Malware Analysis Report

2024-11-16 13:03

Sample ID 240907-se3rhazbjl
Target https://github.com/mategol/PySilon-malware/releases
Tags
discordrat discovery persistence rat rootkit stealer upx
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

Threat Level: Known bad

The file https://github.com/mategol/PySilon-malware/releases was found to be: Known bad.

Malicious Activity Summary

discordrat discovery persistence rat rootkit stealer upx

Discord RAT

UPX packed file

Executes dropped EXE

System Location Discovery: System Language Discovery

Browser Information Discovery

Modifies data under HKEY_USERS

Suspicious use of FindShellTrayWindow

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of AdjustPrivilegeToken

Uses Volume Shadow Copy service COM API

Suspicious behavior: EnumeratesProcesses

Modifies Internet Explorer Phishing Filter

Modifies registry class

Suspicious use of SendNotifyMessage

Suspicious use of SetWindowsHookEx

Suspicious use of WriteProcessMemory

Modifies Internet Explorer settings

Enumerates system info in registry

Uses Volume Shadow Copy WMI provider

Uses Task Scheduler COM API

Suspicious behavior: GetForegroundWindowSpam

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-09-07 15:03

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-09-07 15:03

Reported

2024-09-07 15:13

Platform

win10v2004-20240802-en

Max time kernel

600s

Max time network

599s

Command Line

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://github.com/mategol/PySilon-malware/releases

Signatures

Discord RAT

stealer rootkit rat persistence discordrat

Executes dropped EXE

Description Indicator Process Target
N/A N/A C:\Users\Admin\Downloads\release\Client-built.exe N/A

UPX packed file

upx
Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A

Browser Information Discovery

discovery

System Location Discovery: System Language Discovery

discovery
Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\release\builder.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\release\builder.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies Internet Explorer Phishing Filter

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000\Software\Microsoft\Internet Explorer\PhishingFilter C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter\ClientSupported_MigrationTime = fc4ea0ff11e5da01 C:\Program Files\Internet Explorer\iexplore.exe N/A

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000\SOFTWARE\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000\SOFTWARE\Microsoft\Internet Explorer\GPU\AdapterInfo = "vendorId=\"0x10de\",deviceID=\"0x8c\",subSysID=\"0x0\",revision=\"0x0\",version=\"10.0.19041.546\"hypervisor=\"No Hypervisor (No SLAT)\"" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000\Software\Microsoft\Internet Explorer\GPU C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (data) \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000\SOFTWARE\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000\Software\Microsoft\Internet Explorer\MINIE C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000\SOFTWARE\Microsoft\Internet Explorer\MINIE\TabBandWidth = "500" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000\SOFTWARE\Microsoft\Internet Explorer\RepId\PublicId = "{21520999-659A-4691-A126-1F03645B288A}" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000\SOFTWARE\Microsoft\Internet Explorer\Main\DownloadWindowPlacement = 2c0000000000000000000000ffffffffffffffffffffffffffffffff100100003c000000900300001c020000 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (int) \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000\SOFTWARE\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000\SOFTWARE\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000\SOFTWARE\Microsoft\Internet Explorer\Recovery\AdminActive\{6ED381F8-6D2B-11EF-AC6B-62872261FF50} = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FullScreen = "no" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000\Software\Microsoft\Internet Explorer\RepId C:\Program Files\Internet Explorer\iexplore.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133701950071063491" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000_Classes\Local Settings C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000_Classes\Local Settings C:\Windows\system32\OpenWith.exe N/A
Key created \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000_Classes\Local Settings C:\Windows\system32\OpenWith.exe N/A
Key created \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000_Classes\Local Settings C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-523280732-2327480845-3730041215-1000_Classes\Local Settings C:\Windows\system32\OpenWith.exe N/A

Suspicious behavior: GetForegroundWindowSpam

Description Indicator Process Target
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A
N/A N/A C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
N/A N/A C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 1344 wrote to memory of 2256 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1344 wrote to memory of 2256 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1344 wrote to memory of 2948 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1344 wrote to memory of 2948 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1344 wrote to memory of 2948 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1344 wrote to memory of 2948 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1344 wrote to memory of 2948 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1344 wrote to memory of 2948 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1344 wrote to memory of 2948 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1344 wrote to memory of 2948 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1344 wrote to memory of 2948 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1344 wrote to memory of 2948 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1344 wrote to memory of 2948 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1344 wrote to memory of 2948 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1344 wrote to memory of 2948 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1344 wrote to memory of 2948 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1344 wrote to memory of 2948 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1344 wrote to memory of 2948 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1344 wrote to memory of 2948 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1344 wrote to memory of 2948 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1344 wrote to memory of 2948 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1344 wrote to memory of 2948 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1344 wrote to memory of 2948 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1344 wrote to memory of 2948 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1344 wrote to memory of 2948 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1344 wrote to memory of 2948 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1344 wrote to memory of 2948 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1344 wrote to memory of 2948 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1344 wrote to memory of 2948 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1344 wrote to memory of 2948 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1344 wrote to memory of 2948 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1344 wrote to memory of 2948 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1344 wrote to memory of 4732 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1344 wrote to memory of 4732 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1344 wrote to memory of 384 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1344 wrote to memory of 384 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1344 wrote to memory of 384 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1344 wrote to memory of 384 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1344 wrote to memory of 384 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1344 wrote to memory of 384 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1344 wrote to memory of 384 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1344 wrote to memory of 384 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1344 wrote to memory of 384 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1344 wrote to memory of 384 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1344 wrote to memory of 384 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1344 wrote to memory of 384 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1344 wrote to memory of 384 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1344 wrote to memory of 384 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1344 wrote to memory of 384 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1344 wrote to memory of 384 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1344 wrote to memory of 384 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1344 wrote to memory of 384 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1344 wrote to memory of 384 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1344 wrote to memory of 384 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1344 wrote to memory of 384 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1344 wrote to memory of 384 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1344 wrote to memory of 384 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1344 wrote to memory of 384 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1344 wrote to memory of 384 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1344 wrote to memory of 384 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1344 wrote to memory of 384 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1344 wrote to memory of 384 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1344 wrote to memory of 384 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1344 wrote to memory of 384 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Uses Task Scheduler COM API

persistence

Uses Volume Shadow Copy WMI provider

ransomware

Uses Volume Shadow Copy service COM API

ransomware

Processes

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://github.com/mategol/PySilon-malware/releases

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ff9e39bcc40,0x7ff9e39bcc4c,0x7ff9e39bcc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1992,i,3397263787536204742,5856661695897412896,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1988 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1880,i,3397263787536204742,5856661695897412896,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2360 /prefetch:3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2124,i,3397263787536204742,5856661695897412896,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2536 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3116,i,3397263787536204742,5856661695897412896,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3172 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3124,i,3397263787536204742,5856661695897412896,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3132 /prefetch:1

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4516,i,3397263787536204742,5856661695897412896,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4480 /prefetch:8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4464,i,3397263787536204742,5856661695897412896,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4472 /prefetch:8

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\Downloads\PySilon-malware-3.7.5\PySilon-malware-3.7.5\PySilon.bat" "

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\Downloads\PySilon-malware-3.7.5\PySilon-malware-3.7.5\PySilon.bat" "

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\Downloads\PySilon-malware-3.7.5\PySilon-malware-3.7.5\tools\drawling_studio\DrawlingStudio.bat" "

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4652,i,3397263787536204742,5856661695897412896,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4976 /prefetch:8

C:\Users\Admin\Downloads\PySilon-malware-3.7.5\PySilon-malware-3.7.5\resources\upx.exe

"C:\Users\Admin\Downloads\PySilon-malware-3.7.5\PySilon-malware-3.7.5\resources\upx.exe"

C:\Windows\system32\OpenWith.exe

C:\Windows\system32\OpenWith.exe -Embedding

C:\Users\Admin\Downloads\PySilon-malware-3.7.5\PySilon-malware-3.7.5\resources\upx.exe

"C:\Users\Admin\Downloads\PySilon-malware-3.7.5\PySilon-malware-3.7.5\resources\upx.exe"

C:\Users\Admin\Downloads\PySilon-malware-3.7.5\PySilon-malware-3.7.5\resources\upx.exe

"C:\Users\Admin\Downloads\PySilon-malware-3.7.5\PySilon-malware-3.7.5\resources\upx.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\Downloads\PySilon-malware-3.7.5\PySilon-malware-3.7.5\PySilon.bat" "

C:\Windows\system32\OpenWith.exe

C:\Windows\system32\OpenWith.exe -Embedding

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ff9e39bcc40,0x7ff9e39bcc4c,0x7ff9e39bcc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1992,i,18030781681593525542,8281691129535200096,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1988 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2020,i,18030781681593525542,8281691129535200096,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2184 /prefetch:3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2316,i,18030781681593525542,8281691129535200096,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2528 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3164,i,18030781681593525542,8281691129535200096,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3184 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3340,i,18030781681593525542,8281691129535200096,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3328 /prefetch:1

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4612,i,18030781681593525542,8281691129535200096,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3728 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4788,i,18030781681593525542,8281691129535200096,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4800 /prefetch:8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5068,i,18030781681593525542,8281691129535200096,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=4512,i,18030781681593525542,8281691129535200096,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4892 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=5260,i,18030781681593525542,8281691129535200096,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5164 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=1548,i,18030781681593525542,8281691129535200096,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1544 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=3180,i,18030781681593525542,8281691129535200096,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5236 /prefetch:8

C:\Users\Admin\Downloads\release\builder.exe

"C:\Users\Admin\Downloads\release\builder.exe"

C:\Users\Admin\Downloads\release\Release\Discord rat.exe

"C:\Users\Admin\Downloads\release\Release\Discord rat.exe"

C:\Windows\system32\OpenWith.exe

C:\Windows\system32\OpenWith.exe -Embedding

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\Downloads\release\dnlib.dll

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1384 CREDAT:17410 /prefetch:2

C:\Users\Admin\Downloads\release\builder.exe

"C:\Users\Admin\Downloads\release\builder.exe"

C:\Users\Admin\Downloads\release\Client-built.exe

"C:\Users\Admin\Downloads\release\Client-built.exe"

Network

Country Destination Domain Proto
US 8.8.8.8:53 github.com udp
GB 20.26.156.215:443 github.com tcp
US 8.8.8.8:53 196.249.167.52.in-addr.arpa udp
US 8.8.8.8:53 95.27.250.142.in-addr.arpa udp
US 8.8.8.8:53 215.156.26.20.in-addr.arpa udp
US 8.8.8.8:53 github.githubassets.com udp
US 8.8.8.8:53 avatars.githubusercontent.com udp
US 185.199.111.154:443 github.githubassets.com tcp
US 185.199.111.154:443 github.githubassets.com tcp
US 185.199.111.154:443 github.githubassets.com tcp
US 185.199.111.154:443 github.githubassets.com tcp
US 185.199.111.154:443 github.githubassets.com tcp
US 185.199.111.154:443 github.githubassets.com tcp
US 185.199.111.133:443 avatars.githubusercontent.com tcp
US 8.8.8.8:53 user-images.githubusercontent.com udp
US 8.8.8.8:53 github-cloud.s3.amazonaws.com udp
US 8.8.8.8:53 1.208.79.178.in-addr.arpa udp
US 8.8.8.8:53 154.111.199.185.in-addr.arpa udp
US 8.8.8.8:53 133.111.199.185.in-addr.arpa udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
US 8.8.8.8:53 collector.github.com udp
US 185.199.111.154:443 github.githubassets.com tcp
US 140.82.113.22:443 collector.github.com tcp
US 140.82.113.22:443 collector.github.com tcp
US 8.8.8.8:53 api.github.com udp
GB 20.26.156.210:443 api.github.com tcp
US 8.8.8.8:53 71.31.126.40.in-addr.arpa udp
US 8.8.8.8:53 22.113.82.140.in-addr.arpa udp
US 8.8.8.8:53 210.156.26.20.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 104.219.191.52.in-addr.arpa udp
US 8.8.8.8:53 codeload.github.com udp
GB 20.26.156.216:443 codeload.github.com tcp
US 8.8.8.8:53 216.156.26.20.in-addr.arpa udp
US 8.8.8.8:53 103.169.127.40.in-addr.arpa udp
US 8.8.8.8:53 198.187.3.20.in-addr.arpa udp
US 8.8.8.8:53 92.12.20.2.in-addr.arpa udp
US 8.8.8.8:53 81.144.22.2.in-addr.arpa udp
US 8.8.8.8:53 11.227.111.52.in-addr.arpa udp
US 8.8.8.8:53 33.125.209.23.in-addr.arpa udp
US 8.8.8.8:53 3.173.189.20.in-addr.arpa udp
US 8.8.8.8:53 api.github.com udp
US 8.8.8.8:53 collector.github.com udp
US 8.8.8.8:53 www.google.com udp
NL 142.250.27.103:443 www.google.com tcp
US 8.8.8.8:53 103.27.250.142.in-addr.arpa udp
NL 142.250.27.103:443 www.google.com udp
US 8.8.8.8:53 clients2.google.com udp
NL 142.250.102.113:443 clients2.google.com tcp
US 8.8.8.8:53 94.27.250.142.in-addr.arpa udp
US 8.8.8.8:53 113.102.250.142.in-addr.arpa udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
NL 142.250.102.95:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 95.102.250.142.in-addr.arpa udp
NL 142.250.27.103:443 www.google.com udp
US 8.8.8.8:53 94.102.250.142.in-addr.arpa udp
NL 142.250.27.103:443 www.google.com udp
NL 142.250.27.103:443 www.google.com udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
GB 172.217.169.3:443 beacons.gcp.gvt2.com tcp
US 8.8.8.8:53 3.169.217.172.in-addr.arpa udp
GB 172.217.169.3:443 beacons.gcp.gvt2.com udp
NL 142.250.27.103:443 www.google.com udp
US 8.8.8.8:53 tunnel.googlezip.net udp
US 216.239.34.157:443 tunnel.googlezip.net tcp
US 8.8.8.8:53 154.27.250.142.in-addr.arpa udp
US 8.8.8.8:53 157.34.239.216.in-addr.arpa udp
US 8.8.8.8:53 play.google.com udp
US 216.239.34.157:443 tunnel.googlezip.net tcp
US 8.8.8.8:53 consent.google.com udp
US 8.8.8.8:53 github.com udp
GB 20.26.156.215:443 github.com tcp
US 8.8.8.8:53 github.githubassets.com udp
US 8.8.8.8:53 avatars.githubusercontent.com udp
US 185.199.109.154:443 github.githubassets.com tcp
US 8.8.8.8:53 github-cloud.s3.amazonaws.com udp
US 185.199.109.133:443 avatars.githubusercontent.com tcp
US 185.199.109.154:443 github.githubassets.com tcp
US 185.199.109.154:443 github.githubassets.com tcp
US 185.199.109.154:443 github.githubassets.com tcp
US 185.199.109.154:443 github.githubassets.com tcp
US 185.199.109.154:443 github.githubassets.com tcp
NL 142.250.27.103:443 www.google.com udp
US 185.199.109.133:443 avatars.githubusercontent.com tcp
NL 142.250.102.95:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 133.109.199.185.in-addr.arpa udp
US 8.8.8.8:53 154.109.199.185.in-addr.arpa udp
NL 142.250.102.95:443 content-autofill.googleapis.com tcp
NL 142.250.102.95:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 collector.github.com udp
US 140.82.112.21:443 collector.github.com tcp
US 8.8.8.8:53 api.github.com udp
US 140.82.112.21:443 collector.github.com tcp
US 8.8.8.8:53 21.112.82.140.in-addr.arpa udp
GB 20.26.156.210:443 api.github.com tcp
GB 20.26.156.215:443 github.com tcp
GB 172.217.169.3:443 beacons.gcp.gvt2.com udp
NL 142.250.102.95:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 google.com udp
NL 142.250.102.139:443 google.com tcp
US 8.8.8.8:53 139.102.250.142.in-addr.arpa udp
US 8.8.8.8:53 github.com udp
US 185.199.109.154:443 github.githubassets.com tcp
US 8.8.8.8:53 objects.githubusercontent.com udp
US 185.199.110.133:443 objects.githubusercontent.com tcp
GB 20.26.156.210:443 api.github.com tcp
GB 20.26.156.210:443 api.github.com tcp
US 8.8.8.8:53 133.110.199.185.in-addr.arpa udp
US 8.8.8.8:53 gateway.discord.gg udp
US 162.159.135.234:443 gateway.discord.gg tcp
US 8.8.8.8:53 234.135.159.162.in-addr.arpa udp
US 8.8.8.8:53 api.github.com udp
US 8.8.8.8:53 collector.github.com udp
GB 20.26.156.210:443 api.github.com tcp
US 162.159.135.234:443 gateway.discord.gg tcp
US 8.8.8.8:53 google.com udp
GB 172.217.169.3:443 beacons.gcp.gvt2.com udp
NL 142.250.102.102:443 google.com udp
US 8.8.8.8:53 beacons.gvt2.com udp
FR 142.250.178.131:443 beacons.gvt2.com tcp
FR 142.250.178.131:443 beacons.gvt2.com udp
US 8.8.8.8:53 102.102.250.142.in-addr.arpa udp
US 8.8.8.8:53 131.178.250.142.in-addr.arpa udp

Files

\??\pipe\crashpad_1344_UAMUPXDLWHUNMRQG

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

MD5 e7f3c48db9bbfb670d6abe0bf5f2fb7c
SHA1 98e71936ee7ab751ce055c32b8da38e457f5d499
SHA256 c0aaa277be5c46e0b4756f788caa31475643971eb6ce73a8f32629355e007f7c
SHA512 8fda9c891aa595778ae9c9e59f91c6eb3d03e73b18c0b38fab0f54e4a7d968f29f36b9669e0d537edbe0bf11c0af2ec8225a17c8c0ac05deeea5569691251eda

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 87c23cae178c07f11fdbe206ea23ddf3
SHA1 9306aa099fa62d60966e38a761d1476eba37fa63
SHA256 309aac2dc8360fcf4a2bbd2f6487f415da9d8721a62621f03308a59a47894c3f
SHA512 e26f6edff64679038dfee5ac58cbea397d453d19bcf3615ae005efe425c7b70f56ee8c0306bea40a33dfcc89464b4dc12631abcf101f2736d8ebfbd30a907fb5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 569f5ba11fc22623552006558ac80fdd
SHA1 0e04ad53a7e51069acef0d0820df561c056ace0c
SHA256 a8d070d785baa5aa71061489660b90f8d178afe5c455131469206391cb90607d
SHA512 632ac36d016f08e7f36a1a070fe0c658866ce7d8420cc1cdf9998183e3af421f3c05bf9da89ab640340a99eac6ed85c50e160a3f5c2fe640c85d34f3920202f7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 ddf4bd493108acab0b6c9f791901b139
SHA1 2ee9b2384ee0224831f4e89e75baa1990c0f2ae6
SHA256 fc3d99f8ac92e437c5221219814eb6aa718d8330a023e71ef75b3c365f233143
SHA512 69a971ba6bd40c8c92040c84922b12c0adad74d78a58efc182e7aade51bbacddc3b4b4e468a013498121946fa21ab24c25f2fd6d56c3ec0b860863b30dfcf7ac

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 c11a2739889eb4aa11317bfb78b7a989
SHA1 8ffd243a96eeb51d7c7514a5d4e111acf97b57e9
SHA256 88dba184bc41bdf7226caae3fe9ecbbc7eb0fda251489faf7d2d184ccf9e7850
SHA512 b5e42ee7fdda202946f7c65f3b14dc79f5c9ba515466002f0e7f11b59b301a88b51dd6f757f32fdfabdaed55790ea49eca4d0153296875875eba62845f682004

C:\Users\Admin\Downloads\PySilon-malware-3.7.5.zip.crdownload

MD5 58a45cb5713726620af3b3cb00f17918
SHA1 4ca8dbf7ef1c5f45261d688f7349f6e7e06c6b59
SHA256 42f47cb41507151ec2db8422662adfd8d234533874740b6680ebd06f4f359403
SHA512 0b23bba7ad789c1d5439efbb641109a6771cb5e46d520a9406a13a61630f3ad41de5b73a984beff409682c36089ca62ca9de41fe30c112d59a2973474097c5ef

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6e3a3b60c393a63a23b14d9057c83189
SHA1 cc302354bf966c430d31e0a3da677428ea08e3da
SHA256 e2bb51fd861f8a48c46ebe6af7e688527eafaa4a4fc5b15fd023ebd57bc982fc
SHA512 7e54427b96c82c8202ee7d78cf88aa4605253f6de915ba60e97cc20f220ed470f086619ff79b1dbab6366fc77fd144ed4de3d1ea2a44f43dc10276c1253b63f5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 3834b9bbef970311b2042895c53b8d71
SHA1 ef269e135943d91e4d41d9170a7fbe5be3d8c0bd
SHA256 44e00770e6c0f8148e96e017752f7fb5a30237c4eab6774fb1a90f7ec3f1046a
SHA512 13ae8c32d908fee71911556af4b18535ce13989f6636c3537e9631a235c96ff04d2f4f2fe0d1a881265c76b34474f4e7307bfeb0c850917cb553c97f4f9fa154

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 e77cdc175ed69b1d0df84f478d93c8fd
SHA1 a0d7fbb6d27b4d0bce2fa9c17f77d9380a3e7bd8
SHA256 6bfb7e73ba69ad3041e10637d7bf5bd4d637e9d5f54ff0495f1597eb8c69ff5f
SHA512 b9eecf86f12b1dd5d57dfe140c33b225d148d1d7df69f57f8c5172becf3e4b48ce9b10d4f36a62c7829925afd712958eec51f5e93a7762605eb5aa85ba416e00

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 4674a28a725164bddaf4fc0b9d39e3d3
SHA1 32c814d115d3a900908fe742ef764ebf1b5f595f
SHA256 84209773f9ae66553626533ea12f9dd93d4f90ed2753c88a61762f40af56f4a6
SHA512 673662bf66e728a7fd53a3aaad5be7fff91857c30a19f9ec196549bc566e358a7fe62287bae551bea39a5371578cf13a2e13e7452dc442cc81fa480a3a675d2c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a7b2b4ba3c07bc1b8282968e59e20492
SHA1 f1ca27c937250adf74e899e882206acaaf7d66f1
SHA256 4c6b28331ff4714ad1a8bfdcb4e59511d70518e75b19e2a13b6b745abd3f6d07
SHA512 ea10974c6707e94915734a942008f6da45bfb55d774c8d5ab462b28ff4cb8bb106cbe02bbe8b44917618949f8ffe4f4bb822882cf4fccfb9e6983f199ab9f26d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 590df7ddcf281e4c92601cb5d70c87c6
SHA1 33743820d6519fa5ab0860faa84893266ce58577
SHA256 4b6d6a210fa5d1904d3fd6a9363d33a6cc267e7cfa6c2e6c0cd8f8bbca1ae72a
SHA512 57f445ebef9df6a59fa70bd63000ada70e2d11928650e8266b7d88aa1130134365da28c392d6b90c865b77c4632fd7af6b1f1c0295b9c06d371c21eeffbbf879

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 60eec0455a857d99ea164a99be5d2768
SHA1 48b3ddd6224357b50253249a8b38fff463e3dff4
SHA256 9f8c3f22ccb766536e7163a47262761d1aa40ea25d909fefafebb0de017538c6
SHA512 4df0afaa3d780e0a254a69e49370018c71045c3d3bb8558b3a3fe1b481f5673a80fd7bb40fb46f65238517da1ba27b047a320bd6820ec34411bc0233251f6730

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 9fd73702d7a8e6f9011faa261046b629
SHA1 af5b76db5dc4d50cad060ab5630183e55a2d0b1b
SHA256 2a4c2648417914ab53febee88484c5e4eccb28ae2fbb99c40572a700b918fe9b
SHA512 b0f4258b255abb73daff4048597b8e9a7fc2e99d4b2baa82c4fb90dab515f7dfa670e6ea09924d65b4e1bc9608d8c89783232ded5821afcad30a4feefb8e996c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 eecdd822e3e154b70aa7da95cfe23515
SHA1 2ed331f98a121920d58b87ab4e2e337a91cf50ba
SHA256 a29ddbd33f2fec57a5a6d30855e7bf98b69455b5c9a00b831972581297754b89
SHA512 8cca5e93f48ff162b62fa19bd660c12c648b6023a2d5a9ed5aa4bf364c7ddef32223dcc89883282517b83190de22ec3a6d5b3cc1792f2c4ae4c985ec72c05b4e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 277999f188c105e7a0a858fcd9c7ab80
SHA1 63d6da746d9444dbbe799d11da7823bed4557b9a
SHA256 b029ccbdc526270c70a304b297ea3010cc453df85d8937c6843d64d4b79a4434
SHA512 50c1b16af85fad9098dd1eeaec8dbd29bc79e084400e8016dac0ff313c9efd663a472a70dc1e32e8f87d6c494ba421b40edfdd02715199efb0eca94c4af8309e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 17bdffe287aa1360cc0a364726953ba8
SHA1 27102917d63e98ea6d1a3f6edfe959f8035e82a5
SHA256 c32a6f5511b4be7a30cf2d5aa7de26a5d34e8a94872e41e92960abb25dc16dcc
SHA512 00d2c0b165b3c00bb40265435250b3dae3573ecf98b74b7958f2a1e755d1eeb50048341bab7ac2d9e0ac465117794d43a6c3117a91e744355af3b2f42d848c44

memory/3764-280-0x0000000000400000-0x0000000000617000-memory.dmp

memory/3764-288-0x0000000000400000-0x0000000000617000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ecc4da0fe5e5bf09a37ecc280ef8e9bf
SHA1 f6bfc9042ed1bfe974f029a520efc43dd7b76be7
SHA256 f28e3485bfc533a6d7b968a0ab4260d29d0c63a6477f23a6e572cdc6cf564142
SHA512 2b9654913e4729bc2f228523141786c2996c1eb449050f54b36deca174632e1a824b87acb368c1627faf46f1ea67707d62db091abb764a9834f79c649255cf19

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d5c6742b6bbbf0b68d26d099f0f6eefa
SHA1 e11c61ad17972e11dfe5b8a4bb8fc7712ea2d76d
SHA256 ddcbb8f2627bf225584db1eb79198c9e5fd72d8ee069c720f58593fdf684e250
SHA512 bf245e115523199e647c137731e1a52ed2c5df64b70275a96c1a25816e3c109af5912fadce3aa0ae43d77af70eabca94588e1119fb56dc4b28dce585c4fc4d8f

memory/1116-308-0x0000000000400000-0x0000000000617000-memory.dmp

memory/1092-310-0x0000000000400000-0x0000000000617000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5ed70180261b4a7af77bc644599034f2
SHA1 9380ac07c0d32f6027530ac5335849b4d5dbbafe
SHA256 16b7e1b4f62ed058cf55e5596e44fe77cbab5f62284bc07de62c0a8cd02f7071
SHA512 627cb885835725f803ff0b880b0083fcf845fad187ba36e95f4848bbe6a0371633705b0adf10e8ff46098b8ab672104c6b66c8b107ca031d33b6272b9c8ce446

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1129aa8748c396cac849824c351c18a6
SHA1 0a27e0351bea5e59302d66b128ae803f782e9fcb
SHA256 84191ea2a9070f96453ed03dac9e431a9d7e0fcd6b6a393511a952e846d1d778
SHA512 7afce69c039a636d8743153a7d5cd18336b5d4c2b138095e4694a88ea2704ccf632c451d5c2e82ade3e7a7abdc80e2baa17d2ec288dc6a92206317e09377392c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 87254155f10f08730f5834a5595790bd
SHA1 b517a0370e5df42023fb4a32fcd7a270e5f1d81b
SHA256 1de109706201097d8d3c4adc53790fa4ac2387476a004fd3b824daf67d70bb4b
SHA512 44fd9708fa8117f5afc68267deddb4ff1ae65fd1a8b095c920831df41eb8061ec225a43d872b70f50d676a6ebc53986a1888f453643e4a2500a00e6d25394b88

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3e5ea409b212891ebbd47d59f3b451dc
SHA1 7dc645d02bf6a3c17cb2221df17735561a57ecd9
SHA256 16c93bac7802d45238002795e1402651e08a19ebacb6eb2189bb4de485ca8086
SHA512 a251205ba6c7ba1d9f4dce990d2b81b975a769f0a0db079a6a2ecea5ee681acc9d5df135b6c2dfef80fad2f4e96b6dc97a1141308ff75f5a890e4332ec6760a9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 cecdd278d6adc5f0615816ad73c38af9
SHA1 992d73b8567e198f089f37b2442251527a8e74bb
SHA256 5f2705fe7785572d04fa45b5135f3c0a47797d5915d33391d40f8b30f1da9d77
SHA512 e2457163c26ab4564c2931b5a4d148969fbb4337c0fa88bafd6681611ffff49b31c953ddf19904ae26bad8752b781a960992b567be8231ebbf91bd661e8b6e9b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\DawnCache\data_1

MD5 9587e46bea850e1dbb611e3d2c8f6a4f
SHA1 63dd7215fdef38929851846c836acd8b509eb312
SHA256 79079936d8458135b4be512a4146e07f655038605b126a87f86801432dcdec42
SHA512 af5f9ccde7d9fbb621b6effa42900231805c1811ebfd28cf371ea18e3232a926f6dd986ab5bc5cdfc33616d5ca8840112c9141b4cdd834fe4830baeca989931f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

MD5 efc82f8314de2fb0909127cebb38a019
SHA1 ffeb52cdf0bffa888270847d4981cc96ba448c14
SHA256 9836d53d4914279fb42e48acea940dc78d94b2ba4866e0731a528c65ff131d2a
SHA512 89d234d0dbecccda14e5fadb343a7b80a4ce464e270d1e17488b66bf707da13c0f0de30ce9f4a20746c5951c31fe776e9d618712fa6a842749555dd1cc2b0866

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 961e3604f228b0d10541ebf921500c86
SHA1 6e00570d9f78d9cfebe67d4da5efe546543949a7
SHA256 f7b24f2eb3d5eb0550527490395d2f61c3d2fe74bb9cb345197dad81b58b5fed
SHA512 535f930afd2ef50282715c7e48859cc2d7b354ff4e6c156b94d5a2815f589b33189ffedfcaf4456525283e993087f9f560d84cfcf497d189ab8101510a09c472

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\segmentation_platform\ukm_db-journal

MD5 43a607e5216b6761fe27beec811e5ad7
SHA1 7052e72e7a3a06f03d6605bf1cf2222312021008
SHA256 059c84935d93d26c9043d37bbf70cc4dd15fac12c9fac6acb1f0165c7340d8bf
SHA512 c76c59d63d894857f948ee9a962088b32e0052a5746d91b086624fe7bde5ad3aaac60be16f72091cbc7f84423a19fe9a91c26b7630351d29698f0000c0b03ff0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\segmentation_platform\ukm_db

MD5 1a2f68267120dce90a51d7de2c6b1b10
SHA1 ae4f6f16e153b6c386ea5db5fb76fdf856081d74
SHA256 bcf9aa05f9d38d614e01ab2e40fc939788538e11a7ee485e0b123b36eee4812c
SHA512 de42cd4928cd600c0be2c9202eed5d73615b6bee5a592208eeccc7dd6774a718a9c2547a868bcbd5eaedd7e12bdbd4503e2b35cc7c6a0481cbf623f42d92a2d0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\LOG

MD5 9589f3040e9ab21bb6749cb3e8bcee14
SHA1 d9f2033ec186240024f33108cd3676891b1407cf
SHA256 31f540e0a677746eb15b000ece725d1c867abccc70419787e7d2ce182db7259b
SHA512 75c4acbaabc5ff46a977354bebbf41bb1f957a442a6ca815d7fad51bf43599f0d5a9e5a2d95bfc09c8dd15d8f5cae37d0cf48db248c95aaf67a69476dfc773f0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\000003.log

MD5 35ad62043a35be03ffa66a1fe7c1b48f
SHA1 3895bc4325b0d320e02caf81edb62e03f60841ca
SHA256 4681a8045d90cfb49ce293c8af80c2a79c4683022ce0b7110a088d907a7afe8d
SHA512 4833377d6e85c9681210e77523fa3ab3c641dabffecdf6cb911d94ac578dfd3da51651427f687e7479e490f918a37108717189a0a501694f8282284a814ba2a7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG

MD5 78a4693126a4bf3354b5828110d08425
SHA1 cdfc02fbd747f197cf651685f23402e3672a9145
SHA256 c02343c1cf66f40ee08a81d1aa386d6549cfdd34a34362f2b799e4d5f10779b9
SHA512 5d886872d96280a54bc73ad5f9ddac9d5d28bb15a77f8558100453976450309b56200add126798d3b472c5bd2c4ead1df4bf7ab51f095d69a21099c40a288573

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Cookies

MD5 8649cf1ce6c64eade88257f3a2a2832a
SHA1 73cafd2f9136c9dbb5423e03779cac80c2273bac
SHA256 956c0c7a1adf9b95ec288302465860cb5af3d71f0392af106e41b5cb21dc8294
SHA512 7f4986ac8f074272f29b8bab0a839d413610b3b709f5bd25008bbf8b88856140acedd2ff01da377a229c0ebe0d001ec11be5c16e2464ecd4ddad315d29fdd674

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000c

MD5 956cc5e50c0d4d49ebf655a8ec2d9c8c
SHA1 6da68a690ee7a6564a5eccb1e1166ed6cc2b1b81
SHA256 09d217f8d59e24d4071628ad28d3e27d130612ee64ffdc8593a20eb410e7701d
SHA512 81b15982d5388472eb98475f1a98033f6fc5610ffd45fc9da67469b298ba339aa4cf166a143cad33695d515d3a5aedc8fa9f90abbde162bdd600d63ea8d60bd1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000b

MD5 531b54313c7e37aa9373ae02902938fc
SHA1 2f4216dba4074d48eda6f2ec432c6b36d53d131f
SHA256 ffa166b04c3e8ce908968d4029f32f26cf1d5adc49ae843d6992b8d3049af94b
SHA512 8fe11e78c01959370174c384d5cfad2a22ba1abf981deb74b8bcf5fc070250c80d75f6740e2455aada3037bfdef0ec4cd8558d4de5c5bf55a330e642f53956d5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a

MD5 cfff8fc00d16fc868cf319409948c243
SHA1 b7e2e2a6656c77a19d9819a7d782a981d9e16d44
SHA256 51266cbe2741a46507d1bb758669d6de3c2246f650829774f7433bc734688a5a
SHA512 9d127abfdf3850998fd0d2fb6bd106b5a40506398eb9c5474933ff5309cdc18c07052592281dbe1f15ea9d6cb245d08ff09873b374777d71bbbc6e0594bde39b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009

MD5 1258482388f7b6ada91ecf01351b123b
SHA1 18256e690ade766d59600b2691b97c8d118e3226
SHA256 fa808cf05e8e516ea04fa76aff4c107391880ecdaa90bbaeec4de7252c241170
SHA512 5ab21602e28ead72808d3a4458f2f45397ab0b6e56e7eb6c00efc9335a96bb6a21def505f6fcd328079ded6422b3ed164f40803811de21c5749906d56d72a8eb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000008

MD5 0bf07f12c1c5dd5952718e58d82c5e71
SHA1 676971edd706766162435f60bac58fbaa233a8b8
SHA256 259a012639a62bbf10b217ce04837da2f775151efc7eb06cf290fd53c2c5ae36
SHA512 9056b0f63e196013ea6fb599d00de7bf8c1476f2e02d74a13cc93f2d2b4c129ab0da2f52a2157fe44443a4fe92df2588423d3c38f4ab38b79e394e109b43e5b3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000007

MD5 2b92217301f494fb39501bcc82a92a21
SHA1 bbf67afcef3cd52ce78e246fd77882cf68ab4f54
SHA256 1b40516a9cb67a2e8075925fd7350d00c7c1e53946bca04ae4499c681d54801a
SHA512 f1e38450ec28fa99c8e640f38d3c16d15ba9c917b7fb5f9f07dce73e7cc0e1355763632ca5849f13351e421ba036e49f4171e95c0dc1b62fe9091c59304c3a49

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006

MD5 2e23d6e099f830cf0b14356b3c3443ce
SHA1 027db4ff48118566db039d6b5f574a8ac73002bc
SHA256 7238196a5bf79e1b83cacb9ed4a82bf40b32cd789c30ef790e4eac0bbf438885
SHA512 165b1de091bfe0dd9deff0f8a3968268113d95edc9fd7a8081b525e0910f4442cfb3b4f5ac58ecfa41991d9dcabe5aa8b69f7f1c77e202cd17dd774931662717

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000005

MD5 6b885f6f7504cdcc2f64ede29af0e1c9
SHA1 b445ed9c1e99dac6519fcf291cf0f17caf2154fe
SHA256 ce25ad2a68b5a376de382df730463d91ab6fb910ca8121e20aef4fb5edf5699b
SHA512 64f20867d4f4add9bc781ace32c1475b8e872f0d4c80833b4c247164da94d9ce5c9b0ae5dcb7a09c6d38c8cd7bfb9717a46ff05dbcdb26daa94a114260863ae2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000004

MD5 94a66764d0bd4c1d12019dcd9b7d2385
SHA1 922ba4ccf5e626923c1821d2df022a11a12183aa
SHA256 341c78787e5c199fa3d7c423854c597fd51a0fc495b9fd8fed010e15c0442548
SHA512 f27ba03356072970452307d81632c906e4b62c56c76b56dfe5c7f0ea898ac1af6be50f91c29f394a2644040929548d186e0fbcea0106e80d9a6a74035f533412

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000003

MD5 306fca5a40310225aaeae1a7f6ec4ba5
SHA1 33c5ab9a579fbd264c8588500599d8f3fd21f950
SHA256 e091abb6ef48d6dd52e72d03c30658e3ccc22b498838e3bac0e1a4c91fe8e31a
SHA512 b6cdac942ed7e74baac93f7186267436bd98f1da88a8df78b52d179dc2853a33375a3d4d2d8f6e9eada0c34a8238ea27b06ad8414df5997b586506e897961cab

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000002

MD5 3973eef729615ffe9f12b0cad100e6b4
SHA1 ae897202c487c10de5c0e11e335ae2fd6d3b4640
SHA256 930521af373044db3aa04862d9f4068286096ed61b3da3dcf9a8a03c02daacff
SHA512 c5e33bcd9e4689bc7078f38e229d77e109d8419bbb2fad9c3f2ebafce688f55f8a636a23ca80fdd4714e19d0dcff23da01b9ed67ba1a9a52bcd0d500de1f9bb4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\000003.log

MD5 3dc1001753dbdbe0d73a4c1b4d779ba5
SHA1 296747ea5bc531030870e2fa649b7ca317989143
SHA256 ce2becd9de1227850335ac29362d6540c2166d6d5659cf1ec8d7986f2c4a9b19
SHA512 9878c8be99c9529b1723f3df75f5fd49bc8f73d9aed8dee09ed725fa74d53361b6f11ea272dd9b95c6f68afcb1553bd264551d09b1ff9d9de1cb22ca4e2f577a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG

MD5 3162879877b6739a3de238eac0bb151b
SHA1 ae12f00ca282efd579cb5b980d1383c7c15fbfec
SHA256 614d66fb0e943e209218fefa28b915f081b43e1929bc78e59eec7fdb5cc93895
SHA512 9a8cf1851e3cfdd685b27a4ea431b255c30b75966093d09f82cc0c1ae3a4d488b0f7a561e3d758c09bf4de37ab467a9620a9897f59a9c972154b66e5b630b524

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000001

MD5 e9bf199014b7ea84852247d29aa6fb12
SHA1 015fe156472c56c8add62c895917792fb6ef3828
SHA256 52c6d806515df4560446611af13e0295cacc128f0e4c41769ff21c958194ac5f
SHA512 102726713fdbeaccade8400a33f2b5cd129297b70ab2def865309b5fdb066ec0aea05693593dfdfe7f1a90a039a75f2a45c3cbb428817c8896f33db15c043eee

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sessions\Tabs_13370195188881953

MD5 8987e4161bd98ee4af7efb352ebffcdb
SHA1 572110929a31f32039fc7d3cc5ed33fd1933b58b
SHA256 ac90c43b7643367e8d4f6e5c1c982abcac84d218d3e060f065856b9f870d3265
SHA512 317e1220bc8bd1973e2b916e49967ba1ff44b1b74173d3978f10512bd53af37b81258fc0f5fa6cab231ac1129ab3ad62b4fab2c5240678f634ee2538b1a42449

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_3

MD5 cb21bc6f85a433ab4b00cf758c2aed40
SHA1 2bd5c13153116c8cbf3b698236a168c8aefe2b64
SHA256 a0584eda45530951036cac663481cec0e81629fb149b72927a793de660d12366
SHA512 c66b1ef53673c220fe0d447bde0bd865e78a4cd1c8de422a6b77898c8ab12dc902b1c1b13f6a31075b73ba66eceb828a3c810ea00a0633cef9d030911d5e25a7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_2

MD5 583ea0bd15ef34394410d5bb2c28f0c7
SHA1 32ea0bf71718bfb3efdf1e8ccd448b7853086eab
SHA256 2f416f791c05af1649b1383df918c646530a368eb5b71bb39b30609f5ffe42da
SHA512 d420e360f45186e19199bc525e0806fde7d0b09bf71a727f2976c40eabbebc21f1bcd23a49045f25d92c908b4d6ace69bd1fc20f45879ce8947a58aa36f33e3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_1

MD5 0eeb7c7400a5c991a5b1c88e5039cb03
SHA1 648055a5c321d8e67faa4b5035a56bf31db7087f
SHA256 c1e8a566c58a106c6caeaecdd0f0f706e7f58abcc264390fc06d62aca805d4dc
SHA512 df7bb5e238119332992d89ccb88917e6893892ce0b439cf8dbbe12acab2f6c847aca4b53b4e2e6d8a88efd1355ea309e1f09d8fa9debbe9d533f5db089fecdbe

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Visited Links

MD5 ef10df4f4216daced1741a6212a3e3fa
SHA1 2a5073ff4a386d4a5bc17975e4fad22abe3634ef
SHA256 0f97c553369c8cebe8800aa0947b0e05739e94c0851b192921bb62767d3cb162
SHA512 77e3ea250a43d7878df4f4c3803d18612cfc847e79353b7a05b7d3250a680209eb3c5dd18ea7a5a98e330679f348b0a326cda1ed0e65094c5496162250340cbb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_0

MD5 c504aed4db2bd60f60a7feb69ebb8e36
SHA1 c98379070b10df1ad3ee674a3d3df52076e5ac8b
SHA256 8c84099bda2ff3fcff0cabe24e5c56b10c708a229797ad4b602a185306bda049
SHA512 e40ac6a0bc75261f731d7fd08d249aa2901cf7af41f0a94c182579a300ceaf7634927d5fc4bc5458dd8be154716d3f57647315fc928fd41d3ed20ceb6ab24909

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Favicons

MD5 465c06528ff5b6564f30cc2f43c1a809
SHA1 00a89558bd09d6671b309e9fcc63a924a6bd3f73
SHA256 190ea7c4ecc9cdbf3eddfb2d5d5885e70be2a7194a434c6fdb151a0df858c402
SHA512 61f3537a5c3fd7ace94a3cbffb98c780ba0b660ecdc886a64492b4c65f839a31fb0dc6fd02711c80c77b3928f235c2190cb1f45828e992a7e112e34e1c2fac00

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\History

MD5 96316a98b84270b69c850b0c284122e7
SHA1 3cd8324ba1f818eff231962788793ef3021e57e3
SHA256 49d3f56b659ce951c14037fd8004efd500d05b7f1d0b6fee01094d761c318b41
SHA512 0c9e74d97253a119358714a80211fb39fbb0f13d5acfe42324ae67a466c5b23d1d022eb2d7e66fc48d2d44cd8861dd2798c51fe6e9926b7a36c20c1f75b105f9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG

MD5 49c06b9271e8a58e26ee60e7b3b3d0c8
SHA1 bd39ea09a7144924ea78d1058351f31fa1a7593e
SHA256 50b7de45beffa0a5447192be7b0a9c8b08c3c024a4a11bdbb59fd03b939f5167
SHA512 edc6c73f262c3417a85d3d30d5704ffe726a3c5dd3de1d462705037e5ea0d212a2dbc49140491f261fbfa47fbca76f37c13ac0f4c7ac75072562b90944c47c3d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Version

MD5 ef48733031b712ca7027624fff3ab208
SHA1 da4f3812e6afc4b90d2185f4709dfbb6b47714fa
SHA256 c9ce8dbbe51a4131073db3d6ceef1e11eaca6308ad88a86125f221102d2cee99
SHA512 ce3a5a429e3796977a8019f47806b8c0671b597ead642fcbfbe3144e2b8112d35a9f2250896b7f215d237d0d19c5966caf3fe674165a6d50e14cb2b88c892029

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1

MD5 8248ab43447d3c5e6ef0dff03ef427d8
SHA1 6885af2a00d170110acaf6ceada68acd59e03a80
SHA256 0b01cd1024ee76511b4829d551aa8491ac8c987dccea13138cd11ae0d9ad8f3a
SHA512 68c76d09c1a32d514a5abbc5169d84f7d486dd60306beaa60dfca8ac72d1fcdc1cebf97056529509edb5c722b298c54a7f80582575e3dddf253a091f0f6fabe2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_3

MD5 8f6ea9917172ea3ea3b08a961c278196
SHA1 1bfdf17624e7b5170c2cf552b925869e2566eef3
SHA256 bf5c6b135a0d0dd03cbb9a03b1dd94a0e049bb6ae7a38e368864e3653711c976
SHA512 e593a30c25cff0d9c0d72658e5a4321d7c2cffdb9f54e844c8d7a84122e26dcd51494264088e55b9710b5a4b811194d56402266334cdc156d585d3502dfbbe45

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_2

MD5 6a6bdd3347b16617241db2ab31d668bb
SHA1 2e6f9f3ad19af4e7e0981b2be55ac271f2452933
SHA256 cc5059375a1ea9535f7c10f3ed9b37c2012cbbb925ebc35b95066d722dffb4a6
SHA512 3a4f4dcbd6513b2153d2dd76c6802da2920fa34d8f0f631b1b064156c21e94bfc451d662f619fed6d43bc537c0c776893ff347529f263ddb1b02e2f2111e7883

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

MD5 66c7fe2567141fc6e5af7fa8fe7699df
SHA1 b87478fbb27931c274f28653f4022f499394cada
SHA256 fbdb20028bc041159eac5c8838b21b6142e33a8d184f65578bb66a0d7ad7c658
SHA512 cdc090b55c6996889ebb594a4d1fc98a520c63e1cf4e4d454931290cf81eb18911719d155564a23e11905c8b0d2792d68eb17df4ccee3cb26d74847b62d2b602

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_0

MD5 573d941510c45d7859f9a87d9373180f
SHA1 c3808c4edfb45a6b4dfc9520f401c2ae338f047c
SHA256 34b04a7f4806ee7e20efd513ef2ceee16b8078e0db85e101c5d1ef5259fceec5
SHA512 318a68746e7a1b980302f15830db6d905a2144f136a1a3165e25089e50ec57f4bc1f7a602e224080e4045fc0bf005694d033937e05eb42d6802e70adcbaafc74

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\000003.log

MD5 e8a3e5bb0265009b4d9e45c38b7a7b65
SHA1 032f1e2571d072903beb4e81e851e48fb5889c59
SHA256 2b5d30286b87a725d7993ac9aad8fc5b7911114d5d361aa6ffb238d90ef60243
SHA512 577d0a687ef4c228f950d25d3b50851ce6293068fe813c491a099498397548f7768a7b72a4d76c874f85dbb84cdc1891986b5210a5e3212a6e1303c320753058

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\LOG

MD5 958c8052e1df12d5b652b4678b23f137
SHA1 a5ba7355e3d087be6a581c1f8c2315a49b25114f
SHA256 fac591895620c6d0a1a691d3526f913a2aba02546a4f0aef1e8722e484a4a2f5
SHA512 d8c3f1c3597d6f3ebe650e8bcc05a49fb8bde7646e399491bbd8befa854bec69b8b78dd2cd74b03811cec6c29d1b5087fa58ad4aecc32f0bdb5b1531b30a2e7d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\000003.log

MD5 e037ac9e0428440c87608dc3820b673f
SHA1 3cdb3b4351b2b3233d504cdf428bec171cb3d8f8
SHA256 d3f25f6fc05ebba1e81fba227b161f1dc7c7e6ec29a9b803af8da421e281565e
SHA512 65bc7301930917be10dc12cabf2f3f03009a36a865f3c05638b73aca7c4f3375f0dad1981822c2504ec53194636bb5bc6c4111343bbd95ad76dd1ec7f7ba9e8d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG

MD5 386ec25c891e881a5cb987e0c93b243c
SHA1 73f0fc9f7f8b184f03a97e45441128f7fcbef60a
SHA256 59d13651b32b505c85f4a4fc1db63cd5177d1529af13867ec01da609f8f93102
SHA512 1e73f46d38ad927082238611fd54d3ec408e034bdb676bac9930cbf579e134b0df0661b4e4acbddeeb2f943824aba1a37ce823c1c16ae02ec0c77bb2ecd831a7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\QuotaManager-journal

MD5 06be47bac33e4241bf9bf5817454abf9
SHA1 35b3179ff75799dc723d0d7eef01cc6e99a88dc2
SHA256 ab0d9c2488ff91517cf7dd051d0080a563f753859e982583b79ccd08c72036d1
SHA512 e2e86cdb1dd65995237899aeeb313a048c9c5f5a63f11898325100484ee6a90987ea3c1812a1dad8e7242e52f7b6aa2e9343bad1136cfccbc24a9ec69bf06905

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\QuotaManager

MD5 0a8e2d3dd4f984d4079784c9215db1fc
SHA1 f13179e4f62075a04f429e6c0957541a6286ede9
SHA256 b24ed4ecdd61d84b7724734f01ef9917c511d77f68e0d99ded3eb1fde97710b9
SHA512 fa414f86af3d82ab400d2fa735c5955746225dacb7044be1271d312284f12822e2c906de1f55697d65610f904d6ddc6754c00f22791fd5103c1e2bb5c880407a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 ac15c3d144cefc448b1c74c49984ae82
SHA1 1da72e4663f5f4edb8c35a1549b4c2aa240c9b8f
SHA256 0682c441cb243d35fc9820d5c1fea2f7e16b1377efddf0b5571dde510d2feeb3
SHA512 086d67c6b7bb7a3b6e35458ea062808d210748d3ecd8ac7c768a06742a2b73a1af6f70e5aa1dad4080419c9f77e4145ca38548ff7d4dda7bdc99d59aa0b22242

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d6d2263d38925738c603ec0d189408c8
SHA1 1bd953efcc74ee1e1e7c07946d36f915a5ae390f
SHA256 25805f8fa1ad5b9aaae297beb971388e71acf061a4a0211eee25a384eb5eaf62
SHA512 e111f4b52f8efffc5975bfb4e53f57257915c7fff33a4fb096fa28c3620a6843b8d5603180e507e25e55ace28d99eed2aafc1f53b10631513e21fe3623db5e37

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 e7771d51123762180323a4dc3a563348
SHA1 249c713a36ef41f2d39d2d19d462052c060a851a
SHA256 4b660b013cc03a9d0bb739d98cf41de4be73375d21cb85eb0db32434fb3506b2
SHA512 46df92b69b8223b2c017ff13908e4d786608af488bdc97495a444d7a752f8c8ad3d344e80bb78a25fcd7eeb50abc8a333dcdc8da4b187f96c4196f9c59f627e8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

MD5 63568e0cd694e1dede9d237f1c51cb89
SHA1 8fb9d85177355b37bcb956ee3ec8472e75b106c5
SHA256 855ba07ee0158f1ca5f3ee4189ced83bbed827c1dc6751718f34be362154f31c
SHA512 6d91316b59d4fcb6a18b462d861d4c18a6487b39a6e5b26a2520f1eea78cd372b079af3e091a9abc0c291c261b6bd610a9ba1db8bb3aa6c2fdeeb56aeb42943f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4117e66f9aa85b68646b5b6498d0cdac
SHA1 cc26238490b6695c94bc3361aff3472d2f5118dd
SHA256 213a0b18efec785e8c41697cae85b6c035f03a876eaf315be1d0f65d54cc2ec0
SHA512 dcab873f450f7010ab3bdf1063893659ecae731082c5c19e6aaadcda236cfa695fda2746c8d3113ad699b098cab6762a4cead7a8b7943c52b7367c465b06ef93

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000e

MD5 08ec57068db9971e917b9046f90d0e49
SHA1 28b80d73a861f88735d89e301fa98f2ae502e94b
SHA256 7a68efe41e5d8408eed6e9d91a7b7b965a3062e4e28eeffeefb8cdba6391f4d1
SHA512 b154142173145122bc49ddd7f9530149100f6f3c5fd2f2e7503b13f7b160147b8b876344f6faae5e8616208c51311633df4c578802ac5d34c005bb154e9057cf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 28a17413b4635f71280f532ef05d10a3
SHA1 72f01ee85b07b624adb35e2b89293a7457449585
SHA256 0e0eee4a10eed1f0787ed5cf16647bdf406f11de1a40396e919416f1fd5e0473
SHA512 34992c43ec08ffb6ad9cfc05338a56a43605c79624258a57402baa838b4b17efebeab9dc81acf948effe032952a3f651b682806aa4bc8ad550a3a82c06a83f80

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 eb5974339b4cc834f1f64bf6a9178cfb
SHA1 f9280628704f3723e6861c6e0b4076c9dbb953d9
SHA256 62ac189527ea9ee92eafc485eb9d7ab8a76e73500cd3b7147cd2a63a0b7c8fef
SHA512 bc8ddc11f3b5a17078f4052f8366f96b8becef3873cc41c4e0d3d6ecb5db492221cd1ede6bd0d393acc0791dafac9291b98ea90bf26b0da5c5a93f7683cb7a85

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 80bf07145c764db15d0797492b548aa4
SHA1 115f7aada18145f522dc78c80302772fbdf4fba3
SHA256 53cf24852116c6d1279dbb4f1e4003484d2a7bc12e0f8c16aba172dc566d483c
SHA512 779daa58f2ebfe32d78112141d8e6ba80d9457578dbc37817dff10c51c6a9a0ce6d4bffeff82ded52714febb96c919011d566e84543767e28d4d496124ed6f38

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9556d7a9e3c1361173edcf2d02deb286
SHA1 0851beaecf1165e862aba9eba79de127e3f368e3
SHA256 df3dd7de45e91a8121fcd2f0c4ba789056ed1772f4956a2ae7d27be4015bae11
SHA512 b350e3825bbebe462d3ddb1e661e2af64d275946a32468b4d2581a0d380691d839a9f4454d2a7ae04050575133b930c62fbf679c76bf0b58208a86e1db2b8029

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 64facadedf40699bc02857931e5300fb
SHA1 b83f67e893cd4fe7c42fd8b37cb7ab70063c0999
SHA256 5b3c96e8a3616f8cf9233b7c9e61664ff89a33a872b4a3546a102150c8463d00
SHA512 82e138757f883c11206581e599ff164ba3fc446354e0b68aab86b157f8a31086a7af1a3f4b0a8280fe5053da12bc8d4690c330f4da7c88e258165385f6d99cc6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 31e263198b7be6d267d8e0f220bef845
SHA1 cf3990317aba86482cf0b37d0c1ea951667fcfc7
SHA256 49ed89c2ebd1bb9a8c721c75dd6c0b3ede1bde9fa99256090c863c9edef13861
SHA512 07922a076fc764569d06db875e5ea76387c1cdc2df0321d3dcb377c4d523da108c79b75f0fa8857d4081f93412420d84803fa4ebab88a967ce9737c6d04cfd4c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6e555165508b5bf1db749dfec3e9aadf
SHA1 fff3256c5cb3291f36d6e4781b542ca07e968fea
SHA256 52d32b32186c9ce7d280ae9ae7a8e036bd2530046e9f5e5de64ec25ecced5d45
SHA512 788784f09a5bfca586bd924e7fce3f3ec10369cb38e4b26e3d1301b9bda85ec41109072b89fed688a0b5c97f5b5e0bf87349ec433af940f44543bdc30eeebb5f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c570062fb8263d8a51780c6a3e2e82ee
SHA1 6634367d4f845933ac2083a05f96e7d8289bfa4e
SHA256 f8990b22a2ea29e712cb8e476f4f0921e11592d9649f9466c0424cf6c77b0d12
SHA512 1faad0ddea387ad526eaa01d5f0f339b4b00aed9bd4b462601b6cdd1088221f3e540bcb371df38bece4301e34811656f03ae76bc6091884d540537e70b62cc8c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 c43799ad0a2360a76f6a58b3403b3bba
SHA1 324966d7f788d3c9738e9c6b733b68611d2eb020
SHA256 54c5f0f0864636fcfb3c7c01fbac0c8935ac6c65cb3f78a3cf734144667cc10b
SHA512 ffe9dfdcd1d3d605ba0ad19e30e58406e7302f97e964ff5fd68fb1a4e9a17a4e56875779caa38a6aa2f95536ac132aa4a134303fb828893dd41784c5bca524ed

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 65e2bad67430e6877ca4e86120906388
SHA1 5a52edf954f1531eb977fad43458627654b02815
SHA256 062f99a349274a5c1a788300f16e9602ee0edd99fa73e25388272af645a1e4c5
SHA512 cd3bc7b9a3fc1416d863dcaf2552bf40774cfa312e32257c167a6f9f0b7260c09d802b0865ce484486c486cef0558e638d68d450c4e57912228e52451866bffc

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock

MD5 f49655f856acb8884cc0ace29216f511
SHA1 cb0f1f87ec0455ec349aaa950c600475ac7b7b6b
SHA256 7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba
SHA512 599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 220c691b47bb9c74fd26b28c82a7af1b
SHA1 86cf39a13e5c6ef97386db84d27d63edf0eecf16
SHA256 2e6a95699993709364ac3ba7d77ac28349847fe6281039a25c953316aa3ff2e9
SHA512 e444727bfbeec9516a384e554b7f141881dc7c8cf9e45ff5db57db92a7e4c78321c09beb480d0bc65d9686379a7e41e2f4ef1f9377ae76fe960738daee84a0cd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 892920201629aef182da2326cd79ddab
SHA1 a62866ed67ba293fa2731c5a4f9cffa2a6f4ef73
SHA256 566d6bdf1a3f9645866768f42c2d4364577296a826296433a580a9186844e973
SHA512 085ec867b6407c065659a00c2e8bfdc32f7f87c3c5e59661f695918d98a7ba9db31d6734bb680168655425a392fd8be4a79f30e6d57b2aa8a6de37e9918ab495

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 612654dc2e27c0e83a3e464e694498a8
SHA1 dba69c26124487293a15214cd54b71a9edc6e816
SHA256 04a4822ab5575a56ceecb4e73981a42a016f4076ca3766e31498a1aa029cb381
SHA512 43046cb937e6011edc5be9dda51e646db9d167d2b8c763b45fc5a7684dd0961f43742451e32ab702485870ea9d57d0a405545bff2d8178ed51e1e9af84723de5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 1adf28e8fab9dc88fc361691ff763e6d
SHA1 099b700281af6c5389f46bc2c3720b2c77a771b5
SHA256 957fc8307707ac5cd46355fd26c7090d5494076d839f4b65bb9eadfba3c369fa
SHA512 d3263d715689a9642e3f8c582b3d0d409e145bcdd44aefb397f31e73e7e321b82718b8a2f64cc6ba2afc34e6d0fa38817e8752f670485e5c2420834f77655ea2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8087c3a425e6381c6d7c7148d25da737
SHA1 2d1740c1c555f5f8f7568a7326cc5f3cbcd02648
SHA256 f6967783910edf3635423a93965d4750b4599a1ed6e357bb13717a3ba3f66879
SHA512 35ef3a4675d10fd231cbb869b1dd04ed85cc988a722913e9476511bd94fb08c80d66a8efcb507b71cd7500b6742184b74b27fd787119adf54072aa7867fc0a9e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 0c70aa7dad140e97018c61d7e27913af
SHA1 d17a5383c8193b19af03649adbcd61a09f1fb32c
SHA256 02ee99a24b0afb2d930878790a0423ffc38f1dfb88a301969a40531ddf1155f3
SHA512 896d692ff32566d92251f78f90145fa34dd8cd543199d0037d782b52301d65ed77a83e84e76fa7ace9b0de8af5f8ce0618cd73954b66d831c9291645157d063f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 fb53b01a2dc87196b908dbf45fd77831
SHA1 61b7de26130cdf1d48f8f91068b32994609fac3c
SHA256 0b7a602e490490e42c77613c4ab5e77d88d464a0c789e241cf811ab28bfb4ec2
SHA512 2c2bf7de316ae428d15cc82124defd51f2f698eb1f2fe79a8fdb47736a8c88cea28fc6327f5b5b8ed82db1171b7367aa33140a95d0585a8cf62b1317477b978a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 4233085a64a8845816507964a6f01f04
SHA1 0fe09e0f22a2c113d4af4c839ad7d6b36065cae4
SHA256 880888fd7c156654e29f0c1fc69d917df11580547214c7539e192a083d05397d
SHA512 0da66c13a7a331bb757f861895a878d8943b574dbb3b2a0e2e78590f4bef2ac43c906abb44db9279d281b19c8b4a2e58380c83b6141248f4a4302d6fede1128e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e14353cd807df875e624d29bd06c9d16
SHA1 6c2ac735a7f124466112e02b99d9e52ceff464c2
SHA256 e7778dd26bd80873088f61e5f4ea221fe6e43868026e558ae33d7a1f3709cb52
SHA512 0530c7fa85e3c56e657515addb490d2c471f3f249b636a7a25320faa4ee727f046252ca06dcc64f594b9738d960055c87a0432ab6cdd2388de94069c8d4cf9ca

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 3f976004c10c3a370d36796c2e433734
SHA1 dbd099d098071ac7fcca6c0cec67800bf745c755
SHA256 02d8b470b2b4bae7be07e94ccb2c2a2b88ab657bddb377e1f52fec89b449fbc4
SHA512 f47f1ebe2ebe1186987f5525adc076517266d790029f0ab2d9a2650e3e989ab0287485b93939de2b173a1b6ac5791fa17d5d0c9929eb7dbc86e362b73bc92f51

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 cc3ccc835819a4b9f1315efacdb84bcc
SHA1 d2cdacc289099e4a46e9b84f406b4bb41fb18cd7
SHA256 a03ae2a9bb3cdd23ce891bcc92a486b2fbbf81a84b80ddc39f219932fda6410c
SHA512 02dddbce201e9ddf31d95e116db8c568fc221be571077e9f290559689b9dc454378fcbb121b623335463965dd3d97fbdcee907ebb307decfe87049428ddd9aa5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 31e0b9b5cdfe47b9d3e743313ce35850
SHA1 dfd90d250e87411f1c06971abed0596708a0b7e1
SHA256 c9562a6c6fd424c228cc59d2777d6bac63876f2f19451b691c1d687111912e5c
SHA512 84be223b4756e8712553cf0a73307c4a4f895f6fca6733221f040eb56ae737665a97147c1477dc1edb9877dc952255075ae52e79b1257a3e6d06fb9223ceb600

C:\Users\Admin\Downloads\release.zip

MD5 06a4fcd5eb3a39d7f50a0709de9900db
SHA1 50d089e915f69313a5187569cda4e6dec2d55ca7
SHA256 c13a0cd7c2c2fd577703bff026b72ed81b51266afa047328c8ff1c4a4d965c97
SHA512 75e5f637fd3282d088b1c0c1efd0de8a128f681e4ac66d6303d205471fe68b4fbf0356a21d803aff2cca6def455abad8619fedc8c7d51e574640eda0df561f9b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 fba037edfefe6baa43a4fb48de9efce6
SHA1 ae613b680075fbb78a69aae77e5d7cc5e70f2a6c
SHA256 f60f93e7dbe6c15d648db024e42e59067d713a3747ed6ee9d298c1162ad3a8e2
SHA512 c066baa659066afdf5d048d888e65a246edb0cb67d1ff0d4c8a882771ea3b4a632727ea2afa8b2d9f0c51a971661e4bd158acfddc6fa964dae776c1ae5d05ca1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 498dcfee4c466d1c7b11d0683357a3ad
SHA1 705fbe6f3647ab670500561ec3d0da7b9052a6ce
SHA256 fd4bf0baa25909939d77e7f20fa12a2f8ea6ad8e5e831f6bb71da6017c330497
SHA512 9be57ee6838a25412a67513f2956b54ad26e851f2a27c4b0f5f96abbaeacc951a48fd3acacc33870d2f5c9a7ae08aa69ded9439ec8da164dc948081f549e66c5

memory/1796-965-0x0000000000840000-0x0000000000848000-memory.dmp

memory/1796-966-0x0000000005710000-0x0000000005CB4000-memory.dmp

memory/1796-967-0x0000000005240000-0x00000000052D2000-memory.dmp

memory/1796-968-0x00000000053D0000-0x00000000053DA000-memory.dmp

memory/2496-970-0x0000021362070000-0x0000021362088000-memory.dmp

memory/2496-971-0x000002137C760000-0x000002137C922000-memory.dmp

memory/2496-972-0x000002137CF60000-0x000002137D488000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 86131e9f19b4ebf9e7c647365bedc5eb
SHA1 8101cd47e1a8ce28b66cc589ba23091f95d943b0
SHA256 3f3c42ab43e8e3b49f400fa6ff04242a8a615e6658a6d820076c18f81a743d76
SHA512 007c68fc97ae7240bfd412515191b0562e5cb4430034d646ae2d148ce0ad43f440466963c40f0c357da76da8269fcd702e7e690268560af5c1b0ac85b42c4d2b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c78a2d704478c382d6ae752345c08e34
SHA1 847f6de701a604da2b65bf44c209861de72b4f38
SHA256 1bb0688593e4c0d67caad1db0525747007057e63ebb2131eeb7d1f425f34e045
SHA512 b34a377dc6fe49f3bbdfad348f7279c3eddc848bbc99cab175a30a9b74f7244df15add25def10dda8e4f80b34b878b9ec6f6440741755872fa93cf80c647e4f5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 0e99a1d850f7173d6947bd7b7045d041
SHA1 293b9bcd089872c81f14242508a9018a4a099f55
SHA256 a4e6f7a81187a6267ecfcc6be155da05d49e409ff367d68d142b542392dbeb2d
SHA512 2e6952034819913c2e427f255c3146374ec1b3f4217edf05ea5fda1c1320aca9da56f29a2f76167df0b28f5a22c64636a9acc167a095379d7ac7cddbf38aba88

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6a4e020e35f83e841ce5f11db1bb6f51
SHA1 0231a4b2089f3ed901a295b7fc07c1e5e14f754a
SHA256 4adcb5bae2b333803f9906d310459e5d794989d32e5bf9bfe8d8d23ba8fd336a
SHA512 10a0527a3ad80684b63a979329a5acdbe899fa3e8c8d70e6a6175dc099bfc7ee53ad5f7421d747a9982bc2902146ceea4d4c6ab1f0b5f2688cce1c95dacd2379

memory/4400-1015-0x0000000008400000-0x0000000008522000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 f00e34204fcd14b5981abbca4850ec26
SHA1 8b2cac85e6ab89e3ce0e5308de0cf8678d77ec19
SHA256 f181fc52e446ed265ea22bc1ff7432ba0905034e8aaa010cd4db7c9a3bef4ca8
SHA512 63f139c5798ca4fb67f2f3e7996651d82876a349e568fb290ef70f0f854e2e3828df180a4683d11682e603205d29965cdb722b502cf94e325cb311d04bbf9d8e

memory/2960-1026-0x0000018BFE9F0000-0x0000018BFEA08000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5e6d24786f09a168655ad3ff90e887de
SHA1 57bd43d26dbe92284664b4b3eea22591b0732d44
SHA256 50d1c21a357086bcd3383a1358e531dbaff28cd4480207e8e75a9dbd2b97f073
SHA512 27622ab29426e07538e80d1d6407acad12a4c6d4f9dca29bae2efc37cb39eba7c7411a19414c33f9ccad6ff9957182b7948f791db30d324f45ab7b1d4006fe79

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 dd902e190883e10e7f321714b4355664
SHA1 ee6ce4f148352e8ab55018b3e259404dd2fb0907
SHA256 af7fbafcc2d9a8d4a924c58c4ff8dbf775ddaaf86fa6ec258aa2a3a44dd5e2ed
SHA512 a7cb3ec140d23edfd1c3569d5f2b7bd9d16746fad001d708a768abd77f7dc14c0f8b95266681828bd4fd7aba63e9e44cf191af317054d5d61bd95ffa4e86ad23

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 37c6c5942adb3eaae46e01c67e3d5869
SHA1 b247741514f0d97c59a7bb63c03a312d31a6c4fa
SHA256 4a2319a60bee375fa63069d321fcc8bde05727f53094aa76ccee62c49f98e728
SHA512 cc06d14ab0d81fa1ee346fd907e94e9929153869a949fcc4353fb04a423057d9ba70564672a973e2a8071123173585975490e6c012ab1d3a14d87fe55085ea3c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 622e820729e91644c60595236e4f4a92
SHA1 d39174f77b4b6f793c58d28ad5d62d31e895d5e0
SHA256 959f2a5124ac6b414f6257e7352e059fb98436707c6c8a8edaac92aec6e8e1f5
SHA512 5d02e51ea769940adfdbe5c7c8d49e3ff552526b7700bfe8f5c11a94f4f80510b5a039df8482676a9afe02c5a08875fd4ec16ec240b1fa8c9cfe669a1c26fadb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7bc0be62c7f9a1c7454d0689075a5251
SHA1 1ec938d1c7977c3e428b7177c0982077cefa3156
SHA256 d316cae34be844f96e89702caccb630849793e0bb973d1cd45b0c8f4707fd425
SHA512 b48fd7835eae7c23fdb298b1d783f506b3f98ca2f9c3b61ffeb3a97b16793921c73f0154e7e1b1981f7ac433ee96a10fdc0fa34e2d2c7586440aea8270537b6a