a0f2e9f7d2e48687bbadcfb91adcde96dd779d4c8b0f696b4b605dc82b0c6da7

Analysis

max time kernel
1800s
max time network
1750s
platform
windows11-21h2_x64
resource
win11-20240802-en
resource tags

arch:x64arch:x86image:win11-20240802-enlocale:en-usos:windows11-21h2-x64system
submitted
27-09-2024 19:34

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

exploits.html
Size

24KB
MD5

ad7ee9e1af2bfcda6b7cf0b9a5e0efc4
SHA1

9535032379b11304c15694a848daa4897d8fb829
SHA256

a0f2e9f7d2e48687bbadcfb91adcde96dd779d4c8b0f696b4b605dc82b0c6da7
SHA512

e5e7dc723fc7708dd41b0827c3a8d2fbe19acea0a6dcc72d0110245e212b810ab69f3bd5622758fc30c95f97ab1e017b3b7690042f9ee14d915df0923b5a95cf
SSDEEP

768:71OilU/bZC9fvOflS5/u01/8xWApJingqna03O7m7Y7Z7/S3R8B2E8vSoSRSmUK/:QilU/bZC9fWflS5/u0/8xWAringqna0y

Score

6^/10

discovery

Malware Config

Signatures

Legitimate hosting services abused for malware hosting/C2 1 TTPs 2 IoCs

Web Service

T1102

flow	ioc
179	raw.githubusercontent.com
180	raw.githubusercontent.com

Network Share Discovery 1 TTPs
Attempt to gather information on host network.
discovery

Network Share Discovery
T1135

Drops file in Windows directory 1 IoCs

description	ioc	Process
File opened for modification	C:\Windows\SystemTemp	chrome.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

System Network Configuration Discovery: Internet Connection Discovery 1 TTPs 11 IoCs

Adversaries may check for Internet connectivity on compromised systems.

discovery

Internet Connection Discovery

T1016.001

pid	Process
4880	msedgewebview2.exe
3268	msedgewebview2.exe
4880	msedgewebview2.exe
1864	msedgewebview2.exe
3204	msedgewebview2.exe
2036	msedgewebview2.exe
2240	msedgewebview2.exe
4768	msedgewebview2.exe
2500	msedgewebview2.exe
2068	msedgewebview2.exe
2592	msedgewebview2.exe

Enumerates system info in registry 2 TTPs 15 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedgewebview2.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedgewebview2.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedgewebview2.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedgewebview2.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedgewebview2.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedgewebview2.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedgewebview2.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedgewebview2.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedgewebview2.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133719393176691563"	chrome.exe

Modifies registry class 29 IoCs

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-21-970747758-134341002-3585657277-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1092616257"	ZoraraUI.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-970747758-134341002-3585657277-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Mode = "4"	ZoraraUI.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-970747758-134341002-3585657277-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 0202	ZoraraUI.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-970747758-134341002-3585657277-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:PID = "0"	ZoraraUI.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-970747758-134341002-3585657277-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByDirection = "1"	ZoraraUI.exe
Key created	\REGISTRY\USER\S-1-5-21-970747758-134341002-3585657277-1000_Classes\Local Settings	ZoraraUI.exe
Key created	\REGISTRY\USER\S-1-5-21-970747758-134341002-3585657277-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\Instance\	ZoraraUI.exe
Key created	\REGISTRY\USER\S-1-5-21-970747758-134341002-3585657277-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}	ZoraraUI.exe
Key created	\REGISTRY\USER\S-1-5-21-970747758-134341002-3585657277-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1	ZoraraUI.exe
Key created	\REGISTRY\USER\S-1-5-21-970747758-134341002-3585657277-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg	ZoraraUI.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-970747758-134341002-3585657277-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\Shell\SniffedFolderType = "Generic"	ZoraraUI.exe
Key created	\REGISTRY\USER\S-1-5-21-970747758-134341002-3585657277-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\0	ZoraraUI.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4336a54d-038b-4685-ab02-99bb52d3fb8b}\Instance\	ZoraraUI.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-970747758-134341002-3585657277-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\LogicalViewMode = "1"	ZoraraUI.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-970747758-134341002-3585657277-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\IconSize = "16"	ZoraraUI.exe
Key created	\REGISTRY\USER\S-1-5-21-970747758-134341002-3585657277-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0	ZoraraUI.exe
Key created	\REGISTRY\USER\S-1-5-21-970747758-134341002-3585657277-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell	ZoraraUI.exe
Key created	\REGISTRY\USER\S-1-5-21-970747758-134341002-3585657277-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU	ZoraraUI.exe
Key created	\REGISTRY\USER\S-1-5-21-970747758-134341002-3585657277-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags	ZoraraUI.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-970747758-134341002-3585657277-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0a00000001000000	ZoraraUI.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-970747758-134341002-3585657277-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a0000001001000030f125b7ef471a10a5f102608c9eebac0e0000009000000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000	ZoraraUI.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-970747758-134341002-3585657277-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:FMTID = "{00000000-0000-0000-0000-000000000000}"	ZoraraUI.exe
Key created	\REGISTRY\USER\S-1-5-21-970747758-134341002-3585657277-1000_Classes\Local Settings	OpenWith.exe
Key created	\REGISTRY\USER\S-1-5-21-970747758-134341002-3585657277-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0	ZoraraUI.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-970747758-134341002-3585657277-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupView = "0"	ZoraraUI.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-970747758-134341002-3585657277-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1"	ZoraraUI.exe
Key created	\REGISTRY\USER\S-1-5-21-970747758-134341002-3585657277-1000_Classes\Local Settings	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-970747758-134341002-3585657277-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\Shell	ZoraraUI.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-970747758-134341002-3585657277-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 00000000ffffffff	ZoraraUI.exe

NTFS ADS 1 IoCs

description	ioc	Process
File opened for modification	C:\Users\Admin\Downloads\ZoraraVVVER2.8.zip:Zone.Identifier	chrome.exe

Suspicious behavior: EnumeratesProcesses 25 IoCs

pid	Process
4592	msedge.exe
4592	msedge.exe
3168	msedge.exe
3168	msedge.exe
3116	msedge.exe
3116	msedge.exe
2012	identity_helper.exe
2012	identity_helper.exe
4680	chrome.exe
4680	chrome.exe
4680	chrome.exe
4680	chrome.exe
2984	chrome.exe
2984	chrome.exe
2984	chrome.exe
2984	chrome.exe
4120	msedgewebview2.exe
4120	msedgewebview2.exe
1900	msedgewebview2.exe
1900	msedgewebview2.exe
4340	ZoraraUI.exe
2096	msedgewebview2.exe
2096	msedgewebview2.exe
4880	msedgewebview2.exe
4880	msedgewebview2.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 24 IoCs

pid	Process
3168	msedge.exe
3168	msedge.exe
3168	msedge.exe
3168	msedge.exe
3168	msedge.exe
3168	msedge.exe
3168	msedge.exe
3168	msedge.exe
3168	msedge.exe
3168	msedge.exe
3168	msedge.exe
4680	chrome.exe
4680	chrome.exe
4680	chrome.exe
4680	chrome.exe
4680	chrome.exe
4680	chrome.exe
4680	chrome.exe
4680	chrome.exe
4680	chrome.exe
4680	chrome.exe
1100	msedgewebview2.exe
3492	msedgewebview2.exe
2060	msedgewebview2.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4680	chrome.exe
Token: SeCreatePagefilePrivilege	4680	chrome.exe
Token: SeShutdownPrivilege	4680	chrome.exe
Token: SeCreatePagefilePrivilege	4680	chrome.exe
Token: SeShutdownPrivilege	4680	chrome.exe
Token: SeCreatePagefilePrivilege	4680	chrome.exe
Token: SeShutdownPrivilege	4680	chrome.exe
Token: SeCreatePagefilePrivilege	4680	chrome.exe
Token: SeShutdownPrivilege	4680	chrome.exe
Token: SeCreatePagefilePrivilege	4680	chrome.exe
Token: SeShutdownPrivilege	4680	chrome.exe
Token: SeCreatePagefilePrivilege	4680	chrome.exe
Token: SeShutdownPrivilege	4680	chrome.exe
Token: SeCreatePagefilePrivilege	4680	chrome.exe
Token: SeShutdownPrivilege	4680	chrome.exe
Token: SeCreatePagefilePrivilege	4680	chrome.exe
Token: SeShutdownPrivilege	4680	chrome.exe
Token: SeCreatePagefilePrivilege	4680	chrome.exe
Token: SeShutdownPrivilege	4680	chrome.exe
Token: SeCreatePagefilePrivilege	4680	chrome.exe
Token: SeShutdownPrivilege	4680	chrome.exe
Token: SeCreatePagefilePrivilege	4680	chrome.exe
Token: SeShutdownPrivilege	4680	chrome.exe
Token: SeCreatePagefilePrivilege	4680	chrome.exe
Token: SeShutdownPrivilege	4680	chrome.exe
Token: SeCreatePagefilePrivilege	4680	chrome.exe
Token: SeShutdownPrivilege	4680	chrome.exe
Token: SeCreatePagefilePrivilege	4680	chrome.exe
Token: SeShutdownPrivilege	4680	chrome.exe
Token: SeCreatePagefilePrivilege	4680	chrome.exe
Token: SeShutdownPrivilege	4680	chrome.exe
Token: SeCreatePagefilePrivilege	4680	chrome.exe
Token: SeShutdownPrivilege	4680	chrome.exe
Token: SeCreatePagefilePrivilege	4680	chrome.exe
Token: SeShutdownPrivilege	4680	chrome.exe
Token: SeCreatePagefilePrivilege	4680	chrome.exe
Token: SeShutdownPrivilege	4680	chrome.exe
Token: SeCreatePagefilePrivilege	4680	chrome.exe
Token: SeShutdownPrivilege	4680	chrome.exe
Token: SeCreatePagefilePrivilege	4680	chrome.exe
Token: SeShutdownPrivilege	4680	chrome.exe
Token: SeCreatePagefilePrivilege	4680	chrome.exe
Token: SeShutdownPrivilege	4680	chrome.exe
Token: SeCreatePagefilePrivilege	4680	chrome.exe
Token: SeShutdownPrivilege	4680	chrome.exe
Token: SeCreatePagefilePrivilege	4680	chrome.exe
Token: SeShutdownPrivilege	4680	chrome.exe
Token: SeCreatePagefilePrivilege	4680	chrome.exe
Token: SeShutdownPrivilege	4680	chrome.exe
Token: SeCreatePagefilePrivilege	4680	chrome.exe
Token: SeShutdownPrivilege	4680	chrome.exe
Token: SeCreatePagefilePrivilege	4680	chrome.exe
Token: SeShutdownPrivilege	4680	chrome.exe
Token: SeCreatePagefilePrivilege	4680	chrome.exe
Token: SeShutdownPrivilege	4680	chrome.exe
Token: SeCreatePagefilePrivilege	4680	chrome.exe
Token: SeShutdownPrivilege	4680	chrome.exe
Token: SeCreatePagefilePrivilege	4680	chrome.exe
Token: SeShutdownPrivilege	4680	chrome.exe
Token: SeCreatePagefilePrivilege	4680	chrome.exe
Token: SeShutdownPrivilege	4680	chrome.exe
Token: SeCreatePagefilePrivilege	4680	chrome.exe
Token: SeShutdownPrivilege	4680	chrome.exe
Token: SeCreatePagefilePrivilege	4680	chrome.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
3168	msedge.exe
3168	msedge.exe
3168	msedge.exe
3168	msedge.exe
3168	msedge.exe
3168	msedge.exe
3168	msedge.exe
3168	msedge.exe
3168	msedge.exe
3168	msedge.exe
3168	msedge.exe
3168	msedge.exe
3168	msedge.exe
3168	msedge.exe
3168	msedge.exe
3168	msedge.exe
3168	msedge.exe
3168	msedge.exe
3168	msedge.exe
3168	msedge.exe
3168	msedge.exe
3168	msedge.exe
3168	msedge.exe
3168	msedge.exe
3168	msedge.exe
3168	msedge.exe
4680	chrome.exe
4680	chrome.exe
4680	chrome.exe
4680	chrome.exe
4680	chrome.exe
4680	chrome.exe
4680	chrome.exe
4680	chrome.exe
4680	chrome.exe
4680	chrome.exe
4680	chrome.exe
4680	chrome.exe
4680	chrome.exe
4680	chrome.exe
4680	chrome.exe
4680	chrome.exe
4680	chrome.exe
4680	chrome.exe
4680	chrome.exe
4680	chrome.exe
4680	chrome.exe
4680	chrome.exe
4680	chrome.exe
4680	chrome.exe
4680	chrome.exe
4680	chrome.exe
4680	chrome.exe
4680	chrome.exe
4680	chrome.exe
4680	chrome.exe
4680	chrome.exe
4680	chrome.exe
4680	chrome.exe
4680	chrome.exe
4680	chrome.exe
1100	msedgewebview2.exe
1100	msedgewebview2.exe
3492	msedgewebview2.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3168	msedge.exe
3168	msedge.exe
3168	msedge.exe
3168	msedge.exe
3168	msedge.exe
3168	msedge.exe
3168	msedge.exe
3168	msedge.exe
3168	msedge.exe
3168	msedge.exe
3168	msedge.exe
3168	msedge.exe
4680	chrome.exe
4680	chrome.exe
4680	chrome.exe
4680	chrome.exe
4680	chrome.exe
4680	chrome.exe
4680	chrome.exe
4680	chrome.exe
4680	chrome.exe
4680	chrome.exe
4680	chrome.exe
4680	chrome.exe

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
3952	OpenWith.exe
564	ZoraraUI.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3168 wrote to memory of 8	3168	msedge.exe	78
PID 3168 wrote to memory of 8	3168	msedge.exe	78
PID 3168 wrote to memory of 660	3168	msedge.exe	79
PID 3168 wrote to memory of 660	3168	msedge.exe	79
PID 3168 wrote to memory of 660	3168	msedge.exe	79
PID 3168 wrote to memory of 660	3168	msedge.exe	79
PID 3168 wrote to memory of 660	3168	msedge.exe	79
PID 3168 wrote to memory of 660	3168	msedge.exe	79
PID 3168 wrote to memory of 660	3168	msedge.exe	79
PID 3168 wrote to memory of 660	3168	msedge.exe	79
PID 3168 wrote to memory of 660	3168	msedge.exe	79
PID 3168 wrote to memory of 660	3168	msedge.exe	79
PID 3168 wrote to memory of 660	3168	msedge.exe	79
PID 3168 wrote to memory of 660	3168	msedge.exe	79
PID 3168 wrote to memory of 660	3168	msedge.exe	79
PID 3168 wrote to memory of 660	3168	msedge.exe	79
PID 3168 wrote to memory of 660	3168	msedge.exe	79
PID 3168 wrote to memory of 660	3168	msedge.exe	79
PID 3168 wrote to memory of 660	3168	msedge.exe	79
PID 3168 wrote to memory of 660	3168	msedge.exe	79
PID 3168 wrote to memory of 660	3168	msedge.exe	79
PID 3168 wrote to memory of 660	3168	msedge.exe	79
PID 3168 wrote to memory of 660	3168	msedge.exe	79
PID 3168 wrote to memory of 660	3168	msedge.exe	79
PID 3168 wrote to memory of 660	3168	msedge.exe	79
PID 3168 wrote to memory of 660	3168	msedge.exe	79
PID 3168 wrote to memory of 660	3168	msedge.exe	79
PID 3168 wrote to memory of 660	3168	msedge.exe	79
PID 3168 wrote to memory of 660	3168	msedge.exe	79
PID 3168 wrote to memory of 660	3168	msedge.exe	79
PID 3168 wrote to memory of 660	3168	msedge.exe	79
PID 3168 wrote to memory of 660	3168	msedge.exe	79
PID 3168 wrote to memory of 660	3168	msedge.exe	79
PID 3168 wrote to memory of 660	3168	msedge.exe	79
PID 3168 wrote to memory of 660	3168	msedge.exe	79
PID 3168 wrote to memory of 660	3168	msedge.exe	79
PID 3168 wrote to memory of 660	3168	msedge.exe	79
PID 3168 wrote to memory of 660	3168	msedge.exe	79
PID 3168 wrote to memory of 660	3168	msedge.exe	79
PID 3168 wrote to memory of 660	3168	msedge.exe	79
PID 3168 wrote to memory of 660	3168	msedge.exe	79
PID 3168 wrote to memory of 660	3168	msedge.exe	79
PID 3168 wrote to memory of 4592	3168	msedge.exe	80
PID 3168 wrote to memory of 4592	3168	msedge.exe	80
PID 3168 wrote to memory of 1304	3168	msedge.exe	81
PID 3168 wrote to memory of 1304	3168	msedge.exe	81
PID 3168 wrote to memory of 1304	3168	msedge.exe	81
PID 3168 wrote to memory of 1304	3168	msedge.exe	81
PID 3168 wrote to memory of 1304	3168	msedge.exe	81
PID 3168 wrote to memory of 1304	3168	msedge.exe	81
PID 3168 wrote to memory of 1304	3168	msedge.exe	81
PID 3168 wrote to memory of 1304	3168	msedge.exe	81
PID 3168 wrote to memory of 1304	3168	msedge.exe	81
PID 3168 wrote to memory of 1304	3168	msedge.exe	81
PID 3168 wrote to memory of 1304	3168	msedge.exe	81
PID 3168 wrote to memory of 1304	3168	msedge.exe	81
PID 3168 wrote to memory of 1304	3168	msedge.exe	81
PID 3168 wrote to memory of 1304	3168	msedge.exe	81
PID 3168 wrote to memory of 1304	3168	msedge.exe	81
PID 3168 wrote to memory of 1304	3168	msedge.exe	81
PID 3168 wrote to memory of 1304	3168	msedge.exe	81
PID 3168 wrote to memory of 1304	3168	msedge.exe	81
PID 3168 wrote to memory of 1304	3168	msedge.exe	81
PID 3168 wrote to memory of 1304	3168	msedge.exe	81

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\exploits.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3168
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffee15c3cb8,0x7ffee15c3cc8,0x7ffee15c3cd8
  2⤵
  PID:8
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1924,16042342966321697976,5988135009391690620,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1936 /prefetch:2
  2⤵
  PID:660
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1924,16042342966321697976,5988135009391690620,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2280 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4592
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1924,16042342966321697976,5988135009391690620,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2792 /prefetch:8
  2⤵
  PID:1304
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,16042342966321697976,5988135009391690620,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3252 /prefetch:1
  2⤵
  PID:4392
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,16042342966321697976,5988135009391690620,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3264 /prefetch:1
  2⤵
  PID:792
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,16042342966321697976,5988135009391690620,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4920 /prefetch:1
  2⤵
  PID:4420
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1924,16042342966321697976,5988135009391690620,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5332 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3116
- C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1924,16042342966321697976,5988135009391690620,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5464 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2012
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,16042342966321697976,5988135009391690620,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5608 /prefetch:1
  2⤵
  PID:1652
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,16042342966321697976,5988135009391690620,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3548 /prefetch:1
  2⤵
  PID:420
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,16042342966321697976,5988135009391690620,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4436 /prefetch:1
  2⤵
  PID:4692
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,16042342966321697976,5988135009391690620,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5040 /prefetch:1
  2⤵
  PID:4064
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,16042342966321697976,5988135009391690620,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5900 /prefetch:1
  2⤵
  PID:4428
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,16042342966321697976,5988135009391690620,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5596 /prefetch:1
  2⤵
  PID:3568
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,16042342966321697976,5988135009391690620,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5828 /prefetch:1
  2⤵
  PID:1264
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,16042342966321697976,5988135009391690620,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2548 /prefetch:1
  2⤵
  PID:992

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2508

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3304

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Drops file in Windows directory
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:4680
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffee118cc40,0x7ffee118cc4c,0x7ffee118cc58
  2⤵
  PID:1620
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1928,i,947840672062301137,16439313906231033895,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1924 /prefetch:2
  2⤵
  PID:3644
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1444,i,947840672062301137,16439313906231033895,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1968 /prefetch:3
  2⤵
  PID:1680
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2232,i,947840672062301137,16439313906231033895,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2248 /prefetch:8
  2⤵
  PID:3440
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3104,i,947840672062301137,16439313906231033895,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3184 /prefetch:1
  2⤵
  PID:4456
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3188,i,947840672062301137,16439313906231033895,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3248 /prefetch:1
  2⤵
  PID:504
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4432,i,947840672062301137,16439313906231033895,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4436 /prefetch:1
  2⤵
  PID:432
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4640,i,947840672062301137,16439313906231033895,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4648 /prefetch:8
  2⤵
  PID:3948
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4716,i,947840672062301137,16439313906231033895,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4668 /prefetch:8
  2⤵
  PID:1248
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4756,i,947840672062301137,16439313906231033895,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4584 /prefetch:8
  2⤵
  PID:4948
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4872,i,947840672062301137,16439313906231033895,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4896 /prefetch:8
  2⤵
  PID:1856
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=4772,i,947840672062301137,16439313906231033895,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3772 /prefetch:1
  2⤵
  PID:4396
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=3760,i,947840672062301137,16439313906231033895,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5284 /prefetch:8
  2⤵
  PID:4428
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5276,i,947840672062301137,16439313906231033895,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4116 /prefetch:8
  2⤵
  PID:728
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=5320,i,947840672062301137,16439313906231033895,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5268 /prefetch:1
  2⤵
  PID:1740
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=5444,i,947840672062301137,16439313906231033895,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3432 /prefetch:1
  2⤵
  PID:2580
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=3500,i,947840672062301137,16439313906231033895,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3488 /prefetch:1
  2⤵
  PID:3488
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=3584,i,947840672062301137,16439313906231033895,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3744 /prefetch:1
  2⤵
  PID:1836
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=3428,i,947840672062301137,16439313906231033895,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5532 /prefetch:1
  2⤵
  PID:4864
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --field-trial-handle=5480,i,947840672062301137,16439313906231033895,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5624 /prefetch:1
  2⤵
  PID:696
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4684,i,947840672062301137,16439313906231033895,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3268 /prefetch:8
  2⤵
  - NTFS ADS
  PID:2484
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=3524,i,947840672062301137,16439313906231033895,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1164 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2984

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:4400

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:2380

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:3924

C:\Users\Admin\Downloads\ZoraraVVVER2.8\ZoraraUI.exe
"C:\Users\Admin\Downloads\ZoraraVVVER2.8\ZoraraUI.exe"
1⤵
PID:2548
- C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
  "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --embedded-browser-webview=1 --webview-exe-name=ZoraraUI.exe --webview-exe-version=1.0.4 --user-data-dir="C:\Users\Admin\Downloads\ZoraraVVVER2.8\ZoraraUI.exe.WebView2\EBWebView" --no-default-browser-check --disable-component-extensions-with-background-pages --no-first-run --disable-default-apps --noerrdialogs --embedded-browser-webview-dpi-awareness=1 --disable-popup-blocking --internet-explorer-integration=none --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc" --mojo-named-platform-channel-pipe=2548.3432.15596095518320285368
  2⤵
  - Enumerates system info in registry
  - Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
  - Suspicious use of FindShellTrayWindow
  PID:1100
- - C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
    "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=C:\Users\Admin\Downloads\ZoraraVVVER2.8\ZoraraUI.exe.WebView2\EBWebView /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\Admin\Downloads\ZoraraVVVER2.8\ZoraraUI.exe.WebView2\EBWebView\Crashpad --metrics-dir=C:\Users\Admin\Downloads\ZoraraVVVER2.8\ZoraraUI.exe.WebView2\EBWebView --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --annotation=plat=Win64 "--annotation=prod=Edge WebView2" --annotation=ver=90.0.818.66 --initial-client-data=0x120,0x124,0x128,0xfc,0x1cc,0x7ffee15c3cb8,0x7ffee15c3cc8,0x7ffee15c3cd8
    3⤵
    PID:3252
- - C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
    "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=gpu-process --field-trial-handle=1968,9853324653689047894,1374289219197234644,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msImplicitSignin,msPasswordBreachDetection,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch --noerrdialogs --user-data-dir="C:\Users\Admin\Downloads\ZoraraVVVER2.8\ZoraraUI.exe.WebView2\EBWebView" --webview-exe-name=ZoraraUI.exe --webview-exe-version=1.0.4 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1980 /prefetch:2
    3⤵
    - System Network Configuration Discovery: Internet Connection Discovery
    PID:3268
- - C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
    "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1968,9853324653689047894,1374289219197234644,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msImplicitSignin,msPasswordBreachDetection,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch --lang=en-US --service-sandbox-type=none --noerrdialogs --user-data-dir="C:\Users\Admin\Downloads\ZoraraVVVER2.8\ZoraraUI.exe.WebView2\EBWebView" --webview-exe-name=ZoraraUI.exe --webview-exe-version=1.0.4 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=2100 /prefetch:3
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    PID:4120
- - C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
    "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1968,9853324653689047894,1374289219197234644,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msImplicitSignin,msPasswordBreachDetection,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch --lang=en-US --service-sandbox-type=utility --noerrdialogs --user-data-dir="C:\Users\Admin\Downloads\ZoraraVVVER2.8\ZoraraUI.exe.WebView2\EBWebView" --webview-exe-name=ZoraraUI.exe --webview-exe-version=1.0.4 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=2520 /prefetch:8
    3⤵
    - System Network Configuration Discovery: Internet Connection Discovery
    PID:4768
- - C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
    "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=renderer --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc" --field-trial-handle=1968,9853324653689047894,1374289219197234644,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msImplicitSignin,msPasswordBreachDetection,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch --lang=en-US --noerrdialogs --user-data-dir="C:\Users\Admin\Downloads\ZoraraVVVER2.8\ZoraraUI.exe.WebView2\EBWebView" --webview-exe-name=ZoraraUI.exe --webview-exe-version=1.0.4 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3584 /prefetch:1
    3⤵
    - System Network Configuration Discovery: Internet Connection Discovery
    PID:4880

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4352

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3132

C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
1⤵
- Modifies registry class
- Suspicious use of SetWindowsHookEx
PID:3952

C:\Users\Admin\Downloads\ZoraraVVVER2.8\ZoraraUI.exe
"C:\Users\Admin\Downloads\ZoraraVVVER2.8\ZoraraUI.exe"
1⤵
- Suspicious behavior: EnumeratesProcesses
PID:4340
- C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
  "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --embedded-browser-webview=1 --webview-exe-name=ZoraraUI.exe --webview-exe-version=1.0.4 --user-data-dir="C:\Users\Admin\Downloads\ZoraraVVVER2.8\ZoraraUI.exe.WebView2\EBWebView" --no-default-browser-check --disable-component-extensions-with-background-pages --no-first-run --disable-default-apps --noerrdialogs --embedded-browser-webview-dpi-awareness=1 --disable-popup-blocking --internet-explorer-integration=none --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc" --mojo-named-platform-channel-pipe=4340.4628.4545032935258638898
  2⤵
  - Enumerates system info in registry
  - Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
  - Suspicious use of FindShellTrayWindow
  PID:3492
- - C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
    "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=C:\Users\Admin\Downloads\ZoraraVVVER2.8\ZoraraUI.exe.WebView2\EBWebView /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\Admin\Downloads\ZoraraVVVER2.8\ZoraraUI.exe.WebView2\EBWebView\Crashpad --metrics-dir=C:\Users\Admin\Downloads\ZoraraVVVER2.8\ZoraraUI.exe.WebView2\EBWebView --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --annotation=plat=Win64 "--annotation=prod=Edge WebView2" --annotation=ver=90.0.818.66 --initial-client-data=0x108,0x10c,0x110,0xe4,0x1b4,0x7ffee15c3cb8,0x7ffee15c3cc8,0x7ffee15c3cd8
    3⤵
    PID:3432
- - C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
    "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=gpu-process --field-trial-handle=1808,6067275393711847174,12255608654573991467,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msImplicitSignin,msPasswordBreachDetection,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch --noerrdialogs --user-data-dir="C:\Users\Admin\Downloads\ZoraraVVVER2.8\ZoraraUI.exe.WebView2\EBWebView" --webview-exe-name=ZoraraUI.exe --webview-exe-version=1.0.4 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1832 /prefetch:2
    3⤵
    - System Network Configuration Discovery: Internet Connection Discovery
    PID:1864
- - C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
    "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1808,6067275393711847174,12255608654573991467,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msImplicitSignin,msPasswordBreachDetection,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch --lang=en-US --service-sandbox-type=none --noerrdialogs --user-data-dir="C:\Users\Admin\Downloads\ZoraraVVVER2.8\ZoraraUI.exe.WebView2\EBWebView" --webview-exe-name=ZoraraUI.exe --webview-exe-version=1.0.4 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=2276 /prefetch:3
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    PID:1900
- - C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
    "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1808,6067275393711847174,12255608654573991467,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msImplicitSignin,msPasswordBreachDetection,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch --lang=en-US --service-sandbox-type=utility --noerrdialogs --user-data-dir="C:\Users\Admin\Downloads\ZoraraVVVER2.8\ZoraraUI.exe.WebView2\EBWebView" --webview-exe-name=ZoraraUI.exe --webview-exe-version=1.0.4 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=2592 /prefetch:8
    3⤵
    - System Network Configuration Discovery: Internet Connection Discovery
    PID:2500
- - C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
    "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=renderer --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc" --field-trial-handle=1808,6067275393711847174,12255608654573991467,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msImplicitSignin,msPasswordBreachDetection,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch --lang=en-US --noerrdialogs --user-data-dir="C:\Users\Admin\Downloads\ZoraraVVVER2.8\ZoraraUI.exe.WebView2\EBWebView" --webview-exe-name=ZoraraUI.exe --webview-exe-version=1.0.4 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3232 /prefetch:1
    3⤵
    - System Network Configuration Discovery: Internet Connection Discovery
    PID:3204

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3996

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2532

C:\Users\Admin\Downloads\ZoraraVVVER2.8\ZoraraUI.exe
"C:\Users\Admin\Downloads\ZoraraVVVER2.8\ZoraraUI.exe"
1⤵
- Modifies registry class
- Suspicious use of SetWindowsHookEx
PID:564
- C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
  "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --embedded-browser-webview=1 --webview-exe-name=ZoraraUI.exe --webview-exe-version=1.0.4 --user-data-dir="C:\Users\Admin\Downloads\ZoraraVVVER2.8\ZoraraUI.exe.WebView2\EBWebView" --no-default-browser-check --disable-component-extensions-with-background-pages --no-first-run --disable-default-apps --noerrdialogs --embedded-browser-webview-dpi-awareness=1 --disable-popup-blocking --internet-explorer-integration=none --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc" --mojo-named-platform-channel-pipe=564.2280.12961065352467491336
  2⤵
  - Enumerates system info in registry
  - Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
  PID:2060
- - C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
    "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=C:\Users\Admin\Downloads\ZoraraVVVER2.8\ZoraraUI.exe.WebView2\EBWebView /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\Admin\Downloads\ZoraraVVVER2.8\ZoraraUI.exe.WebView2\EBWebView\Crashpad --metrics-dir=C:\Users\Admin\Downloads\ZoraraVVVER2.8\ZoraraUI.exe.WebView2\EBWebView --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --annotation=plat=Win64 "--annotation=prod=Edge WebView2" --annotation=ver=90.0.818.66 --initial-client-data=0x108,0x10c,0x110,0xe4,0x118,0x7ffee15c3cb8,0x7ffee15c3cc8,0x7ffee15c3cd8
    3⤵
    PID:4628
- - C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
    "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=gpu-process --field-trial-handle=1792,17892200899081262630,9468432493128785699,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msImplicitSignin,msPasswordBreachDetection,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch --noerrdialogs --user-data-dir="C:\Users\Admin\Downloads\ZoraraVVVER2.8\ZoraraUI.exe.WebView2\EBWebView" --webview-exe-name=ZoraraUI.exe --webview-exe-version=1.0.4 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1804 /prefetch:2
    3⤵
    - System Network Configuration Discovery: Internet Connection Discovery
    PID:2036
- - C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
    "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1792,17892200899081262630,9468432493128785699,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msImplicitSignin,msPasswordBreachDetection,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch --lang=en-US --service-sandbox-type=none --noerrdialogs --user-data-dir="C:\Users\Admin\Downloads\ZoraraVVVER2.8\ZoraraUI.exe.WebView2\EBWebView" --webview-exe-name=ZoraraUI.exe --webview-exe-version=1.0.4 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=2188 /prefetch:3
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    PID:2096
- - C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
    "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1792,17892200899081262630,9468432493128785699,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msImplicitSignin,msPasswordBreachDetection,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch --lang=en-US --service-sandbox-type=utility --noerrdialogs --user-data-dir="C:\Users\Admin\Downloads\ZoraraVVVER2.8\ZoraraUI.exe.WebView2\EBWebView" --webview-exe-name=ZoraraUI.exe --webview-exe-version=1.0.4 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=2772 /prefetch:8
    3⤵
    - System Network Configuration Discovery: Internet Connection Discovery
    PID:2068
- - C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
    "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=renderer --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc" --field-trial-handle=1792,17892200899081262630,9468432493128785699,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msImplicitSignin,msPasswordBreachDetection,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch --lang=en-US --noerrdialogs --user-data-dir="C:\Users\Admin\Downloads\ZoraraVVVER2.8\ZoraraUI.exe.WebView2\EBWebView" --webview-exe-name=ZoraraUI.exe --webview-exe-version=1.0.4 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3052 /prefetch:1
    3⤵
    - System Network Configuration Discovery: Internet Connection Discovery
    PID:2240
- - C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
    "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1792,17892200899081262630,9468432493128785699,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msImplicitSignin,msPasswordBreachDetection,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch --lang=en-US --service-sandbox-type=none --noerrdialogs --user-data-dir="C:\Users\Admin\Downloads\ZoraraVVVER2.8\ZoraraUI.exe.WebView2\EBWebView" --webview-exe-name=ZoraraUI.exe --webview-exe-version=1.0.4 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=4584 /prefetch:8
    3⤵
    - System Network Configuration Discovery: Internet Connection Discovery
    - Suspicious behavior: EnumeratesProcesses
    PID:4880
- - C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
    "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --field-trial-handle=1792,17892200899081262630,9468432493128785699,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msImplicitSignin,msPasswordBreachDetection,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch --lang=en-US --service-sandbox-type=utility --noerrdialogs --user-data-dir="C:\Users\Admin\Downloads\ZoraraVVVER2.8\ZoraraUI.exe.WebView2\EBWebView" --webview-exe-name=ZoraraUI.exe --webview-exe-version=1.0.4 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=4696 /prefetch:8
    3⤵
    - System Network Configuration Discovery: Internet Connection Discovery
    PID:2592

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2004

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3704

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Network Share Discovery

T1135

Query Registry

T1012

System Information Discovery

T1082

System Network Configuration Discovery

T1016

Internet Connection Discovery

T1016.001

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx

Filesize
64KB

MD5
b5ad5caaaee00cb8cf445427975ae66c

SHA1
dcde6527290a326e048f9c3a85280d3fa71e1e22

SHA256
b6409b9d55ce242ff022f7a2d86ae8eff873daabf3a0506031712b8baa6197b8

SHA512
92f7fbbcbbea769b1af6dd7e75577be3eb8bb4a4a6f8a9288d6da4014e1ea309ee649a7b089be09ba27866e175ab6f6a912413256d7e13eaf60f6f30e492ce7f

Download Submit
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock

Filesize
4B

MD5
f49655f856acb8884cc0ace29216f511

SHA1
cb0f1f87ec0455ec349aaa950c600475ac7b7b6b

SHA256
7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba

SHA512
599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8

Download Submit
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val

Filesize
1008B

MD5
d222b77a61527f2c177b0869e7babc24

SHA1
3f23acb984307a4aeba41ebbb70439c97ad1f268

SHA256
80dc3ffa698e4ff2e916f97983b5eae79470203e91cb684c5ccd4ff1a465d747

SHA512
d17d836ea77aeaff4cd01f9c7523345167a4a6bc62528aac74acde12679f48079d75d159e9cea2e614da50e83c2dcd92c374c899ea6c4fe8e5513d9bf06c01ff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\3385f5c1-0f20-4385-8883-f01cbce69225.tmp

Filesize
10KB

MD5
aa40b4654e316928fa24b799a4bfaa89

SHA1
029f0e76c507ec5fe523f7c1bf7143ab3e07c19f

SHA256
ffcbd76862be861c19113c274007083d358ec8b60e282bfd1b7898f16c362d11

SHA512
26d00a30d9bb6b7bcaf1b3e5c9a909e97c39d6607b036838668f26c07a66781a92f4f645ee447f57592e61188b9bd6bb97817948b17c676e2d144ae70bc1834b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
5e138c75d7050aeb26b88b69811eb16c

SHA1
3155ea557bb140fcd8e22c30c767a61923bf1e38

SHA256
15be6c0e169ff92dd986b9178f5394086984caa959c37b29973342f0fa05518e

SHA512
67028d014115aff4252daa27886eb6b713111ac2e8e06c5070e4f70bdcda09f12a7bca1b2e498b63b34a7d5cee95367250eeecc55dfbac7445df427038099ea5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000004

Filesize
213KB

MD5
f942900ff0a10f251d338c612c456948

SHA1
4a283d3c8f3dc491e43c430d97c3489ee7a3d320

SHA256
38b76a54655aff71271a9ad376ac17f20187abd581bf5aced69ccde0fe6e2fd6

SHA512
9b393ce73598ed1997d28ceeddb23491a4d986c337984878ebb0ae06019e30ea77448d375d3d6563c774856d6bc98ee3ca0e0ba88ea5769a451a5e814f6ddb41

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000e

Filesize
40KB

MD5
3901431a1cf953a09fb115f792530d50

SHA1
9d3f7fea615821763849cd320e3c9fe501d9cbda

SHA256
f6495dbf769719aa52f4bd6887e8e84a6565368841249e480143f6bdafeac85d

SHA512
b480791f426899e8c212d327bce05f9e9b9a9efc0ad09f73168103291a236bf72cc6c3c0f4048ad2feaa560a51235e1ef91dd11720cfc273b99f59fbd60ccb52

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000f

Filesize
85KB

MD5
e6a85e6ab9d15ce7195cffe41549c8bb

SHA1
b5a7efb8ff2992ec8623a2496aa42219ec9a1ba0

SHA256
f858afed3a53c49be782ba2484d020c94e5bfff779912792cf3410a48cc0facc

SHA512
240abad90460df5219631a93a3126e2670b98dbf653aabe5200ee6a4cd83ea92dc14ba585c7a4547876cb9449f38174fec9bd3c420191261e1bbd4135788f978

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000010

Filesize
29KB

MD5
ac3619eb929bc137ce24d816cdbf9af5

SHA1
9c3e6a39f020e467635fad161cb8f7cdbfe9c447

SHA256
e64784beaa8988670c944843ba27750a57b438901de18033fecd92df6f98d8e3

SHA512
cb1281e7c932af484ae17ff5930185b5b52de4f2cbe1627afdb8723235467f08630dfbc086eba76c76dc28fb9f566fcdfa03bf512b97515a6227de4a08327e5f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000011

Filesize
16KB

MD5
30572bc81bf860f471f7357316172b09

SHA1
fefe7a69ca54d753a826bc33b6846cdccbe227c3

SHA256
490d408e7b45aa17a64c1c888ab1ba160b7e8d8b08f46a561a6f9218c02ea8ab

SHA512
bc14466ed9a3b754c92792d5e65a2ba0adad659d9f562b37ea9e91bb7089ab32fcbc43d0d4ccb677389aa047f94d570e55382f3ff72fc1fa4fe28a2023c06c68

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000012

Filesize
23KB

MD5
3070b0d3a0854092db26c3ddd2f7b044

SHA1
dcb02d3ca182c85e94fec612e151add71bc5284f

SHA256
bb4d02d2480746bd00ae9e0188a1f262480bdbc866bf3ebf7b84052fec535b58

SHA512
5552400d2b631f9de2c005d201eeb857b95b2d686606195c498e38e6a4296de78045a74bd463866318bef61e3f51f7a559a55fccf460ff6bc7b0f674b6e2810d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000013

Filesize
51KB

MD5
10314c12ea3819f29148cca8af9539d8

SHA1
7a78b4b92def45b821464d601a8485925d427e37

SHA256
cae94fbd76af5bbd2a9f6d3c97e36e3b7abbb8159fdab0ee5ba2fce703c405d4

SHA512
6c2f91cb8c340d3262dd8b0ecf4d50ae1e7da2775e718c4ed23fcab19d033d1ae07ba158491ca24d69755acb13eaa2f2373e5c01df8d07a7987ee5b11171991f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000014

Filesize
104KB

MD5
82628ceb3de97aa91efd0ab1ec74c46f

SHA1
ffcb3ec8e2a2ca77734d73fb1f6a4800954b02b7

SHA256
f5fa351e84bb367f0657530d9927f4c5904e27aa93054f351875dcb19f613d42

SHA512
435d8a40ffa5d369f7a01f7008eebacc1187c1323c5d9ccb8821e0ed2706d5580dd3cbc10fc6c1272149abf79fcbf74a89a52f482242f243171ade962447f116

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000016

Filesize
31KB

MD5
b94a7f9d0a80c81b88d0471708355cbd

SHA1
0b184b14c5569814ce76274466230c5a5cfa0d1b

SHA256
8c489d679fd626bbc71dbaa6b1503d61eb2c0418dc69f951a75613263cba2da0

SHA512
4f0ae13af9c48ec9c6089e73c55892b6209698bea6076a093b0e7ec8ea56013aab82d4c23838c9e66de3174d8888120ad03679c4d561f040eebcfae4f34056a2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000018

Filesize
20KB

MD5
87e8230a9ca3f0c5ccfa56f70276e2f2

SHA1
eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7

SHA256
e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9

SHA512
37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001b

Filesize
20KB

MD5
ba4cf771a32f4971194a7227f78db718

SHA1
f1dea0f727f1aff754e34e6a07b6b33fb77bdb4e

SHA256
39231a36cd3e43cda0d895341af52e1153e8603f4126f2a4709afac76d97d76c

SHA512
b30e3b5e29167f89c5ea35ce7a7bbbb9957dbe5599832dc373c2712536757354c3d7ed63294e8cc9b00d551267cbe1fce294c73074a01c94dd0e366672fa826e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000024

Filesize
20KB

MD5
4b561d8e37463b080104f1d115b97225

SHA1
e6b4632056a780b0d4bb8fab65e8e97bf0b9969c

SHA256
935a27a2613da6f1a833050fd8c89980575b75bfc68cce63c1fc491c893beea2

SHA512
c049f9090613702890e3a4f6a9692ebb7600977c3896941e1eab8dbb373540892418598746db91b676f0b0df4a85f34abd7849a2ba4600276a9193074658d5c1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index

Filesize
216B

MD5
cac7bbf67cdc44e312752090896aee91

SHA1
e9f5603436df9f2e090e78064217bb907e5965a8

SHA256
f054b27b1dac4107f53fbde0810aa9c9929dc5d74002a02ae5408eea3b622029

SHA512
9c14246e06ff418ca60d0a9343b1d6d33a7982831ac4a5a968f1a4f62349946b776af571e840d7b8e7b4a6a4589bd782e469a7ddc55a1fbd0aced3e0325badf1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
466cc64231cd8a441e8c56794a847ede

SHA1
1baa70ade65e96201617154634655873fbafcffe

SHA256
861e4991e299d140a25fd681ce6094ef0275e5a97ff1473eb8ec56b01472b623

SHA512
0d4351daa8c7efb22ccc185421b3eba3790f949f1e82687e7c121c7a7181aa3ec2ec86e09c25f4b4f25f930b8a63c3b0aaf4770f54a7357a2ee141bd7c2deec4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
de3de1ff0cf1fe676aadf67077049572

SHA1
230c4cbf1d73b846feaa638bc0fffa3e03d0a113

SHA256
bad880d570bf30c1561de5587da5a086921453f6c9bd98c276129235afbd7374

SHA512
ffb9272495f53d70260e83f182f21b1d469c412d58374ffb7897f5c7d6cf720db414808a155d6e9f433499b9df36427f42f1124afa5b4ea0a060d159229d1ad5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
11KB

MD5
93f7414163a0fcf815bda98e00352e32

SHA1
900899b1536251468500a65c15b23f130c5fc893

SHA256
e195783a953fc52d4010eec6227cb71ea18247ea630d3c34953f894ca2c32ec6

SHA512
fe9604b6671fa8abd5ced5b194bedea38ae38119d631fcf79f7e0df802741bc0fa12d64f73173e8cc01957ea23d91006477cdf4e97d530d2fcbe6a8e064f2b93

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
8KB

MD5
92bcd932733099843c3d7e3c4cfcb301

SHA1
90e60dea9124031a9bc3eeff0fbdb7e493cdb7ee

SHA256
d6fe7c5b4280a652a69bda2211f8b2e534ea71c598bda426997f20cf589106cf

SHA512
44e32e08ee23826cdac30a8966f09405b7742f42915784eb46f9c0aa3b284519ff3b05d0ca4520be2033b10e6c8bf810d2e0c0a54675b1583dcf210e8516d141

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
4c33a5f5db6737e3e81837e7028522cb

SHA1
dd77932975addc88f2c8874dafb2af5899382d26

SHA256
d441002077eeea5d161e4ea3a0da2436c1adaf6fb1d3f066c24308509deee654

SHA512
8771582978ed74c1ba1c3bf426219ccdaecdc78762e7400d27206a230909895d6e8ce886b05ed52ceba54a53f08d7711b4290c07720541d1267c90594576581b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
558251f92236d3305b67635ce86d3640

SHA1
14a5789eb88a4b9f64055c7af7656be2df04d20e

SHA256
4464d862fcff43fe713e6b6175095920f49d116661ade171877d9ca2dc2f6a1f

SHA512
11a127b78f94d12a9d11b5e4171e37443996481d6ac26195e4d1219acadad078cbd50bc65ed9abb53ceff4ac5b530a50c6f2b237c857aeaa2d1987538adb0aaf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
3a6215866635fb294fd21c3d5dffd3b8

SHA1
4760f7dd5cc33f6f621b0e980bbdf73c6c567359

SHA256
695e7b26986ee5b5f4af5977fd94e7c963808f5cf557e01d9ff92f17102a3e8e

SHA512
561a67c91dc51866c343f8987ee388700b8c8c1cd0cb4609bf33a00fa4d5c65fd74f12b7938b33a42e966572bf34a102941c974ea81ee57e8ccc97786ec0f57b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
a31f87f31361c9bd17812eab2067f139

SHA1
8c4ace0fb965f14a34ad417cedd244c4922df91e

SHA256
885e3120bd0318e4e69fb9013518e0d0c36c4f994bf049ac99303f28726698b7

SHA512
fb49a4b3cd6336f7f03f5c61f62d4141b50864e920ea3b4ff6ad2cbe6f60c1e3221169fbbefbcf11be871353faa71a56b993e21d5c037c79625a7b364891614d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
b29530738bd53446076b1ba6c277ec63

SHA1
e52f5bd764b77c36968af75bab79e372126853e6

SHA256
9c9ff3379b84494ae4a9f50b2a7fffc194b611a47aad82a09d91016f61ee474d

SHA512
f520f37c31de210c7506433bd89c6b66ab1a574be1da42dda8e929295e79369f15cf9cb8a54d459cdac1ddfabc4f9bb7cae3dab5638b0e33ae2536ab04327c8e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
8924470e4894f8df526184861a7fbd5b

SHA1
0382088132c09af088255af70bc6e9c7ae14229e

SHA256
9cbe16ff359289eb7498fe954a33a38bef9bb3686279595520dee842bcd9e7a4

SHA512
f1f93a3ca28ff43ba962a57ab67e51eda16029f089768f983a53e52f6d2e4ff3f624ff0d0e5ed603e8f5135da0ff64051bb462e213e5a0876cb87fca0a4e8548

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
2a5aae39efb16cc5cca78ad03e7e66e3

SHA1
b6c4adca64e8c3a0996a465b31002cb94a799d43

SHA256
c4e650af6dbc0babc5d5f93ef37e4c18c1689ea0d90072e6fd279516a424464a

SHA512
86e86f33751b4071de88332c694be2e582585be7099f39c6af4e65d124412f51fad2928aecb223a21450e0417b4f9ddee1f40fa136410239a909095b3b81016b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
40fdc4b9159e38c76ef7370a79c09432

SHA1
df150cebc4b2ad992bff680fe6a6b6ed3e32c2b6

SHA256
27b0cef8a301b17765a8ed66a5a3ca39d4999ed2f146ab8c232f9e884e8b8f94

SHA512
06b3cdd13e4d1fe54b65468461ef9f81299139949f094032e808be0d453078c1d834eb90ebf824e7c773f595321e58c8b9d270d31293070cbd6248a1457802e6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
d3b8a295b91b30ae26bd1da7d4047c69

SHA1
2d0480049f4a4f7cfd607b89651d0b80877211fe

SHA256
8b971876ac162dc00b1634d475397b4303763d5c913c9558dbda0e3d7c9b17aa

SHA512
d49c14a6d59e200e3e03db61ea0f16b1ede2bb300ab0212645291180879ae8b50cfe858a06344ab49537822bb05a97c98bac7afac7a6c771dc61f27f0d047014

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
478eafabae5e71f979bc624e47b51336

SHA1
b0bb6e891d3766edf0247ac200c5dba00374babf

SHA256
36b653a53fa91eb88166135509ca80dd18fae032f68e5873c95e9357095674bf

SHA512
92dcf2c478b985a480cfc65c73fe3aeb0b43bda9316d5cd985820814f49c69ec956c5e801182da7bc781fde34923488754556e318f20b8c206db2a29fd613602

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
0404458c3d9105c742b453e6714b48fd

SHA1
1b6945f790e7d1b522907cd2bc16da713cda97cf

SHA256
1f9ebc5d66176468cce6779cd6d4fb59bd9194ac3f3268523ce6cfd140ba932e

SHA512
7793d79697f4280e5fb2a47854bdfef1c94fb92f6a9c1e1ba8f0de98d33bc79df0b853814d2916c30fd7af9fe9bdfd2bccf2174ce966e1d3019db694df98474e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
b58a270b956eea037a847a1ee4da8afa

SHA1
26a66304c4a8701feeed0961d6d0da4d65ab20b2

SHA256
2e221bc52a8d952a359d7acacf5cbc3fba45bdbcbc36c85a90d19a940268008b

SHA512
330515d1cc3de8039f3f73fe1edd8d33332f468eeaea22e8e199d66c88d401b98df3288ada0c2aa20f117aed04286b71af42867551c6bf8c41d18b2a1ffe0077

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
d911ebd8feee7bceaca8177fe875efa0

SHA1
18bcf1ea763cf70abc56871b6e8c8fd5055f4d1e

SHA256
22067d59dabc782ea4048c7fe7fecd5c25de81c153d3f073699158d0cd3a1037

SHA512
efdeaaf1037eba1d6558db9acc433a6f6367ca27d91558558f2fa7d58de5d2cf55a287751a58a0b3201962e0a9c9e892e0e81e8c0de5eb89ce17beffe90a7499

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
173ccb025efa0612096c677edaac6872

SHA1
3953c4807e13cbd91c9f991322ba8ff8c1a53129

SHA256
926ba1b8bdb7c93c2b6f8240ca87b925d18d1cb47408040880f908c7e7fcc381

SHA512
94963e114894af1fd8725cd845c1a5dc24201caf4e7ffd8ac3ce1d6c8ba7d2545e295bf8e339d1547450ba655095a6e78771b7e16cf06b4097659dfd3eb5562d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
ce2961bc640f0a8efea1547a2f8751f2

SHA1
e5d407e0a182db5c7f1bc44507f8b26f979bdfe3

SHA256
b64a8430ff00ed62b68f3f7c4b075068219543d249b2b49748691fd5480270e0

SHA512
6a6b2026f4f791edff163fb9bb360aa4900f395c66fc52ddd6eac703974a597c2c980c78b91c621ba07b4f94a07247b4951f4dfe24c512288428d078d1bfe89a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
622f35ea90b3c0b11359c9ecb7bda93f

SHA1
2d24bed6e6050648cd8c9f7d78b2270de06d000e

SHA256
96c0f98508e494263c1830a75f2247d06e7e2b1b93c496e6e8e1f1d0abd34213

SHA512
c3da9942d81d8d033b9912bb46561c93435d58af60eeac4e00b322ee82c39a70d9576f9f80e2019ff00ca733823e3fe0f3344c63f9e20a320018d0d0a13d8b24

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
11be2b34ed1b2013749d3069b0d77162

SHA1
fb04a0c446e6325d9877f16c5357e17d6c92bc01

SHA256
53379a1c8a402cadad86dfa06ed34eb007cee0e3f6e2c5a48d4e544550eb0fdb

SHA512
1102fd7fb332e07d1b89fd0dd0ddc1fa00b7665492e83b8e799e76f061a3d14dc055bff22e81ffb388f0e21e1e17f755131b1c80d8deaaf636e8ea7c7d9514a1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
5a13b035b45b98285fdec469618f9fb7

SHA1
dd64e11d0b1c500e6b164313b94dcbb939c5884b

SHA256
6f820871a8683769bc081bc0502a3a7695a90523ef255e685aacdb6cbb9a0169

SHA512
2a0ed9f98b3e713a854aef793ca7785b1ba1df757c7a14bcc8cafd4a1374c7015701bb698f9ff718d5a081ec682751016249ea3bfdcf11a7cb54dfff8ca32b34

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
26b4e94a7db3484af975670e15fb0c04

SHA1
a004a82d2b6acebace1d2b19aff6b005c1b79857

SHA256
98c9397a38ae342c2e5cfd426be33a28ffff3bcc2e322bd379b7bc0ae1820d41

SHA512
7af6d768cdc599381b885f0de19a86303efe8361be122afa67b62a27c0227eed62fec4b7f6f6629f6b4a80dce5bf33f7ed81a3114dc12ccec7cb96f15ed587c5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
55ec459a89c003eb29b8167b0b968cd1

SHA1
2b9de20b4693e5c52027cc3f461de1a0324471c1

SHA256
79e93fc3e2eb49f67cb4d9458ea2e470f7d14b6b3c01154c5cdac2a9b9ad6bad

SHA512
5328dc29a00498b8edab2a292fd920b7f4a535e4ea68dce674ce111f569783bf2ab4e64c61e1141338edcee1a8ba907413d62e9d80c286a89ff9591205dce7e4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
04ba1043eee0dbca0e5221e919f0b372

SHA1
7c077990acb418aab9348b1d37c064d4d0d76593

SHA256
70b1f842f88432f6e4d336031fe8c76a84970d5e10d34ad7af07b690d83b432f

SHA512
8c6b84189b57d5f9213e36e034df9773d6b82a1abbb1e60d430f2cbf63b8f6974473bfbe55f2caaf384a39c2d3154d200044c18fd37e6f8a0c763999e2a1ec7c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
ce76d99542fd6e45955c90ab061698a3

SHA1
785fd0fa3a7b7b051e2aea7c7fdf7600553e693c

SHA256
c81f26563d2d882a0d3eaf35a8d9e62165d02445f4e25112b13ad1168aa26fb7

SHA512
0bbaf2e5b4b6bd8021133044b06ea32fe8f8322ebdafbe652d706b1735ee404fc5aa711f335632dfe2ba289f6d3c971b95f884d4be3e21418310439e5a3027a4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
aa86d61e0d277f89c02cea9cde441e31

SHA1
32c59e4095ad363875e99e19b9b5f33271dcda8e

SHA256
55c38969a7815c1ef0e3ee15b076e3f40039269769273e22cfce8d2cb3c790f6

SHA512
c18f89eea509af39a491d9249d2f011d5bfbef3117174ca88e66cdbb07f9eebe6fe759a8eb9bad60365ed55f812ba27f2297d13331ae5dbc9dcb843d37ff8b2f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
4084fbfc25f8d8ae36a97152a7cc3e66

SHA1
58799a8e4b7fa90c55465d64574eaee7f3b05526

SHA256
6c21af3306acdd63e8e7aec123c8ec18601062243bbe3c45126509307f72f4ed

SHA512
3d3079c682bc447017483d7966eb9282745988d1fcedbbca8c55df7a526a3e7754a12b477f24ebc8d3c26c539e36713370bf48541f7045e87570d301eb3ffc46

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
d6d944d54e7d0018063ce023daa7e3b5

SHA1
d493c131c615cf9cc8ca0de4a7faceb8f4044f85

SHA256
baa22799b7af6d0e68604236898516f5b679a56c8364a902c53140939a3ea8f6

SHA512
ab5ff6ea10ca52076d9aeb9864d2c3e54f77b23d188a673d8d4b5aba47a7702352965f70d626cf5b3fefaf438e3879fd530ca2dde91aba9be0839d576d79bd9e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
d8edf665c0194359f534d8b343cb4432

SHA1
c391cae7f99f4e9b2b5fc7cd7972cf7388802067

SHA256
b2bfde554b979946f62f42b39f171b582443265be6917b223041209e0c4cb0d9

SHA512
4b2ca4f6780c34d81027771ac6777140ea18509deac16bbee2a9193d3eee47a881e84b5d5e0ddf764c942451eb23ba22196341f926f53ba8346299e82c1df72d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
86ddea6cf743c903e8a7c9dfd335541e

SHA1
39a82adca58f858c350539e3a84a8560d62a25a6

SHA256
f24adb075b2244e9791fadc15631d269084a439af13e68075c60e57cf27b981f

SHA512
c621cde7f3fd854955221574bd8e4b090489a21345c02cb053d002d8949ccea4e5d4f4d20e42f97787a538619b7a51904c4a322f8152214531e7e4710965d3af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
6e0289b920d893c85056c563720fa940

SHA1
de45a63539017ee1e975be74c78e037709c1fcb5

SHA256
50f4752a0f79a13dbd8290ad1ca7acabc17a4579954f3595f955921998b79f02

SHA512
a4704cb47ca1cfc50c617daa114299e70bfbf646cf950bbac8926691df0130a55978a3b775ea52b5445838b0b3a3a7bd6f5cb386b56cc21a2fd23765600696eb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
609847fe447fa18da96352e3bc0cbbf1

SHA1
904ba003e98f985611da023266a453dfe831f86e

SHA256
e68884df3515b92750a1599aeb375712ab82ff5ad53791287e8392a4a82e27bc

SHA512
ab54493046dabb2b30229f5de192d5da76e933d5f971772506ec5e3bb9f72d6b0094c3901f38a130c89e5c6f5e273a0571f6e4eb13115d6b40ece9a3bbc69eee

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
3bbea2d13ca79dfabdb818b899619b58

SHA1
8a245867a6cf5bf77c8dc0b169b50495d0b12c64

SHA256
f90b5a52b7d4b83dfeab12355b60457033303ee1d3e915e54125e6d2114be2ac

SHA512
cd16d60d7fa4b698a82a617fc2a313de175902384619eae0ffecce5c927be40f340a2f1de44d63a96d647a9743068682d2562e145fd06d6cc1bdb20233c4dce0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
cf0c28b677cc9559bc67ef88096e7508

SHA1
c84e1fa57536c876f5425f59afccf76f59912f1f

SHA256
2cf9ee82bff2cc820675ac69733e6a543a2abf27aca7dde668f1ea2b7a8bbb05

SHA512
4d85568a9ce6651c12534d8acb1b662019f24e136b2a7c8e65fe9c20a739c6220f1e1483b4107dec26817aaa9d4a3a12ae8f295c4014fd1197d016a77de3931c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
db004074304e1782d1816fbd9dea66e7

SHA1
d3b05b471bdcdbc1a597b74b6978e1a8fc4b0749

SHA256
7ca87a928893c58f8edd10de6962aa3ed7254eca8b06d22ff542e70609404c59

SHA512
e3774a9f583bff915d4aba0cdb928f3592f8d91ddf9ac8016e8f5bb0ee593201391e5f54c4587719a534ae7bac970790b1822892e431ba94f940cc250c66cb73

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
668c1ec7f086ae0dabacc05da31f0b4a

SHA1
2be1f4afa97c07a994f10b45c16579265a5729d2

SHA256
595baf1f8ba4b6b0a2ec6b283b6f03dd85c4a621e5b1f6a21ccecd22bd5ca7aa

SHA512
747ff1b9f9650e5182f60728901ff07b03be4d7cae936140bc92162956dc63b9b624cd127c3c3718455f16b39409ec4786ac68be9327ad7c7b8c4b7b3ccad6b8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
7668bc07ca03a1b2a069f0157ed9a7c8

SHA1
11f4f815a2a16187b883fdaaad26b89d3c740e7e

SHA256
6cc1f58676df03430acecb3d5f4bd5b5773fe46673a48e9d83953afd58cc1132

SHA512
716fdaf0f479d304c17cb739663f0a127bcf74ccdb7464aae31e7408874fe2879cdf7226c9b8503f15c7e27219444c17bed54518e551811e04c4a9ce4c2ff871

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
b191e6ae43c5736744464a81809bc0f3

SHA1
b4629c921df5acd8ecc14fd491c0babfeb876b07

SHA256
35a2f3ea54b050f66a3b5a5c981c709106671afa733c1dfe27db2ddddf9ca782

SHA512
33b6c635ddcb1180bb447b6a9c64efab8b8669c8cc451c029440ba04f28bc5aa1f200a07b7d91ca664b3d5154ee3f44523fbac08e12174547d6bfb1bbf871dd7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
3c58fc9e686e2167ca278d56c28e337d

SHA1
a581aef9f17fbeab0f51905b9d09f7c7812beb19

SHA256
3da742b82efa3455920be10365acbccb051ff075945ba390d1b13cb781e610dd

SHA512
0afb8ccf31855812fdfb41360dc962d8d125abe4ea36bba6595028cd7b418d26436075466329d03caaca7b4078926f04d0f632855bd3a05da019f8d051ead964

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
cdd85bbcb851edfc20493ff0a82f8832

SHA1
ee059b151bcf349b2e3f430d0c42046a3c8ce4d1

SHA256
a17ee7ea554d3280aca5533f8d8b3aea5262da62aa25d4779c879c24217d8a0a

SHA512
2cb4b2997f76ce58514e29bb3d5dc2e708ebf47c44dfecedf67584192f8523077ce7abaad08d6453420a1a292f8258eaf7fe66f79935cd3f6a1a704cea6d0f8c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
ab6b08203379fe0646e3e0bf9b7f58c3

SHA1
74a8a169be22c51f5f934a78d463341a1fb8f3c2

SHA256
bd1621ce97e16525ef563936bb858bf2f38781d6de559d3b3cce68682a5c2058

SHA512
93c725dee2416f2d394f864173c06bbaf01cb66762b7905cfafff89a756933eaffdfef3149821373dd0846485cb10c08f3ad8c5b39dd90dbf901c5e2317d6d81

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
3d87555b84fa1981d58fe7835d7cda21

SHA1
d79b94f8e7abcc3f258245f6ac38394fe0cac63e

SHA256
2b524b643b71cf23c4c0ffdfdede19763d7820cc285c8a4de1efd8a13ff4394f

SHA512
5995f4aa33ce917ba34ba2e2a3a372c81aa7c1cb3d75d23db2b8db0a154fff8993679738ae6bc519286483e212fc546e01ebbe699c0455870df01a6cbf4e65e2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
7715f307f75c400a9ac97549548b6e52

SHA1
82a34697b4ef9245b9616f40c624507d0884e55a

SHA256
c075d652222f6ad3bb47dc06524c84b03e4efdc1d69ccc0ce820055a921a5854

SHA512
b1697059bdbd110f77566f3ad2401f729e35ef44e1a762f60fd5544c71586dd156651e589198404d8d465770fa95a30aca47ddc4a7a0159d3ca75ca882a581ef

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
79a5b64d8af67734c2d77d89acc4a8bb

SHA1
c1caa7d708b726d7dba0d4067d9a8897e1670356

SHA256
b116863ba94bf77141b8af8cee2e4301dc3ebc44e849bdbe2ae9f592df849adb

SHA512
77cc8b579468f207d205187a1b7b54abef9011668e5179de618b491abe592a7a37b9e7f21d2512dc5f039a9b7fee33909b26f0e3f5e51c967545ace9ca117baa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
563be0cb3e9b30503cf2adfc74474536

SHA1
81704011668602c9e9c3e17942d2f41808ecf01c

SHA256
5a824254d6fd623c54e3650754800a2294873d01a04ce046a4879b5fa34b8898

SHA512
d3f5c660408a5813e18700bea85d04baeffe5f0434c51cda75b8b4d625ad34eb116182b93d343552556c64c1aa98c4669ee460c91c5e0b985e1bb0438b26b2ae

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
94da87fef6c36036ffd34a80127c3a17

SHA1
abed463808cb095d1292f2680ff4c85d8457373d

SHA256
063fc4c21dca8d65166109432ede15d14edee518557dc2ca3173dc191367780b

SHA512
f6e474b720876577a0128a00eb12144e49dc3b3d36fea94fe313d082fc39ff49a7ece2463727838d6870d04dfa31732f6b5eb7f7b6d36cfb88a649a31d313011

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
62b8bd8b326f171469c4e8e8200719ab

SHA1
b0f274a14b7eb23bffb0d725650d4e62fda5a7e9

SHA256
8d2b5e118c3bd9774a9a590c5acdb159af558a9666d7ebcce5f1a83e38afdd03

SHA512
348de987cf78d945c08e98c9715bbd8e0dd9f1d4b8fd701639010532f7e5ba0fed9cfec7e2b5e701fac603b0d4f9f78e19bad4f7bec98a85c40cdf46c5e4c3be

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
77f31befcaa7948de36a94ea64615c63

SHA1
685be087b778717e0a84afe896c57e23762b313a

SHA256
279d25421e8c298538a5bb97635b6b8cf55e1a80fc0387cf2cbfff1f0d3d0603

SHA512
79798a63583367b143d3d3ff15d4554f891b3f681492bd0ffccf8ff8b50e9a0af14d78b2e9235c8947c60d4098b87511dc3f50db81e151ebcffc63803af9b196

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
f8be2f353850c1dcd775a7c536df8dbf

SHA1
9519c5bf0f70b45021c804762b6db11b553cdb52

SHA256
b3b3ed61c3c25dd8e3285601dcc3790377d4a27ac4d4826600c18b09e2ce8d29

SHA512
7adc59bf711009dbaf9cacbb7dff45582c9bf89e25efdd8ed204926f43bccd3e6f2059a7d5479b55405381ffcb73a09efab513423c30d25c697ea5a9d5c55a3c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
d7646c7d0df5605c986f255d67fbdb27

SHA1
721715e5b63cf973fa0b1b995bc559fd75539b48

SHA256
c0652ba4c87faa610068a3f2f0d518e3b238f45cd58a44cb39c1a10bdf232ef1

SHA512
87647ce310d8445eb82baf0269082aaf89e5c6044980deedc703a3857b142c212b186939c8790c6227c08af255d306ca40b3ebb8b507ac7787da7bd831609253

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
1fca66f435c517d8678bb7f4d8a7aff4

SHA1
8e763d60438eebcfddd80e1556d04dab6a740a60

SHA256
6544e51282862183bf0b300d3c37d482835f5c444fc08235cdc9ad400b34771e

SHA512
e9551ef248f5577e22a6bd13b95410e1bf75e637e4637e1a009b872c29bb0408335db7fddc4f479e3dc65a184272c4b7cb43edd239ec98face2b2fe373eecee3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
26e26ea36e47773ee27cac04509fcd39

SHA1
3af012b375a33d3a719ea4c625b2a78508bd0e87

SHA256
f6b5bb811bb13b40dca414072568733f28346f0e4986679568f46e94cb8f3709

SHA512
1451ea0c5010f4ae458be2447bc05846c63ef6f493a3e063f2cb76d9659a49c2dab0383472c8eac7c28060ac39a89076c7e6e35e4aab4ebe9cf3ce1ab5fe6c6c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
a6e31a0f029cce94629bd471931fcc8d

SHA1
ae95e9860b0dd79b4b6a6d9aa9e03e5704aee2ec

SHA256
dd27c440e42a969f2806b4655c6edcf1ec2765594d7a90704efcad2a4cd6ec21

SHA512
ccd70837e135ac90ddea2fda56f1793cb9bcf2ad9d2c5b770316c53ecac7b930d96e48504a1650c582f3512ec59a90972d2e6a7ca84ae031fa7ae579d2965bd1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
156cab2532a2d427fc027cac4ee7adb1

SHA1
0123940ac8865e6bc5adc7ca48eb6004da19fcd9

SHA256
70ca62b30f52e5ffd207fb617f8a75ee8ff4bf504cd63679f9ef1ea3b99d53db

SHA512
261ba868045eadc11f0350e8242c6513bfc4b7c847f229f237e2a1e77f324559fb9badee0badd5c4df759c3f83de1798a4ab5897340a06186a5f84db5ec5ed1b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
6a8f8356a853b7070d938718dbbd5a15

SHA1
c1a8ec7378002c4824e51a58c6766bfd6a1a4190

SHA256
19390b9e78565f2dcb520eda1244a9ff0a3d4a6b19866419df7fa36807e9bd92

SHA512
849a12baa1382d474cbbd3d533325987b31add8d0d11ef1f89f4ef8a3e1b380ab60f6754bd9755ac8e34603a05609e56dd427974e98e5a13eabb91ec10a567bd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
1f79aaea4d3ab76ee5ce96ae54f35db0

SHA1
0e90b234ae26d6f91d41958e59840f6e9496b15d

SHA256
61e6d8123d1528850d3eac85a4a0937703a0b3b8ffd89e18e00045511af8f775

SHA512
0ea91356354daef3e2398dccdc980bfa9ff4357d2dd62f259b2164714c25d4e4a05768c533c1825b241f2e64291f071c0f7bd6e5246d58591a2335af6db664e9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
4d5af67a00ab137a8c28871988e2f22c

SHA1
2ff7f83122dddd89adfb96fbaed0d2a307028324

SHA256
999dd1da209c91dda9a4fa3f0aa4c9dc5ba7518af4be745e0ecf72478c48035f

SHA512
4f861133943d0e4a97e2625a260f222f45d937f85d66b9ce4dd2a32d86e811fcfabc99a01afe3e621078a4a0c0c31a3af6c9e8a9e011e58fb01fc5cfc0a2b96e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
f267eeedaae430f7f353526e376f600e

SHA1
beba211a266daf1c6c21c33e34e9c9d6e06da636

SHA256
170c96d6e005eda169c84916d73864081066c97bd761a120decf2eb5c2df8615

SHA512
63636d36e0cf06fd4db42a819286c1fb5204b4b34b5c137ab17e0261e401156d2af42013ae8fa9d81ff51bc676429931d0e4eb3e1cb7e0f3200de4df233309c3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
6aa4de70123cc7bc968228dea6213718

SHA1
03e8317af2f528e65b4abe7bd7d0ce881c6ef540

SHA256
ce9eb74004a85f7d5008ea3dc86999a2feb2ca197ef83a7f1add6885760d8186

SHA512
c2ca23df5411db33222ec21ff6242a142ee2d30c63f8082fdda2b9b4b2b9501f91e3246e84fc0f9b7f844969a1c5978bafbac560d54c7a543cffeef020408eaf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
8ed1fca81ff3e5aad94337ee3b012c60

SHA1
ccd99ff2d77b1e5fbf09bb9e2151e45d49a3e02f

SHA256
13de51744b903ed4e6f0cfc0fe5b74dfa41fea78cc59fa298a9ee507fbed32c2

SHA512
d1c8161290a315adddc06fa499ffe69c8764ffc5b5991c362197a2eb77ed6c9fe2b88128e6cf3d4cd322becfb0067ac9ec24e981945ff77284a354b7d0dc1974

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
8692ff59f800bc49750963af4417ea17

SHA1
bc983c27b86d14a277741239ee36e671ebbc520c

SHA256
0fef9075dd424dcbad17b2b141d10d64f45d75b864b6b0777b5e922d04a55cbd

SHA512
8e1f5afad344afa905b6046ca520df655bd01463e8b27fadb28343f3842868b455028cb265907c21ec1d545ba86f6b00197a0f0be92bd14674a79cb98791c99b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
d8cf3c9c6b0a69809813989f529ab128

SHA1
7712148e855b96a7146ac7a55f6a96261bd11669

SHA256
b9578594be7ef780878b5ce1525de8b2214fc2ad1247fba9c4173279929ee812

SHA512
d368cfcfd3883e027445c3f3638284ad81f01dfaebe32a060029e42695ff429302710dcd5e7c64dc0b957b4076edd40bde021033699705871c8029541083c99f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
eca006f73ceb26a66363832512794633

SHA1
77ed6778b30bfd8f26de0a1fabb33b135f889655

SHA256
3c06a01538d261e185fc83904a2fab1117fe8c4255fd241e7f533a050095e975

SHA512
49c9b3c598818834e94d8f9440c0a3d9a6a9329e724ed241ced15281ba0e0108b9ee2ccf36742b17fdc86072b64a29b14436dbace8fdc3afdc1444a5dedb6f66

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
cc7eea3bda83c16ec516a8dfa3e6f6f7

SHA1
7e6aa155abd51589668cad6b2104b17de7a5ea89

SHA256
e53d4b77e9827f4dc00e8e10ad7b5eac8d194005f53bcc6c63c4bef7c4673c83

SHA512
0917900cec66770329b455d2d2a94c96b5245f3a535d92bb9c81911efab67492f801cbc459f10cd5d5c732ea9652f9f29e925615a6f707ac9c0cdb83b0b14a0b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
dd972abfd858d35be2294d43eaf3d89b

SHA1
b40cc5c122979e0ba0b2b105d36ac4f6202b0cf0

SHA256
bda395a3673d06048a7588553d2b9b8de5d4eb0212bd81727b4fd265b3b6eefe

SHA512
b44b637e3697e27842ec9ebc75fbb6e0cb15faab9757b8a9ccbd43597d87781ed7ea0341946e7f9e436f8157858e6019f7abd2756995780909d40ac9e623f333

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
7c222730065fea4db43a9c0dc73c5f96

SHA1
1656217adf56fe2bfa016f86c161e23b38e6198c

SHA256
3dc578684a9c4aaaa092f18865169f6a35fd9eff33ad562a6afcae8c4226fb73

SHA512
7fd9646507bd483bfa7d3ac11e826c5e52f643410c91bc7104bf19d9ff50ef76116723bd2a198d43cd9ce0cc512575f1544a5a75eefbe7ecbb262cc72951ff62

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
4a24b864be615c3a7bf6080987ed5c77

SHA1
a16af4a74efe4fbc8ce9e340ad4ed05e6e6a53d7

SHA256
628486efb847b364d828724b8b2a311c8b5617e8b98ab0135213e901f7288d40

SHA512
aa573dff91286ddb319190e03e96cbaa7aa9249024b6c530c04c013f7063ec0cf7e51cd8827dbf96b8dff4dd869e22963f8b97f25de7a4ef62a42a2bf56b9875

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
dc8edf2233d1457cb9730cd5ec03a830

SHA1
c5dcedb41e18387ebc92076413496464d6fd7c12

SHA256
7cadfab049cc986928a735651dbd56b8fe36bea0534fa8efa4d2a11c7c1cb639

SHA512
6f3c7fbb6f915becc836ffaa622b577b77b06455b778e14c7fe12cb6ec07ff26bbe4503d88fb1908a0abd95eb24a37cfa951dbd46e5a5bf73c04bf04b909c026

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
6fd1c54dd5f7b84449275e8396b0a705

SHA1
230e602c326893adde02b39cf9ff4f81b3538fec

SHA256
9332470a1d0813110dd898a36af08c1268629e32ad8118fe9b92505bab6ab6d7

SHA512
80a716a29bde3526d16001d360e36f64930e330bca5d3ffb70cff6ab3a67ebe761470cf668551d8db98071a745d809523074398cb8778f35113696208d249487

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
f87efdcaf386e43cda70ed399ab5d6a8

SHA1
621c16c6d4258e9cf968cca664d971217080eb5b

SHA256
29d0c6cc974e3f78af9ab7f0bc5b0872dd6e15e5b6e92a5c98cd2578866c4cf7

SHA512
d51ea320567c53ef4646e4295b77203473834db55455a9afc96219f4ca004a36af633aa150be78f3c8d402bca2e8dfe454c5b51daea32a021cddaed475c89b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
fccfadbdbb5d411851a2ddf67b5dd334

SHA1
0701f5879f4a90e89d80863b33ce7148e6605fd4

SHA256
80a5096c40196fc898fb035ca65dcf639f2f1e15764e9f4921aaeeaa4fb06ea5

SHA512
9a6631b05e9e6616718f2eff2a4cd05f253de3379381e23702fec22ec391af4151d985c65dd893b497a65ca283801635320e18d12133b61ae6b2c01339e24966

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
0cfa2eee466d75512decb05490df5618

SHA1
e47a2adeca293f740396aaa43e084722ae5fac12

SHA256
b86c9152ba6c3ada11fe82be33ea5147bb7cb7bd3ec193c5b63779e879726df4

SHA512
3ead91cc08b790a6aff79126d92fa656beb2644dea78fbd094182630183c9884f1584b50ccca1a50a89cf0aff51b4b80016fa618922ea0727599d55d833f7117

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
613847cb50152ed68169500df9f41c61

SHA1
03a819e925de7d348bd7ac65fe5191172126d274

SHA256
d86e8c8108342c3d7861d1e67c14350773b89dc829180b0a42152cfe81648bf6

SHA512
f13de7310b69e3dbbdcd6f6757c155749ca24c77fd37cb4b44b9bb5582b743dfac8d1c1764bbacd466529f74203cbea4ffa9c3417d9169847096a15fddf0720d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
3a655d752046ae4d877ee9da0f22e64d

SHA1
aa39eec3332a9cf3f9f8a74feab43e7845455b3f

SHA256
789ad9f8cbcf3f4ab0e827d093a344f592e76f95e8fc0a25c7cd1e3dbf554dc4

SHA512
b7267fb1366d6a8fb22b024595383c9499963f882e22ec60a14b51009de2339fe29aa013921ad68b47a0769d5c4a6aa7ef00f2f3e386a1045675667ea8b8834b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
5358d8eea9e41826a90e7ebef140ad97

SHA1
0d7cc42e71fe28b978e42448294eedc4fc9aca9d

SHA256
3a57cab4e1b669c2a3de22932d74428264274f56474e8b955e97111cb49d76d8

SHA512
7ac2b0e0b2536845f1f0afe2d676e915fbdc0c53b86c0f8753583c21c1614e506da5620f5b2b91d69ed2ba0930760a3b01ce9cec004419c806d5bae2bcbc84bd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
a38f5da84853ab009ef0e26aba21503f

SHA1
48b609a4fe895b8b992a6b15d07dd9d960b6eb67

SHA256
6478eaf487388007d7d35d8430244bbb7318eba16773982ba5c6916e51da109c

SHA512
2ec8007381881db5f6abe3648fad1ff3ebbde43208639cdfb9311e2f797289d7929f9dd91e8442f9506dfbd32926302706c587a55c8263204d3b5c840c3f75ef

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
780bc86eff302e3cf4a26318f5a3be36

SHA1
50c2bb293ba8c6179786fd36c527397d3c7d3c12

SHA256
bc9b87e8d7661dd819f2f2241da12c91542e87ca9f41d8eb2376af245ca5d396

SHA512
1b98f294bf5da9a841fea3ef8b677b4febd841a3b25004cd72b4eb1e59335d2e368c80431282cc4ac5dde59ada463584b857ef15fda58fd001417dd0a3c9bcf0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
f5d5eb31c6f1915de3a0c2f8ba08a58a

SHA1
614998d0f3fbd94b83e84e3f0202061b21dcf79d

SHA256
f5b5fdc2c768e94e257dcfec5373d0c09784e17f1867e5849d4b858ea819825e

SHA512
bc27dbeba4765841c5822fd67d50d43353f1a353a0e357ba18203a727c53192e0a0bf0bb0bbeb05cba6a53dbb0ce4f33daf05a0e0ed85bc727e3bfed45294768

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
a814f15e28ddb507cda81ab9a3fb5eaf

SHA1
e64df5011f7ff9f58f3cf80a64a3eee031542460

SHA256
a45e0bbe00f13bf3aa259d89d3fa6f5dc1b79455887227d85b265944a1666dd7

SHA512
9e7bad8405b1afdc248cd4beee69d86fe8d098d82ee066b1e8124b8f938d4d498a48e09daf9154758bd2bd6e06afb03403533b478d1ae9f63d1d1dd8fe028618

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
9c73c2ef0f1672f3c975a00770f13995

SHA1
2333531f4247ca5f5b5cd71ac32c5cc8b487fed6

SHA256
3db13300f550a44a623816be70ecad45fb8ec71e866ba5707101d1fa7a693c25

SHA512
26c12bfe83a0a437edbf1719d588bda938e84286574bbd1e1061da0031df7418e91b2c703942c4be5973031464d765505d740837896bbaf1331e7f6853221ac9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
bfc3e8219cbdfacfa799a8d27cf70f89

SHA1
c9d58d98e0b929a3c439b8b7c964313fe8a8c870

SHA256
a4f175117f0f403a34be9c6083fd8a1c16c4e15aff9d05bc2e1afaa7a7273426

SHA512
8bc7cb9baf4db9207ad2e2324ac00ac881009df05d22207cbc0b51b9ab205df2c48e5989adc7966dc9869e02f529c069850c91cde4789bcc999cf061d31c11f8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
67de666118238c32bfca27ba4dbf2657

SHA1
2e0d17f6d6a491edc70a7e647e576a0fd965056e

SHA256
73ed4323538ad383d0a40b7d2db88a31f653b93875641fd03e46ff2cdcb92c91

SHA512
4c1b1b180a9caa1d102a4c366966b6b25f4f9d582efa8b1143dc31c80ffb23b5cd260c6bb610fe8aa1b8dc81f467559a1be2b2aec96e9cd00b56a37a1618eb26

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
d70b8eaa2f6ca12e4bf7a75ad2e01a5e

SHA1
8ed508e809903e5786688735d7cb96e70881621d

SHA256
c581e95bf1b4c1dcd42cada2983c824a08d267550859e32d2a414321b596ca3d

SHA512
d3ac65be2cd432b994aec3b7909706f1a4dd7c2d5275e9d4c2cf71a35cb8596ed36e372e393a46d6724273a2c0ebb36d49a01b699ec89cc5151080bbeeec14c0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
6b123c71cd43cb6038ce595928cd4392

SHA1
1346049e8cfac8661c3d8e64007b054c435f2aaa

SHA256
d82b32b3c893753b80fb5dba50069ec9264516e67206b6d5655b34d439873dd3

SHA512
b088329aeda48a86121789ebd470e5a93d56ff8a37494c51f2080f0db57690353cdf882e1bbe9d7f2cc8d17dcdaea9207a252b7eea9d822021355ecf46a55da6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
c70787145a2b37389a6d7685b91f9a3d

SHA1
74964aea65ace183d34627de7c84a627526bb6df

SHA256
deb5749bf058d9a3ca166ac34554fabbee72b0c7471a7abd7c1a7d09246cb6de

SHA512
7705d55185c5fd4bf36850de2a9614a6e33ab73e766d3ad66ed6ba8344512356f825141963b391e86d7b3fc4e11b201bf6add0f45f4f4fdbaf70c6d624a0cdac

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
fb4bc94a168e04ba55dc1c923983fc1c

SHA1
5fb04683e3613e7ffe4d58821b74baa325ec4ce5

SHA256
59d6452189a09e311e5f713d8b96a0dfb3a49f8378b9d4718b576ae6bac4a342

SHA512
d3f18738eadb655031ffe3b5c022e521a0edee4fcde9d449048dac963522d4d624b85bc163e085f9f2936741a6dc74632f24a800a7c83efeea90e31c1fafb284

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
2699961853f27cf357c77318d76e8808

SHA1
d25818b7c838892ff0c9d64a07cace510ff11a8c

SHA256
78e2262c93c7e56a88226749d480c1ce15d1ea5232c74c98c491d947ae061ba3

SHA512
4d0591e60971e62850750bc8e222c33db9590cbfd834db2648f4ee0ebb1fbaa072ae743a83705cf90875d04860388bf3b3a5aca7dda9e7994e5075a0ab869d18

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
9b49e3935e5ac2339b145800d53d62cf

SHA1
9342e8b08cd0d16643c8e629cb0619c515a3a653

SHA256
ceb05841ec2376c2e1c167dd4630ff2358d29e3fad9514e2133afcd2e874883e

SHA512
573c490574ba4843c896c0d2505d352d6cedcf1574b4bf44f9e5cc9035009f56ba1e7f7a792b972c367d0fb765e4fff7f246a7b2a49b4d662f64519e1ba0c2f0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
96B

MD5
e47348d4f124f07d026595825e8dfed1

SHA1
db53e2c0c23347048c1c34d6753259c49d7a09b3

SHA256
7b9b2b1831ff9e1bc572730040c4c984f0cdde190aba566d9418bf76c1bf295d

SHA512
7d0da1deab866d820130feef94dfc0447e4f85b4c8ac7062eb33933e76a63f7bd90529153807a3819e98cc9e8b80ec489a5dc47df30cd589c4f9291b3ee7864d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
214KB

MD5
61ecf754028c8e48d74d93cb9ed7ccd2

SHA1
8ff3c75931561e4c9b821aa2fa1c79fbcc3728ac

SHA256
4f0d5097dbb831f36b07d40edc2d6f8302ca0c36594f9dd01830d352ad6d9e41

SHA512
4cfc9bc3afef6081572d928392a437ef731cd4a877a2723b546fb59938a21edbdfc4a26ff4393bfbd0ac5d067470ed3f789178ca9dcd9340195950052efb48e7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
214KB

MD5
cb028bbb2625c6b05a3da475246b00f1

SHA1
59faa5c3b2e1a40bc4b7d7d8ce1eb5d864017124

SHA256
bccaf53a4ea9d7ad7a4ae084088c301bca5f90371f863d3d7740e7267345dded

SHA512
88d023e593ad50cc3432d7311e5029c26b0dca8652ae6c3a2aeb0b32afe3a4c64d920867eb92e9039db1407c10c51dc1188dc121e0cee456ad1ddb77bd31494e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
101KB

MD5
ca52faa07f86ea54fe79ff01eb977157

SHA1
5f2824a88e1a272c707197344402adadeff26aa5

SHA256
a6ea2b4fe65fb073e4d6b315ea3b91817d7c48a5bea2234da3b9e17b2db73d7a

SHA512
10e303a70140455654628e309f650deb79ad66e81a900fb54ea4ec16190818155983688fb4183ec69deda190964c0a72f666cdc65a979006a1de6803bbaed4b9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
214KB

MD5
bb9416ffb775152cd1efd2285d76415b

SHA1
0247facd9fd30b6150f0d2f2aa280b1be9e4b0ec

SHA256
287c78e720036a646bbb0c0bd0769611e65a37586cd00cc2a6580e4f617dc4dc

SHA512
874ef20b908bdfccd871bedb88be6659d34d0fe5a755eafd931c4427e5ce06d69673eed4cb53e526c07711079dfe661095399760a0a9631aa237cccab0597fd2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
a8276eab0f8f0c0bb325b5b8c329f64f

SHA1
8ce681e4056936ca8ccd6f487e7cd7cccbae538b

SHA256
847f60e288d327496b72dbe1e7aa1470a99bf27c0a07548b6a386a6188cd72da

SHA512
42f91bf90e92220d0731fa4279cc5773d5e9057a9587f311bee0b3f7f266ddceca367bd0ee7f1438c3606598553a2372316258c05e506315e4e11760c8f13918

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
058032c530b52781582253cb245aa731

SHA1
7ca26280e1bfefe40e53e64345a0d795b5303fab

SHA256
1c3a7192c514ef0d2a8cf9115cfb44137ca98ec6daa4f68595e2be695c7ed67e

SHA512
77fa3cdcd53255e7213bb99980049e11d6a2160f8130c84bd16b35ba9e821a4e51716371526ec799a5b4927234af99e0958283d78c0799777ab4dfda031f874f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
72B

MD5
f9178a0977a35e68c457cf2a9651749b

SHA1
53b6c6974d07c676f5c360d8713f89c909d5429d

SHA256
b7ccd145f7072837556fc756178b00a0916019c38dfc161380e765ae777b8e8e

SHA512
7d33ff17fe020730b9faf0c52bfc845c06c70de552aff8376b3d15ba01f485775458051fa077b5733e308ee382ac46fa682252b4400847180fbd14b375a0884a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
7342ad5f944e6b4c8af3e87282671f01

SHA1
b06a07e550b6794a2ae4485d0ffed831d0810931

SHA256
3d1ac7fc32eeaea70380c02e2cc67c25267c3bc8cdf60bae6ad97967b99bb03c

SHA512
2b4de6e3a8dd790da463ac9f6d62d2436480a8f0570eb5be7cb1b77202729e8c2d8afeec8bf59e917dd6b9bd484658fa5d939d62e0aa2c4442d0d2ddebb4d638

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
14024e3dad256dfa38716d3859653018

SHA1
6a95f9c24a249e07f077dbbd6b326e7ce0d64680

SHA256
dc159507789a319088a005a56ccea3307017ede7c45ed7720a370bd30b05871f

SHA512
6eaaa26ae9ca8f9af17560938bee273b36f1548ea30dfd6b76f198ec9f5c13bf205026662e08c595f096b7ca50fe02098adb65d97d8cbcc8cc7aeb7a12bcc509

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
0c9c7ef9f2e935c0bced0e44bae0ca76

SHA1
0a8445dc8074bc1c8c22e9b141d588715c1fe1fa

SHA256
e1e107ec3edb43e632e2e5e726f0f3c245836743c836a5dd13117369001dc9b4

SHA512
b00e49e6767cd6d691ed74f0fc2d0d2533abc67708683a7abe5fca176a4869165104189f9dd3eb37eb382d2e04fe5d3f9d70a9c4298afcf56827da7ba9c113b3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
357396c6f2f1c5644204c6a2a0924272

SHA1
07aa77d981c9ada6d00f679ce054b99c5992498c

SHA256
1add065ebda9a8da6dc76e1d703d44523809de02f35a5b8e2d0f28709275d2d3

SHA512
e76532cc077246ad452a0ca74bc99354b12391499e8b0dcf8f706cba96c91d7df303b1e2cc57c694e9aa4206d2159265f76112995fc990643532db78158bc6bf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
fe4325776516106b602f3e665033f318

SHA1
1128dec6c0ef35de70f698797317e8b9d26b0e9b

SHA256
9050fdc3feac4e763a248f72886f64233fd2fe8dd6bfb4c04de1658aed7e966c

SHA512
c6d96c45a7a0762f5cf328bbe5aa2edf9ec87d609fb061b9a5b4a52f03fedc264db58ac70e86694df13e4b8d3d8cbf10f4bbaa1d9812ced18605fa0c8e78d195

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
871B

MD5
0edb182db38c146b644347785edeb61d

SHA1
21007d07c61cb8e2a713dd57244704eb3d6ba69c

SHA256
85fd8b2421403c0d7d0388314739c310c5c7343367c10702efe619feb7a3b29e

SHA512
af9af999d75cd4d985f23d886602234997da56696d8946d1085dd6ceb22dbdab3844933c3e6be7363abe2ce9ea6321ea1d59930e25a1748f91188e57c3cd408c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe588141.TMP

Filesize
704B

MD5
fc5d1a2d49aa21a1d4be7b398d591ad2

SHA1
c1183d9fc17261799e6ddf71b0796d2b4e855a0d

SHA256
3e9a259cc51890113b2870d5cb03a073d05440a2d0d8c687b8da3a8e9ed51fdf

SHA512
02bfa374652421c7e6a86ceadb067da4999880a8f83ff7617b1d2b352912a3f25b99050bba3afd24893eb90ebf6bf0e5f51fc821574a6046a64ac0523b91f5a0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
382755ccd5a2caf5c553cb66809ba89a

SHA1
5f86573fe4fca3c853712fa8621876f000e2239b

SHA256
242eb22e99ff22a297f6225c01a52007c436dd41e575f7f8bf552e575b82a2b3

SHA512
f3587fd9e85ca28bf8457c84285b47a84c0ed62a39244000059bf254c3b6f8b32124908ece145d15e976a76365dab0aa76dfb2e590c597c89cb1d0e232f9c8a5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
161967d477f46a03288ff3867ac43b3b

SHA1
9655e7633cd28aacb4e5623c1ab93215467eb55d

SHA256
d01711e03954ea0e22f3666116a04c694272ef22938ca40d4c603052336f7b93

SHA512
ae54082f2fbc4694aae3df64d6a4627d889584e3b9d39871b01199c5f00aeddb64c9a9001c459e84e5dcd8d7db65531384bd53bacf3ab8092c7c0c7a26a08418

Download Submit
C:\Users\Admin\Downloads\ZoraraVVVER2.8.zip.crdownload

Filesize
17.2MB

MD5
eeb1f486796fc8c3df741e7c3bd650bb

SHA1
d6050ceff916d281d0c2cd30e851a2546c5df5db

SHA256
9e3fa0ed7868c67a11c03bd90a40c9a7e49b305019064b78a0dbc30d7c7d47b0

SHA512
629283e47d48991d8aafa3cf897bc252b3a7a6afaccf24b71cf42e23d927b8719834e9cf4841c18b032eae266c9329c8a51bfaa82479548061ca70ab3ecc8b2f

Download Submit
C:\Users\Admin\Downloads\ZoraraVVVER2.8.zip:Zone.Identifier

Filesize
26B

MD5
fbccf14d504b7b2dbcb5a5bda75bd93b

SHA1
d59fc84cdd5217c6cf74785703655f78da6b582b

SHA256
eacd09517ce90d34ba562171d15ac40d302f0e691b439f91be1b6406e25f5913

SHA512
aa1d2b1ea3c9de3ccadb319d4e3e3276a2f27dd1a5244fe72de2b6f94083dddc762480482c5c2e53f803cd9e3973ddefc68966f974e124307b5043e654443b98

Download Submit
C:\Users\Admin\Downloads\ZoraraVVVER2.8\ZoraraUI.exe.WebView2\EBWebView\Crashpad\settings.dat

Filesize
152B

MD5
7990865b84c1a257c939e935dac5c048

SHA1
b2e3449d3f7368faa2be41f633962da265c75899

SHA256
16389f5d5b173037b22d8a7389a208ba73dfb93737f49709ce1885a472a16e1a

SHA512
985797bb11edce8a8b3a91f676d66f6734b68d25d201e4c4d3ebcbb094d53a819388e9e0ad4ca7bc63801e5b8916192c9d871ca2f46cc52fe5f093aeffc8600e

Download Submit
C:\Users\Admin\Downloads\ZoraraVVVER2.8\ZoraraUI.exe.WebView2\EBWebView\Crashpad\settings.dat

Filesize
152B

MD5
f51b2bbfefabba4c69a94a34e2ca384c

SHA1
0b68a5aca8c1f1d62d645128f355a025f72b5ab6

SHA256
79ac7ffbd38ee75ffcb01bc4cc14364d57d391a6cbf4314acefd6ee124cec2f1

SHA512
8db933a0b7e3c3b2878fe650807124cbf5145181b8bcbd829b9e3966b30d622b9c6e413de3846b4d4ce7017139cc3cd61528e8fef216047737939d72a776dbe5

Download Submit
C:\Users\Admin\Downloads\ZoraraVVVER2.8\ZoraraUI.exe.WebView2\EBWebView\Crashpad\settings.dat

Filesize
152B

MD5
ea1d61ac01c0ddbdc99257a37d3e2100

SHA1
5f3aedfe5849420849fdea7d8cdbabc932b76183

SHA256
3e3dc9bb9dd7df94de326304ef5dbc4ea4fd7eacd8b1ed713e1b4d61a8f0e849

SHA512
afb82a60f6fc433a9a027bd73868eef5bc29aca287dceb90c76f32326dc3c5f777c1e596bc4aa7d173f5898a868015c14c65ba9123ed17993ebece62fa0e61cf

Download Submit
C:\Users\Admin\Downloads\ZoraraVVVER2.8\ZoraraUI.exe.WebView2\EBWebView\Crashpad\throttle_store.dat

Filesize
20B

MD5
9e4e94633b73f4a7680240a0ffd6cd2c

SHA1
e68e02453ce22736169a56fdb59043d33668368f

SHA256
41c91a9c93d76295746a149dce7ebb3b9ee2cb551d84365fff108e59a61cc304

SHA512
193011a756b2368956c71a9a3ae8bc9537d99f52218f124b2e64545eeb5227861d372639052b74d0dd956cb33ca72a9107e069f1ef332b9645044849d14af337

Download Submit
C:\Users\Admin\Downloads\ZoraraVVVER2.8\ZoraraUI.exe.WebView2\EBWebView\Default\Cache\data_0

Filesize
44KB

MD5
a4b273a271dde1305c7a532499af56eb

SHA1
96ae751e3b5b9bd446101cbfe4d491c848766cc9

SHA256
f722f4f8d8664f7d1493a7d5f3590c4003414639b9bb286812d0e0af08332a6d

SHA512
2cdca5d48eff5117ed3ecde8bf15de0c870197d69db84ca405382ac98039d85a56861636214cfacab805cf1668cb2e3e5b678b856fef85e78dd993e7e07a0dec

Download Submit
C:\Users\Admin\Downloads\ZoraraVVVER2.8\ZoraraUI.exe.WebView2\EBWebView\Default\Cache\data_1

Filesize
264KB

MD5
8f06377faf643a418ff7a7d3f57143aa

SHA1
b71097459490bd62b2c8ec632f299d98fcbc9915

SHA256
670de312ae53c79ffa691fae38261bbc6c87859aefeca4b6d98fd32c6ec8bbd5

SHA512
51a76e676e84786e927fd44a3a592c3ba29dbb37d939132f25bedf95897cd6d5fe0dec01a49992c311c0e517a286300ff93d072247ec638b9f51a1099a4680b4

Download Submit
C:\Users\Admin\Downloads\ZoraraVVVER2.8\ZoraraUI.exe.WebView2\EBWebView\Default\Cache\data_2

Filesize
8KB

MD5
0962291d6d367570bee5454721c17e11

SHA1
59d10a893ef321a706a9255176761366115bedcb

SHA256
ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7

SHA512
f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed

Download Submit
C:\Users\Admin\Downloads\ZoraraVVVER2.8\ZoraraUI.exe.WebView2\EBWebView\Default\Code Cache\js\index-dir\the-real-index

Filesize
48B

MD5
372dc865e64c73f43cf67273e9e64082

SHA1
d3043009edfd03d59bb0da9b4653883719052a46

SHA256
e4e77d736f98a6c208374ab65d411971f2de070a1aa4eda5d87d1862e56f05f0

SHA512
214720184826a41a5a71ef91e0f049e526d75135b27dab7175253cadb98110dfa288e1ce350b3fa1ae1b9248842c168b5ab3f92e82aa042c24d654e95d778438

Download Submit
C:\Users\Admin\Downloads\ZoraraVVVER2.8\ZoraraUI.exe.WebView2\EBWebView\Default\Code Cache\wasm\index

Filesize
24B

MD5
54cb446f628b2ea4a5bce5769910512e

SHA1
c27ca848427fe87f5cf4d0e0e3cd57151b0d820d

SHA256
fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d

SHA512
8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

Download Submit
C:\Users\Admin\Downloads\ZoraraVVVER2.8\ZoraraUI.exe.WebView2\EBWebView\Default\Favicons

Filesize
20KB

MD5
5688ce73407154729a65e71e4123ab21

SHA1
9a2bb4125d44f996af3ed51a71ee6f8ecd296bd7

SHA256
be1b822e970dfe1a120d248db7000eaf799bd6531929a1308676c70fe1608d60

SHA512
eb6452b23ea36c39d03ead154185616c13583f12f382cb2456beeb1ba6e5febdfd2a6f1064283cf115ad1c517dbf409777cdacb128e00c9d3f401335db355537

Download Submit
C:\Users\Admin\Downloads\ZoraraVVVER2.8\ZoraraUI.exe.WebView2\EBWebView\Default\GPUCache\data_0

Filesize
8KB

MD5
cf89d16bb9107c631daabf0c0ee58efb

SHA1
3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b

SHA256
d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e

SHA512
8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0

Download Submit
C:\Users\Admin\Downloads\ZoraraVVVER2.8\ZoraraUI.exe.WebView2\EBWebView\Default\GPUCache\data_3

Filesize
8KB

MD5
41876349cb12d6db992f1309f22df3f0

SHA1
5cf26b3420fc0302cd0a71e8d029739b8765be27

SHA256
e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c

SHA512
e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e

Download Submit
C:\Users\Admin\Downloads\ZoraraVVVER2.8\ZoraraUI.exe.WebView2\EBWebView\Default\History

Filesize
116KB

MD5
d93d543be65926671b6bdee483fa6b8c

SHA1
55c7dce60a5edd662fd8c3fac690967e5e573fa8

SHA256
35096063468bd76ca6ec2339138c1c597a5ebc5e4fe845407692ee99bf9a0399

SHA512
6665e773c1ad2cd364ee128144a4de606aeb48372744d12a0bc59fd991839a0c9d709f7d51ff8225c9768c10de9c7f63a1836d33526a5e1998bca3e0bf7a8d99

Download Submit
C:\Users\Admin\Downloads\ZoraraVVVER2.8\ZoraraUI.exe.WebView2\EBWebView\Default\Media History

Filesize
76KB

MD5
cf7ac318453f6b64b6dc186489ff4593

SHA1
b405c8e0737be8e16a08556757dc817bd02af025

SHA256
634434e865f1ba1b90039bd5afd8f01bad6d278377106022ea2a9c2d8778d31a

SHA512
b64e484d16222d8de31f53cd60b719b7d855bbc552a7d052e202382bc3013e0edaceb31e3a287f2ea6b7117ccfdb8a56ea9d7da78535d2c606183072ecd084e4

Download Submit
C:\Users\Admin\Downloads\ZoraraVVVER2.8\ZoraraUI.exe.WebView2\EBWebView\Default\Network Persistent State

Filesize
382B

MD5
03adf57b6542e2269793b2a9d863755f

SHA1
54f53df9c01da5c1cc421fcd74523a921907a47f

SHA256
37ca946fa585633ef5e79846d21565b79de464573a689242e59806db24c1c574

SHA512
40b3c261309d4aba590b8ff04832876dd48262775c1296b51152a46224d618c4d5e3626c182a555016e1acf460fe5ea6292d8ff109de0eb12ade8cf8fe60f591

Download Submit
C:\Users\Admin\Downloads\ZoraraVVVER2.8\ZoraraUI.exe.WebView2\EBWebView\Default\Preferences

Filesize
4KB

MD5
2735eca26152ea1583174358d9a1a250

SHA1
24d1a967611a86699d1a9c9bee3a1ae694600848

SHA256
a5943f02324281455f9881f2ef747ee3c5d679887e87826800f3c20c98963c79

SHA512
ca99ddaae23b6f186e7d5c3e5d8bde4361c77cb500e5ede8c0bc3162cbdf09cf33070d62c17898c86f0455b07a30c9d4f0d58b1a4e04b0f0117f0a2ad204f1f7

Download Submit
C:\Users\Admin\Downloads\ZoraraVVVER2.8\ZoraraUI.exe.WebView2\EBWebView\Default\Preferences

Filesize
4KB

MD5
ba730b2ef2ae3390bac0934fa5adbfac

SHA1
be2286d72c378ce59ba6a0902096b5ee164755dd

SHA256
61821ccd3b681b8ea2af4e525465d56976bc1703a58db45143eadc51a1edb75a

SHA512
e2d05c4557fba45e8ab000ce941b55d534d3b7f4bd15227b752723ee99c3fa9e1b0c89a2e8e48cf7d95c04b5b4ed3553e83f78705b377943da191c5407c0ac3e

Download Submit
C:\Users\Admin\Downloads\ZoraraVVVER2.8\ZoraraUI.exe.WebView2\EBWebView\Default\Preferences

Filesize
4KB

MD5
8faec18deb1671a790675d037493c78f

SHA1
1807d27eb2a3d77a1964522fb04d5500761d43c5

SHA256
f74c0a1bcf5e5de75584ffa661a532ce21401a20b39ff80cdc4ee8fdc3a4573e

SHA512
4d72a1cc66a607517f1bb923cdcc0cca5160fc85eed0ee776f6a10a2d0edee9dc171bebab9e960514e59fbe73179c187c86f3f676723689cf7f6713f43f77cf3

Download Submit
C:\Users\Admin\Downloads\ZoraraVVVER2.8\ZoraraUI.exe.WebView2\EBWebView\Default\Preferences

Filesize
4KB

MD5
2662d006b71caebb9b80ff341090df88

SHA1
80a547650b545e7341738d16aead36fa51b04f17

SHA256
bed0671431ca1b69932deaa6a1658ddd49469d97183694eb90b0eb5db24eee48

SHA512
eeddc320c31489d2b45396a0a415a1d23b819fb02bab6981e2228d6ef94a96aeb8e8e39964aab9bcd6ff7df5829d9a1d5636c43a0b5e36f4091ca291bebc062b

Download Submit
C:\Users\Admin\Downloads\ZoraraVVVER2.8\ZoraraUI.exe.WebView2\EBWebView\Default\Preferences

Filesize
4KB

MD5
c09f0037877a554f695c5f7c965b9b75

SHA1
26b7bb2dbe04c7eefc860f5d4c8f21b1994b3cd3

SHA256
a8be1dc659819431adf89a996f12fd8b9526f645a551c951a651a7bbadfc13bf

SHA512
8d7f56b49a7b26d5df86b08b07d7656c1b7d9da772cdf4b0059b41ca49924d125925ec0f32c40b7a34ef3660d985ae7d5df78c9f4efd656bd3867bf8f07a9862

Download Submit
C:\Users\Admin\Downloads\ZoraraVVVER2.8\ZoraraUI.exe.WebView2\EBWebView\Default\Preferences

Filesize
4KB

MD5
a48bad80dbcfea4abf224e2aea156b44

SHA1
346f5a93e178a32765d96131e458bd2f11db7776

SHA256
3a35221edf730e2908c421a0dcc595c9768c77629caf8e5f62ab1d3d3b8e4ef6

SHA512
d101df36dbec81e4cf37bd0452b09a9ec49d778dd5f2827bac9660df71abc2b16c8665ef16476345e11d890014ec16d06dcff2824d8129439b4fb4493339bb17

Download Submit
C:\Users\Admin\Downloads\ZoraraVVVER2.8\ZoraraUI.exe.WebView2\EBWebView\Default\Secure Preferences

Filesize
8KB

MD5
a3326f2958721c10952f30b28d775d1d

SHA1
ba7b3c51c381aeeaea3af0a7c50ba20ea20904dc

SHA256
64c278b5a6682ab62fd9b44daf5cf4de4bd4608df16339d0b4e18aabf283c7a7

SHA512
4e4f17b9bd3543952709cb0a13b44c69b75ca2e873b83e41d3b1a532dda4d025c5be41f065a9e4b550adf8210ffe1db0f57f0adba10ea353160ae94eef989e98

Download Submit
C:\Users\Admin\Downloads\ZoraraVVVER2.8\ZoraraUI.exe.WebView2\EBWebView\Default\Sync Data\LevelDB\MANIFEST-000001

Filesize
41B

MD5
5af87dfd673ba2115e2fcf5cfdb727ab

SHA1
d5b5bbf396dc291274584ef71f444f420b6056f1

SHA256
f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

SHA512
de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

Download Submit
C:\Users\Admin\Downloads\ZoraraVVVER2.8\ZoraraUI.exe.WebView2\EBWebView\Default\TransportSecurity

Filesize
371B

MD5
66e0450d83fe67dd8074e7e50f29b4c1

SHA1
50134a23026e00dcb3361bdff9291e7f2579ab24

SHA256
352a6aed60ad15ffb71afd2cd9c9b63a62e0dd27591939eaab5f17cab800cf61

SHA512
38088fdbd6a71c9007f21c27b39423f9814e90b9921f6677cbe16c5e79f8937f7bbf306622e665c5c8645a6cb8657264526980e606256070936e8937ec5cf7e9

Download Submit
C:\Users\Admin\Downloads\ZoraraVVVER2.8\ZoraraUI.exe.WebView2\EBWebView\Default\Visited Links

Filesize
128KB

MD5
73ddf517b21867d73791d3331d5cf25c

SHA1
bf5d9a82db11afa233cde3e66f8df014fdf6e41a

SHA256
692c52a777db9a48c4ed8238d254d4a973d8343b7050bef36e60d9f0f698d96a

SHA512
a3bccdb0f82b41dc9275e20846b6234c7e44624f188cce572bc11cb77136e13a974940c233aff76495746ed05727a00625821a930f255a1496a0d085040a7af6

Download Submit
C:\Users\Admin\Downloads\ZoraraVVVER2.8\ZoraraUI.exe.WebView2\EBWebView\Default\b20db6ac-10ae-4d08-afa9-56fecc66d38c.tmp

Filesize
1B

MD5
5058f1af8388633f609cadb75a75dc9d

SHA1
3a52ce780950d4d969792a2559cd519d7ee8c727

SHA256
cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

SHA512
0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

Download Submit
C:\Users\Admin\Downloads\ZoraraVVVER2.8\ZoraraUI.exe.WebView2\EBWebView\Last Version

Filesize
11B

MD5
b29bcf9cd0e55f93000b4bb265a9810b

SHA1
e662b8c98bd5eced29495dbe2a8f1930e3f714b8

SHA256
f53ab2877a33ef4dbde62f23f0cbfb572924a80a3921f47fc080d680107064b4

SHA512
e15f515e4177d38d6bb83a939a0a8f901ce64dffe45e635063161497d527fbddaf2b1261195fde90b72b4c3e64ac0a0500003faceffcc749471733c9e83eb011

Download Submit
C:\Users\Admin\Downloads\ZoraraVVVER2.8\ZoraraUI.exe.WebView2\EBWebView\Local State

Filesize
8KB

MD5
97bccad8d59305ba9354c2e3d0d6ad01

SHA1
a43aadd6d1ef43f52a108ecefae93b6ba8d6ca0f

SHA256
9785806712964f5b427d7073c24f98c47db2e562e75be1bca1ebcbeff809a695

SHA512
60c420959b1dc96b42054cc8e1e7b4b1d006680847c06e3750afae6c27599b95adde4371dc4f2f7babad6e46209df4ecd223f46e4a4cb66431952a94ea61c52f

Download Submit
C:\Users\Admin\Downloads\ZoraraVVVER2.8\ZoraraUI.exe.WebView2\EBWebView\Local State

Filesize
9KB

MD5
7233c1f4278ed20165d4b7223496fe57

SHA1
cb2fe01106c4f24d32038c884114e30f27638097

SHA256
1d398e190c017a743aa8375b964374634d921a93b31c8974e726b118ef3fdfc4

SHA512
c932884314f5573b4b6c3f74cc023d102b0a682bd98aaec2d3180adddb4aeea7e4ea9681ca362c3a0d546b2b95d3e3d3b6dc207c8f2479618633c5f78f847d8a

Download Submit
C:\Users\Admin\Downloads\ZoraraVVVER2.8\ZoraraUI.exe.WebView2\EBWebView\Local State

Filesize
8KB

MD5
e046ffb84138aa7f189b246c32a7ca8e

SHA1
1f7286010b21235a0fc59325e9bc3d828ddc98e4

SHA256
486a5308076e2a1681f96235129723c35cd2f9b6feeac140cd9070f5fdd40e0f

SHA512
a133b0a4fc0c27da9dfc7ee880d47d637036e32afa47d48bab17d0d41be6bf5d85364e75965ce86808cfaaadaed609132c45c2d3e72621a0803c6f39fe635566

Download Submit
C:\Users\Admin\Downloads\ZoraraVVVER2.8\ZoraraUI.exe.WebView2\EBWebView\ShaderCache\GPUCache\data_1

Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
C:\Users\Admin\Downloads\ZoraraVVVER2.8\ZoraraUI.exe.WebView2\EBWebView\ShaderCache\GPUCache\data_1

Filesize
264KB

MD5
d0d388f3865d0523e451d6ba0be34cc4

SHA1
8571c6a52aacc2747c048e3419e5657b74612995

SHA256
902f30c1fb0597d0734bc34b979ec5d131f8f39a4b71b338083821216ec8d61b

SHA512
376011d00de659eb6082a74e862cfac97a9bb508e0b740761505142e2d24ec1c30aa61efbc1c0dd08ff0f34734444de7f77dd90a6ca42b48a4c7fad5f0bddd17

Download Submit
C:\Users\Admin\Downloads\ZoraraVVVER2.8\ZoraraUI.exe.WebView2\EBWebView\ShaderCache\GPUCache\index

Filesize
256KB

MD5
aa1b78c9a65ed033d91545d724bfbe3b

SHA1
61752bd2f6be7300d2f21f3f3432b8d12592ee07

SHA256
c8709da60f3b34be21ccc31ec2e373bc1eb2a978b239f8a723ea67e74cdc7f78

SHA512
87f5b19a58d6efea4d7dd8eb2b449b425f933a9907519d310fb451f876486efe99b17a6cc1cb5a16a2ef5fe8693ecee82c43674db764664626bae2b4ac53feef

Download Submit
C:\Users\Admin\Downloads\ZoraraVVVER2.8\ZoraraUI.exe.WebView2\EBWebView\SmartScreen\remote\edgeSettings

Filesize
81B

MD5
f222079e71469c4d129b335b7c91355e

SHA1
0056c3003874efef229a5875742559c8c59887dc

SHA256
e713c1b13a849d759ebaa6256773f4f1d6dfc0c6a4247edaa726e0206ecacb00

SHA512
e5a49275e056b6628709cf6509a5f33f8d1d1e93125eaa6ec1c7f51be589fd3d8ea7a59b9639db586d76a994ad3dc452c7826e4ac0c8c689dd67ff90e33f0b75

Download Submit
C:\Users\Admin\Downloads\ZoraraVVVER2.8\ZoraraUI.exe.WebView2\EBWebView\SmartScreen\remote\edgeSettings_2.0-2f9188b68640dbf72295f9083a21d674a314721ef06f82db281cbcb052ff8ec1

Filesize
126KB

MD5
6698422bea0359f6d385a4d059c47301

SHA1
b1107d1f8cc1ef600531ed87cea1c41b7be474f6

SHA256
2f9188b68640dbf72295f9083a21d674a314721ef06f82db281cbcb052ff8ec1

SHA512
d0cdb3fa21e03f950dbe732832e0939a4c57edc3b82adb7a556ebd3a81d219431a440357654dfea94d415ba00fd7dcbd76f49287d85978d12c224cbfa8c1ad8d

Download Submit
C:\Users\Admin\Downloads\ZoraraVVVER2.8\ZoraraUI.exe.WebView2\EBWebView\SmartScreen\remote\synchronousLookupUris

Filesize
40B

MD5
6a3a60a3f78299444aacaa89710a64b6

SHA1
2a052bf5cf54f980475085eef459d94c3ce5ef55

SHA256
61597278d681774efd8eb92f5836eb6362975a74cef807ce548e50a7ec38e11f

SHA512
c5d0419869a43d712b29a5a11dc590690b5876d1d95c1f1380c2f773ca0cb07b173474ee16fe66a6af633b04cc84e58924a62f00dcc171b2656d554864bf57a4

Download Submit
C:\Users\Admin\Downloads\ZoraraVVVER2.8\ZoraraUI.exe.WebView2\EBWebView\SmartScreen\remote\synchronousLookupUris_638343870221005468

Filesize
57B

MD5
3a05eaea94307f8c57bac69c3df64e59

SHA1
9b852b902b72b9d5f7b9158e306e1a2c5f6112c8

SHA256
a8ef112df7dad4b09aaa48c3e53272a2eec139e86590fd80e2b7cbd23d14c09e

SHA512
6080aef2339031fafdcfb00d3179285e09b707a846fd2ea03921467df5930b3f9c629d37400d625a8571b900bc46021047770bac238f6bac544b48fb3d522fb0

Download Submit
C:\Users\Admin\Downloads\ZoraraVVVER2.8\ZoraraUI.exe.WebView2\EBWebView\SmartScreen\remote\topTraffic

Filesize
29B

MD5
52e2839549e67ce774547c9f07740500

SHA1
b172e16d7756483df0ca0a8d4f7640dd5d557201

SHA256
f81b7b9ce24f5a2b94182e817037b5f1089dc764bc7e55a9b0a6227a7e121f32

SHA512
d80e7351e4d83463255c002d3fdce7e5274177c24c4c728d7b7932d0be3ebcfeb68e1e65697ed5e162e1b423bb8cdfa0864981c4b466d6ad8b5e724d84b4203b

Download Submit
C:\Users\Admin\Downloads\ZoraraVVVER2.8\ZoraraUI.exe.WebView2\EBWebView\SmartScreen\remote\topTraffic_638004170464094982

Filesize
450KB

MD5
e9c502db957cdb977e7f5745b34c32e6

SHA1
dbd72b0d3f46fa35a9fe2527c25271aec08e3933

SHA256
5a6b49358772db0b5c682575f02e8630083568542b984d6d00727740506569d4

SHA512
b846e682427cf144a440619258f5aa5c94caee7612127a60e4bd3c712f8ff614da232d9a488e27fc2b0d53fd6acf05409958aea3b21ea2c1127821bd8e87a5ca

Download Submit
C:\Users\Admin\Downloads\ZoraraVVVER2.8\ZoraraUI.exe.WebView2\EBWebView\a67082ba-0d19-434a-8828-881842907278.tmp

Filesize
8KB

MD5
e74afcb68a9981ca88f08525683b529b

SHA1
2930d41c45a130c6154d7701207a110dc52d6bae

SHA256
c12048fe1771cad7213f4a74ef596d544ecfd6d227986e9ca2a78cc068e527a2

SHA512
e36138c0a9655772d25a4abd4e6f74420be579f8f69b42fca08c4ad2b58f8297fc50197f6b62ae687f07859f662562e85356554b096aaccbb0f6e2276200bc6f

Download Submit
C:\Users\Admin\Downloads\ZoraraVVVER2.8\settings.txt

Filesize
10B

MD5
4c65e2f855d8696d18ab503ca9f4cbfc

SHA1
448a8b537b3dfa966682a496168bae8555c3c889

SHA256
268eef82beb074b0ebad1eaa73261d87f97ca50dbcdde8fc5621ed50c5f1faea

SHA512
c127295e977a579679201f36c9c70233ebbf70bf1cc8f6a83283d75c853935902172de3dc8b19eefddd64e182219926d5ecae944a993505e86994cc813e82b59

Download Submit
memory/2068-1202-0x000001D5F21B0000-0x000001D5F295E000-memory.dmp

Filesize
7.7MB

Download
memory/2500-1125-0x0000017016D20000-0x00000170174CE000-memory.dmp

Filesize
7.7MB

Download
memory/2592-1335-0x000002364FA80000-0x000002365022E000-memory.dmp

Filesize
7.7MB

Download
memory/3268-801-0x00007FFEEE830000-0x00007FFEEE831000-memory.dmp

Filesize
4KB

Download
memory/4768-990-0x0000023201D50000-0x00000232024FE000-memory.dmp

Filesize
7.7MB

Download