hxxp://wearedevs[.]com

Analysis

max time kernel
1045s
max time network
959s
platform
windows11-21h2_x64
resource
win11-20240802-en
resource tags

arch:x64arch:x86image:win11-20240802-enlocale:en-usos:windows11-21h2-x64system
submitted
12/10/2024, 09:36

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://wearedevs.com

Score

10^/10

discovery execution

Malware Config

Signatures

Suspicious use of NtCreateUserProcessOtherParentProcess 1 IoCs

description	pid	Process	procid_target
PID 2820 created 3336	2820	JJSploit_8.10.7_x64-setup.exe	52

Executes dropped EXE 3 IoCs

pid	Process
3920	SynapseXRemake.exe
3412	SynapseXRemake.exe
2208	JJSploit.exe

Loads dropped DLL 18 IoCs

pid	Process
1824	JJSploit_8.10.7_x64-setup.exe
1824	JJSploit_8.10.7_x64-setup.exe
1824	JJSploit_8.10.7_x64-setup.exe
1824	JJSploit_8.10.7_x64-setup.exe
3920	SynapseXRemake.exe
3920	SynapseXRemake.exe
3920	SynapseXRemake.exe
3920	SynapseXRemake.exe
3412	SynapseXRemake.exe
3412	SynapseXRemake.exe
3412	SynapseXRemake.exe
3412	SynapseXRemake.exe
2820	JJSploit_8.10.7_x64-setup.exe
2820	JJSploit_8.10.7_x64-setup.exe
2820	JJSploit_8.10.7_x64-setup.exe
2820	JJSploit_8.10.7_x64-setup.exe
2820	JJSploit_8.10.7_x64-setup.exe
2820	JJSploit_8.10.7_x64-setup.exe

Legitimate hosting services abused for malware hosting/C2 1 TTPs 9 IoCs

Web Service

T1102

flow	ioc
139	raw.githubusercontent.com
187	camo.githubusercontent.com
125	raw.githubusercontent.com
181	camo.githubusercontent.com
188	camo.githubusercontent.com
189	camo.githubusercontent.com
190	camo.githubusercontent.com
191	camo.githubusercontent.com
192	camo.githubusercontent.com

Network Share Discovery 1 TTPs
Attempt to gather information on host network.
discovery

Network Share Discovery
T1135

Drops file in Windows directory 2 IoCs

description	ioc	Process
File opened for modification	C:\Windows\SystemTemp	chrome.exe
File opened for modification	C:\Windows\SystemTemp	chrome.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Command and Scripting Interpreter: PowerShell 1 TTPs 1 IoCs

Using powershell.exe command.

execution

PowerShell

T1059.001

pid	Process
2616	powershell.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

System Location Discovery: System Language Discovery 1 TTPs 2 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	JJSploit_8.10.7_x64-setup.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	JJSploit_8.10.7_x64-setup.exe

System Network Configuration Discovery: Internet Connection Discovery 1 TTPs 7 IoCs

Adversaries may check for Internet connectivity on compromised systems.

discovery

Internet Connection Discovery

T1016.001

pid	Process
3620	msedgewebview2.exe
580	msedgewebview2.exe
2800	msedgewebview2.exe
2296	msedgewebview2.exe
2248	msedgewebview2.exe
3824	msedgewebview2.exe
3836	msedgewebview2.exe

Enumerates system info in registry 2 TTPs 18 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedgewebview2.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedgewebview2.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedgewebview2.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedgewebview2.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedgewebview2.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedgewebview2.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedgewebview2.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedgewebview2.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedgewebview2.exe

Modifies data under HKEY_USERS 3 IoCs

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133731994421443560"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Modifies registry class 3 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-1287768749-810021449-2672985988-1000_Classes\Local Settings	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-1287768749-810021449-2672985988-1000_Classes\Local Settings	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-1287768749-810021449-2672985988-1000_Classes\Local Settings\MuiCache	MiniSearchHost.exe

NTFS ADS 3 IoCs

description	ioc	Process
File opened for modification	C:\Users\Admin\Downloads\JJSploit_8.10.7_x64-setup.nsis.zip:Zone.Identifier	chrome.exe
File opened for modification	C:\Users\Admin\Downloads\die_win64_portable_3.10_x64.zip:Zone.Identifier	chrome.exe
File opened for modification	C:\Users\Admin\Downloads\SyxReBootstrap.zip:Zone.Identifier	chrome.exe

Suspicious behavior: AddClipboardFormatListener 1 IoCs

pid	Process
1680	die.exe

Suspicious behavior: EnumeratesProcesses 64 IoCs

pid	Process
2932	chrome.exe
2932	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
1824	JJSploit_8.10.7_x64-setup.exe
1824	JJSploit_8.10.7_x64-setup.exe
1104	chrome.exe
1104	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
1044	chrome.exe
2616	powershell.exe
2616	powershell.exe
3920	SynapseXRemake.exe
3920	SynapseXRemake.exe
3920	SynapseXRemake.exe
3920	SynapseXRemake.exe
3920	SynapseXRemake.exe
3920	SynapseXRemake.exe
3920	SynapseXRemake.exe
3920	SynapseXRemake.exe
3920	SynapseXRemake.exe
3920	SynapseXRemake.exe
3920	SynapseXRemake.exe
3920	SynapseXRemake.exe
3920	SynapseXRemake.exe
3920	SynapseXRemake.exe
3920	SynapseXRemake.exe
3920	SynapseXRemake.exe
3920	SynapseXRemake.exe
3920	SynapseXRemake.exe
3920	SynapseXRemake.exe
3920	SynapseXRemake.exe
3920	SynapseXRemake.exe
3920	SynapseXRemake.exe
3920	SynapseXRemake.exe
3920	SynapseXRemake.exe
3920	SynapseXRemake.exe
3920	SynapseXRemake.exe
3920	SynapseXRemake.exe
3920	SynapseXRemake.exe
3920	SynapseXRemake.exe
3920	SynapseXRemake.exe
3920	SynapseXRemake.exe
3920	SynapseXRemake.exe
3920	SynapseXRemake.exe
3920	SynapseXRemake.exe
3920	SynapseXRemake.exe
3920	SynapseXRemake.exe
3920	SynapseXRemake.exe
3920	SynapseXRemake.exe
3920	SynapseXRemake.exe
3920	SynapseXRemake.exe
3920	SynapseXRemake.exe
3920	SynapseXRemake.exe
3920	SynapseXRemake.exe
3920	SynapseXRemake.exe
3920	SynapseXRemake.exe
3920	SynapseXRemake.exe
3920	SynapseXRemake.exe
3920	SynapseXRemake.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
1680	die.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 39 IoCs

pid	Process
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
1104	chrome.exe
1104	chrome.exe
1104	chrome.exe
1104	chrome.exe
1104	chrome.exe
1104	chrome.exe
1104	chrome.exe
1104	chrome.exe
1104	chrome.exe
1104	chrome.exe
1104	chrome.exe
1104	chrome.exe
1104	chrome.exe
4872	msedgewebview2.exe
2296	msedgewebview2.exe
1552	msedgewebview2.exe
2676	msedge.exe
2676	msedge.exe
2676	msedge.exe
2676	msedge.exe
2676	msedge.exe
2676	msedge.exe
2676	msedge.exe
2676	msedge.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2932	chrome.exe
Token: SeCreatePagefilePrivilege	2932	chrome.exe
Token: SeShutdownPrivilege	2932	chrome.exe
Token: SeCreatePagefilePrivilege	2932	chrome.exe
Token: SeShutdownPrivilege	2932	chrome.exe
Token: SeCreatePagefilePrivilege	2932	chrome.exe
Token: SeShutdownPrivilege	2932	chrome.exe
Token: SeCreatePagefilePrivilege	2932	chrome.exe
Token: SeShutdownPrivilege	2932	chrome.exe
Token: SeCreatePagefilePrivilege	2932	chrome.exe
Token: SeShutdownPrivilege	2932	chrome.exe
Token: SeCreatePagefilePrivilege	2932	chrome.exe
Token: SeShutdownPrivilege	2932	chrome.exe
Token: SeCreatePagefilePrivilege	2932	chrome.exe
Token: SeShutdownPrivilege	2932	chrome.exe
Token: SeCreatePagefilePrivilege	2932	chrome.exe
Token: SeShutdownPrivilege	2932	chrome.exe
Token: SeCreatePagefilePrivilege	2932	chrome.exe
Token: SeShutdownPrivilege	2932	chrome.exe
Token: SeCreatePagefilePrivilege	2932	chrome.exe
Token: SeShutdownPrivilege	2932	chrome.exe
Token: SeCreatePagefilePrivilege	2932	chrome.exe
Token: SeShutdownPrivilege	2932	chrome.exe
Token: SeCreatePagefilePrivilege	2932	chrome.exe
Token: SeShutdownPrivilege	2932	chrome.exe
Token: SeCreatePagefilePrivilege	2932	chrome.exe
Token: SeShutdownPrivilege	2932	chrome.exe
Token: SeCreatePagefilePrivilege	2932	chrome.exe
Token: SeShutdownPrivilege	2932	chrome.exe
Token: SeCreatePagefilePrivilege	2932	chrome.exe
Token: SeShutdownPrivilege	2932	chrome.exe
Token: SeCreatePagefilePrivilege	2932	chrome.exe
Token: SeShutdownPrivilege	2932	chrome.exe
Token: SeCreatePagefilePrivilege	2932	chrome.exe
Token: SeShutdownPrivilege	2932	chrome.exe
Token: SeCreatePagefilePrivilege	2932	chrome.exe
Token: SeShutdownPrivilege	2932	chrome.exe
Token: SeCreatePagefilePrivilege	2932	chrome.exe
Token: SeShutdownPrivilege	2932	chrome.exe
Token: SeCreatePagefilePrivilege	2932	chrome.exe
Token: SeShutdownPrivilege	2932	chrome.exe
Token: SeCreatePagefilePrivilege	2932	chrome.exe
Token: SeShutdownPrivilege	2932	chrome.exe
Token: SeCreatePagefilePrivilege	2932	chrome.exe
Token: SeShutdownPrivilege	2932	chrome.exe
Token: SeCreatePagefilePrivilege	2932	chrome.exe
Token: SeShutdownPrivilege	2932	chrome.exe
Token: SeCreatePagefilePrivilege	2932	chrome.exe
Token: SeShutdownPrivilege	2932	chrome.exe
Token: SeCreatePagefilePrivilege	2932	chrome.exe
Token: SeShutdownPrivilege	2932	chrome.exe
Token: SeCreatePagefilePrivilege	2932	chrome.exe
Token: SeShutdownPrivilege	2932	chrome.exe
Token: SeCreatePagefilePrivilege	2932	chrome.exe
Token: SeShutdownPrivilege	2932	chrome.exe
Token: SeCreatePagefilePrivilege	2932	chrome.exe
Token: SeShutdownPrivilege	2932	chrome.exe
Token: SeCreatePagefilePrivilege	2932	chrome.exe
Token: SeShutdownPrivilege	2932	chrome.exe
Token: SeCreatePagefilePrivilege	2932	chrome.exe
Token: SeShutdownPrivilege	2932	chrome.exe
Token: SeCreatePagefilePrivilege	2932	chrome.exe
Token: SeShutdownPrivilege	2932	chrome.exe
Token: SeCreatePagefilePrivilege	2932	chrome.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
1104	chrome.exe
1104	chrome.exe
1104	chrome.exe
1104	chrome.exe
1104	chrome.exe
1104	chrome.exe
1104	chrome.exe
1104	chrome.exe
1104	chrome.exe
1104	chrome.exe
1104	chrome.exe
1104	chrome.exe
1104	chrome.exe
1104	chrome.exe
1104	chrome.exe
1104	chrome.exe
1104	chrome.exe
1104	chrome.exe
1104	chrome.exe
1104	chrome.exe
1104	chrome.exe
1104	chrome.exe

Suspicious use of SendNotifyMessage 44 IoCs

pid	Process
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
2932	chrome.exe
1104	chrome.exe
1104	chrome.exe
1104	chrome.exe
1104	chrome.exe
1104	chrome.exe
1104	chrome.exe
1104	chrome.exe
1104	chrome.exe
1104	chrome.exe
1104	chrome.exe
1104	chrome.exe
1104	chrome.exe
1680	die.exe
1680	die.exe
2676	msedge.exe
2676	msedge.exe
2676	msedge.exe
2676	msedge.exe
2676	msedge.exe
2676	msedge.exe
2676	msedge.exe
2676	msedge.exe
2676	msedge.exe
2676	msedge.exe
2676	msedge.exe
2676	msedge.exe
1680	die.exe
1680	die.exe

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
1680	die.exe
5932	MiniSearchHost.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2932 wrote to memory of 4876	2932	chrome.exe	78
PID 2932 wrote to memory of 4876	2932	chrome.exe	78
PID 2932 wrote to memory of 1628	2932	chrome.exe	79
PID 2932 wrote to memory of 1628	2932	chrome.exe	79
PID 2932 wrote to memory of 1628	2932	chrome.exe	79
PID 2932 wrote to memory of 1628	2932	chrome.exe	79
PID 2932 wrote to memory of 1628	2932	chrome.exe	79
PID 2932 wrote to memory of 1628	2932	chrome.exe	79
PID 2932 wrote to memory of 1628	2932	chrome.exe	79
PID 2932 wrote to memory of 1628	2932	chrome.exe	79
PID 2932 wrote to memory of 1628	2932	chrome.exe	79
PID 2932 wrote to memory of 1628	2932	chrome.exe	79
PID 2932 wrote to memory of 1628	2932	chrome.exe	79
PID 2932 wrote to memory of 1628	2932	chrome.exe	79
PID 2932 wrote to memory of 1628	2932	chrome.exe	79
PID 2932 wrote to memory of 1628	2932	chrome.exe	79
PID 2932 wrote to memory of 1628	2932	chrome.exe	79
PID 2932 wrote to memory of 1628	2932	chrome.exe	79
PID 2932 wrote to memory of 1628	2932	chrome.exe	79
PID 2932 wrote to memory of 1628	2932	chrome.exe	79
PID 2932 wrote to memory of 1628	2932	chrome.exe	79
PID 2932 wrote to memory of 1628	2932	chrome.exe	79
PID 2932 wrote to memory of 1628	2932	chrome.exe	79
PID 2932 wrote to memory of 1628	2932	chrome.exe	79
PID 2932 wrote to memory of 1628	2932	chrome.exe	79
PID 2932 wrote to memory of 1628	2932	chrome.exe	79
PID 2932 wrote to memory of 1628	2932	chrome.exe	79
PID 2932 wrote to memory of 1628	2932	chrome.exe	79
PID 2932 wrote to memory of 1628	2932	chrome.exe	79
PID 2932 wrote to memory of 1628	2932	chrome.exe	79
PID 2932 wrote to memory of 1628	2932	chrome.exe	79
PID 2932 wrote to memory of 1628	2932	chrome.exe	79
PID 2932 wrote to memory of 4896	2932	chrome.exe	80
PID 2932 wrote to memory of 4896	2932	chrome.exe	80
PID 2932 wrote to memory of 4460	2932	chrome.exe	81
PID 2932 wrote to memory of 4460	2932	chrome.exe	81
PID 2932 wrote to memory of 4460	2932	chrome.exe	81
PID 2932 wrote to memory of 4460	2932	chrome.exe	81
PID 2932 wrote to memory of 4460	2932	chrome.exe	81
PID 2932 wrote to memory of 4460	2932	chrome.exe	81
PID 2932 wrote to memory of 4460	2932	chrome.exe	81
PID 2932 wrote to memory of 4460	2932	chrome.exe	81
PID 2932 wrote to memory of 4460	2932	chrome.exe	81
PID 2932 wrote to memory of 4460	2932	chrome.exe	81
PID 2932 wrote to memory of 4460	2932	chrome.exe	81
PID 2932 wrote to memory of 4460	2932	chrome.exe	81
PID 2932 wrote to memory of 4460	2932	chrome.exe	81
PID 2932 wrote to memory of 4460	2932	chrome.exe	81
PID 2932 wrote to memory of 4460	2932	chrome.exe	81
PID 2932 wrote to memory of 4460	2932	chrome.exe	81
PID 2932 wrote to memory of 4460	2932	chrome.exe	81
PID 2932 wrote to memory of 4460	2932	chrome.exe	81
PID 2932 wrote to memory of 4460	2932	chrome.exe	81
PID 2932 wrote to memory of 4460	2932	chrome.exe	81
PID 2932 wrote to memory of 4460	2932	chrome.exe	81
PID 2932 wrote to memory of 4460	2932	chrome.exe	81
PID 2932 wrote to memory of 4460	2932	chrome.exe	81
PID 2932 wrote to memory of 4460	2932	chrome.exe	81
PID 2932 wrote to memory of 4460	2932	chrome.exe	81
PID 2932 wrote to memory of 4460	2932	chrome.exe	81
PID 2932 wrote to memory of 4460	2932	chrome.exe	81
PID 2932 wrote to memory of 4460	2932	chrome.exe	81
PID 2932 wrote to memory of 4460	2932	chrome.exe	81
PID 2932 wrote to memory of 4460	2932	chrome.exe	81

C:\Windows\Explorer.EXE
C:\Windows\Explorer.EXE
1⤵
PID:3336
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://wearedevs.com
  2⤵
  - Drops file in Windows directory
  - Enumerates system info in registry
  - Modifies data under HKEY_USERS
  - Modifies registry class
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
  - Suspicious use of AdjustPrivilegeToken
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of SendNotifyMessage
  - Suspicious use of WriteProcessMemory
  PID:2932
- - C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc4c6acc40,0x7ffc4c6acc4c,0x7ffc4c6acc58
    3⤵
    PID:4876
- - C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1924,i,15964773145798248627,10283304146503499562,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1920 /prefetch:2
    3⤵
    PID:1628
- - C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1700,i,15964773145798248627,10283304146503499562,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2148 /prefetch:3
    3⤵
    PID:4896
- - C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2184,i,15964773145798248627,10283304146503499562,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2180 /prefetch:8
    3⤵
    PID:4460
- - C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3000,i,15964773145798248627,10283304146503499562,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3020 /prefetch:1
    3⤵
    PID:716
- - C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3004,i,15964773145798248627,10283304146503499562,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3220 /prefetch:1
    3⤵
    PID:4492
- - C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4376,i,15964773145798248627,10283304146503499562,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2988 /prefetch:1
    3⤵
    PID:3148
- - C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=3376,i,15964773145798248627,10283304146503499562,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4256 /prefetch:8
    3⤵
    PID:1544
- - C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=4344,i,15964773145798248627,10283304146503499562,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4556 /prefetch:1
    3⤵
    PID:3012
- - C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=4868,i,15964773145798248627,10283304146503499562,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4900 /prefetch:1
    3⤵
    PID:4980
- - C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=4856,i,15964773145798248627,10283304146503499562,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5020 /prefetch:1
    3⤵
    PID:3980
- - C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=5128,i,15964773145798248627,10283304146503499562,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5208 /prefetch:1
    3⤵
    PID:3052
- - C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=5408,i,15964773145798248627,10283304146503499562,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5420 /prefetch:1
    3⤵
    PID:4296
- - C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5512,i,15964773145798248627,10283304146503499562,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5516 /prefetch:8
    3⤵
    PID:424
- - C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=5204,i,15964773145798248627,10283304146503499562,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5540 /prefetch:1
    3⤵
    PID:3180
- - C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5776,i,15964773145798248627,10283304146503499562,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4920 /prefetch:8
    3⤵
    PID:2768
- - C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=5292,i,15964773145798248627,10283304146503499562,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5296 /prefetch:1
    3⤵
    PID:3176
- - C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=4776,i,15964773145798248627,10283304146503499562,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4252 /prefetch:1
    3⤵
    PID:2680
- - C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=5036,i,15964773145798248627,10283304146503499562,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5660 /prefetch:1
    3⤵
    PID:2768
- - C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=3124,i,15964773145798248627,10283304146503499562,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5220 /prefetch:8
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    PID:4576
- - C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --field-trial-handle=2580,i,15964773145798248627,10283304146503499562,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4540 /prefetch:1
    3⤵
    PID:3132
- - C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --field-trial-handle=4964,i,15964773145798248627,10283304146503499562,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4972 /prefetch:1
    3⤵
    PID:3824
- - C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --field-trial-handle=5012,i,15964773145798248627,10283304146503499562,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5276 /prefetch:1
    3⤵
    PID:2168
- - C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5656,i,15964773145798248627,10283304146503499562,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5784 /prefetch:8
    3⤵
    - NTFS ADS
    PID:3652
- C:\Users\Admin\Downloads\JJSploit_8.10.7_x64-setup.nsis\JJSploit_8.10.7_x64-setup.exe
  "C:\Users\Admin\Downloads\JJSploit_8.10.7_x64-setup.nsis\JJSploit_8.10.7_x64-setup.exe"
  2⤵
  - Loads dropped DLL
  - System Location Discovery: System Language Discovery
  - Suspicious behavior: EnumeratesProcesses
  PID:1824
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe"
  2⤵
  - Drops file in Windows directory
  - Enumerates system info in registry
  - Modifies data under HKEY_USERS
  - Modifies registry class
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of SendNotifyMessage
  PID:1104
- - C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc4c6acc40,0x7ffc4c6acc4c,0x7ffc4c6acc58
    3⤵
    PID:3612
- - C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1800,i,6894094851226660451,14660734447379082381,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1756 /prefetch:2
    3⤵
    PID:860
- - C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2056,i,6894094851226660451,14660734447379082381,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2116 /prefetch:3
    3⤵
    PID:4420
- - C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2184,i,6894094851226660451,14660734447379082381,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2200 /prefetch:8
    3⤵
    PID:2052
- - C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3084,i,6894094851226660451,14660734447379082381,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3148 /prefetch:1
    3⤵
    PID:1188
- - C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3100,i,6894094851226660451,14660734447379082381,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3292 /prefetch:1
    3⤵
    PID:864
- - C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4416,i,6894094851226660451,14660734447379082381,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4376 /prefetch:1
    3⤵
    PID:4024
- - C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4600,i,6894094851226660451,14660734447379082381,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4576 /prefetch:8
    3⤵
    PID:2348
- - C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4720,i,6894094851226660451,14660734447379082381,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4704 /prefetch:8
    3⤵
    PID:2772
- - C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=3680,i,6894094851226660451,14660734447379082381,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4024 /prefetch:1
    3⤵
    PID:4340
- - C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=3400,i,6894094851226660451,14660734447379082381,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3420 /prefetch:1
    3⤵
    PID:3648
- - C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=3820,i,6894094851226660451,14660734447379082381,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3436 /prefetch:1
    3⤵
    PID:3144
- - C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4912,i,6894094851226660451,14660734447379082381,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4920 /prefetch:8
    3⤵
    PID:1040
- - C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4988,i,6894094851226660451,14660734447379082381,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4996 /prefetch:8
    3⤵
    PID:1188
- - C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4924,i,6894094851226660451,14660734447379082381,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4584 /prefetch:8
    3⤵
    - NTFS ADS
    PID:4720
- - C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=5000,i,6894094851226660451,14660734447379082381,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4436 /prefetch:1
    3⤵
    PID:4812
- - C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=4708,i,6894094851226660451,14660734447379082381,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5248 /prefetch:1
    3⤵
    PID:136
- - C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5576,i,6894094851226660451,14660734447379082381,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5568 /prefetch:8
    3⤵
    PID:4556
- - C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5708,i,6894094851226660451,14660734447379082381,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3732 /prefetch:8
    3⤵
    PID:4924
- - C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=5836,i,6894094851226660451,14660734447379082381,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5788 /prefetch:8
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    PID:1044
- - C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --field-trial-handle=5832,i,6894094851226660451,14660734447379082381,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5748 /prefetch:1
    3⤵
    PID:2720
- - C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --field-trial-handle=5544,i,6894094851226660451,14660734447379082381,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5692 /prefetch:1
    3⤵
    PID:2912
- - C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --field-trial-handle=3360,i,6894094851226660451,14660734447379082381,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3316 /prefetch:1
    3⤵
    PID:1184
- - C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --field-trial-handle=4444,i,6894094851226660451,14660734447379082381,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3492 /prefetch:1
    3⤵
    PID:2160
- - C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=3296,i,6894094851226660451,14660734447379082381,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3112 /prefetch:8
    3⤵
    PID:2208
- - C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5524,i,6894094851226660451,14660734447379082381,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5488 /prefetch:8
    3⤵
    PID:2536
- - C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --field-trial-handle=5476,i,6894094851226660451,14660734447379082381,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4568 /prefetch:1
    3⤵
    PID:428
- - C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-appcompat-clear --field-trial-handle=5620,i,6894094851226660451,14660734447379082381,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5700 /prefetch:8
    3⤵
    PID:3132
- - C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5852,i,6894094851226660451,14660734447379082381,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5664 /prefetch:8
    3⤵
    - NTFS ADS
    PID:1320
- C:\Users\Admin\Downloads\die_win64_portable_3.10_x64\die.exe
  "C:\Users\Admin\Downloads\die_win64_portable_3.10_x64\die.exe"
  2⤵
  - Suspicious behavior: AddClipboardFormatListener
  - Suspicious behavior: GetForegroundWindowSpam
  - Suspicious use of SendNotifyMessage
  - Suspicious use of SetWindowsHookEx
  PID:1680
- C:\Users\Admin\Downloads\SyxReBootstrap\SyxReBootstrap\SynapseBootstrapper.exe
  "C:\Users\Admin\Downloads\SyxReBootstrap\SyxReBootstrap\SynapseBootstrapper.exe"
  2⤵
  PID:5080
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /c powershell -command "Expand-Archive -Path 'C:\Users\Admin\Downloads\SyxReBootstrap\SyxReBootstrap\SynXRemake.zip' -DestinationPath 'C:\Users\Admin\Downloads\SyxReBootstrap\SyxReBootstrap'"
    3⤵
    PID:4912
  - - C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
      powershell -command "Expand-Archive -Path 'C:\Users\Admin\Downloads\SyxReBootstrap\SyxReBootstrap\SynXRemake.zip' -DestinationPath 'C:\Users\Admin\Downloads\SyxReBootstrap\SyxReBootstrap'"
      4⤵
      Command and Scripting Interpreter: PowerShell
      Suspicious behavior: EnumeratesProcesses
      PID:2616
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /c start C:\Users\Admin\Downloads\SyxReBootstrap\SyxReBootstrap\SynXRemake\SynapseXRemake.exe
    3⤵
    PID:3748
  - - C:\Users\Admin\Downloads\SyxReBootstrap\SyxReBootstrap\SynXRemake\SynapseXRemake.exe
      C:\Users\Admin\Downloads\SyxReBootstrap\SyxReBootstrap\SynXRemake\SynapseXRemake.exe
      4⤵
      Executes dropped EXE
      Loads dropped DLL
      Suspicious behavior: EnumeratesProcesses
      PID:3920
    - - C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
        
        "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --embedded-browser-webview=1 --webview-exe-name=SynapseXRemake.exe --webview-exe-version=1.0.0.0 --user-data-dir="C:\Users\Admin\Downloads\SyxReBootstrap\SyxReBootstrap\SynXRemake\SynapseXRemake.exe.WebView2\EBWebView" --no-default-browser-check --disable-component-extensions-with-background-pages --no-first-run --disable-default-apps --noerrdialogs --embedded-browser-webview-dpi-awareness=1 --disable-popup-blocking --internet-explorer-integration=none --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc" --mojo-named-platform-channel-pipe=3920.8.16486681529713864583
        5⤵
        Enumerates system info in registry
        Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
        
        PID:4872
      - C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
        
        "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=C:\Users\Admin\Downloads\SyxReBootstrap\SyxReBootstrap\SynXRemake\SynapseXRemake.exe.WebView2\EBWebView /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\Admin\Downloads\SyxReBootstrap\SyxReBootstrap\SynXRemake\SynapseXRemake.exe.WebView2\EBWebView\Crashpad --metrics-dir=C:\Users\Admin\Downloads\SyxReBootstrap\SyxReBootstrap\SynXRemake\SynapseXRemake.exe.WebView2\EBWebView --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --annotation=plat=Win64 "--annotation=prod=Edge WebView2" --annotation=ver=90.0.818.66 --initial-client-data=0x120,0x124,0x128,0xfc,0x134,0x7ffc38723cb8,0x7ffc38723cc8,0x7ffc38723cd8
        6⤵
        
        PID:2728
      - C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
        
        "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=gpu-process --field-trial-handle=1924,9461194272443027108,1958097136637291691,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msImplicitSignin,msPasswordBreachDetection,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch --noerrdialogs --user-data-dir="C:\Users\Admin\Downloads\SyxReBootstrap\SyxReBootstrap\SynXRemake\SynapseXRemake.exe.WebView2\EBWebView" --webview-exe-name=SynapseXRemake.exe --webview-exe-version=1.0.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1932 /prefetch:2
        6⤵
        System Network Configuration Discovery: Internet Connection Discovery
        
        PID:3620
      - C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
        
        "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1924,9461194272443027108,1958097136637291691,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msImplicitSignin,msPasswordBreachDetection,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch --lang=en-US --service-sandbox-type=none --noerrdialogs --user-data-dir="C:\Users\Admin\Downloads\SyxReBootstrap\SyxReBootstrap\SynXRemake\SynapseXRemake.exe.WebView2\EBWebView" --webview-exe-name=SynapseXRemake.exe --webview-exe-version=1.0.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=2216 /prefetch:3
        6⤵
        
        PID:1524
      - C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
        
        "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1924,9461194272443027108,1958097136637291691,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msImplicitSignin,msPasswordBreachDetection,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch --lang=en-US --service-sandbox-type=utility --noerrdialogs --user-data-dir="C:\Users\Admin\Downloads\SyxReBootstrap\SyxReBootstrap\SynXRemake\SynapseXRemake.exe.WebView2\EBWebView" --webview-exe-name=SynapseXRemake.exe --webview-exe-version=1.0.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=2524 /prefetch:8
        6⤵
        System Network Configuration Discovery: Internet Connection Discovery
        
        PID:580
      - C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
        
        "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=renderer --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc" --field-trial-handle=1924,9461194272443027108,1958097136637291691,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msImplicitSignin,msPasswordBreachDetection,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch --lang=en-US --noerrdialogs --user-data-dir="C:\Users\Admin\Downloads\SyxReBootstrap\SyxReBootstrap\SynXRemake\SynapseXRemake.exe.WebView2\EBWebView" --webview-exe-name=SynapseXRemake.exe --webview-exe-version=1.0.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3044 /prefetch:1
        6⤵
        System Network Configuration Discovery: Internet Connection Discovery
        
        PID:2800
      - C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
        
        "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1924,9461194272443027108,1958097136637291691,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msImplicitSignin,msPasswordBreachDetection,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch --lang=en-US --service-sandbox-type=none --noerrdialogs --user-data-dir="C:\Users\Admin\Downloads\SyxReBootstrap\SyxReBootstrap\SynXRemake\SynapseXRemake.exe.WebView2\EBWebView" --webview-exe-name=SynapseXRemake.exe --webview-exe-version=1.0.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=3964 /prefetch:8
        6⤵
        System Network Configuration Discovery: Internet Connection Discovery
        
        PID:2296
- C:\Users\Admin\Downloads\SyxReBootstrap\SyxReBootstrap\SynXRemake\SynapseXRemake.exe
  "C:\Users\Admin\Downloads\SyxReBootstrap\SyxReBootstrap\SynXRemake\SynapseXRemake.exe"
  2⤵
  - Executes dropped EXE
  - Loads dropped DLL
  PID:3412
- - C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
    "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --embedded-browser-webview=1 --webview-exe-name=SynapseXRemake.exe --webview-exe-version=1.0.0.0 --user-data-dir="C:\Users\Admin\Downloads\SyxReBootstrap\SyxReBootstrap\SynXRemake\SynapseXRemake.exe.WebView2\EBWebView" --no-default-browser-check --disable-component-extensions-with-background-pages --no-first-run --disable-default-apps --noerrdialogs --embedded-browser-webview-dpi-awareness=1 --disable-popup-blocking --internet-explorer-integration=none --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc" --mojo-named-platform-channel-pipe=3412.3892.938817578462304305
    3⤵
    - Enumerates system info in registry
    - Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    PID:2296
  - - C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
      "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=C:\Users\Admin\Downloads\SyxReBootstrap\SyxReBootstrap\SynXRemake\SynapseXRemake.exe.WebView2\EBWebView /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\Admin\Downloads\SyxReBootstrap\SyxReBootstrap\SynXRemake\SynapseXRemake.exe.WebView2\EBWebView\Crashpad --metrics-dir=C:\Users\Admin\Downloads\SyxReBootstrap\SyxReBootstrap\SynXRemake\SynapseXRemake.exe.WebView2\EBWebView --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --annotation=plat=Win64 "--annotation=prod=Edge WebView2" --annotation=ver=90.0.818.66 --initial-client-data=0x124,0x128,0x12c,0x100,0x1c8,0x7ffc38723cb8,0x7ffc38723cc8,0x7ffc38723cd8
      4⤵
      PID:1188
  - - C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
      "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=gpu-process --field-trial-handle=1868,16260039366385745675,1585833257821385562,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msImplicitSignin,msPasswordBreachDetection,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch --noerrdialogs --user-data-dir="C:\Users\Admin\Downloads\SyxReBootstrap\SyxReBootstrap\SynXRemake\SynapseXRemake.exe.WebView2\EBWebView" --webview-exe-name=SynapseXRemake.exe --webview-exe-version=1.0.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1880 /prefetch:2
      4⤵
      System Network Configuration Discovery: Internet Connection Discovery
      PID:3824
  - - C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
      "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1868,16260039366385745675,1585833257821385562,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msImplicitSignin,msPasswordBreachDetection,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch --lang=en-US --service-sandbox-type=none --noerrdialogs --user-data-dir="C:\Users\Admin\Downloads\SyxReBootstrap\SyxReBootstrap\SynXRemake\SynapseXRemake.exe.WebView2\EBWebView" --webview-exe-name=SynapseXRemake.exe --webview-exe-version=1.0.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=2140 /prefetch:3
      4⤵
      PID:4320
  - - C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
      "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1868,16260039366385745675,1585833257821385562,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msImplicitSignin,msPasswordBreachDetection,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch --lang=en-US --service-sandbox-type=utility --noerrdialogs --user-data-dir="C:\Users\Admin\Downloads\SyxReBootstrap\SyxReBootstrap\SynXRemake\SynapseXRemake.exe.WebView2\EBWebView" --webview-exe-name=SynapseXRemake.exe --webview-exe-version=1.0.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --mojo-platform-channel-handle=2392 /prefetch:8
      4⤵
      System Network Configuration Discovery: Internet Connection Discovery
      PID:2248
  - - C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
      "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=renderer --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc" --field-trial-handle=1868,16260039366385745675,1585833257821385562,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msImplicitSignin,msPasswordBreachDetection,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch --lang=en-US --noerrdialogs --user-data-dir="C:\Users\Admin\Downloads\SyxReBootstrap\SyxReBootstrap\SynXRemake\SynapseXRemake.exe.WebView2\EBWebView" --webview-exe-name=SynapseXRemake.exe --webview-exe-version=1.0.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=1 --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3108 /prefetch:1
      4⤵
      System Network Configuration Discovery: Internet Connection Discovery
      PID:3836
- C:\Users\Admin\Downloads\JJSploit_8.10.7_x64-setup.nsis\JJSploit_8.10.7_x64-setup.exe
  "C:\Users\Admin\Downloads\JJSploit_8.10.7_x64-setup.nsis\JJSploit_8.10.7_x64-setup.exe"
  2⤵
  - Suspicious use of NtCreateUserProcessOtherParentProcess
  - Loads dropped DLL
  - System Location Discovery: System Language Discovery
  PID:2820
- C:\Users\Admin\AppData\Local\JJSploit\JJSploit.exe
  C:\Users\Admin\AppData\Local\JJSploit\JJSploit.exe
  2⤵
  - Executes dropped EXE
  PID:2208
- - C:\Windows\system32\cmd.exe
    "cmd" /C start https://www.youtube.com/@Omnidev_
    3⤵
    PID:1428
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/@Omnidev_
      4⤵
      Enumerates system info in registry
      Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
      Suspicious use of SendNotifyMessage
      PID:2676
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffc38723cb8,0x7ffc38723cc8,0x7ffc38723cd8
        5⤵
        
        PID:3272
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2024,16722751175330306493,4142480649124493894,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=2060 /prefetch:2
        5⤵
        
        PID:4472
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2024,16722751175330306493,4142480649124493894,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2108 /prefetch:3
        5⤵
        
        PID:2908
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2024,16722751175330306493,4142480649124493894,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2620 /prefetch:8
        5⤵
        
        PID:2636
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,16722751175330306493,4142480649124493894,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3320 /prefetch:1
        5⤵
        
        PID:3648
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,16722751175330306493,4142480649124493894,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3328 /prefetch:1
        5⤵
        
        PID:1952
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,16722751175330306493,4142480649124493894,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3924 /prefetch:1
        5⤵
        
        PID:3772
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,16722751175330306493,4142480649124493894,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4992 /prefetch:1
        5⤵
        
        PID:4192
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,16722751175330306493,4142480649124493894,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5144 /prefetch:1
        5⤵
        
        PID:484
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,16722751175330306493,4142480649124493894,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2920 /prefetch:1
        5⤵
        
        PID:5444
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,16722751175330306493,4142480649124493894,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5624 /prefetch:1
        5⤵
        
        PID:5540
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2024,16722751175330306493,4142480649124493894,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5984 /prefetch:8
        5⤵
        
        PID:5848
    - - C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2024,16722751175330306493,4142480649124493894,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3544 /prefetch:8
        5⤵
        
        PID:776
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=2024,16722751175330306493,4142480649124493894,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5660 /prefetch:8
        5⤵
        
        PID:2684
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,16722751175330306493,4142480649124493894,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2920 /prefetch:1
        5⤵
        
        PID:5728
- - C:\Windows\system32\cmd.exe
    "cmd" /C start https://www.youtube.com/@WeAreDevsExploits
    3⤵
    PID:4316
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/@WeAreDevsExploits
      4⤵
      PID:3220
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc38723cb8,0x7ffc38723cc8,0x7ffc38723cd8
        5⤵
        
        PID:3196
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2036,3961294228255913295,11523599956053314576,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=2044 /prefetch:2
        5⤵
        
        PID:2208
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2036,3961294228255913295,11523599956053314576,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2080 /prefetch:3
        5⤵
        
        PID:1244
- - C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
    "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --embedded-browser-webview=1 --webview-exe-name=JJSploit.exe --webview-exe-version=8.10.7 --user-data-dir="C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView" --no-default-browser-check --disable-component-extensions-with-background-pages --no-first-run --disable-default-apps --noerrdialogs --embedded-browser-webview-dpi-awareness=2 --disable-features=msWebOOUI,msPdfOOUI,msSmartScreenProtection --disable-popup-blocking --internet-explorer-integration=none --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc" --lang=en-US --mojo-named-platform-channel-pipe=2208.796.13926133254957029805
    3⤵
    - Enumerates system info in registry
    - Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    PID:1552
  - - C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
      "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Crashpad --metrics-dir=C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --annotation=plat=Win64 "--annotation=prod=Edge WebView2" --annotation=ver=90.0.818.66 --initial-client-data=0x108,0x10c,0x110,0xe4,0x1b8,0x7ffc38723cb8,0x7ffc38723cc8,0x7ffc38723cd8
      4⤵
      PID:3828
  - - C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
      "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=gpu-process --field-trial-handle=1732,3549969057873185920,13755899979456006408,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msImplicitSignin,msPasswordBreachDetection,msPdfOOUI,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSmartScreenProtection,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch,msWebOOUI --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView" --webview-exe-name=JJSploit.exe --webview-exe-version=8.10.7 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1756 /prefetch:2
      4⤵
      PID:2224
  - - C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
      "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1732,3549969057873185920,13755899979456006408,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msImplicitSignin,msPasswordBreachDetection,msPdfOOUI,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSmartScreenProtection,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch,msWebOOUI --lang=en-US --service-sandbox-type=none --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView" --webview-exe-name=JJSploit.exe --webview-exe-version=8.10.7 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --mojo-platform-channel-handle=2188 /prefetch:3
      4⤵
      PID:2316
  - - C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
      "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1732,3549969057873185920,13755899979456006408,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msImplicitSignin,msPasswordBreachDetection,msPdfOOUI,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSmartScreenProtection,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch,msWebOOUI --lang=en-US --service-sandbox-type=utility --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView" --webview-exe-name=JJSploit.exe --webview-exe-version=8.10.7 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --mojo-platform-channel-handle=2556 /prefetch:8
      4⤵
      PID:788
  - - C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe
      "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe" --type=renderer --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc" --field-trial-handle=1732,3549969057873185920,13755899979456006408,131072 --enable-features=ForwardMemoryPressureEventsToGpuProcess,UseSwapChainsInSoftware --disable-features=FilterAdsOnAbusiveSites,SpareRendererForSitePerProcess,WebPayments,msApplicationGuard,msAutomaticTabFreeze,msBrowserSettingsSupported,msEdgeFaviconService,msEdgeLinkDoctor,msEdgeMGPFrev1,msEdgeOnRampFRE,msEdgeOnRampImport,msEdgeReadingView,msEdgeSettingsImport,msEdgeSettingsImportV2,msEdgeShoppingUI,msEdgeTranslate,msEdgeUseCaptivePortalService,msImplicitSignin,msPasswordBreachDetection,msPdfOOUI,msReadAloud,msRevokeExtensions,msSendClientDataHeader,msSendClientDataHeaderToEdgeServices,msSmartScreenProtection,msSyncEdgeCollections,msUseLabelingService,msWebAssistHistorySearch,msWebOOUI --lang=en-US --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView" --webview-exe-name=JJSploit.exe --webview-exe-version=8.10.7 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2944 /prefetch:1
      4⤵
      PID:1124

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:3424

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:4852

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:2612

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:1008

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:1180

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x00000000000004C8 0x00000000000004CC
1⤵
PID:3624

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1652

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:5100

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1368

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4272

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3144

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2680

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4780

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3128

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:5272

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalService -p -s NPSMSvc
1⤵
PID:5904

C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe
"C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe" -ServerName:MiniSearchUI.AppXj3y73at8fy1htwztzxs68sxx1v7cksp7.mca
1⤵
- Modifies registry class
- Suspicious use of SetWindowsHookEx
PID:5932

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

T1059

PowerShell

T1059.001

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Network Share Discovery

T1135

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

System Network Configuration Discovery

T1016

Internet Connection Discovery

T1016.001

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx

Filesize
64KB

MD5
b5ad5caaaee00cb8cf445427975ae66c

SHA1
dcde6527290a326e048f9c3a85280d3fa71e1e22

SHA256
b6409b9d55ce242ff022f7a2d86ae8eff873daabf3a0506031712b8baa6197b8

SHA512
92f7fbbcbbea769b1af6dd7e75577be3eb8bb4a4a6f8a9288d6da4014e1ea309ee649a7b089be09ba27866e175ab6f6a912413256d7e13eaf60f6f30e492ce7f

Download Submit
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock

Filesize
4B

MD5
f49655f856acb8884cc0ace29216f511

SHA1
cb0f1f87ec0455ec349aaa950c600475ac7b7b6b

SHA256
7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba

SHA512
599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8

Download Submit
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val

Filesize
1008B

MD5
d222b77a61527f2c177b0869e7babc24

SHA1
3f23acb984307a4aeba41ebbb70439c97ad1f268

SHA256
80dc3ffa698e4ff2e916f97983b5eae79470203e91cb684c5ccd4ff1a465d747

SHA512
d17d836ea77aeaff4cd01f9c7523345167a4a6bc62528aac74acde12679f48079d75d159e9cea2e614da50e83c2dcd92c374c899ea6c4fe8e5513d9bf06c01ff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

Filesize
40B

MD5
7476b53072467db7bee17ddd7194838e

SHA1
6e5bd209d7567cb97ba5aa2abcf1a04bd4b32220

SHA256
49bb741e01de9ee2977a43c1af7b92d07b7291c20d5fca51001439a43dde80d3

SHA512
a79c62357fb329ab8ca70e18e9c43442a6e575cab0c83f0fa8b9be2071eeb010af0c7747ed67f3a6a9444f35e2ff655fe29980e448ba26f8d3018e03ea4ebb2d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\05f03311-d5a4-4d14-a3bd-ed10feda8100.tmp

Filesize
10KB

MD5
5e9b92f37601d8e2292d2627be577d1d

SHA1
911e4a305259c68a68b13327de9848d959864e9f

SHA256
a8167e4bc037a372f618ec3221b92c2f6309859e2b112bede0abb2b0918e927d

SHA512
e35f4d6ed0603e713943038ae184201fdd8fa1c248f8edae74b4a136dfd2886d3306837e755194628d55d3464fe13860359aac02ec4ee7b26707cb8838028adc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
348a822a242f4019252df192206e6add

SHA1
97064e89a5b0511e2cdb3127b880b924cb0b3e87

SHA256
0215a01acb20c238310ed5f8ccad4c7010222bc7eed7667aa8b7e3958cfbeb47

SHA512
7d18051d113298aea8f2682d3990ff479e0f2baca9cd9ffe23fd9531ee8f731d8d04a361b87f1a6777b3168fd892e6ed2d3d254becdfc4e1f6f53b4040409e25

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_0

Filesize
44KB

MD5
7d46cb19b1bae0d80bf5039b2a12b964

SHA1
6cc040a680ceebe1eaffe957bfcdfd04a5618d02

SHA256
ae1d32bfd8e0e757bb19f080ac66ad1b6d4b0cdacabb6729ba76c88156f431cb

SHA512
86cb7e01b20925d27653d9581b9aff2608b61e7b9d3e1bb8f80680b699f7757caafba17f61ab1f3701f8a6b780e545447af2f317f7180422373d8e4442b56862

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_1

Filesize
264KB

MD5
bb94ec2c78abd5d753f58fae30151346

SHA1
9cf56625cb5841de013fc264a72bbdea8c185952

SHA256
b3957fdfb6a2f6426172a5922a3857ebf76e53b69e6608380dac2d549a5c86f4

SHA512
76ec059c0b610fc486a039457b2b7ae94b262d028d4a397bac13564510eab39b262d08762d60859d77cd85167906bb8c728db202fcc8202356dc641c32a0d2d7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_2

Filesize
1.0MB

MD5
0f20b0c91848977416733e93af520563

SHA1
201150463733ff4aa5c7050dd0c57b6ef7cd5a96

SHA256
d0c9dc36645eaecb2a4b8d88d4908962c22c3184ce7f7ea758949c234b006b8c

SHA512
7ce8c7fcfb01371bebdc73ec23a6d7dc435695fcd989641e420eeb7a7ab294c2f4eb79d2198529e60b6e0439c7e97331fee08ed3a79e7b5b4134c7f00d6e9f13

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_3

Filesize
4.0MB

MD5
6c1a726592b6d92ffe3b4aef717803e1

SHA1
7bdf2a5fffebdd40389ad42a13b4087ace1c7a3c

SHA256
a0ec93c463f8dff250fc76f9b51abc57f890d744d433649c7e6389fba57679d8

SHA512
89ea22a724fd5c1a057f51d41adf2751b03d5710c51bcd0a1586be2e75f54fb8f9d6894428d3f24dde7edbbf3a93cdb939b5af85cbb9829a0158cb07eec23ced

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000001

Filesize
40KB

MD5
3901431a1cf953a09fb115f792530d50

SHA1
9d3f7fea615821763849cd320e3c9fe501d9cbda

SHA256
f6495dbf769719aa52f4bd6887e8e84a6565368841249e480143f6bdafeac85d

SHA512
b480791f426899e8c212d327bce05f9e9b9a9efc0ad09f73168103291a236bf72cc6c3c0f4048ad2feaa560a51235e1ef91dd11720cfc273b99f59fbd60ccb52

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000002

Filesize
85KB

MD5
e6a85e6ab9d15ce7195cffe41549c8bb

SHA1
b5a7efb8ff2992ec8623a2496aa42219ec9a1ba0

SHA256
f858afed3a53c49be782ba2484d020c94e5bfff779912792cf3410a48cc0facc

SHA512
240abad90460df5219631a93a3126e2670b98dbf653aabe5200ee6a4cd83ea92dc14ba585c7a4547876cb9449f38174fec9bd3c420191261e1bbd4135788f978

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000003

Filesize
29KB

MD5
ac3619eb929bc137ce24d816cdbf9af5

SHA1
9c3e6a39f020e467635fad161cb8f7cdbfe9c447

SHA256
e64784beaa8988670c944843ba27750a57b438901de18033fecd92df6f98d8e3

SHA512
cb1281e7c932af484ae17ff5930185b5b52de4f2cbe1627afdb8723235467f08630dfbc086eba76c76dc28fb9f566fcdfa03bf512b97515a6227de4a08327e5f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000004

Filesize
16KB

MD5
30572bc81bf860f471f7357316172b09

SHA1
fefe7a69ca54d753a826bc33b6846cdccbe227c3

SHA256
490d408e7b45aa17a64c1c888ab1ba160b7e8d8b08f46a561a6f9218c02ea8ab

SHA512
bc14466ed9a3b754c92792d5e65a2ba0adad659d9f562b37ea9e91bb7089ab32fcbc43d0d4ccb677389aa047f94d570e55382f3ff72fc1fa4fe28a2023c06c68

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000005

Filesize
106KB

MD5
8f767d6767ec1eaa5a1cfe8d087d595a

SHA1
7bb84a848b8eff00c6360f9aba425b0c871bdc6e

SHA256
a0c7aadc89495ee7f728caa611159ba55bebce0ccffe491aaa624b14281b9b90

SHA512
9b0b64ae43415dd8f640dbac19b314be57c438a05c789e0cbbdd123d4d2806ff10b61336b87da4ed4a3015055c7cc858038dcf5fffda730a9f51cc4e38b8e7f7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006

Filesize
51KB

MD5
1f43387d32a060a36c0f6550faf11173

SHA1
2daaaa646b6372226c53027bef7c59c4b00a488c

SHA256
225c3baa8aad31c113d1762f68758269aa6e9c257f00d0e43b45afca63dff9af

SHA512
31e7dd94fd4a0e40a3b5d425bbd8f6c7733ee16f41b82c532164b97e9567fa4aabf430434ebabc68977cb169c7da1b24d23dcfb363379a32dbace07aac7aa8e5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000007

Filesize
23KB

MD5
3070b0d3a0854092db26c3ddd2f7b044

SHA1
dcb02d3ca182c85e94fec612e151add71bc5284f

SHA256
bb4d02d2480746bd00ae9e0188a1f262480bdbc866bf3ebf7b84052fec535b58

SHA512
5552400d2b631f9de2c005d201eeb857b95b2d686606195c498e38e6a4296de78045a74bd463866318bef61e3f51f7a559a55fccf460ff6bc7b0f674b6e2810d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000008

Filesize
73KB

MD5
f3b80b7935c1ed3f8dcbe9a175ce397d

SHA1
aae61b44f8f1aaa2fc302d9e4c2e320d1b660b16

SHA256
5c86977f43c9654a6aedb3d6a9f14692e6d5adad533605211be48b56a035b767

SHA512
8d3038c525016a031cf8dcf245dbbbb7ce44536ed0ed04a494669bc943f02cb2a943ada27634bc65aac58217e72955ad7b261b66207eceaf4b229045f22bf2a9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009

Filesize
31KB

MD5
6e848fe6c5045f265abb3ee3967eca49

SHA1
b2fdfe3700ac53d45eb2211c541dd68d353263d8

SHA256
6bec4063d074aadfcbdee7eb7e62f58b6406bc3ab59f273d0b4bca52d45946e1

SHA512
0d6737464a3bc6996cf656b72cba4ef019c737ca4716dbfb711de80256ea2a02339a5fc56e319c23e92f07c9efdd1c36a4533daf58dbf03fb6775955dcf3ba68

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a

Filesize
139KB

MD5
67e34ff880a035a0e5642ec6a48601d2

SHA1
d4ddc225e623c7838ae1e0408f82f2ebee711926

SHA256
0ba1ca746bc749b81467841f60a53404b3449e5b3ae3d809b5359e89e3d3aedf

SHA512
8f1f5f23b6f42bc8cc0262aa16ddf27c49629c49c456c2cf75b4c97fb9b7be419ab546956abfe38a582f2e6efeb97d12a5ea6860c46176ce5d3a2afdf9c32331

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000b

Filesize
20KB

MD5
87e8230a9ca3f0c5ccfa56f70276e2f2

SHA1
eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7

SHA256
e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9

SHA512
37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000c

Filesize
47KB

MD5
015c126a3520c9a8f6a27979d0266e96

SHA1
2acf956561d44434a6d84204670cf849d3215d5f

SHA256
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

SHA512
02a20f2788bb1c3b2c7d3142c664cdec306b6ba5366e57e33c008edb3eb78638b98dc03cdf932a9dc440ded7827956f99117e7a3a4d55acadd29b006032d9c5c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000d

Filesize
43KB

MD5
51f45e2c6db76edd8c5f82fa69a378f8

SHA1
52623560d048cd3b5a1195c96a0a7bc996c1fdeb

SHA256
351db8ab27bd77f53a549629939ac82efd46690f0a8f24496fbfae5c84944b18

SHA512
b47fae95b698ebc5f66c3d645a7f7a5925c14ca2b4bd4de640163a4b44014a32c0fb1be6a99b86f086c9c7eeabbb5310902a21c46fb33b4644800eae208e6cdc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000e

Filesize
44KB

MD5
9a5d594e2119bc3b8e038dd64e06288c

SHA1
0d9acbd092d556e302501be18e9a7c978719a15f

SHA256
9014baab079195d20d5c6186af1cad5e5bfae19840b33179d40cb4c57cfbf072

SHA512
df8b5bdc9d67d26f7e4be5aa9d7dbf44ae06a5454ca3782d87b187892393ecbc226147b30f3dc21533a9911054045799f62ce535a5e7fed0365a888a901d2e7a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000f

Filesize
63KB

MD5
49cbefd08639aca7f6921c43a85d9905

SHA1
8ab5b92fb186f50cfdb124fa9631d4b59ccada78

SHA256
3cd2609cb9fc79af0d14a44ba31b2dd33ee28c64d6c108c06d27c61366b6b020

SHA512
c57894a7c80df7e7a5add407f52587d7f6d001237c5d8e90761237d7c6497adfba010ca0b64d3f80829aa010a6eaa6e38b5ab374c51f9db9013d09949f09fdf4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000010

Filesize
51KB

MD5
dd1efa0ee515a39c2c0deec07235f8d7

SHA1
36c46d6af46d967c5bfbb778a17c65ec515f3d53

SHA256
6f6d6072c3830bdd82a6c17803778776ac7303035dda8127200408a8125b688b

SHA512
6ecd1a07b0c318163017151ab12c284d27b621f6e0029ca12d1a8782e445c8834f1f50a25679525402794cdd94859d99030504feb1e84217a543b46e60739fac

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000011

Filesize
16KB

MD5
e935b12f210f48b580b203af524d718f

SHA1
712d71ecb53eea48fe3105b771697f4911e7de87

SHA256
6fa4c3692bbae1df4b7a9fd0fca0c243fcb2ba37bfda14e84b9c4e4b3c4a707f

SHA512
6602a70d1b4d54abd1ce0125a20086530fc8a493f445c53071129bcbd8ab2d6dc4d9beba6aa311f7e8b16e696d2f7bd07b70a0ab7fce5bb9c7d5567b771fbd2a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000012

Filesize
27KB

MD5
8baaab27f3338eaedd4fdf62746d881d

SHA1
801bfc88efa4f42d5e9ae54f6fc381ef11d6b236

SHA256
cb205ef44cc4b613a50a9b2e9fe7cd5301959c9812306f44e3238ef7e5592e30

SHA512
4722576c13a8cef2856e24d1bd68dbfcde478d583bd182bd8dba524c0515ce17e5b6605af0e909edcd9ed8dbf58ea68da788978142f82dc00899e4d62099683f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000013

Filesize
16KB

MD5
a2edb5c7eb3c7ef98d0eb329c6fb268f

SHA1
5f3037dc517afd44b644c712c5966bfe3289354c

SHA256
ba191bf3b5c39a50676e4ecae47adff7f404f9481890530cdbf64252fbb1a57e

SHA512
cc5644caf32302521ca5d6fd3c8cc81a6bbf0c44a56c00f0a19996610d65cf40d5bae6446610f05a601f63dea343a9000e76f93a0680cfbf1e4cf15a3563a62c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000014

Filesize
20KB

MD5
0847f502f3670eeee3c2b5cd93c8db94

SHA1
984881be882fea76d390d373222c08f34cc7a31b

SHA256
bede435865df71b9152966ba6e550b07ae481f795dd2b69063add1e99bf6c23d

SHA512
2eadbe0158bb6a8c19016cd5fee52c4efefc3ae2e8655c16300cd449f1774ee875594c6f7826ac7c4c9dfe215a5c9acafdcb68b8bffa00a70468598aa3b46c0c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000018

Filesize
20KB

MD5
84bd63cb3622f80d056b05fa060a534b

SHA1
65a34dfc604b6833cc18f6168a45a978458086f9

SHA256
abdb9fefc4d4167e4518d5696e1d34686447c421b477e4f6e76b8fdd670c5f3c

SHA512
acd5f0a5218a623faba737dabaab59224090e4aaa7fc4a32ba8e35e39d0b0627d4cc07ee2e324cbdf4e6611f6ad4bc6162168e55c4d5627fbee66f19cb640723

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000019

Filesize
57KB

MD5
16dbf3aa6da6eb21d043d031679edf8c

SHA1
cb79d8ba7a8c6d908c7b687cfd2d7c23a5622dac

SHA256
c1ea5332105be56f65e515b24281c17f0673efdbc6406d22bd1236ecbd8b2192

SHA512
6c7f6aec61237404623dfdfc8c14dca9d5303b90dfd65dadc80100c97f715a4b324cc13eb73a2ae83e6c2986065f041cae8f867a237046d9f29d53556f1a0ddc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000030

Filesize
41KB

MD5
abda4d3a17526328b95aad4cfbf82980

SHA1
f0e1d7c57c6504d2712cec813bc6fd92446ec9e8

SHA256
ee22a58fa0825364628a7618894bcacb1df5a6a775cafcfb6dea146e56a7a476

SHA512
91769a876df0aea973129c758d9a36b319a9285374c95ea1b16e9712f9aa65a1be5acf996c8f53d8cae5faf68e4e5829cd379f523055f8bcfaa0deae0d729170

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
4KB

MD5
db0003bfd8747c53ea1e96b4bbe588ad

SHA1
96466b6e7c3e10c6de0bc13c4e906f4098bf84e2

SHA256
9e5e70faa8e609a41250a4da832f247a70eb78f915a0b0c3fdc47822281e9198

SHA512
14b2cc85050005648a1c210a221191c4a5c3a650bbf5fb845c40ead9ad31c172f72db4df385f04da69e7edd6c92c79f002125679a3a8a11ad61c794d89893ea0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
5ab18b59731d583fc6776bea4b1c3058

SHA1
43d27eb22ca8a8b10eb899caa9d45d04778e81b4

SHA256
4c40e450074f8b67defdfa242b3257f4f99853d3881792ddb46bc41e13bc890d

SHA512
9e188e5011a561de022c8b3afe59572a2ded8414c3252e53298251a35e99feb91a9b468971880b35b3ff89462424617c5015c4725dd741a0d9068e3695c29abb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
4KB

MD5
f5e727a73c1f108984df962fe57f83b2

SHA1
0ab20e2ec9b0f333fba44eb0c5e0aa5ea81a64f7

SHA256
67183f96064be5e6c2d9b3345f0ee76e6d94e832024c96b4a8f063a63abcfc80

SHA512
be2b64dbb3197081740bee817139aabd6f9c5dd6be88043ef8896442161b8b46274f16d9b4110a14ae90e7d26e3a1b6bc1a7caaaad9e4f1e5dcbfc5990c9f783

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
16b6635f89a243b5bbae625fa73dc9c4

SHA1
3d7bcee765a4a700ef4ae9025bb729b82f4ced85

SHA256
fbbe16753a055616383cf17f604c73820e798ada1e883da4ecc5058f35b636c5

SHA512
86458effd925cf689f4d9f655a961eae8ef195e47842b8388713cfa3db9d511d73fd24c673dec34d0f79bc540f64fb2b42033c675237e72fd75a12a5716ab96c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\DawnCache\data_1

Filesize
264KB

MD5
69b873739840d457e2e9d9ceb5a4a9fb

SHA1
acfbb439bacf269dfa802b0b39d8acc74cda0342

SHA256
7bd1ff5d2d188b12f3e96ac758777fc78fcde577afe23707a0fb35aca69bddb2

SHA512
74dba383a46351c468175a322cf236487e023ba7380cff0885da5c9b376ca8a5dea3115bce943f6738abaa4154fd832fb43ef96f1d77c2346b9b345be306b4dd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Favicons

Filesize
28KB

MD5
c24f93b705016b26e5ed762f67cbd169

SHA1
87b5a9f4b10aa319679f2b16e3711f7256a1fe0c

SHA256
10ecd37407b04d7f3b97cf44b858002a4c9f3792064bf9be6460fab3abfbb5d0

SHA512
74fec597a57388eec2d7b0a03a56f5c09c0e49c30115d95b3452a5eed351c4fc4aabbfd3bfdb2a38da30243631120df275e060bd9a57a6a78f15cc4a88242027

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\File System\000\p\Paths\MANIFEST-000001

Filesize
41B

MD5
5af87dfd673ba2115e2fcf5cfdb727ab

SHA1
d5b5bbf396dc291274584ef71f444f420b6056f1

SHA256
f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

SHA512
de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\History

Filesize
160KB

MD5
39e8b5aa1b2167a576c479e183ecfcfa

SHA1
e83088d7c16f0831af7a3e6591910b0d8c89811c

SHA256
fe04fe0a781af6404d8e41b951d65045eebdd13761920cc31c2fd601d672ae2e

SHA512
c1a203b3d10e702bbdf834530481c9b52dfb8c748763dacde039370ac3d9fb87bf0a21817f2d0602916c49e9143d7d33edec7c927f0d3ead03c4521ae630cc56

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_mega.nz_0.indexeddb.leveldb\MANIFEST-000001

Filesize
23B

MD5
3fd11ff447c1ee23538dc4d9724427a3

SHA1
1335e6f71cc4e3cf7025233523b4760f8893e9c9

SHA256
720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed

SHA512
10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
9KB

MD5
3a8559ecc6a27816f488e8b707574c8d

SHA1
e9737caaac06f967301c56877a23b08297cd09a4

SHA256
ab4b44f2bbd40012425d706c4b4612968b67cbb8b5a9693c3983c5a8742f5d72

SHA512
1927867095cc27ac4ecbec51e359434e5befef18c7ec82f31797bb0224106655f97b834756b72d49bdc3cd17c077758acc03e3273f5958eaf9a53740abb65653

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
11KB

MD5
ad5b4486e37317e652b64667a81dc654

SHA1
8ecab20a93f60f96667c1c0df72b0661973e2bd3

SHA256
4119c0f7d602d21ad31931a76827b8d30ea730bc05eaba6739dcaf2d5f7c8338

SHA512
2c4b4389734c56e78d2fef4c16f5d6ffca9e0b1405e91c7d9c5c4980186e556042ddc4bc466c2e9743f90ba8507fe540bce84f13390d16c025b157a28204cc7c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
15KB

MD5
035924911096a3c495041c54b0de5c4c

SHA1
88e4dfaf33bc85b88a96a92103879307ed7f029f

SHA256
c13e7a3839c74363235a884eb927eef92da9e212cd35b6d12c8e3a8ca910cf57

SHA512
fb1e17de058fba8f1ff0e85a25cfe68bba0bc943d32299bd6d2aa950014b28b689fbf07842915537c7c1effdedac93eb691053d01a9484c43f9d81b7fe55231c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
10KB

MD5
0d49c73fff31d3158e479d54ab49d915

SHA1
aff54335d6b6b491012b2cfc6ca8abe185143a66

SHA256
172012b8a1417219ebcbcf473fe0aa7c778ccccf95dc14bf3e2a3adcb36ef6d1

SHA512
f8622a70c780b4f330123ba01953a1e0524bd24ffc5c2a5e2deecb12b3af338c6aa0511a9ff4d70af3680ed9000f9b0e1fc68d4e3249203bd4a2f4ccf01ade4b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
7a01552c321d95d312eca7e99cb849c1

SHA1
6155576c0a647f1ef4b8b6834422050e2156b80b

SHA256
545a7f9f3d78c864a9d0959b3d669c2460b0eed68dd0f25279d79196e36509f8

SHA512
ddf74b5e4876f5ac6267549bf9e933b273cb54fe42e47c3ea635a2c7d344911fe73ac9b67a9ccf5f2f7bc385dfd05de8b569130f2dfda1e96b300c8e2c67cdd0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
4955ccac9f2b9f1ac0ba53528a59fd3c

SHA1
bfe3bb18a0f9f1b2809e1521625b315bf236a40c

SHA256
77c81c8b2e1e91f5f40b1d2195ab0f5891141849bc1c56844202d4c975846460

SHA512
88155451abf671544cadf83daa6b843431e3de59c1c288943397b6a57768bf31307a72697b99646b09c9e0ff174cfd6e3eeeec12ab1e4046cf7ce87156a3ef62

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
797fba3fe8a06822e82caf70485fe406

SHA1
f38ed3d4d5085ea6655933eee26bb74147c9be45

SHA256
36e2c64947b4c0c89afd402edcec52eb143324b21e1615637470ad127697b8f7

SHA512
598b97f71bb794304958d89cd0697b90dd6b6e065b669c82137b93bb35397dd2c059f122ac0b11520772661f30b89ffc06966a28dfba831da837ed932df7800b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
3KB

MD5
2f0596d1616683d15dd3cc0ca0a83b08

SHA1
69b28b870c26558c6b1d7d361a93b6ab4c80e05f

SHA256
4cb364323d0b4941ee3eeb6bf69811a790cda08a3e3053a78fc170790f6afc2d

SHA512
6cddeccd37f882483af426954677a534432e7305ff2e6073eb3af61f2ddb7d65f7b63ff68a76edf47ffc31eb9d2a25f3fad8495b23ab62131e779766c1f4ea2b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
b1c04dd56be660bbdf4db9c9ccc71971

SHA1
a7a9619de9504a99c73e4bb2150c3ae460d03bd6

SHA256
551830adf4bba6431b09e78be2c95c4cc30eb1999ca0c90cf60982befe4fcda0

SHA512
5a458d37f894509660b008cc9592420bb6f7d5d1652f5ada0699286cda2b6552e06a8c53931d8600d3a7bade22d50ab862237b51a9370113f77d59b95b4d0471

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
d5529fed3410a6451a95e60f08476423

SHA1
0d08792f743c2531656d31cbddf3436aed5dc507

SHA256
93077b0f17b1425b6c72ef1966c7520c59cc87c7e69c3ccb421a65d80ce82c25

SHA512
db3fcc2c3d382ed934f624f7d9878561f83148dea990e25e3d2ecfedcc647f9f9c8318d5165609caffeb574b1a1dd80fff74fc9d02e70434303af6f76503ac10

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
ef71e294d615c91b53cecb0c768506e2

SHA1
7491d75fd25208a4b541fe87625518c7cf5b28bc

SHA256
932f345b52e572f2a6e572341a33e3d8418183389e20ba14403a71fb36eace84

SHA512
4978676aba4686d01609210424e4826b09580cb2a8fad8d91eb076fb0d756b7b272ad432f465ff7d32d22e295484a87d8b37d823fd8e6a633a89a2370914400a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
e61ac95dfd5bc266f90b79182e122e52

SHA1
712826ea7f454f5ac1500133e04c2a9884cdec74

SHA256
e261ec348713bc74a882aa62924297f53ba774f666027d7431805ebbaa28221c

SHA512
fcdf4e61268cb6471733c8c2a17497003fbcea76bb46f441dcfdd3a44c52032a46b1569e65d29b3b038873ab3a540b7acee634386e84f7f22ab2b38881bf7b5c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
8be71eb3df445eeecaad11fd962bda4f

SHA1
a240f0763098a66b03475aa6afe7914450a86fa3

SHA256
3df6aae2996ce276a6eb9cb5b8f2dffdf6e1f762b7763b5fbb69039be2a1e8c1

SHA512
4343f47c64d667b7424f87ca8890ffb29de228b20c04fb0b6f185eb12672e4a90d9eaa755b240854082f9d4b90df0b0ef1cf6a0aa41eb67e1221b7cd0a54a577

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
bc3b6643c8b3ae5f1daf0907daf52a78

SHA1
c23c84750889c266d351a4850079c45f87e4226a

SHA256
5de42e23897423ffed361b0b3a17f6301bf3b580f577e6b62e2fdd0dd3cf43bb

SHA512
62a3e38abe45e72cf33f49b145d28274583bd6c218be72ad20ac501bb66a47094957095672bfb92f714d6638fd0a9bed0ee9a0c1b66ec15c3e8fac1dc9bc7048

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
db1c809f0d97f38d6b998d5a8d3ae2e6

SHA1
82b2a083986c77e4d7007a0d338420bd4aff3253

SHA256
e6c5fc18405c50f7fa28b54b68eefe8610a0860cbcead8c249e08b0e747c81bc

SHA512
d3b4e69631e84fb54977b6e4c384a2d074c873f45bdac672e77dca3558a376d16f7f0bda32c3ef346f7253d36450035a1b9831076c1c25077fdbbd1b304cdb27

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
4aa4d051431455e167bbf8a3e89f7e15

SHA1
918693de57891bf05a18bc7315f63dafc203e808

SHA256
51139fafb52a4b975383e6fe15ec334c8a701ebe2f81406d626c1d76b4670f68

SHA512
c49d8173526884273e9c704e64430528a17e097b7f072f1427387ffb117c0f0c236495daae622d51800c66208e09377f739f01199d640c017843d9dcb969edbd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
476022481ee22a0108631c82e26b149e

SHA1
b48a0b8a3490f136d4184582ca14227f39e641f0

SHA256
fcc94302d1d724f53d95a4a71162feb9db898c1d3f3b567f6ca52fd7ad5b7e96

SHA512
c4e7f333cc6390114889ea6427fee0fa2b849ed32f37f9023c15bffa705a4d10efefef2bec12615972199bd33d1e6a890dc2d4b04b36c4e5506057b3391c85cf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
bf8c7fdba86972edac178c255ad994ad

SHA1
aaff0b8b8284cf8b7a7fbfbc05fe50f4b5aa0f14

SHA256
78160eb55d3156ebb2f5395dbddc4ef866154b8c2a353747f59a4d398e0a3641

SHA512
0e40ca47df6dc5e53ed0b91a46b4d197b18c5ea7ea2f876c338d380dc3e662b8173f79741caaccd6ff903b7b58d2b0f5c91ae162a54ec8d0541a45c3dc02c06d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
4e564031762f2a46bd8cf5b2c036e115

SHA1
237bb2590f9302d34de2cd2dd6ffd09214774150

SHA256
b1b5a1b58c764d90c31aef7d8c4b928e34ffe67f6f79cb88608dfa1d56c9c491

SHA512
a0c9539e4a4e711a24422570d8bbeabb02d39f1e08163083927f39696657a104e71aefe3434c5f85d888f80585dd7efb87d56d3655111832be5fd0764440345c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
64cbb720373ad60b5ec5a2a44c6aa676

SHA1
f6f3195968f1fd6e5237f8716bff32bfcc97bca4

SHA256
053d8bd4a0107315afcac9066b7df5a8d550752ef11334a9f908d52283a6bca3

SHA512
920ee955ec9c9c9483c7b162f33935c2523748451b98e1e180e3bd614d61414f1fd12445bb895d9c73a87c25ae0f581fc9ae17087ecbd6279881c4913c3bcc69

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
07a6420147c78d4ffd2cc68b3af6244b

SHA1
5f1d9f775856429a8761ffc8f5fb52002827f144

SHA256
c03284a6e4810b549da07f0657100c3eab5912923d29dcf456e015e3ae434648

SHA512
0328a6d1e358b2bcd09f5ad23f9a32616a2d7ec8722bc262812e12bd159003ae07cb53f8c8a65e54e123b5676feed574d1d8e2e90d62ca383ddc8015e15ea897

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
a11a91cc5754c4bf1fbe6422eb730a1a

SHA1
f028c068f908ca14ae65e16a6c97fc9f1a316809

SHA256
d9f9c08b0a89fd9b3c7074d1f536b233899ea2c5bafd4cc4c27f4b085993c332

SHA512
2d0769af094ae8bea6801f3ab1db76aaf3d3f2a73d9fbda9de02b75cba7f24db20874eb8370971f5491f14048110b2cdd80bb98ddb3ffeca9ad9543beda4236b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
e6523d7dfb479a65f4af5acc65a9b959

SHA1
315432da3089b8575fe9156dced1714c95868224

SHA256
86521a9703fdc5be1faeda051d1938ad3d10b0856f520aab62793c6e4391eaaa

SHA512
07d358faa8727cbefcd100ab4c3bdfac83a1e0495e73ab548e58b4b9763ee4ddab46988f1f058a5aee6955961e43fd1e1a4a584567228ed39314d6e961aec809

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
9341c5621927f63695ea3fb40c944cd4

SHA1
b94649d10189c242605ea5a561fc40d8d5f2cf42

SHA256
956039c0a44d42d87c08154e8b582c8829ee18998aa067ec3221f314b38914ee

SHA512
efc0df8fd3ad4d797f7819f110380969e902c25fe9bc9eb80c86c20333e157f93bf40a479b4706a0dea48891f6f5d097aa4459950b729cf68137ba744ec2a0dc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
5cf89710e0d173ab52c534ee112d495e

SHA1
8f56da17d90f5d3cc79f0dd15e91d4822b9eab8a

SHA256
7032afe8bb80e9fba030d95dad38a0d289a6132744f1397dd9c853416e1bb6cc

SHA512
70eb6c03b47d40d3f46ef57fa0f892ed360987814d1ff44a32b1686fa45aa5b0c710bd402d69610583cf2fa0575af96aaab55a1ea7b5e119ce2fb5a7691c3e79

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
0cee766de5b2c5cf290dce1c62154cd9

SHA1
4c6bb1e21c5aba2dd79fc81595cc83a1fd9fdd80

SHA256
a63ac2b29f52a25bbea2e190f850c9074186c525c99b67da22465dfc94260df3

SHA512
f55b88414e80f3ca2464a83fb091321709d937f6b23d4d3e2d191983f3bee009a6342b3b68ab3f8602ec0a927cb93306af6ca7defe4d598d19704d8ef17968ff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
a63398de1590bb1b9f9aa698d1ff2b36

SHA1
60c8311a054e600e9d2d9031630bd2bcd8c0d03b

SHA256
035d8ca4b52bf83ed9b26a4729106fcabd44e76ad4639c09232026662bd784cd

SHA512
85b921b4c7fc4beb7e0af7d94e7c6074cb8747d998c340f371f151378bf57803e89d7df71596de8c77b73c74db3b7390e55325b4e78ee9d56f271cc38f629bde

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
2477be1c065ccdc9acc73cb5055f2e26

SHA1
d3cc4833aa1fb1f42ab2359b60f44606e59d8a06

SHA256
7f0b00a1be59c3ab7f94ab5605408ea1d01fdedbb3ab4bb19d203da377e78319

SHA512
b12d88710da8fbcdc72ce0b5f41d63efd1cd23a971751ce3c67e51e94bd659cdd8804a6e41d06a8f5d9e8110ad4c33456b7187bc5c5ce60da26d289bf3b3b977

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
fbd5356718559475b689ee287a3bde3c

SHA1
097f142a43c98e33371c15dfaf2f8043a2f0e069

SHA256
e1606a3c2a3658acc6efb23938bdbd3f72e5ae073ed4b0e6375a8e048a581d1a

SHA512
5ca7b79b187132fd987ee110ff05061ca4ac9fc72c95df2394a100ea7d12327c27aaf532af4c2729827e45a5d8d1ea5f9ee18fb3ff765910379536d950649604

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
cb3c50dcbf8c93cb2fb60d4a38d57e7a

SHA1
f9ad15166f1129985a8b8d8d53a83e0b4ba786a2

SHA256
ebbbf302ff5fde4b3356961485368083ce717a63db582e0f2eddf2a4b50b7160

SHA512
b90811103199be3dd3ac03e6b13f5c84d8121cdb3b31160a7751fec66de2131e1a885185478977c41f5e663457cf2a889af8524b3844171d3fd67ff08cfed3f9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
96b79431a7073c1d12928848d474e020

SHA1
0217f16c9068fd3517ee3fd632f6df76e69e1cae

SHA256
861d03589868085241ffd78c1170b261010a3889484daec773faab2cbcecf2c0

SHA512
4f2683b986b3528d762e603faa9ae20a2368116370819e79060749e137a137be2f9097be0ba2a74150ba6f8aeb469f3d0ae2677b3a19d98f664b5e3296ef5322

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
ed0dc8ae62195b9d6369d682422e5aef

SHA1
d380aa344eebfdb37fe2401ece424fef3aa56b06

SHA256
fc165788d96d99e7ee8984ccc016baa42a13877ce9503e07369ff49148ba6c1b

SHA512
7e2d04037e5ee89a60781f24e69d5b292a1ccd2183b38c52cf5285a0c9db2fdaec0ed9930da54b52fb43c5b40b73a2c16eaa9b64b3a2ad029e098ec9ad1413e5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
01a91f437acc16ede5b5002afd5bd6a8

SHA1
1e72385939a2f3e9f9c1e2a950dd9bf3c9238867

SHA256
86d490565dc849485b3eb93a6333347e6a8f9309e4ec7743ea988022f8fdfc23

SHA512
dab4afed32ce95781c8462f0acd442e7371081068e73e3ebc80714e7dbc9f485148cc4cbdf99b57a5459eea601975d2f6fb8cc1d131674469e5f1448feb9eb5d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
8f3e47b746c4d68719c462566d0ee02c

SHA1
8bcb81f6fb6a96ab3142bd061363e2b951a047f1

SHA256
ed381dcc5fc1ef3562ecd5e2ba76425250dfdabe247147b2bba4e1e7ab9fcbd2

SHA512
cca2277f2329f1f2d5e0bd670fb982c561a79454d0062d48bcd04d1f4f233196a5ff204ed3155f2256ad465d85c5a2e4cc4f2524e4d63ea2e2db116559c2ba85

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
32841df57931f28f178e3acafc604f37

SHA1
f21e9666f631b6bff8cc42bba023eef7df144cda

SHA256
feea0a59b8727701804a7b7315dc81fa492606e478c3ec058c463e1360bc00c9

SHA512
1e1aa3a7995aa02291a444c4c287da8ae93cb883390dc065ee20717372d65c989fb9189b5294a716a2bc95f252d1b56fc229e6ac6b49694d01af6fe1416f4225

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
96B

MD5
dfd3edd96026b451b79e08517613371a

SHA1
b3459a9ef35cb42ea31d0a54eaff24239f7c7f47

SHA256
782ab6cfecabba708865ccf05ba9d5be2702ad8f4e52547f5495475bc02d287c

SHA512
56ab34eff374658eed15834f57e6bad595bece032b558a9fc76778a2d79e18ce8e8a6ea2b764e225b264ca045fa694ba9c25dd3cf98a668478f56e7237588e2d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
120B

MD5
694a7949eec7c9eefc993d3cbfa4d03e

SHA1
b67c877bb15263f71c8fc2f74520e9ae17355bf7

SHA256
aa115c0ee6130f7d098196be591137215f08fd3fa28c53cbb5835d9254bd07be

SHA512
f67ca4e425a8b408123d0c8779aa36f85316a9cea5fbb271efd7821a7e7dbc55656ac9cb5807c5f7e0f59d90e241d14c25695514b73ca6581a1b7f6da4e7a82d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG

Filesize
324B

MD5
53739b3bc764f266f872247415cd7984

SHA1
2a3934520bfafbbcc84acac3dd900aab8ba87ebf

SHA256
1e49405fe19ce0cfcd561d3b7f33a9955f7664af8ab6c28ba5058e5f9385d0e9

SHA512
3420ab5d565e7339ee76ca6a45984f33982956ea1e38a1f4a147c0d78222e942b6e7897b3e0c4ad0d0584785b8cb620a55a12258ce1f1f1a38410f7124f8690f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\3\CacheStorage\index.txt

Filesize
76B

MD5
46cb7641be727eb4f17aff2342ae9017

SHA1
683a8d93c63cfa0ccbf444a20b42ae06e2c4b54d

SHA256
944fff1dd6764143550534f747243ef7d84fdac0642c94135ab40f584520f63e

SHA512
dc1b5f363e90abff5c1663a82764296922c842820d2819805e87da6da1081f1b5f2d8debc83ac34a26ce289b7b22588b022433686b19b039074ae184968b9fda

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\3\CacheStorage\index.txt~RFe5b34d8.TMP

Filesize
140B

MD5
76b47fb14baa3a039b0a322333bc7e76

SHA1
6dad3fbe795969f4afdfd6056cd7f999a5b26f08

SHA256
0456f2283de5dd4918c04a01950a72ee27f1b3584068ad279c89822d9eb60ce2

SHA512
98acbc17a4129b46cb3c5c55d1d5f27f75e1baf190d408c037db17b1ee329d59875d2d558c168ef861f8618a0e4f02edb59214ebbaf26dd74405d2c8b57cd3a3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Version

Filesize
14B

MD5
ef48733031b712ca7027624fff3ab208

SHA1
da4f3812e6afc4b90d2185f4709dfbb6b47714fa

SHA256
c9ce8dbbe51a4131073db3d6ceef1e11eaca6308ad88a86125f221102d2cee99

SHA512
ce3a5a429e3796977a8019f47806b8c0671b597ead642fcbfbe3144e2b8112d35a9f2250896b7f215d237d0d19c5966caf3fe674165a6d50e14cb2b88c892029

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
195KB

MD5
642bb2c4788fcca94ddf4c3a525cad26

SHA1
405ace600193c1f5f93216520714e6aff5dfb0ac

SHA256
b045a6ad5332f329c2a3aad965fe53735e69031f4862bbb9af5905fdf2c21379

SHA512
097e7f24fa1cd86d102937f9fec92db1a18c3a51bd8eb87d569153f72bff06d37aa8e874d765380f6b75394ba42897ed6f02a138b7299f1f03d06abad9d5a51a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
195KB

MD5
ab717fe94e2d35e2eb082070640de30f

SHA1
8ca1f09e66f61a50f09958a7ec4f83e34f7daaa9

SHA256
d973f8ce973adf4804af1e9fafc6259147cda3a4272ca070833d648cf7694183

SHA512
de1c8023a21a4360b14a6b4e2320b794fd90e01b9dcd70ab53d9714f11ad2c97fadea832f49ac9197ff8c9c8a2d18f6628ceb8866131e97fd80d658e38fa45ba

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
195KB

MD5
65dba06de17dc999f8035602c09cb56f

SHA1
c4e5aa05c4265c0f5389a1731cdeed4465449394

SHA256
b17a20b48db89bf216d2e5cafc6ea56f37b6a17002be2d06548156766a1ee722

SHA512
67d6fd3027e8bfc31cc239dc3cf4f5e9321b77220fe74a7aba3de7fd9272792ce7fa47e4347d4a5b0282fbe8c490f9a3f285969621110418752248bff9d4a622

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
211KB

MD5
e5e6aff0a8d37d8a63a132d97cd3bf8f

SHA1
389401bc037dd379cb0a773f707c80fe285dab18

SHA256
7cd9863cf25037ad6f141866cb18fe4aab4bc3ab96771f51478d356e31cff51c

SHA512
927506113f4a87a33de027cd87afbb324694f24ef47c362b47b34e4ebfd4ad5ef967369192921d9998db1965032e5554d16e5807b9fdf47c511449a65a24cf26

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
211KB

MD5
557c49bc77e14c26d9b865eccd5a6634

SHA1
b209e0ef8223b807571a58ef8bdada545f786d82

SHA256
b9e713da18014a5780446cbbcd3e583257b90b62e5a40f63b38d11460cca78e1

SHA512
cb028dd7aed3f1e2dc29235b4a84422cdda2c1a114dd31b0cec845131369a2943d9987b5348cd0afe6f1858c0772b73dc6ff67fea4cf31accead485acb498af4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
211KB

MD5
e899fb5e420ce4838940fc8e3e562d44

SHA1
5a8c7f99e96213f4824f23f3e1d763ab5b241241

SHA256
cbd10eb778fa0681652cdb0396354b071fb94ef23a05b7f5cabc7c5606516d6a

SHA512
e368039bf1e9bdb1f0b82aecdaad7d7d07f7f8469a52a380be0436833975689fd4e0f4930f11c91e7cfb47839810e49f506801965fcca9dfd3cedb4a2c58ef1a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
195KB

MD5
821a93b1bc52efc8b0f22efd79172134

SHA1
2cc41f1c8c8268bf7004bb498b1c2afc4c07e663

SHA256
f554218edfdb508a67c980612b27217762c417ad000e9dd215c3bb1405458fc8

SHA512
8e5d5f7da73bd3341e58ec559532b3694113d6adf5740e44098374e5287ff1cdd60610c5adcdb9b5c978eea3c054cb1c9bf27288cfddcabfb14feb1aec347624

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
195KB

MD5
f7e86384feaccf2628f3855f4ae01931

SHA1
a9ce1f9564bef3f77172c5429b9768de7e60b786

SHA256
062284917567a515cfaf7115b5ee98d4582a03257eb1d36acb1c9e486902942e

SHA512
176130c0aa83de5016d55bfcaac5de0c003a8ea3f47a7e085db22a5d2bd476cad633053a51f102f2715c586067b7a8aa8fbddad33ff1a7c950526cca87100033

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
211KB

MD5
c7bc5d4d1fcaccd7222e7df06365c753

SHA1
294dc68ffbe83a2a3f8ed0f5ff347dec35cc8118

SHA256
612015865ed79dca606df30a783aaae8ce31bdbd189502bbc7f0aac794d5ebdb

SHA512
da7f3f8cf50d352d420f4cc1ddd9dcfc99225aec89fa1968ec488229b3d7a2ba8880f30b198e1ece8b3d3afab0ea8b662711c1a73c6d702c0552eeab0dfd781e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1

Filesize
264KB

MD5
50da59be8603878ba6439f4aa0c5d6d8

SHA1
bb4a801bc65d07271ab400171987cd42f59412bb

SHA256
d5bf4077941f8b7ac91c7487c6ef5a46f026c978c7c2ea2ff4555780ee2bfc15

SHA512
d74a482efb99e0aefb138a05e9a603fcf455ce77ee7c6a788636d9a5a3f16ddb05f81bdd3a5a7da4b081808a69f53de1baecb493b5c135471924b491019a45c3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

Filesize
86B

MD5
961e3604f228b0d10541ebf921500c86

SHA1
6e00570d9f78d9cfebe67d4da5efe546543949a7

SHA256
f7b24f2eb3d5eb0550527490395d2f61c3d2fe74bb9cb345197dad81b58b5fed

SHA512
535f930afd2ef50282715c7e48859cc2d7b354ff4e6c156b94d5a2815f589b33189ffedfcaf4456525283e993087f9f560d84cfcf497d189ab8101510a09c472

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\segmentation_platform\ukm_db

Filesize
28KB

MD5
36492e74caa26342e4d61c79a3e7c9d8

SHA1
d14afe67b1b55e4c2f457edc36999aef658aafd4

SHA256
f6e8351861bdfbeff1ebc7a713ac0617abe7dab0ee784866ee09c1ba395e76b8

SHA512
75ef3946c87009322ead450101e64ad0538af273596b8a1065722ebb6be607c33ac71d0c34ec28c3d366cf82722d74eb826f5e2519242572dcdb015604d39605

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\segmentation_platform\ukm_db-journal

Filesize
24KB

MD5
408b06e280ff817d32bddf4bacfc6c71

SHA1
f9cacc2b81b28d81554b30e8902b0b80f2eda72b

SHA256
dd63dee2868279f89a475bd809e2cb7ce5e933cb7734baa1577c6e0ba08ed24b

SHA512
0403e5929b26668232e05cbdb2cfb515cb5bdf29d8ae0be3e211e99c33617b855b10dc3467dbbf66fa218b64c43619f1195cf8938406d9a082d3945ca942f653

Download Submit
C:\Users\Admin\AppData\Local\JJSploit\JJSploit.exe

Filesize
10.5MB

MD5
e59012474c711e0db071950d859bac42

SHA1
2a1839c61829b70874aaecd41d76a03b8c6cb5dc

SHA256
5bd65131cad50c58ae916818d54abe44c014854db770aa71a9933293939ad576

SHA512
61e94c2949d9f08d2ce37dbe5687cc8ff68b274e2ee56d530870a977773a1e04ac58bca4f550887790f0d31534d862cdc869a90621c03ebf030cf73b41fd5774

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
03a56f81ee69dd9727832df26709a1c9

SHA1
ab6754cc9ebd922ef3c37b7e84ff20e250cfde3b

SHA256
65d97e83b315d9140f3922b278d08352809f955e2a714fedfaea6283a5300e53

SHA512
e9915f11e74c1bcf7f80d1bcdc8175df820af30f223a17c0fe11b6808e5a400550dcbe59b64346b7741c7c77735abefaf2c988753e11d086000522a05a0f7781

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
d30a5618854b9da7bcfc03aeb0a594c4

SHA1
7f37105d7e5b1ecb270726915956c2271116eab7

SHA256
3494c446aa3cb038f1d920b26910b7fe1f4286db78cb3f203ad02cb93889c1a8

SHA512
efd488fcd1729017a596ddd2950bff07d5a11140cba56ff8e0c62ef62827b35c22857bc4f5f5ea11ccc2e1394c0b3ee8651df62a25e66710f320e7a2cf4d1a77

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000f

Filesize
610KB

MD5
430e1ab1d525a05692d565b8283720dd

SHA1
6220b1642b5fd7d84a84389f8d5c963c5efe6e42

SHA256
b595a37b77b2d1a1f1b0c6b189fc06e9bb1c409b5a45b0dddbde182937c1db55

SHA512
c81ce8b14b268f31bba063cb2e7b397cc94fcf725183dd42be8010e5f5526fd755d6723c6b02a36b68a46b1fcf0de09cfb12f8219524c4c658f54137cc220512

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000011

Filesize
47KB

MD5
97244a4b866e404446dc139016cf23fc

SHA1
54b2c9d1498907d75c6722b145729361b2353f47

SHA256
2fb7c27a7ff245726c6d886d5342cbd81ebb451c0dcd9a231af2252e8952ffac

SHA512
aede88d704c2bc0210189880d4260b9e35a9081eb21c51409048287ff35fa88aeecb036661baff2605419897ab644a4fc8e7fcfd93c14096d5e91503f5a4fc65

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
384B

MD5
f2128eccce0ae01d411050118351c4bb

SHA1
60112235efef1a2759cbc91447fdaf1d7ad23afc

SHA256
9c32bda93758a15904dc7da9b546e1c004ad66d0d4802f58830a06a3737252ff

SHA512
3b0de08ca2e0024584e1f5da8e5decb8d97528418d9db0575935517b73cf6c36a27df5f27f0cd571e3bb42c03d9cac8c4e132008cd34c78427638b93a6ef8295

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
3KB

MD5
12742bf5054ba1541e1a913dd3991679

SHA1
6d3e0c0b63ecacb8dbedeffe1649e216e7acf588

SHA256
50c7c5e34df1c469a426e501ad027cbdc3f74cce33d29bbec01d5ff80b3d4561

SHA512
b18b9cf1940fcabf66b159bf12d850c85b11edc4c86aa044910dede175a3b2b94bd2412398d80aa057365254035e6c4756714ef05638ba403ecb7b26cff3a30a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
e5e7afb03d916493249d0280b1d4757e

SHA1
d3caca3705850c1127cb0872cd896586d777bd67

SHA256
593b970a1ecb10b2f1725277b7e7db9a020b3d3e2700c9050337f8850c633fcd

SHA512
c59bf44fb9637137a6c3397fc7c9dc19fa661f1f698b1a14e04a78328154d86adcf9872400a0063afcbf502c6668eef831ed45f5e89418fd4d66daf93ad81fde

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
5462d6475d5404e2cc4cb6aa86cb6753

SHA1
a1ae6fa3535ecef1200922e113ba5b09dab5471c

SHA256
bc24dea1459b5a4c4c80493dc8ec9d55629095f4897b5111aa6ade3732a0171d

SHA512
9bae907a0b3afb2c08c63babce5255ff182e44ad30f177847a083b636baa67c1ebdfa21d43d8ab38465d3993b8441f3a0348f36b41ed4b48d44e9d6200f9066c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
c7a58cb716569814168e93aff420a6ed

SHA1
1f9a8c346b7d4a3ffa791496b00022de1fdc4efd

SHA256
4536f0225662ad1490a13e22c45e5ab0e4da976f742e465f35a94b49277d9480

SHA512
74faedd7e37d1e516b3cc87eae1d43416a9061862fa16892aea9ec6e3b927fb4c1993e7b840e6dbd5ad1fafff0000da98904cbe2daf24ac292d381b7460d91c0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\bd2866a7-7c07-429d-b03d-f45340a1eca2\index-dir\the-real-index

Filesize
624B

MD5
f7bec0a3a8d236391563f314c43f8e42

SHA1
fa90be0818a57d11de9c8ec991aed747426b08ac

SHA256
ccccb6ac7cd4ded9a32e8948e216f7aedb1c4be76891cb108cd19e891be34f89

SHA512
d3b09823a49518b5d3e64425c7971cd689acc0907847b974ce062e216b5a7490a248999284e6589e091e8c1829c44ccde0a9a022e4e49e7ca8fc8fd28ec796f0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\bd2866a7-7c07-429d-b03d-f45340a1eca2\index-dir\the-real-index~RFe611f30.TMP

Filesize
48B

MD5
d323492ec31464fefe177c368a54329b

SHA1
d10623b170e85e3d1a0f3cf2b83a06f89d68f405

SHA256
dfdc46e4b72010e658801b4e7ec2f183ec5fd35e65aec3de2e337d0d4be95352

SHA512
f547723bffcbfd7f04a7c53e08c6303306b6a00dff0562722ef697c8b4b4745f9ade2bce58cb203bead93f1dc5af14fa1f5b0ffd04d3e8d7cdf5403379aeb71c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\e111dc51-e881-4874-95a4-4d275342a373\index-dir\the-real-index

Filesize
312B

MD5
9ac67eed137d34a82e80cad2fa1949f2

SHA1
7560e4133640d630c534630600fd8596a6e4a853

SHA256
07b298242cf06d21576851bcc13b7114b1c1ad1c1f43270944b4fac16bf63239

SHA512
01ae04fe3bb309e6e171919cf401bd0724968ee7a530f8ab45fc65fdbeb5ff08383135e110feffd0f6ecb687839f3f25f6a4b8eb734977cf79cfbdd7c711ad56

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\e111dc51-e881-4874-95a4-4d275342a373\index-dir\the-real-index~RFe611f30.TMP

Filesize
48B

MD5
127c743f0b7b208f702ccd428f063cd9

SHA1
fb7359e704b985a8dd38ea547e084f9b6a329368

SHA256
c196ec1f875c42d96c35efbdfba8b6f4b6592ddf8a9e4ddb9f784709781fab8d

SHA512
4c5debbecb57dcf608d0ae6b68dd605dde445923c6961eb4c57dac5666d897279298404156821fe452c9d501b2d212ddfe961d34b01adee521c597ed46bf8882

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
89B

MD5
42f74b6c3764ec1ac92cc78c194ec855

SHA1
9502945950d70002a7ed49218de196d54d931290

SHA256
11b5465a6cdad46dde6623ae4d2d53ef64fd0b4ce4e239695adf49d8922539f1

SHA512
588dbef5acc56593a80126d66d1e084778ae03bfe2b610f135f62f85b406fb735ccec9ace4263eb9d577ea37b6b2a9e649fc752fba5829fce296a6eb3ce3dc84

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
146B

MD5
2113d53a14c6f032ce09b845a0478a29

SHA1
75257e2617b414c0ece75fb54e3e3b0d0b74534f

SHA256
a725266569df5f80f83419652f729c3ed8d6081d8b14fa7b1fc69e54a8096f27

SHA512
36d22f1fc14fdc6fafdb07d3b94e719e380447f052a77a8e851cd0ac8936c40b239601bd3ec4461a6111dde7cdefc3a08be3b11d55c169e2cfa18e4975fb26ed

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
155B

MD5
a0f1e08f10ff328e9fa8d540325a303b

SHA1
835af1cc20f46dda0969db91e99e785415772f2b

SHA256
57b03039799d148b9fc252d844b2ed51082ab5b69fc9cb52fc9ead093ac78f75

SHA512
afdf1609cc36d3d18ac5da7f61041e24885228cf8485a0ec1c103882ce52b0493c6e7e28f6f84a35a2022daa3baa58918b20471b23bf4ed61c132ee566098be8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
153B

MD5
6ae9bc0831d1cf52bccb8c4eaf3da483

SHA1
bf934f8a778fdaa1c3c9db928dd10458be3ce2e3

SHA256
14324ceb0b21723bd40df2e6bfd218d6f35e9c5de02c983c539022a04b7fd887

SHA512
913a5fa75d1d8c6a3e68e9b135945891232137c12f454f7bc588f2db18ceb9f2e8f0d17183e563d63c092f64045cb7534bcc78680d1aa4cdbfcd64afca91c646

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
216B

MD5
37f32c8005fa20e6559ef6f9f3a78610

SHA1
a296c1815726d0740bdc24fd24935a8f3753f77d

SHA256
3e30e91d6cacdc9c860715716d66aa01df371d66f00d011f95830ba1045d1c8f

SHA512
7e32676be3a3fe53bbb9942a8c73bba823f0def1665e984ad476ed15bf149a8fd940d74a04909719910ec3a7f7a329864123591f406811861ba45b748e186ccd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
82B

MD5
b89095863b5676f5d6295eba02ea8b95

SHA1
d45b4a9afa8e01199abe4c31f0c45b79f4fa8343

SHA256
3b82d78c78e76ff3d169015898466bbb9c462e150a3339a04c943404a324ccf6

SHA512
ea76a2c1ae46ee73501931f1adb64a30ff918c1704be589d6d5d622d286f848cb91e33e3a383b806f69c4374841ce202ff98d46f8043424eb6932cbef6896bcc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
152B

MD5
b246dbd2a0dc5a8b2e8dc4dc67341db4

SHA1
8e1d1117face8c1e321efa2ea1cb0876e7a7946e

SHA256
2ddee33f97e07c20aa930085c3398b7becd058d2b274f1e9b75bd3490e7db37a

SHA512
f679cfa2658be06895c6512fa132e9c946cfdccc91f0813fd6c226e9035a25d1664ea165a9ad77b4c3f2ef1d26b5eb3882d4ed4b449346aaa693e45d967df969

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
96B

MD5
7cce81e8344109045f2b022de67d0e58

SHA1
f1fdf5622c40cff5ee6928fc27ecaf70d1198176

SHA256
6dc2ff3e4bc5eb846d97a86171734217967b0f78992bd93c80cb8608e51137aa

SHA512
5b70c32577697a121018ad12fec3599f57bcd78acb3b16f58ae03ec7305626ddad3931b1595f00923cb7fe3cddf8c066fa70a648007c4db004d182117f7eea84

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe611ef1.TMP

Filesize
48B

MD5
bdfc97fc102818bab6e3e24ce945a309

SHA1
08c1b1c248489556490220289cf3272cfc46b622

SHA256
78b0314b2ece7791b924a3dd07b92122245c3a55a145cbf49145b626a8010664

SHA512
6eeb6aa6706e3c3caebe4cabadb7a1b92a7f923004678133498e175dcb891026fa46e898a1fd2f7be3666cfe72073dc748b97a3ef86750ee7a839c29535f8970

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
704B

MD5
669d861d5c9c215105f706b1c5805253

SHA1
b995b19cd08897fb853c12c9fda6fcc114ccb08c

SHA256
282e9d3b34f7c16d57181b910b699d04c8df309bb2e74b9fd97855f0a1884fdd

SHA512
e267d012ae01580515ff75ff5db7d1d60b66f8af52f9ce809391127d67d801f32c10fad9de774aa154782a179742aa725f01d94629f2d6fdf4aca1a0017c6e67

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe611f3f.TMP

Filesize
704B

MD5
860018f2f438495ee9bcfe164eff3c9d

SHA1
c7c60badecd605ca6a02e6a72c66ddab8e63ae8b

SHA256
d48be7d3456bb1b2d31f9e53db0029c25dc05a86fcf8c99385bb06c650eddd4d

SHA512
27606a86c74c60324a7a7e76f5317870a519ea77e89c5f0e3d68c8e07e9ed075ec207955dda2b65070181edcf295ec04f3253b4529da618d38aae28d02a4ad58

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
8KB

MD5
36b16f584c173b725014036d66f8333f

SHA1
05fb2e352f259509814158608243253000877f53

SHA256
d0101ee94f1f922b53bdaed69738a30d4f731da2ee1eb55d476e9b5ae3e583fa

SHA512
67161fd5d319b263c8e2e1085f3c173b7ee68c9cfe059b90ccb2ccd318d6032fc5132be7f1a3421c1b58f6af55ac0d251e0b65c05fd27f67c67c94b64fcded5e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
fa601a46803f4c7abee2014fe059fc0b

SHA1
32b49ce2731bae678b9644b21d4eb592955094ab

SHA256
3e10c9dc31c2d0629dfe65a849188c5980892b6bc9ed9f739d8857b6f2dbcdd1

SHA512
afa3f80d0e100a7775b6cddbec120e8983735d1dcee23fc5e0c6477dc5cf9bdcd71083841ee3b16b978973a3d48005d30712e17fe1bb01598739e191ac9897bb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
cefe04b449da7f155169c30516dd28a5

SHA1
75216ffcd76d680091b750b49bb379f5b6a43195

SHA256
1e73db7ea2ef40456f8d67b0f14853549d4bfd549f3ab0ee654fa4795e1a81a3

SHA512
17c19dfb3c23c47d4bd39f710a4aca62762dd9d996c72bc467117acbf2c4368e9f97b5efec06549e5fb072ee211d125af813cf225e9dda3204f08f2b93d41475

Download Submit
C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TempState\SearchHoverUnifiedTileModelCache.dat

Filesize
10KB

MD5
4e6ec123550f3590a38901f4677b5743

SHA1
664672fb21c844f248d210b9077f2800fd66c87e

SHA256
9b678536691edcd4fc7ac3486d080c78794165e2a0e88efa35591c9048b5100f

SHA512
5e901686210d2eef71575c782380822656e5957b42b36242d9f717c81a342a94ea2c4148d0faffa10ebfb008434e4a51300d8b08dfa842b775ae6036261aba76

Download Submit
C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TempState\SearchHoverUnifiedTileModelCache.dat

Filesize
10KB

MD5
ac3b7bd3efea434b148f4552c704f299

SHA1
ff71077ff9e007581069556887bad12259c5fb1d

SHA256
a301a585a7df19045d2af3bccdb21a738e4f942551509e0b0f1cc9bfbf5e20f6

SHA512
4e1bb52e6c7a8d69f0eda9f07cdc231850c52cc34050a390360d7cd29a0fd39d06561f4cd2141eb78f90ab94b442b801299b1b9c8e27c1715cb449229cbbeeb9

Download Submit
C:\Users\Admin\AppData\Local\Synapse_UI_WPF\SynapseXRemake.exe_Url_slhwisqfbmluxijzztyqdmromt4f3x0h\1.0.0.0\user.config

Filesize
316B

MD5
11c1db716626af997ec7e7f4655ce6e1

SHA1
b92909a2c9cd7893498ff0bbb877b27af8566356

SHA256
f659ae60531ceaff833381dc4820a7e9fdd11272b2cf96b2913dc32be0b5e91d

SHA512
d00a742b14394fc90be09299f76ca122583c6777a1f4f4a0b7f1399b2cdc83a81f8be6ac7116a3a7c7ac368d221ccaecd771170467fdcc317f17a7b1e6653868

Download Submit
C:\Users\Admin\AppData\Local\Temp\__PSScriptPolicyTest_3udxq142.gwu.ps1

Filesize
60B

MD5
d17fe0a3f47be24a6453e9ef58c94641

SHA1
6ab83620379fc69f80c0242105ddffd7d98d5d9d

SHA256
96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7

SHA512
5b592e58f26c264604f98f6aa12860758ce606d1c63220736cf0c779e4e18e3cec8706930a16c38b20161754d1017d1657d35258e58ca22b18f5b232880dec82

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsf350D.tmp\StartMenu.dll

Filesize
7KB

MD5
d070f3275df715bf3708beff2c6c307d

SHA1
93d3725801e07303e9727c4369e19fd139e69023

SHA256
42dd4dda3249a94e32e20f76eaffae784a5475ed00c60ef0197c8a2c1ccd2fb7

SHA512
fcaf625dac4684dad33d12e3a942b38489ecc90649eee885d823a932e70db63c1edb8614b9fa8904d1710e9b820e82c5a37aeb8403cf21cf1e3692f76438664d

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsf350D.tmp\System.dll

Filesize
12KB

MD5
cff85c549d536f651d4fb8387f1976f2

SHA1
d41ce3a5ff609df9cf5c7e207d3b59bf8a48530e

SHA256
8dc562cda7217a3a52db898243de3e2ed68b80e62ddcb8619545ed0b4e7f65a8

SHA512
531d6328daf3b86d85556016d299798fa06fefc81604185108a342d000e203094c8c12226a12bd6e1f89b0db501fb66f827b610d460b933bd4ab936ac2fd8a88

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsf350D.tmp\modern-wizard.bmp

Filesize
25KB

MD5
cbe40fd2b1ec96daedc65da172d90022

SHA1
366c216220aa4329dff6c485fd0e9b0f4f0a7944

SHA256
3ad2dc318056d0a2024af1804ea741146cfc18cc404649a44610cbf8b2056cf2

SHA512
62990cb16e37b6b4eff6ab03571c3a82dcaa21a1d393c3cb01d81f62287777fb0b4b27f8852b5fa71bc975feab5baa486d33f2c58660210e115de7e2bd34ea63

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsf350D.tmp\nsDialogs.dll

Filesize
9KB

MD5
6c3f8c94d0727894d706940a8a980543

SHA1
0d1bcad901be377f38d579aafc0c41c0ef8dcefd

SHA256
56b96add1978b1abba286f7f8982b0efbe007d4a48b3ded6a4d408e01d753fe2

SHA512
2094f0e4bb7c806a5ff27f83a1d572a5512d979eefda3345baff27d2c89e828f68466d08c3ca250da11b01fc0407a21743037c25e94fbe688566dd7deaebd355

Download Submit
C:\Users\Admin\AppData\Local\Temp\nsf350D.tmp\nsis_tauri_utils.dll

Filesize
29KB

MD5
8def0196223484f8aed4106148dd3f08

SHA1
e0fc0951deb0e5e741df10328f95c7d6678ad3aa

SHA256
c0f2b928bc4c81cc5ca30a8932a6dc8cd617dd016679c057e23355fe732b2333

SHA512
9ffa66181bce5aa5210da0fe5edc6c80aa9e46e2bd1fafd840f468965f4d06bc03f9a77e04b975ffc9f25c886c274196e3fedae6cfb57f366ef39f1e31e1ada7

Download Submit
C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Crashpad\settings.dat

Filesize
152B

MD5
20054233c2b29714eef29c802e5af358

SHA1
d40c2998fd2a3585791aa8ff7e0a7b63644eb8fd

SHA256
ea4362126a00fa688f723942ac983f9edf3f439c1be35299095927320f4bc4d3

SHA512
1b9db79707cbcc123151dd9b62c86d90e3eeb918978540839d577935f0395707da8debd4c6a5a3e3a3684f9aac8d5d5be26aff85bbeb9fb10400653b6636f167

Download Submit
C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\Crashpad\settings.dat

Filesize
152B

MD5
f9feca67ac2b3343f32813de85d8c9c1

SHA1
6c4df16062def1d9ba93cbd26562be718a2dbf3b

SHA256
e5596f76d5f207825ab1bdfa08587a2a738facf8f028f4d6ba5440e7f6119094

SHA512
9910634d12c9279a26a2a538d1a6e2d5f6253ce524a995b82dd2aaff8ab1adc751ac2fab1a78d8f2a788e3e3bc8658b2b0e4b7b90916c5e86f74036d0c93b54a

Download Submit
C:\Users\Admin\AppData\Local\net.wearedevs\EBWebView\a8b7122e-22d7-420c-a5bd-565f19f407e3.tmp

Filesize
2KB

MD5
8eac229a73a5d95586c210348c58938d

SHA1
fec56e7e001299b42461260618abcce0233f08dd

SHA256
853614fbd57bf9f3dccd5c892c7049a07d0f84508864d1bb05050643b410c544

SHA512
4ee26d30f2ee1ae01c9e4bc8cb96e14749f957e39e6b1f0d04ca13590088e5a45d0ffc5c2decce79f02da204680031bcda33487986b26646ff8d6f4ce726daa0

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

Filesize
13KB

MD5
66f46d611765b03ce5073dfeb1084380

SHA1
2a1c9176f4300eb9171c2f8530afeb6acedeb9b0

SHA256
da35089863a835e2f85c37dd4364a86435666111d7e8b7ead29f1d96ab55f807

SHA512
a17d2fb5705a3ac1aa0c366594e59c0633a36ffcc6d20a246e105389363037ae296dfbc601fd585eddf0c9f8cb8083f9937ccbb4fdc6f23039eae1360a9ed5ed

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

Filesize
13KB

MD5
fbc1fa60c0fa446c2686fb1ebcad2524

SHA1
f9e5f84c040ea1009dfbffb903d69b3125eee5b8

SHA256
26fa1fa7869f3bb94adb0cb965477c46e11befa99c23939be3899f9646c7807a

SHA512
016fe59fff41713a8197cac25c16a838877219ff370d7b9cddb8092c71b1f1e74fdf1b73baf78b0fb1ada2e4a6017c59378d775de06aa55795cb400ea3e6ff71

Download Submit
C:\Users\Admin\Downloads\JJSploit_8.10.7_x64-setup.nsis.zip:Zone.Identifier

Filesize
26B

MD5
fbccf14d504b7b2dbcb5a5bda75bd93b

SHA1
d59fc84cdd5217c6cf74785703655f78da6b582b

SHA256
eacd09517ce90d34ba562171d15ac40d302f0e691b439f91be1b6406e25f5913

SHA512
aa1d2b1ea3c9de3ccadb319d4e3e3276a2f27dd1a5244fe72de2b6f94083dddc762480482c5c2e53f803cd9e3973ddefc68966f974e124307b5043e654443b98

Download Submit
C:\Users\Admin\Downloads\SyxReBootstrap\SyxReBootstrap\SynXRemake\Ace\ace\mode-csound_score.js

Filesize
14KB

MD5
67d3027a53dc9dea93e8badadac2c08c

SHA1
e7b8064b0c9aafbcfc27b39ed66f96eeae054e63

SHA256
dfd544612c4b4c146234c397c610062ef0a64d84ca61bb146a3d74017b93bb40

SHA512
091fab4c78f777f27afe3f10c7ff4777babbdcaef75ed99cb12b7dfd831f7ee9837d418f9932eccac3691abd508a8bf64753f1ac7e4bdda85b9792876400c7ea

Download Submit
C:\Users\Admin\Downloads\SyxReBootstrap\SyxReBootstrap\SynXRemake\Ace\ace\mode-django.js

Filesize
101KB

MD5
f35de187177b0165615f713868e14448

SHA1
918a10274d31f09a0fc96b1b5d0dd35d6c0f136a

SHA256
624dcb5438d0d5bf3c630e938da5f0bd2d8bd904fe4316afea82ce8b7f25d56d

SHA512
fec3ec6a120729367801800ed585971ece19c032ff03bad38074d2ff0f4310ea872a48dadd80c9d9be7fcde07fbacf8b67ccc4052dddabcb4f38a1398fbb84a5

Download Submit
C:\Users\Admin\Downloads\SyxReBootstrap\SyxReBootstrap\SynXRemake\Ace\ace\mode-ftl.js

Filesize
50KB

MD5
71451c50ed393d0071d352ddb2e56330

SHA1
cbfc8767bb4baceab37805257997c84f4264bbea

SHA256
2437cbce03f95681d4d31f50d2c5079ed35289bba9f13b1f62da20c73c3f06e2

SHA512
219f6d3deee708706ac4e8fdf4f7161a3cf4b6b719763680783e385d9525c0553fe4bba46157a5610e434c8fb40d88e46e54688705925710c4be782f80986fb4

Download Submit
C:\Users\Admin\Downloads\SyxReBootstrap\SyxReBootstrap\SynXRemake\Ace\ace\mode-glsl.js

Filesize
21KB

MD5
8ca9be0b4f85aa607d8af3c05c15b20d

SHA1
11f4bcb7b70f1a5bc6eda16825a8c40d81f4b616

SHA256
69343926d5bf317dff9a42193db72989f8464518508a83f642f027745b44e217

SHA512
c279c05f3d04ab75275b4fd61999d4d8b005e956b5d0a1447d00030f15b061621c680cf7ec462cda3c0b669e1b957e9edd2aca64debf6258c8e123ed3f0c9712

Download Submit
C:\Users\Admin\Downloads\SyxReBootstrap\SyxReBootstrap\SynXRemake\Ace\ace\mode-sh.js

Filesize
14KB

MD5
37f7cf0e0a639840d67e81e0a3d257dc

SHA1
4e59399b4b5dd9275ba58fc5c7640822af8891c2

SHA256
61f9a37f096997d0f8a4de024358c443943e8eecb2a8d023dba992212e3d1534

SHA512
f4940712bd359338eef2498b5658938a1e3cdbc967e1b17bdd13b6136e6661785abad4537daa2136274b8628cc622035e7447c0fa986f0db77f58f7d1ea56588

Download Submit
C:\Users\Admin\Downloads\SyxReBootstrap\SyxReBootstrap\SynXRemake\Ace\ace\worker-css.js

Filesize
269KB

MD5
efb7f98bfc7e9c92c7a5eacd72ece9e6

SHA1
0b6c2de65deb556163893762146c88e7451a3945

SHA256
53468a5a21fda1bdc6838d73255f0f0b3d7030c745077d09d4cdc41b20796f5a

SHA512
2ca94b561e2d13ea7f91ea3087c2c4a19ae3862b48ebfcd934f9f3c95eae3e49f8d6cdd69d8254a88985e3c57ffc3935581ad615dc8fb473720cc64dce9e50cf

Download Submit
C:\Users\Admin\Downloads\SyxReBootstrap\SyxReBootstrap\SynXRemake\SynapseXRemake.exe.WebView2\EBWebView\Crashpad\settings.dat

Filesize
152B

MD5
a71798cdaf54b2e665160f5209e0aabf

SHA1
e0244da440c548846fe2aba62e60a90f890103d3

SHA256
1c7f14e7aac69994e95f2f68b8819822aa3458798896af0864d4c7ee8c457dce

SHA512
0faf33f43f4785fe3e7da358a3b7fd9d119443df4f2ad726dd4d30790ed7adbc6a0f3f8511ff7d287d247cddccdd2327398c2049f9b20a01e9a9e653ed95c611

Download Submit
C:\Users\Admin\Downloads\SyxReBootstrap\SyxReBootstrap\SynXRemake\SynapseXRemake.exe.WebView2\EBWebView\Crashpad\settings.dat

Filesize
152B

MD5
7bb07b91a44c6158977de5edae3ec79d

SHA1
b918508eb02d76b467466aa87c74f15162318bc2

SHA256
382899628f32f155125e119e6c78e2f8b0b95f4fb8c2445f618ce4b3c9769526

SHA512
ab8933bf30606705448b4ee6e430faf0f427634c55a42ebf2d231462ea7004718fea5ed996d24ea35a2a60c76d3e200ea3b3753e4762fdd95692d92f98f22652

Download Submit
C:\Users\Admin\Downloads\SyxReBootstrap\SyxReBootstrap\SynXRemake\SynapseXRemake.exe.WebView2\EBWebView\Crashpad\settings.dat

Filesize
152B

MD5
0c4e6b639829cd380aa163f13861cbb5

SHA1
81b0ec808c9a225cf07d4e3b8f0736f8004b7a7d

SHA256
115501305c043dd12519a238c12cdd102cc988925cd3f7c1f813333bb4845e0d

SHA512
284324d425ece566f86e439e1c2c7c2d8df1b8079ab602efd8c33b94f08a165abc8c38891c5892b98384ae1c72f47dea64784438320610966ae5166c88e822b6

Download Submit
C:\Users\Admin\Downloads\SyxReBootstrap\SyxReBootstrap\SynXRemake\SynapseXRemake.exe.WebView2\EBWebView\Default\79c2f5e5-a2f5-4001-ad46-eefc80277f30.tmp

Filesize
1B

MD5
5058f1af8388633f609cadb75a75dc9d

SHA1
3a52ce780950d4d969792a2559cd519d7ee8c727

SHA256
cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

SHA512
0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

Download Submit
C:\Users\Admin\Downloads\SyxReBootstrap\SyxReBootstrap\SynXRemake\SynapseXRemake.exe.WebView2\EBWebView\Default\Code Cache\wasm\index

Filesize
24B

MD5
54cb446f628b2ea4a5bce5769910512e

SHA1
c27ca848427fe87f5cf4d0e0e3cd57151b0d820d

SHA256
fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d

SHA512
8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

Download Submit
C:\Users\Admin\Downloads\SyxReBootstrap\SyxReBootstrap\SynXRemake\SynapseXRemake.exe.WebView2\EBWebView\Default\GPUCache\data_3

Filesize
8KB

MD5
41876349cb12d6db992f1309f22df3f0

SHA1
5cf26b3420fc0302cd0a71e8d029739b8765be27

SHA256
e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c

SHA512
e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e

Download Submit
C:\Users\Admin\Downloads\SyxReBootstrap\SyxReBootstrap\SynXRemake\SynapseXRemake.exe.WebView2\EBWebView\Default\Network Persistent State

Filesize
299B

MD5
885d6759b69040838a3180dba98d0020

SHA1
baa645e78e9c07ea5dc6d36e986ca2ceed688d62

SHA256
293ca64c32714f1f0b9daaa93ba6b8336bcbb6761688e218eb91acdd64a8dc4e

SHA512
72c5a57d39f6747cda9f0f6606e823d2fb5520ba8463972a8543d32f546313471efdb903147f1bb341c118e07ff664f6f231ed3b30becb103f1447ce23b31a4a

Download Submit
C:\Users\Admin\Downloads\SyxReBootstrap\SyxReBootstrap\SynXRemake\SynapseXRemake.exe.WebView2\EBWebView\Default\Network Persistent State~RFe5e880a.TMP

Filesize
59B

MD5
2800881c775077e1c4b6e06bf4676de4

SHA1
2873631068c8b3b9495638c865915be822442c8b

SHA256
226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974

SHA512
e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b

Download Submit
C:\Users\Admin\Downloads\SyxReBootstrap\SyxReBootstrap\SynXRemake\SynapseXRemake.exe.WebView2\EBWebView\Default\Preferences

Filesize
19KB

MD5
10ee15128cbbffb703a1e10ca03aa56c

SHA1
d3658b925e1828c094f0fe0fe2c2053d4e41b9dd

SHA256
4293592be27bf08b34bbfc51981506602f58135acf7ce6b60d09da49e993fec5

SHA512
c4fc9e6ed93a6f173987826e7236bdc3944546e6d64628040d0f961b38a23e98a2286b38217b6c77de686ad4d381f12d20a5be7587fddb998cd7b76fd025f77a

Download Submit
C:\Users\Admin\Downloads\SyxReBootstrap\SyxReBootstrap\SynXRemake\SynapseXRemake.exe.WebView2\EBWebView\Default\Preferences

Filesize
19KB

MD5
10eebb021d6d8c2bf83eeb40eadfedc9

SHA1
aae5e38e3d70e26710fa66576093b1565a2da57e

SHA256
b18d52f8b5726b418c6c875a5717432f2c2b8d3a64bb158eb58f2c7a3965cc14

SHA512
f0a9cab3aef0e14db12fa37079f5f31176cda30713b21a2af350ca8bbb7d1954e6554a7042fe539d5fb06669a376acf57e02738cc655feedc738b2323e53c361

Download Submit
C:\Users\Admin\Downloads\SyxReBootstrap\SyxReBootstrap\SynXRemake\SynapseXRemake.exe.WebView2\EBWebView\Default\Preferences

Filesize
19KB

MD5
fe73e7460650ddb6eca82cd913e3ce91

SHA1
fcb38641407bb3b6558ff0cf6535cbb43cb1f0bf

SHA256
d86e5b097a64ed241dfe87e9ef12604935651ac38cd84f76bc920423dd3ff40c

SHA512
ac08ec36ec856fcb0e7990b69256384a3043e98d0bb155b8d14b3f2aa202dfedbab1399c417b3cd78c26c8114968bd86e122c87b1ad377931e31f1a3afacac30

Download Submit
C:\Users\Admin\Downloads\SyxReBootstrap\SyxReBootstrap\SynXRemake\SynapseXRemake.exe.WebView2\EBWebView\Default\Secure Preferences

Filesize
9KB

MD5
a5153394b12129a9ee6efe6487a2af2e

SHA1
dfb8d754b0d739d9406491d2b304801042d5d2dc

SHA256
81bf8d4af1a6323b409a06c1b29e4fa02046ba2658b0cd8a6c37c694f0c87356

SHA512
e94c57e5d196eeb188fe3eadc42d3e8824f12e7c0dcb8d02e1f1b7ece64abb351dc531f48870caed597c3b28ade7ed95501b670b670aed5f183255013d1d9234

Download Submit
C:\Users\Admin\Downloads\SyxReBootstrap\SyxReBootstrap\SynXRemake\SynapseXRemake.exe.WebView2\EBWebView\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\Downloads\SyxReBootstrap\SyxReBootstrap\SynXRemake\SynapseXRemake.exe.WebView2\EBWebView\GraphiteDawnCache\data_0

Filesize
8KB

MD5
cf89d16bb9107c631daabf0c0ee58efb

SHA1
3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b

SHA256
d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e

SHA512
8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0

Download Submit
C:\Users\Admin\Downloads\SyxReBootstrap\SyxReBootstrap\SynXRemake\SynapseXRemake.exe.WebView2\EBWebView\GraphiteDawnCache\data_2

Filesize
8KB

MD5
0962291d6d367570bee5454721c17e11

SHA1
59d10a893ef321a706a9255176761366115bedcb

SHA256
ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7

SHA512
f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed

Download Submit
C:\Users\Admin\Downloads\SyxReBootstrap\SyxReBootstrap\SynXRemake\SynapseXRemake.exe.WebView2\EBWebView\Local State

Filesize
23KB

MD5
632bbed6134caf1fe0d5f3392ccca51f

SHA1
f40546a91058fb57a001bb3ba267bebc41e85da0

SHA256
ec63a1fe90b11091244d6f7b02b315df4f8821cd89ca64c82edb59e6dcf5e96f

SHA512
596bfb327859a00e812d16be89c89c0142e2b9954e06080f65e65b2c074510ceaba867e7f69ddb7b3105a87d4067a6668574f660b632fa6b8d85f6fa0a76f7ad

Download Submit
C:\Users\Admin\Downloads\SyxReBootstrap\SyxReBootstrap\SynXRemake\SynapseXRemake.exe.WebView2\EBWebView\Subresource Filter\Indexed Rules\28\scoped_dir4872_1558755980\LICENSE

Filesize
24KB

MD5
aad9405766b20014ab3beb08b99536de

SHA1
486a379bdfeecdc99ed3f4617f35ae65babe9d47

SHA256
ed0f972d56566a96fb2f128a7b58091dfbf32dc365b975bc9318c9701677f44d

SHA512
bd9bf257306fdaff3f1e3e1fccb1f0d6a3181d436035124bd4953679d1af2cd5b4cc053b0e2ef17745ae44ae919cd8fd9663fbc0cd9ed36607e9b2472c206852

Download Submit
C:\Users\Admin\Downloads\SyxReBootstrap\SyxReBootstrap\SynXRemake\workspace\.tests\isfile.txt

Filesize
7B

MD5
260ca9dd8a4577fc00b7bd5810298076

SHA1
53a5687cb26dc41f2ab4033e97e13adefd3740d6

SHA256
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

SHA512
51e85deb51c2b909a21ec5b8e83b1cb28da258b1be227620105a345a2bd4c6aea549cd5429670f2df33324667b9f623a420b3a0bdbbd03ad48602211e75478a7

Download Submit
C:\Users\Admin\Downloads\die_win64_portable_3.10_x64.zip.crdownload

Filesize
20.1MB

MD5
913e398a24f4bc9cea4a8d5f72c64cb7

SHA1
3ed7708f95359941effdfb31ef8cf43bc15d8312

SHA256
8eb0604244f029718f2bd6ab8a9fcf5f8eaf9f2e7ab4041fd02d2cce9bdaf7e8

SHA512
cea3b305854df19f08747079c3c53f53b58318886ca9eaba7a3e84b8ad5c606bc2a46c3aecdff1bf08be5ff4aad8b5ab742cd24bb695766e35e8df40fd0b0440

Download Submit
memory/1680-1662-0x00007FF6E7310000-0x00007FF6E7F62000-memory.dmp

Filesize
12.3MB

Download
memory/1680-1661-0x00007FFC3A9B0000-0x00007FFC3AEF1000-memory.dmp

Filesize
5.3MB

Download
memory/2616-1679-0x00000252C55D0000-0x00000252C55DA000-memory.dmp

Filesize
40KB

Download
memory/2616-1678-0x00000252C5A80000-0x00000252C5A92000-memory.dmp

Filesize
72KB

Download
memory/2616-1669-0x00000252C5560000-0x00000252C5582000-memory.dmp

Filesize
136KB

Download
memory/3620-3108-0x00007FFC5AC70000-0x00007FFC5AC71000-memory.dmp

Filesize
4KB

Download
memory/3920-3089-0x00000229F1E60000-0x00000229F1FCA000-memory.dmp

Filesize
1.4MB

Download
memory/3920-3096-0x00000229F7B60000-0x00000229F7B66000-memory.dmp

Filesize
24KB

Download
memory/3920-3095-0x00000229F4B00000-0x00000229F4B94000-memory.dmp

Filesize
592KB

Download
memory/3920-3094-0x00000229F49B0000-0x00000229F49BE000-memory.dmp

Filesize
56KB

Download
memory/3920-3090-0x00000229F4660000-0x00000229F47A0000-memory.dmp

Filesize
1.2MB

Download
memory/3920-3091-0x00000229F49C0000-0x00000229F49D8000-memory.dmp

Filesize
96KB

Download
memory/3920-3092-0x00000229F49A0000-0x00000229F49A8000-memory.dmp

Filesize
32KB

Download
memory/3920-3093-0x00000229F4A20000-0x00000229F4A58000-memory.dmp

Filesize
224KB

Download