/mm/transparent_hugepage/hpage_pmd_size /usr/bin/snapctl N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/vendor /snap/firefox/4650/usr/lib/firefox/glxtest N/A
File opened for reading /sys/fs/cgroup /snap/snapd/21759/usr/lib/snapd/snap-confine N/A
File opened for reading /sys/fs/cgroup/sys-fs-fuse-connections.mount /snap/snapd/21759/usr/lib/snapd/snap-confine N/A
File opened for reading /sys/fs/cgroup/system.slice/boot.mount /snap/snapd/21759/usr/lib/snapd/snap-confine N/A
File opened for reading /sys/fs/cgroup/system.slice/snap-core22-1380.mount /snap/snapd/21759/usr/lib/snapd/snap-confine N/A
File opened for reading /sys/fs/cgroup/system.slice/snapd.service /snap/snapd/21759/usr/lib/snapd/snap-confine N/A
File opened for reading /sys/fs/cgroup/system.slice/systemd-journald.service /snap/snapd/21759/usr/lib/snapd/snap-confine N/A
File opened for reading /sys/fs/cgroup/user.slice/user-0.slice/[email protected]/app.slice/xdg-desktop-portal-gnome.service /snap/snapd/21759/usr/lib/snapd/snap-confine N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/vendor /snap/firefox/4650/usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/device /snap/firefox/4650/usr/lib/firefox/glxtest N/A
File opened for reading /sys/fs/cgroup/system.slice/kerneloops.service /snap/snapd/21759/usr/lib/snapd/snap-confine N/A
File opened for reading /sys/fs/cgroup/system.slice/packagekit.service /snap/snapd/21759/usr/lib/snapd/snap-confine N/A
File opened for reading /sys/fs/cgroup/system.slice/system-serial\x2dgetty.slice /snap/snapd/21759/usr/lib/snapd/snap-confine N/A
File opened for reading /sys/fs/cgroup/user.slice/user-0.slice/[email protected]/session.slice/gvfs-gphoto2-volume-monitor.service /snap/snapd/21759/usr/lib/snapd/snap-confine N/A
File opened for reading /sys/fs/cgroup/user.slice/user-0.slice/[email protected]/session.slice/gvfs-udisks2-volume-monitor.service /snap/snapd/21759/usr/lib/snapd/snap-confine N/A
File opened for reading /sys/fs/cgroup/user.slice/user-0.slice/[email protected]/session.slice/org.freedesktop.IBus.session.GNOME.service /snap/snapd/21759/usr/lib/snapd/snap-confine N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/vendor /snap/firefox/4650/usr/lib/firefox/glxtest N/A
File opened for reading /sys/kernel/security/apparmor/features/namespaces /snap/snapd/current/usr/bin/snap N/A
File opened for reading /sys/module/apparmor/parameters/enabled /snap/snapd/21759/usr/lib/snapd/snap-confine N/A
File opened for reading /sys/fs/cgroup/user.slice/user-0.slice/[email protected]/app.slice/dbus.socket /snap/snapd/21759/usr/lib/snapd/snap-confine N/A
File opened for reading /sys/bus/pci/devices/0000:00:04.0/class /snap/firefox/4650/usr/lib/firefox/glxtest N/A
File opened for reading /sys/kernel/security/apparmor/features/io_uring /snap/snapd/current/usr/bin/snap N/A
File opened for reading /sys/kernel/security/apparmor/features/ipc /snap/snapd/current/usr/bin/snap N/A
File opened for reading /sys/fs/cgroup/system.slice/systemd-timedated.service /snap/snapd/21759/usr/lib/snapd/snap-confine N/A
File opened for reading /sys/fs/cgroup/user.slice/user-0.slice/[email protected]/session.slice/gvfs-goa-volume-monitor.service /snap/snapd/21759/usr/lib/snapd/snap-confine N/A
File opened for reading /sys/kernel/mm/transparent_hugepage/hpage_pmd_size /usr/lib/snapd/snap-exec N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.0/vendor /snap/firefox/4650/usr/lib/firefox/glxtest N/A
File opened for reading /sys/fs/cgroup/sys-kernel-tracing.mount /snap/snapd/21759/usr/lib/snapd/snap-confine N/A
File opened for reading /sys/fs/cgroup/system.slice/auditd.service /snap/snapd/21759/usr/lib/snapd/snap-confine N/A
File opened for reading /sys/fs/cgroup/user.slice/user-0.slice/[email protected]/session.slice/org.gnome.SettingsDaemon.Datetime.service /snap/snapd/21759/usr/lib/snapd/snap-confine N/A
File opened for reading /sys/fs/cgroup/user.slice/user-0.slice/[email protected]/session.slice/org.gnome.SettingsDaemon.Smartcard.service /snap/snapd/21759/usr/lib/snapd/snap-confine N/A
File opened for reading /sys/kernel/mm/transparent_hugepage/hpage_pmd_size /usr/bin/snapctl N/A
File opened for reading /sys/kernel/security/apparmor/features/mount /snap/snapd/current/usr/bin/snap N/A
File opened for reading /sys/devices/pci0000:00/0000:00:02.0/drm/card1/uevent /snap/snapd/21759/usr/lib/snapd/snap-confine N/A
File opened for reading /sys/fs/cgroup/system.slice/cups-browsed.service /snap/snapd/21759/usr/lib/snapd/snap-confine N/A
File opened for reading /sys/bus/pci/devices/0000:00:01.1/device /snap/firefox/4650/usr/lib/firefox/glxtest N/A
File opened for reading /sys/kernel/security/apparmor/features/domain /snap/snapd/current/usr/bin/snap N/A
File opened for reading /sys/fs/cgroup/system.slice/ModemManager.service /snap/snapd/21759/usr/lib/snapd/snap-confine N/A
File opened for reading /sys/fs/cgroup/user.slice/user-0.slice/[email protected]/app.slice/evolution-source-registry.service /snap/snapd/21759/usr/lib/snapd/snap-confine N/A
File opened for reading /sys/fs/cgroup/user.slice/user-0.slice/[email protected]/session.slice/dbus.service /snap/snapd/21759/usr/lib/snapd/snap-confine N/A
File opened for reading /sys/bus/pci/devices/0000:00:05.0/device /snap/firefox/4650/usr/lib/firefox/glxtest N/A
File opened for reading /sys/bus/pci/devices/0000:00:00.0/vendor /snap/firefox/4650/usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/system/cpu /snap/firefox/4650/usr/lib/firefox/firefox N/A
File opened for reading /sys/kernel/security/apparmor/features/dbus/mask /usr/bin/dbus-daemon N/A
File opened for reading /sys/fs/cgroup/system.slice/multipathd.service /snap/snapd/21759/usr/lib/snapd/snap-confine N/A
File opened for reading /sys/fs/cgroup/system.slice/snap-snapd-21759.mount /snap/snapd/21759/usr/lib/snapd/snap-confine N/A
File opened for reading /sys/fs/cgroup/system.slice/ssh.socket /snap/snapd/21759/usr/lib/snapd/snap-confine N/A
File opened for reading /sys/fs/cgroup/user.slice/user-0.slice/[email protected]/app.slice/gnome-keyring-daemon.service /snap/snapd/21759/usr/lib/snapd/snap-confine N/A
File opened for reading /sys/fs/cgroup/user.slice/user-0.slice/[email protected]/background.slice /snap/snapd/21759/usr/lib/snapd/snap-confine N/A
File opened for reading /sys/fs/cgroup/user.slice/user-0.slice/[email protected]/session.slice /snap/snapd/21759/usr/lib/snapd/snap-confine N/A
File opened for reading /sys/fs/cgroup/user.slice/user-0.slice/[email protected]/app.slice/app-org.gnome.Terminal.slice/gnome-terminal-server.service /snap/snapd/21759/usr/lib/snapd/snap-confine N/A
File opened for reading /sys/fs/cgroup/user.slice/user-0.slice/[email protected]/session.slice/org.gnome.SettingsDaemon.MediaKeys.service /snap/snapd/21759/usr/lib/snapd/snap-confine N/A
File opened for reading /sys/fs/cgroup/user.slice/user-0.slice/[email protected]/session.slice/org.gnome.SettingsDaemon.Sound.service /snap/snapd/21759/usr/lib/snapd/snap-confine N/A
File opened for reading /sys/bus/pci/devices/0000:00:06.0/class /snap/firefox/4650/usr/lib/firefox/glxtest N/A
File opened for reading /sys/devices/system/cpu /snap/firefox/4650/usr/lib/firefox/firefox N/A
File opened for reading /sys/kernel/security/apparmor/features/dbus /snap/snapd/current/usr/bin/snap N/A
File opened for reading /sys/fs/cgroup/system.slice/var-snap-firefox-common-host\x2dhunspell.mount /snap/snapd/21759/usr/lib/snapd/snap-confine N/A
File opened for reading /sys/fs/cgroup/user.slice/user-0.slice/[email protected]/app.slice/xdg-desktop-portal-gtk.service /snap/snapd/21759/usr/lib/snapd/snap-confine N/A

Reads runtime system information

Description Indicator Process Target
File opened for reading /proc/2516/attr/apparmor/current /usr/bin/dbus-daemon N/A
File opened for reading /proc/self/fd/38 /snap/firefox/4650/usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/13 /snap/firefox/4650/usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /snap/firefox/4650/usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd /usr/bin/dbus-send N/A
File opened for reading /proc/self/mounts /snap/snapd/current/usr/bin/snap N/A
File opened for reading /proc/self/maps /snap/firefox/4650/usr/lib/firefox/firefox N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/mounts /usr/bin/dbus-daemon N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/2587/cmdline /usr/bin/dbus-daemon N/A
File opened for reading /proc/self/fd/32 /snap/firefox/4650/usr/lib/firefox/firefox N/A
File opened for reading /proc/self/maps /snap/firefox/4650/usr/lib/firefox/firefox N/A
File opened for reading /proc/self/task/2848/stat /snap/firefox/4650/usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /usr/bin/dbus-daemon N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/filesystems /usr/bin/gsettings N/A
File opened for reading /proc/cmdline /snap/bin/firefox N/A
File opened for reading /proc/sys/kernel/random/uuid /snap/snapd/current/usr/bin/snap N/A
File opened for reading /proc/self/cgroup /snap/snapd/21759/usr/lib/snapd/snap-confine N/A
File opened for reading /proc/self/fd/52 /snap/firefox/4650/usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /snap/firefox/4650/usr/lib/firefox/firefox N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/mountinfo /snap/firefox/4650/usr/lib/firefox/firefox N/A
File opened for reading /proc/self/maps /snap/firefox/4650/usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /snap/firefox/4650/usr/lib/firefox/firefox N/A
File opened for reading /proc/self/stat /snap/firefox/4650/usr/lib/firefox/firefox N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/filesystems /snap/firefox/4650/usr/lib/firefox/glxtest N/A
File opened for reading /proc/self/fd/53 /snap/firefox/4650/usr/lib/firefox/firefox N/A
File opened for reading /proc/filesystems /snap/firefox/4650/usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/34 /snap/firefox/4650/usr/lib/firefox/firefox N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/task/2907/stat /snap/firefox/4650/usr/lib/firefox/firefox N/A
File opened for reading /proc/self/cgroup /snap/firefox/4650/usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd/76 /snap/firefox/4650/usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd /usr/bin/dbus-send N/A
File opened for reading /proc/2510/cmdline /usr/bin/dbus-daemon N/A
File opened for reading /proc/filesystems /usr/bin/gsettings N/A
File opened for reading /proc/self/mountinfo /snap/snapd/current/usr/bin/snap N/A
File opened for reading /proc/self/fd/9 /snap/snapd/21759/usr/lib/snapd/snap-confine N/A
File opened for reading /proc/self/fd/11 /snap/snapd/21759/usr/lib/snapd/snap-confine N/A
File opened for reading /proc/self/fd /usr/bin/dbus-send N/A
File opened for reading /proc/filesystems /usr/bin/sed N/A
File opened for reading /proc/cgroups /snap/bin/firefox N/A
File opened for reading /proc/cmdline /snap/snapd/21759/usr/lib/snapd/snap-confine N/A
File opened for reading /proc/filesystems /usr/bin/mkdir N/A
File opened for reading /proc/self/stat /snap/firefox/4650/usr/lib/firefox/firefox N/A
File opened for reading /proc/2532/cmdline /usr/bin/dbus-daemon N/A
File opened for reading /proc/filesystems /usr/bin/sed N/A
File opened for reading /proc/cmdline /snap/snapd/current/usr/bin/snap N/A
File opened for reading /proc/filesystems /snap/firefox/4650/usr/lib/firefox/firefox N/A
File opened for reading /proc/self/fd /usr/bin/dbus-daemon N/A
File opened for reading /proc/filesystems /usr/bin/sed N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/mounts /snap/bin/firefox N/A
File opened for reading /proc/cgroups /snap/snapd/current/usr/bin/snap N/A
File opened for reading /proc/self/maps /usr/bin/grep N/A
File opened for reading /proc/self/fd/12 /snap/snapd/21759/usr/lib/snapd/snap-confine N/A

Writes file to tmp directory

Description Indicator Process Target
File opened for modification /tmp/firefox/.parentlock /snap/firefox/4650/usr/lib/firefox/firefox N/A

Processes

/usr/bin/xdg-open

[xdg-open https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5]

/usr/bin/dbus-send

[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]

/usr/bin/dbus-launch

[dbus-launch --autolaunch 36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/usr/bin/dbus-daemon

[/usr/bin/dbus-daemon --syslog-only --fork --print-pid 5 --print-address 7 --session]

/usr/bin/xprop

[xprop -root _DT_SAVE_MODE]

/usr/bin/grep

[grep = \"xfce4\"$]

/usr/bin/xprop

[xprop -root]

/usr/bin/grep

[grep -i ^xfce_desktop_window]

/usr/bin/grep

[grep -q ^Enlightenment]

/usr/bin/uname

[uname]

/usr/bin/grep

[grep -q ^file://]

/usr/bin/egrep

[egrep -q ^[[:alpha:]+\.\-]+:]

/usr/local/sbin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/local/bin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/sbin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/bin/grep

[grep -E -q ^[[:alpha:]+\.\-]+:]

/usr/bin/sed

[sed -n s/\(^[[:alnum:]+\.-]*\):.*$/\1/p]

/usr/bin/xdg-mime

[xdg-mime query default x-scheme-handler/https]

/usr/bin/dbus-send

[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]

/usr/bin/dbus-launch

[dbus-launch --autolaunch 36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/usr/bin/xprop

[xprop -root _DT_SAVE_MODE]

/usr/bin/grep

[grep = \"xfce4\"$]

/usr/bin/xprop

[xprop -root]

/usr/bin/grep

[grep -i ^xfce_desktop_window]

/usr/bin/grep

[grep -q ^Enlightenment]

/usr/bin/uname

[uname]

/usr/bin/sed

[sed s/:/ /g]

/usr/bin/grep

[grep x-scheme-handler/https= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]

/usr/bin/head

[head -n 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/grep

[grep x-scheme-handler/https= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]

/usr/bin/head

[head -n 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/grep

[grep x-scheme-handler/https= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]

/usr/bin/head

[head -n 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/grep

[grep x-scheme-handler/https= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]

/usr/bin/head

[head -n 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/grep

[grep x-scheme-handler/https= /usr/share//applications/defaults.list /usr/share//applications/mimeinfo.cache]

/usr/bin/head

[head -n 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/grep

[grep x-scheme-handler/https= /usr/share//applications/defaults.list /usr/share//applications/mimeinfo.cache]

/usr/bin/head

[head -n 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/sed

[sed s/:/ /g]

/usr/bin/grep

[grep -l x-scheme-handler/https; /.local/share/applications/*.desktop]

/usr/bin/grep

[grep -l x-scheme-handler/https; /usr/local/share//applications/*.desktop]

/usr/bin/grep

[grep -l x-scheme-handler/https; /usr/share//applications/apport-gtk.desktop /usr/share//applications/bluetooth-sendto.desktop /usr/share//applications/display-im6.q16.desktop /usr/share//applications/gcr-prompter.desktop /usr/share//applications/gcr-viewer.desktop /usr/share//applications/geoclue-demo-agent.desktop /usr/share//applications/gkbd-keyboard-display.desktop /usr/share//applications/gnome-about-panel.desktop /usr/share//applications/gnome-applications-panel.desktop /usr/share//applications/gnome-background-panel.desktop /usr/share//applications/gnome-bluetooth-panel.desktop /usr/share//applications/gnome-color-panel.desktop /usr/share//applications/gnome-datetime-panel.desktop /usr/share//applications/gnome-disk-image-mounter.desktop /usr/share//applications/gnome-disk-image-writer.desktop /usr/share//applications/gnome-display-panel.desktop /usr/share//applications/gnome-initial-setup.desktop /usr/share//applications/gnome-keyboard-panel.desktop /usr/share//applications/gnome-language-selector.desktop /usr/share//applications/gnome-mouse-panel.desktop /usr/share//applications/gnome-multitasking-panel.desktop /usr/share//applications/gnome-network-panel.desktop /usr/share//applications/gnome-notifications-panel.desktop /usr/share//applications/gnome-online-accounts-panel.desktop /usr/share//applications/gnome-power-panel.desktop /usr/share//applications/gnome-printers-panel.desktop /usr/share//applications/gnome-privacy-panel.desktop /usr/share//applications/gnome-region-panel.desktop /usr/share//applications/gnome-search-panel.desktop /usr/share//applications/gnome-session-properties.desktop /usr/share//applications/gnome-sharing-panel.desktop /usr/share//applications/gnome-sound-panel.desktop /usr/share//applications/gnome-system-monitor-kde.desktop /usr/share//applications/gnome-system-panel.desktop /usr/share//applications/gnome-ubuntu-panel.desktop /usr/share//applications/gnome-universal-access-panel.desktop /usr/share//applications/gnome-users-panel.desktop /usr/share//applications/gnome-wacom-panel.desktop /usr/share//applications/gnome-wifi-panel.desktop /usr/share//applications/gnome-wwan-panel.desktop /usr/share//applications/hplj1020.desktop /usr/share//applications/ibus-setup-table.desktop /usr/share//applications/im-config.desktop /usr/share//applications/io.snapcraft.SessionAgent.desktop /usr/share//applications/libreoffice-calc.desktop /usr/share//applications/libreoffice-draw.desktop /usr/share//applications/libreoffice-impress.desktop /usr/share//applications/libreoffice-math.desktop /usr/share//applications/libreoffice-startcenter.desktop /usr/share//applications/libreoffice-writer.desktop /usr/share//applications/libreoffice-xsltfilter.desktop /usr/share//applications/nautilus-autorun-software.desktop /usr/share//applications/nm-applet.desktop /usr/share//applications/nm-connection-editor.desktop /usr/share//applications/org.freedesktop.IBus.Panel.Emojier.desktop /usr/share//applications/org.freedesktop.IBus.Panel.Extension.Gtk3.desktop /usr/share//applications/org.freedesktop.IBus.Panel.Wayland.Gtk3.desktop /usr/share//applications/org.freedesktop.IBus.Setup.desktop /usr/share//applications/org.freedesktop.Xwayland.desktop /usr/share//applications/org.gnome.Calculator.desktop /usr/share//applications/org.gnome.Calendar.desktop /usr/share//applications/org.gnome.Characters.desktop /usr/share//applications/org.gnome.DejaDup.desktop /usr/share//applications/org.gnome.DiskUtility.desktop /usr/share//applications/org.gnome.Evince-previewer.desktop /usr/share//applications/org.gnome.Evince.desktop /usr/share//applications/org.gnome.Evolution-alarm-notify.desktop /usr/share//applications/org.gnome.FileRoller.desktop /usr/share//applications/org.gnome.Logs.desktop /usr/share//applications/org.gnome.Nautilus.desktop /usr/share//applications/org.gnome.OnlineAccounts.OAuth2.desktop /usr/share//applications/org.gnome.PowerStats.desktop /usr/share//applications/org.gnome.RemoteDesktop.Handover.desktop /usr/share//applications/org.gnome.Rhythmbox3.desktop /usr/share//applications/org.gnome.Rhythmbox3.device.desktop /usr/share//applications/org.gnome.Settings.desktop /usr/share//applications/org.gnome.Shell.Extensions.desktop /usr/share//applications/org.gnome.Shell.PortalHelper.desktop /usr/share//applications/org.gnome.Shell.desktop /usr/share//applications/org.gnome.Shotwell-Viewer.desktop /usr/share//applications/org.gnome.Shotwell.Auth.desktop /usr/share//applications/org.gnome.Shotwell.desktop /usr/share//applications/org.gnome.Snapshot.desktop /usr/share//applications/org.gnome.SystemMonitor.desktop /usr/share//applications/org.gnome.Tecla.desktop /usr/share//applications/org.gnome.Terminal.Preferences.desktop /usr/share//applications/org.gnome.Terminal.desktop /usr/share//applications/org.gnome.TextEditor.desktop /usr/share//applications/org.gnome.Totem.desktop /usr/share//applications/org.gnome.Zenity.desktop /usr/share//applications/org.gnome.baobab.desktop /usr/share//applications/org.gnome.clocks.desktop /usr/share//applications/org.gnome.eog.desktop /usr/share//applications/org.gnome.evolution-data-server.OAuth2-handler.desktop /usr/share//applications/org.gnome.font-viewer.desktop /usr/share//applications/org.gnome.seahorse.Application.desktop /usr/share//applications/org.remmina.Remmina-file.desktop /usr/share//applications/org.remmina.Remmina.desktop /usr/share//applications/python3.12.desktop /usr/share//applications/remmina-gnome.desktop /usr/share//applications/rygel.desktop /usr/share//applications/simple-scan.desktop /usr/share//applications/snap-handle-link.desktop /usr/share//applications/software-properties-drivers.desktop /usr/share//applications/software-properties-gtk.desktop /usr/share//applications/software-properties-livepatch.desktop /usr/share//applications/thunderbird.desktop /usr/share//applications/transmission-gtk.desktop /usr/share//applications/update-manager.desktop /usr/share//applications/usb-creator-gtk.desktop /usr/share//applications/xdg-desktop-portal-gnome.desktop /usr/share//applications/xdg-desktop-portal-gtk.desktop /usr/share//applications/yelp.desktop]

/usr/bin/grep

[grep -q %s]

/usr/bin/x-www-browser

[x-www-browser https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5]

/usr/bin/xdg-settings

[xdg-settings get default-web-browser]

/usr/bin/dbus-send

[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]

/usr/bin/dbus-launch

[dbus-launch --autolaunch 36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/usr/bin/xprop

[xprop -root _DT_SAVE_MODE]

/usr/bin/grep

[grep = \"xfce4\"$]

/usr/bin/xprop

[xprop -root]

/usr/bin/grep

[grep -i ^xfce_desktop_window]

/usr/bin/grep

[grep -q ^Enlightenment]

/usr/bin/uname

[uname]

/usr/bin/xdg-mime

[xdg-mime query default x-scheme-handler/http]

/usr/bin/dbus-send

[dbus-send --print-reply --dest=org.freedesktop.DBus /org/freedesktop/DBus org.freedesktop.DBus.GetNameOwner string:org.gnome.SessionManager]

/usr/bin/dbus-launch

[dbus-launch --autolaunch 36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/usr/bin/xprop

[xprop -root _DT_SAVE_MODE]

/usr/bin/grep

[grep = \"xfce4\"$]

/usr/bin/xprop

[xprop -root]

/usr/bin/grep

[grep -i ^xfce_desktop_window]

/usr/bin/grep

[grep -q ^Enlightenment]

/usr/bin/uname

[uname]

/usr/bin/sed

[sed s/:/ /g]

/usr/bin/grep

[grep x-scheme-handler/http= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]

/usr/bin/head

[head -n 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/grep

[grep x-scheme-handler/http= /.local/share/applications/defaults.list /.local/share/applications/mimeinfo.cache]

/usr/bin/head

[head -n 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/grep

[grep x-scheme-handler/http= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]

/usr/bin/head

[head -n 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/grep

[grep x-scheme-handler/http= /usr/local/share//applications/defaults.list /usr/local/share//applications/mimeinfo.cache]

/usr/bin/head

[head -n 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/grep

[grep x-scheme-handler/http= /usr/share//applications/defaults.list /usr/share//applications/mimeinfo.cache]

/usr/bin/head

[head -n 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/grep

[grep x-scheme-handler/http= /usr/share//applications/defaults.list /usr/share//applications/mimeinfo.cache]

/usr/bin/head

[head -n 1]

/usr/bin/cut

[cut -d = -f 2]

/usr/bin/cut

[cut -d ; -f 1]

/usr/bin/sed

[sed s/:/ /g]

/usr/bin/grep

[grep -l x-scheme-handler/http; /.local/share/applications/*.desktop]

/usr/bin/grep

[grep -l x-scheme-handler/http; /usr/local/share//applications/*.desktop]

/usr/bin/grep

[grep -l x-scheme-handler/http; /usr/share//applications/apport-gtk.desktop /usr/share//applications/bluetooth-sendto.desktop /usr/share//applications/display-im6.q16.desktop /usr/share//applications/gcr-prompter.desktop /usr/share//applications/gcr-viewer.desktop /usr/share//applications/geoclue-demo-agent.desktop /usr/share//applications/gkbd-keyboard-display.desktop /usr/share//applications/gnome-about-panel.desktop /usr/share//applications/gnome-applications-panel.desktop /usr/share//applications/gnome-background-panel.desktop /usr/share//applications/gnome-bluetooth-panel.desktop /usr/share//applications/gnome-color-panel.desktop /usr/share//applications/gnome-datetime-panel.desktop /usr/share//applications/gnome-disk-image-mounter.desktop /usr/share//applications/gnome-disk-image-writer.desktop /usr/share//applications/gnome-display-panel.desktop /usr/share//applications/gnome-initial-setup.desktop /usr/share//applications/gnome-keyboard-panel.desktop /usr/share//applications/gnome-language-selector.desktop /usr/share//applications/gnome-mouse-panel.desktop /usr/share//applications/gnome-multitasking-panel.desktop /usr/share//applications/gnome-network-panel.desktop /usr/share//applications/gnome-notifications-panel.desktop /usr/share//applications/gnome-online-accounts-panel.desktop /usr/share//applications/gnome-power-panel.desktop /usr/share//applications/gnome-printers-panel.desktop /usr/share//applications/gnome-privacy-panel.desktop /usr/share//applications/gnome-region-panel.desktop /usr/share//applications/gnome-search-panel.desktop /usr/share//applications/gnome-session-properties.desktop /usr/share//applications/gnome-sharing-panel.desktop /usr/share//applications/gnome-sound-panel.desktop /usr/share//applications/gnome-system-monitor-kde.desktop /usr/share//applications/gnome-system-panel.desktop /usr/share//applications/gnome-ubuntu-panel.desktop /usr/share//applications/gnome-universal-access-panel.desktop /usr/share//applications/gnome-users-panel.desktop /usr/share//applications/gnome-wacom-panel.desktop /usr/share//applications/gnome-wifi-panel.desktop /usr/share//applications/gnome-wwan-panel.desktop /usr/share//applications/hplj1020.desktop /usr/share//applications/ibus-setup-table.desktop /usr/share//applications/im-config.desktop /usr/share//applications/io.snapcraft.SessionAgent.desktop /usr/share//applications/libreoffice-calc.desktop /usr/share//applications/libreoffice-draw.desktop /usr/share//applications/libreoffice-impress.desktop /usr/share//applications/libreoffice-math.desktop /usr/share//applications/libreoffice-startcenter.desktop /usr/share//applications/libreoffice-writer.desktop /usr/share//applications/libreoffice-xsltfilter.desktop /usr/share//applications/nautilus-autorun-software.desktop /usr/share//applications/nm-applet.desktop /usr/share//applications/nm-connection-editor.desktop /usr/share//applications/org.freedesktop.IBus.Panel.Emojier.desktop /usr/share//applications/org.freedesktop.IBus.Panel.Extension.Gtk3.desktop /usr/share//applications/org.freedesktop.IBus.Panel.Wayland.Gtk3.desktop /usr/share//applications/org.freedesktop.IBus.Setup.desktop /usr/share//applications/org.freedesktop.Xwayland.desktop /usr/share//applications/org.gnome.Calculator.desktop /usr/share//applications/org.gnome.Calendar.desktop /usr/share//applications/org.gnome.Characters.desktop /usr/share//applications/org.gnome.DejaDup.desktop /usr/share//applications/org.gnome.DiskUtility.desktop /usr/share//applications/org.gnome.Evince-previewer.desktop /usr/share//applications/org.gnome.Evince.desktop /usr/share//applications/org.gnome.Evolution-alarm-notify.desktop /usr/share//applications/org.gnome.FileRoller.desktop /usr/share//applications/org.gnome.Logs.desktop /usr/share//applications/org.gnome.Nautilus.desktop /usr/share//applications/org.gnome.OnlineAccounts.OAuth2.desktop /usr/share//applications/org.gnome.PowerStats.desktop /usr/share//applications/org.gnome.RemoteDesktop.Handover.desktop /usr/share//applications/org.gnome.Rhythmbox3.desktop /usr/share//applications/org.gnome.Rhythmbox3.device.desktop /usr/share//applications/org.gnome.Settings.desktop /usr/share//applications/org.gnome.Shell.Extensions.desktop /usr/share//applications/org.gnome.Shell.PortalHelper.desktop /usr/share//applications/org.gnome.Shell.desktop /usr/share//applications/org.gnome.Shotwell-Viewer.desktop /usr/share//applications/org.gnome.Shotwell.Auth.desktop /usr/share//applications/org.gnome.Shotwell.desktop /usr/share//applications/org.gnome.Snapshot.desktop /usr/share//applications/org.gnome.SystemMonitor.desktop /usr/share//applications/org.gnome.Tecla.desktop /usr/share//applications/org.gnome.Terminal.Preferences.desktop /usr/share//applications/org.gnome.Terminal.desktop /usr/share//applications/org.gnome.TextEditor.desktop /usr/share//applications/org.gnome.Totem.desktop /usr/share//applications/org.gnome.Zenity.desktop /usr/share//applications/org.gnome.baobab.desktop /usr/share//applications/org.gnome.clocks.desktop /usr/share//applications/org.gnome.eog.desktop /usr/share//applications/org.gnome.evolution-data-server.OAuth2-handler.desktop /usr/share//applications/org.gnome.font-viewer.desktop /usr/share//applications/org.gnome.seahorse.Application.desktop /usr/share//applications/org.remmina.Remmina-file.desktop /usr/share//applications/org.remmina.Remmina.desktop /usr/share//applications/python3.12.desktop /usr/share//applications/remmina-gnome.desktop /usr/share//applications/rygel.desktop /usr/share//applications/simple-scan.desktop /usr/share//applications/snap-handle-link.desktop /usr/share//applications/software-properties-drivers.desktop /usr/share//applications/software-properties-gtk.desktop /usr/share//applications/software-properties-livepatch.desktop /usr/share//applications/thunderbird.desktop /usr/share//applications/transmission-gtk.desktop /usr/share//applications/update-manager.desktop /usr/share//applications/usb-creator-gtk.desktop /usr/share//applications/xdg-desktop-portal-gnome.desktop /usr/share//applications/xdg-desktop-portal-gtk.desktop /usr/share//applications/yelp.desktop]

/usr/bin/gsettings

[gsettings get org.gnome.shell favorite-apps]

/usr/bin/grep

[grep -q 'firefox.desktop']

/usr/bin/gsettings

[gsettings get com.canonical.Unity.Launcher favorites]

/usr/bin/grep

[grep -q 'application://firefox.desktop']

/usr/bin/gsettings

[gsettings get org.mate.panel object-id-list]

/usr/bin/which

[which qdbus]

/snap/bin/firefox

[/snap/bin/firefox https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5]

/snap/snapd/current/usr/bin/snap

[/snap/bin/firefox https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5]

/snap/snapd/21759/usr/lib/snapd/snap-seccomp

[/snap/snapd/21759/usr/lib/snapd/snap-seccomp version-info]

/snap/snapd/21759/usr/lib/snapd/snap-confine

[/snap/snapd/21759/usr/lib/snapd/snap-confine --base core22 snap.firefox.firefox /usr/lib/snapd/snap-exec firefox https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5]

/usr/lib/snapd/snap-exec

[/usr/lib/snapd/snap-exec firefox https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5]

/snap/firefox/4650/snap/command-chain/desktop-launch

[/snap/firefox/4650/snap/command-chain/desktop-launch /snap/firefox/4650/firefox.launcher https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5]

/usr/bin/date

[date +%s.%N]

/usr/bin/chmod

[chmod 700 /root/snap/firefox/4650/.config]

/usr/bin/md5sum

[md5sum]

/usr/bin/cat

[cat /root/snap/firefox/4650/.config/user-dirs.dirs.md5sum]

/usr/bin/md5sum

[md5sum]

/usr/bin/cat

[cat /root/snap/firefox/4650/.config/user-dirs.locale.md5sum]

/usr/bin/grep

[grep -qs ^\s*confinement:\s*classic\s* /snap/firefox/4650/meta/snap.yaml]

/usr/bin/snapctl

[snapctl is-connected gnome-42-2204]

/usr/bin/snapctl

[snapctl is-connected gsettings]

/usr/bin/mkdir

[mkdir -p /run/user/0/snap.firefox -m 700]

/usr/bin/realpath

[realpath /root/snap/firefox/4650/.config]

/usr/bin/realpath

[realpath /root/snap/firefox/common]

/usr/bin/mkdir

[mkdir -p /run/user/0/snap.firefox/dconf]

/usr/bin/ln

[ln -sf ../../dconf/user /run/user/0/snap.firefox/dconf/user]

/usr/bin/rm

[rm -rf /root/snap/firefox/4650/.config/ibus/bus]

/usr/bin/ln

[ln -sfn /root/.config/ibus/bus /root/snap/firefox/4650/.config/ibus]

/snap/firefox/4650/firefox.launcher

[/snap/firefox/4650/firefox.launcher https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5]

/snap/firefox/4650/usr/lib/firefox/firefox

[/snap/firefox/4650/usr/lib/firefox/firefox https://webminer.pages.dev?algorithm=yespowerurx&host=yespowerURX.sea.mine.zpool.ca&port=6236&worker=DSvLZDmch7n5X3RwfgXs6pncT2BEToPQxv&password=c%3DDOGE%2Czap%3DURX&workers=1.5]

/usr/bin/snapctl

[/usr/bin/snapctl is-connected]

/usr/bin/snapctl

[/usr/bin/snapctl is-connected gsettings]

/snap/firefox/4650/usr/sbin/dbus-launch

[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/snap/firefox/4650/usr/bin/dbus-launch

[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/snap/firefox/4650/sbin/dbus-launch

[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/snap/firefox/4650/bin/dbus-launch

[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/usr/local/sbin/dbus-launch

[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/usr/local/bin/dbus-launch

[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/usr/sbin/dbus-launch

[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/usr/bin/dbus-launch

[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/sbin/dbus-launch

[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/bin/dbus-launch

[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/usr/games/dbus-launch

[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/usr/local/games/dbus-launch

[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/snap/firefox/4650/gnome-platform/usr/bin/dbus-launch

[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/snap/firefox/4650/usr/lib/firefox/glxtest

[/snap/firefox/4650/usr/lib/firefox/glxtest -f 14]

/snap/firefox/4650/usr/lib/firefox/firefox

[/snap/firefox/4650/usr/lib/firefox/firefox -contentproc -parentBuildID 20240725233834 -prefsLen 21054 -prefMapSize 245122 -appDir /snap/firefox/4650/usr/lib/firefox/browser {8052a7d1-1119-4adb-b90b-1d0da897568a} 2585 true socket]

/snap/firefox/4650/usr/sbin/dbus-launch

[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/snap/firefox/4650/usr/bin/dbus-launch

[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/snap/firefox/4650/sbin/dbus-launch

[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/snap/firefox/4650/bin/dbus-launch

[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/usr/local/sbin/dbus-launch

[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/usr/local/bin/dbus-launch

[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/usr/sbin/dbus-launch

[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/usr/bin/dbus-launch

[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/sbin/dbus-launch

[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/bin/dbus-launch

[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/usr/games/dbus-launch

[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/usr/local/games/dbus-launch

[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/snap/firefox/4650/gnome-platform/usr/bin/dbus-launch

[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/snap/firefox/4650/usr/sbin/dbus-launch

[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/snap/firefox/4650/usr/bin/dbus-launch

[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/snap/firefox/4650/sbin/dbus-launch

[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/snap/firefox/4650/bin/dbus-launch

[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/usr/local/sbin/dbus-launch

[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/usr/local/bin/dbus-launch

[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/usr/sbin/dbus-launch

[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/usr/bin/dbus-launch

[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/sbin/dbus-launch

[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/bin/dbus-launch

[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/usr/games/dbus-launch

[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/usr/local/games/dbus-launch

[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/snap/firefox/4650/gnome-platform/usr/bin/dbus-launch

[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/snap/firefox/4650/usr/sbin/dbus-launch

[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/snap/firefox/4650/usr/bin/dbus-launch

[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/snap/firefox/4650/sbin/dbus-launch

[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/snap/firefox/4650/bin/dbus-launch

[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/usr/local/sbin/dbus-launch

[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/usr/local/bin/dbus-launch

[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/usr/sbin/dbus-launch

[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/usr/bin/dbus-launch

[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/sbin/dbus-launch

[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/bin/dbus-launch

[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/usr/games/dbus-launch

[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/usr/local/games/dbus-launch

[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/snap/firefox/4650/gnome-platform/usr/bin/dbus-launch

[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/snap/firefox/4650/usr/sbin/dbus-launch

[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/snap/firefox/4650/usr/bin/dbus-launch

[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/snap/firefox/4650/sbin/dbus-launch

[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/snap/firefox/4650/bin/dbus-launch

[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/usr/local/sbin/dbus-launch

[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/usr/local/bin/dbus-launch

[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/usr/sbin/dbus-launch

[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/usr/bin/dbus-launch

[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/sbin/dbus-launch

[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/bin/dbus-launch

[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/usr/games/dbus-launch

[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/usr/local/games/dbus-launch

[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/snap/firefox/4650/gnome-platform/usr/bin/dbus-launch

[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/snap/firefox/4650/usr/lib/firefox/firefox

[/snap/firefox/4650/usr/lib/firefox/firefox -contentproc -childID 1 -isForBrowser -prefsLen 24469 -prefMapSize 245122 -jsInitLen 234780 -parentBuildID 20240725233834 -greomni /snap/firefox/4650/usr/lib/firefox/omni.ja -appomni /snap/firefox/4650/usr/lib/firefox/browser/omni.ja -appDir /snap/firefox/4650/usr/lib/firefox/browser {91869f55-346f-47c0-bb2e-1669baeb56fd} 2585 true tab]

/snap/firefox/4650/usr/lib/firefox/firefox

[/snap/firefox/4650/usr/lib/firefox/firefox -contentproc -childID 2 -isForBrowser -prefsLen 23987 -prefMapSize 245122 -jsInitLen 234780 -parentBuildID 20240725233834 -greomni /snap/firefox/4650/usr/lib/firefox/omni.ja -appomni /snap/firefox/4650/usr/lib/firefox/browser/omni.ja -appDir /snap/firefox/4650/usr/lib/firefox/browser {ec048e74-964a-4df8-bb7f-cf537b84e523} 2585 true tab]

/snap/firefox/4650/usr/sbin/xdg-settings

[xdg-settings]

/snap/firefox/4650/usr/bin/xdg-settings

[xdg-settings]

/snap/firefox/4650/sbin/xdg-settings

[xdg-settings]

/snap/firefox/4650/bin/xdg-settings

[xdg-settings]

/usr/local/sbin/xdg-settings

[xdg-settings]

/usr/local/bin/xdg-settings

[xdg-settings]

/usr/sbin/xdg-settings

[xdg-settings]

/usr/bin/xdg-settings

[xdg-settings check default-web-browser firefox.desktop]

/usr/bin/dbus-send

[dbus-send --print-reply=literal --session --dest=io.snapcraft.Settings /io/snapcraft/Settings io.snapcraft.Settings.Check string:default-web-browser string:firefox.desktop]

/usr/bin/cut

[cut -b4-]

/usr/bin/dbus-launch

[dbus-launch --autolaunch 36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/snap/firefox/4650/usr/sbin/dbus-launch

[dbus-launch --autolaunch 36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/snap/firefox/4650/usr/bin/dbus-launch

[dbus-launch --autolaunch 36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/snap/firefox/4650/sbin/dbus-launch

[dbus-launch --autolaunch 36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/snap/firefox/4650/bin/dbus-launch

[dbus-launch --autolaunch 36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/usr/local/sbin/dbus-launch

[dbus-launch --autolaunch 36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/usr/local/bin/dbus-launch

[dbus-launch --autolaunch 36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/usr/sbin/dbus-launch

[dbus-launch --autolaunch 36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/usr/bin/dbus-launch

[dbus-launch --autolaunch 36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/sbin/dbus-launch

[dbus-launch --autolaunch 36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/bin/dbus-launch

[dbus-launch --autolaunch 36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/usr/games/dbus-launch

[dbus-launch --autolaunch 36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/usr/local/games/dbus-launch

[dbus-launch --autolaunch 36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/snap/firefox/4650/gnome-platform/usr/bin/dbus-launch

[dbus-launch --autolaunch 36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/snap/firefox/4650/usr/lib/firefox/firefox

[/snap/firefox/4650/usr/lib/firefox/firefox -contentproc -childID 3 -isForBrowser -prefsLen 24527 -prefMapSize 245122 -jsInitLen 234780 -parentBuildID 20240725233834 -greomni /snap/firefox/4650/usr/lib/firefox/omni.ja -appomni /snap/firefox/4650/usr/lib/firefox/browser/omni.ja -appDir /snap/firefox/4650/usr/lib/firefox/browser {094b2541-45ff-4e4d-8c4a-6ce4e8c45573} 2585 true tab]

/snap/firefox/4650/usr/sbin/dbus-launch

[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/snap/firefox/4650/usr/bin/dbus-launch

[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/snap/firefox/4650/sbin/dbus-launch

[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/snap/firefox/4650/bin/dbus-launch

[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/usr/local/sbin/dbus-launch

[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/usr/local/bin/dbus-launch

[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/usr/sbin/dbus-launch

[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/usr/bin/dbus-launch

[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/sbin/dbus-launch

[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/bin/dbus-launch

[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/usr/games/dbus-launch

[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/usr/local/games/dbus-launch

[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/snap/firefox/4650/gnome-platform/usr/bin/dbus-launch

[dbus-launch --autolaunch=36e6eb39a6fa405996e79cad2731865d --binary-syntax --close-stderr]

/snap/firefox/4650/usr/lib/firefox/firefox

[/snap/firefox/4650/usr/lib/firefox/firefox -contentproc -childID 4 -isForBrowser -prefsLen 30899 -prefMapSize 245122 -jsInitLen 234780 -parentBuildID 20240725233834 -greomni /snap/firefox/4650/usr/lib/firefox/omni.ja -appomni /snap/firefox/4650/usr/lib/firefox/browser/omni.ja -appDir /snap/firefox/4650/usr/lib/firefox/browser {8455907d-7497-47bc-adb8-b79c9928b243} 2585 true tab]

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 location.services.mozilla.com udp
US 8.8.8.8:53 location.services.mozilla.com udp
US 8.8.8.8:53 prod.classify-client.prod.webservices.mozgcp.net udp
US 35.190.72.216:443 location.services.mozilla.com tcp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 r10.o.lencr.org udp
US 8.8.8.8:53 r10.o.lencr.org udp
GB 88.221.134.89:80 r10.o.lencr.org tcp
GB 88.221.134.89:80 r10.o.lencr.org tcp
GB 88.221.134.89:80 r10.o.lencr.org tcp
US 35.190.72.216:443 location.services.mozilla.com udp
US 8.8.8.8:53 webminer.pages.dev udp
US 8.8.8.8:53 webminer.pages.dev udp
US 172.66.47.98:443 webminer.pages.dev tcp
US 34.107.221.82:80 detectportal.firefox.com tcp
US 8.8.8.8:53 www.mozilla.org udp
US 8.8.8.8:53 www.mozilla.org udp
US 8.8.8.8:53 www.mozorg.moz.works udp
US 34.107.221.82:80 detectportal.firefox.com tcp
US 8.8.8.8:53 example.org udp
US 8.8.8.8:53 example.org udp
US 8.8.8.8:53 ipv4only.arpa udp
US 8.8.8.8:53 ipv4only.arpa udp
US 34.107.221.82:80 detectportal.firefox.com tcp
US 172.66.47.98:443 webminer.pages.dev udp

Files

/run/snapd/ns/snap.firefox.fstab

MD5 65408163d77c5bbcc5b17dc2e313c93e
SHA1 b8891c89ce55f6c1bbe476fd4912a7af296ce79a
SHA256 d86e32b299b19c1c03a025d8d5ed026cdf923fc9a1015439cde134b3d13d1fff
SHA512 394e2394e44e38210817f5f02779f7b8253c3ff1b4aa816bce7a0b95e40f47094d01cb43ec5e7ec593404f5ddf6fc49bb4175eece231a3cee7c5295e0d9349a7

/run/snapd/ns/snap.firefox.fstab.NCkgmRW0nyMK~

MD5 fc4157cde5611de9449b660be7c425f9
SHA1 508d5b69add1fd846347f5297d6a3c205659bc94
SHA256 b715a1e05f602a12616647d2e6763d4079b67aa6159ffe52682bc5246a8fd906
SHA512 4dbe577264f4946104d79bdef2c3bae0b941266e44488b38f040e1b09b4315d41a29742d366076b3fa3a3d91334a739a7aa5e21224aec4073dcf92e8b23c9646

/run/snapd/ns/snap.firefox.info

MD5 c8a656e0f7f0ab827ac5660e607ebf5c
SHA1 6e9e07995163d959573ce09500bd81ba768e16a5
SHA256 33bef3e80216bc82b2a8c8cd5c4b3f1f8aba46829cd0b9870b224b4b30e5dc47
SHA512 817d7a1eca70645a70328fe8eaa1c2dc48c82bb996e343e4359747ddf04a8fc19ef698057e9fd3af9e333cfb8b724f8a664b1777a55929b1ebf2dc6ccda60556

/root/snap/firefox/common/.cache/fontconfig/CACHEDIR.TAG.TMP-Eqwen3

MD5 6f1387f1357856293e2b2d91e8c4e4c8
SHA1 30e62933d22d8c8c1f08acf3db5ae8ddd789fded
SHA256 37af89f42afa547315d4d8348423e333a947c44db5da2be46683efbff33ac4a8
SHA512 743ffc7b6594d090dd3b38fc484cdb9822a1443f64423e66b8d5d0ac42aca5b2c41f6da5a3641234672a4638ed4f15a3619aef56288ce939c5335daf153b6086

Analysis: behavioral6

Detonation Overview

Submitted

2024-08-31 14:05

Reported

2024-08-31 14:59

Platform

android-x64-arm64-20240624-en

Max time kernel

2654s

Max time network

2703s

Command Line

com.android.chrome

Signatures

Checks CPU information

Description Indicator Process Target
File opened for read /proc/cpuinfo N/A N/A

Checks memory information

Description Indicator Process Target
File opened for read /proc/meminfo N/A N/A

Processes

com.android.chrome

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
GB 172.217.16.238:443 tcp
US 1.1.1.1:53 android.apis.google.com udp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.180.14:443 android.apis.google.com tcp
US 1.1.1.1:53 webminer.pages.dev udp
US 1.1.1.1:53 accounts.google.com udp
GB 74.125.71.84:443 accounts.google.com tcp
US 1.1.1.1:53 accounts.google.com udp
US 1.1.1.1:53 webminer.pages.dev udp
GB 74.125.71.84:443 accounts.google.com tcp
GB 216.58.204.78:443 android.apis.google.com tcp
GB 74.125.71.84:443 accounts.google.com tcp
US 1.1.1.1:53 ssl.google-analytics.com udp
US 1.1.1.1:53 webminer.pages.dev udp
US 172.66.44.158:443 webminer.pages.dev tcp
US 172.66.44.158:443 webminer.pages.dev tcp
US 1.1.1.1:53 retired-jorey-malphite-node.koyeb.app udp
US 1.1.1.1:53 smiling-tilda-mono.koyeb.app udp
US 104.22.78.190:443 smiling-tilda-mono.koyeb.app tcp
US 1.1.1.1:53 clients1.google.com udp
GB 142.250.178.14:443 clients1.google.com tcp
US 1.1.1.1:53 retired-jorey-malphite-node.koyeb.app udp
US 104.22.78.190:443 retired-jorey-malphite-node.koyeb.app tcp
US 1.1.1.1:53 update.googleapis.com udp
GB 216.58.204.72:443 ssl.google-analytics.com tcp
GB 142.250.187.227:443 update.googleapis.com tcp
US 104.22.78.190:443 retired-jorey-malphite-node.koyeb.app tcp
GB 142.250.187.196:443 tcp
GB 142.250.187.196:443 tcp
US 1.1.1.1:53 update.googleapis.com udp
GB 142.250.180.3:443 update.googleapis.com tcp
GB 216.58.204.66:443 tcp
GB 216.58.204.67:443 tcp
US 1.1.1.1:53 retired-jorey-malphite-node.koyeb.app udp
US 104.22.78.190:443 retired-jorey-malphite-node.koyeb.app tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 172.217.16.238:443 android.apis.google.com tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.180.14:443 android.apis.google.com tcp
US 1.1.1.1:53 retired-jorey-malphite-node.koyeb.app udp
US 1.1.1.1:53 retired-jorey-malphite-node.koyeb.app udp
US 1.1.1.1:53 retired-jorey-malphite-node.koyeb.app udp
US 104.22.78.190:443 retired-jorey-malphite-node.koyeb.app tcp
GB 173.194.76.188:5228 tcp
US 1.1.1.1:53 www.google.com udp
GB 142.250.200.36:443 www.google.com tcp
GB 216.58.212.206:443 tcp
US 1.1.1.1:53 retired-jorey-malphite-node.koyeb.app udp
US 104.22.79.190:443 retired-jorey-malphite-node.koyeb.app tcp
US 1.1.1.1:53 android.apis.google.com udp
GB 142.250.200.14:443 android.apis.google.com tcp
US 1.1.1.1:53 retired-jorey-malphite-node.koyeb.app udp
US 104.22.78.190:443 retired-jorey-malphite-node.koyeb.app tcp

Files

files/dom-0.html

MD5 218ecd5896980da140dbb9585418b59f
SHA1 3f37449b79386f907f90e4b81e5b4f1025c9210a
SHA256 466359c53f903288b3028d27035c8739bd5806053d48ed30ce08f41ec991e49d
SHA512 232f6305ed770e7792f062bdc367e72a262807e6c3c1f4ccb2345ac70a2410f4bd09b5ea2867b3501d6ed9abe3f4db75aeb8a2b029375078fd6a5a0a683873fc