Overview

overview

10

Static

static

3

The Stanle...xe.exe

windows10-2004-x64

Analysis

  • max time kernel
    900s
  • max time network
    902s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    12-10-2024 19:10

Sharing

Copy URL
Twitter E-mail

Errors

Reason
Machine shutdown
Report Analysis Logs

General

  • Target

    The Stanley Parable Ultra Deluxe.exe

  • Size

    635KB

  • MD5

    8f35a1321df52b17b58cefc3c65a7eb8

  • SHA1

    e0b6c2acc51151b41931112c61f1fb9b0cf23b17

  • SHA256

    bd3a1f9763990b580f5f9073e3e23f7dff6369d79c24fef32c9164fadb998374

  • SHA512

    0544c578b2d1737e0125ddb1633026eb5b710c4273d232a6aadca870c8ce9cedf724c2a6d3c1f24d2dcd53e3e910dcd7058753ff775d129cfeeb36482605711f

  • SSDEEP

    12288:Q7qTU7nJYOeAkvS3N88DOt6pD8Flrn7VCufAmPCRJ7dad85Qng3V2DGz//dwH+I9:Gq4JYOeAka3N88qBrn7BfZPwJ7dad85M

Score
10/10
wannacrydefense_evasiondiscoveryexecutionimpactpersistenceransomwarespywarestealerworm

Malware Config

Extracted

Path

C:\Users\Admin\Downloads\!Please Read Me!.txt

Family

wannacry

Ransom Note
Q: What's wrong with my files? A: Ooops, your important files are encrypted. It means you will not be able to access them anymore until they are decrypted. If you follow our instructions we guarantee that you can decrypt all your files quickly and safely! Let's start decrypting! Q: What do I do? A: First, you need to pay service fees for the decryption. Please send $300 worth of bitcoin to this bitcoin address: 15zGqZCTcys6eCjDkE3DypCjXi6QWRV6V1 Next, please find the decrypt software on your desktop, an executable file named "!WannaDecryptor!.exe". If it does not exsit, download the software from the address below. (You may need to disable your antivirus for a while.) rar password: wcry123 Run and follow the instructions! �
Wallets

15zGqZCTcys6eCjDkE3DypCjXi6QWRV6V1

Signatures

  • Wannacry

    WannaCry is a ransomware cryptoworm.

    ransomwarewormwannacry
  • Deletes shadow copies 3 TTPs

    Ransomware often targets backup files to inhibit system recovery.

    ransomwaredefense_evasionimpactexecution
  • Downloads MZ/PE file
  • Drops startup file 2 IoCs
  • Executes dropped EXE 12 IoCs
  • Reads user/profile data of web browsers 3 TTPs

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer
  • Adds Run key to start application 2 TTPs 1 IoCs
    persistence
  • Legitimate hosting services abused for malware hosting/C2 1 TTPs 2 IoCs
  • Looks up external IP address via web service 2 IoCs

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Drops file in System32 directory 1 IoCs
  • Sets desktop wallpaper using registry 2 TTPs 2 IoCs
    ransomware
  • Drops file in Program Files directory 2 IoCs
  • Browser Information Discovery 1 TTPs

    Enumerate browser information.

    discovery
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • System Location Discovery: System Language Discovery 1 TTPs 17 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Checks SCSI registry key(s) 3 TTPs 6 IoCs

    SCSI information is often read in order to detect sandboxing environments.

  • Checks processor information in registry 2 TTPs 2 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Enumerates system info in registry 2 TTPs 9 IoCs
  • Kills process with taskkill 4 IoCs
    evasion
  • Modifies Internet Explorer settings 1 TTPs 2 IoCs
    adwarespyware
  • Modifies data under HKEY_USERS 18 IoCs
  • Modifies registry class 22 IoCs
  • Opens file in notepad (likely ransom note) 1 IoCs
    ransomware
  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 3 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 16 IoCs
  • Suspicious use of AdjustPrivilegeToken 64 IoCs
  • Suspicious use of FindShellTrayWindow 64 IoCs
  • Suspicious use of SendNotifyMessage 64 IoCs
  • Suspicious use of SetWindowsHookEx 59 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs
  • Uses Volume Shadow Copy service COM API

    The Volume Shadow Copy service is used to manage backups/snapshots.

    ransomware

Processes

  • C:\Users\Admin\AppData\Local\Temp\The Stanley Parable Ultra Deluxe.exe
    "C:\Users\Admin\AppData\Local\Temp\The Stanley Parable Ultra Deluxe.exe"
    1⤵
      PID:3888
    • C:\Program Files\Google\Chrome\Application\chrome.exe
      "C:\Program Files\Google\Chrome\Application\chrome.exe"
      1⤵
      • Enumerates system info in registry
      • Modifies data under HKEY_USERS
      • Modifies registry class
      • Suspicious behavior: EnumeratesProcesses
      • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
      • Suspicious use of AdjustPrivilegeToken
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SendNotifyMessage
      • Suspicious use of WriteProcessMemory
      PID:4680
      • C:\Program Files\Google\Chrome\Application\chrome.exe
        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffe1a18cc40,0x7ffe1a18cc4c,0x7ffe1a18cc58
        2⤵
          PID:3340
        • C:\Program Files\Google\Chrome\Application\chrome.exe
          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1992,i,6764225672419407186,8796843930209293872,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2000 /prefetch:2
          2⤵
            PID:1116
          • C:\Program Files\Google\Chrome\Application\chrome.exe
            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1932,i,6764225672419407186,8796843930209293872,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2128 /prefetch:3
            2⤵
              PID:1396
            • C:\Program Files\Google\Chrome\Application\chrome.exe
              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2268,i,6764225672419407186,8796843930209293872,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2484 /prefetch:8
              2⤵
                PID:4332
              • C:\Program Files\Google\Chrome\Application\chrome.exe
                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3144,i,6764225672419407186,8796843930209293872,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3164 /prefetch:1
                2⤵
                  PID:3384
                • C:\Program Files\Google\Chrome\Application\chrome.exe
                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3172,i,6764225672419407186,8796843930209293872,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3352 /prefetch:1
                  2⤵
                    PID:3312
                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4524,i,6764225672419407186,8796843930209293872,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3736 /prefetch:1
                    2⤵
                      PID:2652
                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4704,i,6764225672419407186,8796843930209293872,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4708 /prefetch:8
                      2⤵
                        PID:3952
                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4804,i,6764225672419407186,8796843930209293872,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4816 /prefetch:8
                        2⤵
                          PID:5040
                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4872,i,6764225672419407186,8796843930209293872,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5052 /prefetch:8
                          2⤵
                            PID:3532
                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4776,i,6764225672419407186,8796843930209293872,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4752 /prefetch:8
                            2⤵
                              PID:3596
                            • C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe
                              "C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe" --reenable-autoupdates --system-level
                              2⤵
                              • Drops file in Program Files directory
                              PID:4360
                              • C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe
                                "C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x284,0x288,0x28c,0x260,0x290,0x7ff664134698,0x7ff6641346a4,0x7ff6641346b0
                                3⤵
                                • Drops file in Program Files directory
                                PID:1532
                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=4448,i,6764225672419407186,8796843930209293872,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4884 /prefetch:1
                              2⤵
                                PID:4736
                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=3516,i,6764225672419407186,8796843930209293872,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4684 /prefetch:1
                                2⤵
                                  PID:2548
                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5176,i,6764225672419407186,8796843930209293872,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5276 /prefetch:8
                                  2⤵
                                    PID:4344
                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5280,i,6764225672419407186,8796843930209293872,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5384 /prefetch:8
                                    2⤵
                                      PID:1592
                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5632,i,6764225672419407186,8796843930209293872,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5656 /prefetch:8
                                      2⤵
                                        PID:700
                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5548,i,6764225672419407186,8796843930209293872,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5692 /prefetch:8
                                        2⤵
                                          PID:2808
                                      • C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
                                        "C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
                                        1⤵
                                          PID:1584
                                        • C:\Windows\system32\svchost.exe
                                          C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
                                          1⤵
                                            PID:4052
                                          • C:\Windows\System32\rundll32.exe
                                            C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
                                            1⤵
                                              PID:4088
                                            • C:\Users\Admin\Downloads\WannaCry.exe
                                              "C:\Users\Admin\Downloads\WannaCry.exe"
                                              1⤵
                                              • Drops startup file
                                              • Executes dropped EXE
                                              • Adds Run key to start application
                                              • System Location Discovery: System Language Discovery
                                              PID:2472
                                              • C:\Windows\SysWOW64\cmd.exe
                                                C:\Windows\system32\cmd.exe /c 148781728760281.bat
                                                2⤵
                                                • System Location Discovery: System Language Discovery
                                                PID:1200
                                                • C:\Windows\SysWOW64\cscript.exe
                                                  cscript //nologo c.vbs
                                                  3⤵
                                                  • System Location Discovery: System Language Discovery
                                                  PID:3812
                                              • C:\Users\Admin\Downloads\!WannaDecryptor!.exe
                                                !WannaDecryptor!.exe f
                                                2⤵
                                                • Executes dropped EXE
                                                • System Location Discovery: System Language Discovery
                                                • Suspicious use of SetWindowsHookEx
                                                PID:4144
                                              • C:\Windows\SysWOW64\taskkill.exe
                                                taskkill /f /im MSExchange*
                                                2⤵
                                                • System Location Discovery: System Language Discovery
                                                • Kills process with taskkill
                                                PID:4004
                                              • C:\Windows\SysWOW64\taskkill.exe
                                                taskkill /f /im Microsoft.Exchange.*
                                                2⤵
                                                • System Location Discovery: System Language Discovery
                                                • Kills process with taskkill
                                                PID:2688
                                              • C:\Windows\SysWOW64\taskkill.exe
                                                taskkill /f /im sqlserver.exe
                                                2⤵
                                                • System Location Discovery: System Language Discovery
                                                • Kills process with taskkill
                                                PID:536
                                              • C:\Windows\SysWOW64\taskkill.exe
                                                taskkill /f /im sqlwriter.exe
                                                2⤵
                                                • System Location Discovery: System Language Discovery
                                                • Kills process with taskkill
                                                PID:5032
                                              • C:\Users\Admin\Downloads\!WannaDecryptor!.exe
                                                !WannaDecryptor!.exe c
                                                2⤵
                                                • Executes dropped EXE
                                                • System Location Discovery: System Language Discovery
                                                • Suspicious use of SetWindowsHookEx
                                                PID:1208
                                              • C:\Windows\SysWOW64\cmd.exe
                                                cmd.exe /c start /b !WannaDecryptor!.exe v
                                                2⤵
                                                • System Location Discovery: System Language Discovery
                                                PID:1348
                                                • C:\Users\Admin\Downloads\!WannaDecryptor!.exe
                                                  !WannaDecryptor!.exe v
                                                  3⤵
                                                  • Executes dropped EXE
                                                  • System Location Discovery: System Language Discovery
                                                  • Suspicious use of SetWindowsHookEx
                                                  PID:2144
                                                  • C:\Windows\SysWOW64\cmd.exe
                                                    cmd.exe /c vssadmin delete shadows /all /quiet & wmic shadowcopy delete & bcdedit /set {default} bootstatuspolicy ignoreallfailures & bcdedit /set {default} recoveryenabled no & wbadmin delete catalog -quiet
                                                    4⤵
                                                    • System Location Discovery: System Language Discovery
                                                    PID:4328
                                                    • C:\Windows\SysWOW64\Wbem\WMIC.exe
                                                      wmic shadowcopy delete
                                                      5⤵
                                                      • System Location Discovery: System Language Discovery
                                                      PID:5008
                                              • C:\Users\Admin\Downloads\!WannaDecryptor!.exe
                                                !WannaDecryptor!.exe
                                                2⤵
                                                • Executes dropped EXE
                                                • Sets desktop wallpaper using registry
                                                • System Location Discovery: System Language Discovery
                                                • Suspicious behavior: GetForegroundWindowSpam
                                                • Suspicious use of SetWindowsHookEx
                                                PID:5052
                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://www.btcfrog.com/qr/bitcoinPNG.php?address=15zGqZCTcys6eCjDkE3DypCjXi6QWRV6V1
                                                  3⤵
                                                  • Enumerates system info in registry
                                                  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
                                                  • Suspicious use of SendNotifyMessage
                                                  PID:4312
                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffe0bac46f8,0x7ffe0bac4708,0x7ffe0bac4718
                                                    4⤵
                                                      PID:5064
                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2152,12225867520004010341,5712867242384891440,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2216 /prefetch:2
                                                      4⤵
                                                        PID:384
                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2152,12225867520004010341,5712867242384891440,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2484 /prefetch:3
                                                        4⤵
                                                          PID:4632
                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2152,12225867520004010341,5712867242384891440,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2744 /prefetch:8
                                                          4⤵
                                                            PID:1192
                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12225867520004010341,5712867242384891440,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3384 /prefetch:1
                                                            4⤵
                                                              PID:1676
                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2152,12225867520004010341,5712867242384891440,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3404 /prefetch:1
                                                              4⤵
                                                                PID:2220
                                                          • C:\Users\Admin\Downloads\!WannaDecryptor!.exe
                                                            !WannaDecryptor!.exe
                                                            2⤵
                                                            • Executes dropped EXE
                                                            • Sets desktop wallpaper using registry
                                                            • System Location Discovery: System Language Discovery
                                                            • Suspicious use of SetWindowsHookEx
                                                            PID:4000
                                                        • C:\Windows\system32\vssvc.exe
                                                          C:\Windows\system32\vssvc.exe
                                                          1⤵
                                                            PID:4632
                                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            "C:\Program Files\Google\Chrome\Application\chrome.exe"
                                                            1⤵
                                                            • Enumerates system info in registry
                                                            • Modifies data under HKEY_USERS
                                                            • Modifies registry class
                                                            • Suspicious behavior: EnumeratesProcesses
                                                            • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
                                                            • Suspicious use of FindShellTrayWindow
                                                            • Suspicious use of SendNotifyMessage
                                                            PID:4416
                                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd8,0x104,0x7ffe1a18cc40,0x7ffe1a18cc4c,0x7ffe1a18cc58
                                                              2⤵
                                                                PID:700
                                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=2012,i,2167720124979665183,11460011779170507578,262144 --variations-seed-version=20241011-130141.903000 --mojo-platform-channel-handle=2008 /prefetch:2
                                                                2⤵
                                                                  PID:4008
                                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1896,i,2167720124979665183,11460011779170507578,262144 --variations-seed-version=20241011-130141.903000 --mojo-platform-channel-handle=2044 /prefetch:3
                                                                  2⤵
                                                                    PID:2084
                                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2276,i,2167720124979665183,11460011779170507578,262144 --variations-seed-version=20241011-130141.903000 --mojo-platform-channel-handle=2480 /prefetch:8
                                                                    2⤵
                                                                      PID:1396
                                                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3132,i,2167720124979665183,11460011779170507578,262144 --variations-seed-version=20241011-130141.903000 --mojo-platform-channel-handle=3180 /prefetch:1
                                                                      2⤵
                                                                        PID:856
                                                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3148,i,2167720124979665183,11460011779170507578,262144 --variations-seed-version=20241011-130141.903000 --mojo-platform-channel-handle=3240 /prefetch:1
                                                                        2⤵
                                                                          PID:3784
                                                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4492,i,2167720124979665183,11460011779170507578,262144 --variations-seed-version=20241011-130141.903000 --mojo-platform-channel-handle=4504 /prefetch:1
                                                                          2⤵
                                                                            PID:5092
                                                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4716,i,2167720124979665183,11460011779170507578,262144 --variations-seed-version=20241011-130141.903000 --mojo-platform-channel-handle=4720 /prefetch:8
                                                                            2⤵
                                                                              PID:116
                                                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4724,i,2167720124979665183,11460011779170507578,262144 --variations-seed-version=20241011-130141.903000 --mojo-platform-channel-handle=4704 /prefetch:8
                                                                              2⤵
                                                                                PID:948
                                                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4812,i,2167720124979665183,11460011779170507578,262144 --variations-seed-version=20241011-130141.903000 --mojo-platform-channel-handle=4592 /prefetch:8
                                                                                2⤵
                                                                                  PID:1868
                                                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5040,i,2167720124979665183,11460011779170507578,262144 --variations-seed-version=20241011-130141.903000 --mojo-platform-channel-handle=5032 /prefetch:8
                                                                                  2⤵
                                                                                    PID:5108
                                                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=4596,i,2167720124979665183,11460011779170507578,262144 --variations-seed-version=20241011-130141.903000 --mojo-platform-channel-handle=4592 /prefetch:1
                                                                                    2⤵
                                                                                      PID:4188
                                                                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=3504,i,2167720124979665183,11460011779170507578,262144 --variations-seed-version=20241011-130141.903000 --mojo-platform-channel-handle=3456 /prefetch:1
                                                                                      2⤵
                                                                                        PID:3116
                                                                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=5100,i,2167720124979665183,11460011779170507578,262144 --variations-seed-version=20241011-130141.903000 --mojo-platform-channel-handle=4848 /prefetch:1
                                                                                        2⤵
                                                                                          PID:4992
                                                                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=3904,i,2167720124979665183,11460011779170507578,262144 --variations-seed-version=20241011-130141.903000 --mojo-platform-channel-handle=5108 /prefetch:1
                                                                                          2⤵
                                                                                            PID:4540
                                                                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=3304,i,2167720124979665183,11460011779170507578,262144 --variations-seed-version=20241011-130141.903000 --mojo-platform-channel-handle=3440 /prefetch:1
                                                                                            2⤵
                                                                                              PID:4420
                                                                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-appcompat-clear --field-trial-handle=5400,i,2167720124979665183,11460011779170507578,262144 --variations-seed-version=20241011-130141.903000 --mojo-platform-channel-handle=5472 /prefetch:8
                                                                                              2⤵
                                                                                                PID:2096
                                                                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=4720,i,2167720124979665183,11460011779170507578,262144 --variations-seed-version=20241011-130141.903000 --mojo-platform-channel-handle=5652 /prefetch:1
                                                                                                2⤵
                                                                                                  PID:1280
                                                                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5452,i,2167720124979665183,11460011779170507578,262144 --variations-seed-version=20241011-130141.903000 --mojo-platform-channel-handle=5388 /prefetch:8
                                                                                                  2⤵
                                                                                                    PID:2904
                                                                                                • C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
                                                                                                  "C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
                                                                                                  1⤵
                                                                                                    PID:716
                                                                                                  • C:\Windows\system32\AUDIODG.EXE
                                                                                                    C:\Windows\system32\AUDIODG.EXE 0x490 0x418
                                                                                                    1⤵
                                                                                                      PID:2304
                                                                                                    • C:\Program Files\7-Zip\7zG.exe
                                                                                                      "C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\" -an -ai#7zMap32106:78:7zEvent5330
                                                                                                      1⤵
                                                                                                        PID:2276
                                                                                                      • C:\Users\Admin\Downloads\wanakiwi.exe
                                                                                                        "C:\Users\Admin\Downloads\wanakiwi.exe"
                                                                                                        1⤵
                                                                                                        • Executes dropped EXE
                                                                                                        • System Location Discovery: System Language Discovery
                                                                                                        • Suspicious behavior: EnumeratesProcesses
                                                                                                        PID:544
                                                                                                      • C:\Users\Admin\Downloads\!WannaDecryptor!.exe
                                                                                                        "C:\Users\Admin\Downloads\!WannaDecryptor!.exe"
                                                                                                        1⤵
                                                                                                        • Executes dropped EXE
                                                                                                        • System Location Discovery: System Language Discovery
                                                                                                        • Suspicious use of SetWindowsHookEx
                                                                                                        PID:5012
                                                                                                      • C:\Users\Admin\Downloads\wanakiwi.exe
                                                                                                        "C:\Users\Admin\Downloads\wanakiwi.exe"
                                                                                                        1⤵
                                                                                                        • Executes dropped EXE
                                                                                                        • Suspicious behavior: EnumeratesProcesses
                                                                                                        PID:2944
                                                                                                      • C:\Users\Admin\Downloads\wanakiwi.exe
                                                                                                        "C:\Users\Admin\Downloads\wanakiwi.exe"
                                                                                                        1⤵
                                                                                                        • Executes dropped EXE
                                                                                                        • Suspicious behavior: EnumeratesProcesses
                                                                                                        PID:3688
                                                                                                      • C:\Windows\system32\cmd.exe
                                                                                                        "C:\Windows\system32\cmd.exe"
                                                                                                        1⤵
                                                                                                          PID:2900
                                                                                                          • C:\Users\Admin\Downloads\wanakiwi.exe
                                                                                                            wanakiwi.exe
                                                                                                            2⤵
                                                                                                            • Executes dropped EXE
                                                                                                            PID:4752
                                                                                                          • C:\Users\Admin\Downloads\wanakiwi.exe
                                                                                                            wanakiwi.exe
                                                                                                            2⤵
                                                                                                            • Executes dropped EXE
                                                                                                            PID:2508
                                                                                                        • C:\Windows\System32\CompPkgSrv.exe
                                                                                                          C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                          1⤵
                                                                                                            PID:3684
                                                                                                          • C:\Windows\System32\CompPkgSrv.exe
                                                                                                            C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                            1⤵
                                                                                                              PID:3676
                                                                                                            • C:\Windows\system32\OpenWith.exe
                                                                                                              C:\Windows\system32\OpenWith.exe -Embedding
                                                                                                              1⤵
                                                                                                              • Modifies registry class
                                                                                                              • Suspicious behavior: GetForegroundWindowSpam
                                                                                                              • Suspicious use of SetWindowsHookEx
                                                                                                              PID:2812
                                                                                                              • C:\Windows\system32\NOTEPAD.EXE
                                                                                                                "C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Desktop\AssertReset.js.WCRY
                                                                                                                2⤵
                                                                                                                • Opens file in notepad (likely ransom note)
                                                                                                                PID:1008
                                                                                                            • C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
                                                                                                              "C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe" -ServerName:CortanaUI.AppX8z9r6jm96hw4bsbneegw0kyxx296wr9t.mca
                                                                                                              1⤵
                                                                                                              • Modifies Internet Explorer settings
                                                                                                              • Modifies registry class
                                                                                                              • Suspicious use of SetWindowsHookEx
                                                                                                              PID:656
                                                                                                            • C:\Windows\system32\taskmgr.exe
                                                                                                              "C:\Windows\system32\taskmgr.exe" /4
                                                                                                              1⤵
                                                                                                              • Checks SCSI registry key(s)
                                                                                                              • Checks processor information in registry
                                                                                                              PID:4196
                                                                                                            • C:\Windows\system32\mmc.exe
                                                                                                              "C:\Windows\system32\mmc.exe" "C:\Windows\system32\services.msc"
                                                                                                              1⤵
                                                                                                              • Drops file in System32 directory
                                                                                                              • Suspicious behavior: GetForegroundWindowSpam
                                                                                                              • Suspicious use of SetWindowsHookEx
                                                                                                              PID:2032
                                                                                                            • C:\Windows\system32\taskmgr.exe
                                                                                                              "C:\Windows\system32\taskmgr.exe" /4
                                                                                                              1⤵
                                                                                                              • Checks SCSI registry key(s)
                                                                                                              PID:4072
                                                                                                            • C:\Windows\system32\LogonUI.exe
                                                                                                              "LogonUI.exe" /flags:0x4 /state0:0xa38fc055 /state1:0x41c64e6d
                                                                                                              1⤵
                                                                                                              • Modifies data under HKEY_USERS
                                                                                                              • Suspicious use of SetWindowsHookEx
                                                                                                              PID:2536

                                                                                                            Network

                                                                                                            MITRE ATT&CK Enterprise v15

                                                                                                            Reconnaissance

                                                                                                            Resource Development

                                                                                                            Initial Access

                                                                                                            Execution

                                                                                                            Windows Management Instrumentation

                                                                                                            1
                                                                                                            T1047

                                                                                                            Persistence

                                                                                                            Boot or Logon Autostart Execution

                                                                                                            1
                                                                                                            T1547

                                                                                                            Registry Run Keys / Startup Folder

                                                                                                            1
                                                                                                            T1547.001

                                                                                                            Privilege Escalation

                                                                                                            Boot or Logon Autostart Execution

                                                                                                            1
                                                                                                            T1547

                                                                                                            Registry Run Keys / Startup Folder

                                                                                                            1
                                                                                                            T1547.001

                                                                                                            Defense Evasion

                                                                                                            Indicator Removal

                                                                                                            1
                                                                                                            T1070

                                                                                                            File Deletion

                                                                                                            1
                                                                                                            T1070.004

                                                                                                            Modify Registry

                                                                                                            3
                                                                                                            T1112

                                                                                                            Credential Access

                                                                                                            Credentials from Password Stores

                                                                                                            1
                                                                                                            T1555

                                                                                                            Credentials from Web Browsers

                                                                                                            1
                                                                                                            T1555.003

                                                                                                            Unsecured Credentials

                                                                                                            1
                                                                                                            T1552

                                                                                                            Credentials In Files

                                                                                                            1
                                                                                                            T1552.001

                                                                                                            Discovery

                                                                                                            Browser Information Discovery

                                                                                                            1
                                                                                                            T1217

                                                                                                            Peripheral Device Discovery

                                                                                                            1
                                                                                                            T1120

                                                                                                            Query Registry

                                                                                                            3
                                                                                                            T1012

                                                                                                            System Information Discovery

                                                                                                            4
                                                                                                            T1082

                                                                                                            System Location Discovery

                                                                                                            1
                                                                                                            T1614

                                                                                                            System Language Discovery

                                                                                                            1
                                                                                                            T1614.001

                                                                                                            Lateral Movement

                                                                                                            Collection

                                                                                                            Data from Local System

                                                                                                            1
                                                                                                            T1005

                                                                                                            Command and Control

                                                                                                            Web Service

                                                                                                            1
                                                                                                            T1102

                                                                                                            Exfiltration

                                                                                                            Impact

                                                                                                            Defacement

                                                                                                            1
                                                                                                            T1491

                                                                                                            Inhibit System Recovery

                                                                                                            1
                                                                                                            T1490

                                                                                                            Replay Monitor

                                                                                                            Loading Replay Monitor...

                                                                                                            Downloads

                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
                                                                                                              Filesize

                                                                                                              40B

                                                                                                              MD5

                                                                                                              b65d667045a646269e3eb65f457698f1

                                                                                                              SHA1

                                                                                                              a263ce582c0157238655530107dbec05a3475c54

                                                                                                              SHA256

                                                                                                              23848757826358c47263fa65d53bb5ec49286b717f7f2c9c8e83192a39e35bb6

                                                                                                              SHA512

                                                                                                              87f10412feee145f16f790fbbcf0353db1b0097bda352c2cd147028db69a1e98779be880e133fed17af6ed73eb615a51e5616966c8a7b7de364ec75f37c67567

                                                                                                              Download Submit

                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_0
                                                                                                              Filesize

                                                                                                              44KB

                                                                                                              MD5

                                                                                                              af505e863264c167783420d01593be96

                                                                                                              SHA1

                                                                                                              d520ce69e5d04bc736784451eadcbd17feaf1ed0

                                                                                                              SHA256

                                                                                                              a7373b6c3cbb3ce0a7a65613e2aa2a25b7f33f5b538e77f935fffa7ec1dc1f07

                                                                                                              SHA512

                                                                                                              efd7bdef6bfa84aad36cd3845507fcce4062a80e1dea76d5735c00a26bfa52c11d4bc824b95e25fe9c6a75805c20b7136646421ab97bdcd6580981b030497bb3

                                                                                                              Download Submit

                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_1
                                                                                                              Filesize

                                                                                                              264KB

                                                                                                              MD5

                                                                                                              241f7d37f6d3d29fb4ff423525abae3d

                                                                                                              SHA1

                                                                                                              9c0d1e772dbb860a949a008c95c4f468dd721707

                                                                                                              SHA256

                                                                                                              0458d32aba704fca00d3b59b3081b3d1b200ab682e16d9e4923b1a785c14c78a

                                                                                                              SHA512

                                                                                                              7194003bd0bd19225707730b63783900d4a90875410d7cf228918a6b0aeffc17a366bca5cc583254af9196987ed0558329f84283b974fa1bdee170b99e23c9db

                                                                                                              Download Submit

                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_2
                                                                                                              Filesize

                                                                                                              1.0MB

                                                                                                              MD5

                                                                                                              e95813e1f21dd0cafd314f657931ea87

                                                                                                              SHA1

                                                                                                              c2996aafca20ee07f1f238212d7f33bc63bc0324

                                                                                                              SHA256

                                                                                                              91431abe91e0620b7ef2579227eecd630f53efadf336e545fb96394cf534559f

                                                                                                              SHA512

                                                                                                              c1e71de73b42701870b4da0bd54f6f1c7d7d030dbf925ffd8d46694eccf4eef43c31bf45e63b80e51dd695dd71da7350a884afc14906b37625ac7f5b705f82d8

                                                                                                              Download Submit

                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_3
                                                                                                              Filesize

                                                                                                              4.0MB

                                                                                                              MD5

                                                                                                              8c9fe845242308a6884428db3de34c7c

                                                                                                              SHA1

                                                                                                              ecf6e355e0bb656d1c39ed5e23c4be804472f5b6

                                                                                                              SHA256

                                                                                                              3896aa03b7884fec2d4ae93f7a82a1e2f6379b9a3781b52324db31cf79835600

                                                                                                              SHA512

                                                                                                              d5df448dfb48de68324064eb924c20fed80498947b5ab0109b2e527740d1605dd744e43518f3964a613a3cba358e356550cfe2eb43edd01c075a4bd4486bc4f7

                                                                                                              Download Submit

                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000005
                                                                                                              Filesize

                                                                                                              36KB

                                                                                                              MD5

                                                                                                              c4dc8076ae98e2cbbd5e9cf340d41112

                                                                                                              SHA1

                                                                                                              dc44fe84766ea59fe51730b4ccb8630cf9e36786

                                                                                                              SHA256

                                                                                                              a668c092ade31846ea1a240fd320090dd7c9594c31c47ce44e15400762e85e6a

                                                                                                              SHA512

                                                                                                              fd8ccf23a340e3fab050246f7989788853d6d1045fb336fbd93f112b80533cb3cc475a3e4bdf5689e961cbebbdc978fb0cca43ac0a1742509ca125d18b53aff6

                                                                                                              Download Submit

                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006
                                                                                                              Filesize

                                                                                                              62KB

                                                                                                              MD5

                                                                                                              2a269f39d847da7bf9b5d6841726b888

                                                                                                              SHA1

                                                                                                              3e3fbcdcdff5d84a331c0ecb9106637137cd4847

                                                                                                              SHA256

                                                                                                              f9401bcef77841dc036b71ec058704f10dde85bcef9b7efc42a12fbd0d200515

                                                                                                              SHA512

                                                                                                              40e14c79501180e5d0a28099b6df83ebe37f8b043cdd9295bffef7c4a376a6226ff330f8a0a15189d361fef1ca2bc661907c0e7b141c72257dcfcecec22719c6

                                                                                                              Download Submit

                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000007
                                                                                                              Filesize

                                                                                                              41KB

                                                                                                              MD5

                                                                                                              abda4d3a17526328b95aad4cfbf82980

                                                                                                              SHA1

                                                                                                              f0e1d7c57c6504d2712cec813bc6fd92446ec9e8

                                                                                                              SHA256

                                                                                                              ee22a58fa0825364628a7618894bcacb1df5a6a775cafcfb6dea146e56a7a476

                                                                                                              SHA512

                                                                                                              91769a876df0aea973129c758d9a36b319a9285374c95ea1b16e9712f9aa65a1be5acf996c8f53d8cae5faf68e4e5829cd379f523055f8bcfaa0deae0d729170

                                                                                                              Download Submit

                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000008
                                                                                                              Filesize

                                                                                                              110KB

                                                                                                              MD5

                                                                                                              6a26d1693ee0df2194dcede9fd275bf0

                                                                                                              SHA1

                                                                                                              0aef695098570bb3ab856427462deb4a3ee6d2ba

                                                                                                              SHA256

                                                                                                              8609099d86f2f11f99061207ab3d1b53fa61e394926d1deac3a24f8e85c4ce8e

                                                                                                              SHA512

                                                                                                              bf2a9a5a87fe41d0fea948ce33ea0abb38169da8b31a281450b743a3d4d76df0d8fa0c52cef288bf88dbde8df8eb3e7b63b8dc289f48364b4013d6c112a9d459

                                                                                                              Download Submit

                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009
                                                                                                              Filesize

                                                                                                              24KB

                                                                                                              MD5

                                                                                                              87c2b09a983584b04a63f3ff44064d64

                                                                                                              SHA1

                                                                                                              8796d5ef1ad1196309ef582cecef3ab95db27043

                                                                                                              SHA256

                                                                                                              d4a4a801c412a8324a19f21511a7880815b373628e66016bc1785a5a85e0afb0

                                                                                                              SHA512

                                                                                                              df1f0d6f5f53306887b0b16364651bda9cdc28b8ea74b2d46b2530c6772a724422b33bbdcd7c33d724d2fd4a973e1e9dbc4b654c9c53981386c341620c337067

                                                                                                              Download Submit

                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a
                                                                                                              Filesize

                                                                                                              70KB

                                                                                                              MD5

                                                                                                              a8bc992bad7bae98e96d1c839fc939e0

                                                                                                              SHA1

                                                                                                              83c183c786ee2952427db80c6e91de04d800b3de

                                                                                                              SHA256

                                                                                                              6e7da6e50ed27be4e94e33192e0cc7b6c71570a360054a35786b7a8c36f94567

                                                                                                              SHA512

                                                                                                              3cb4d5b9bffdf5a8471e278693ae9f5121cf976ed4e431f7f8fea5bfb7e783c44ad8f5309f986e3badacbefc1704cb2ef611da0ef06ebbe7d56fe74afea5597c

                                                                                                              Download Submit

                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000b
                                                                                                              Filesize

                                                                                                              421KB

                                                                                                              MD5

                                                                                                              94173adff9991beb4bfa6356c02d120c

                                                                                                              SHA1

                                                                                                              7c779f1eec919ba4e230f831f37b86d1ce9f0565

                                                                                                              SHA256

                                                                                                              46b2c4b8812e6f8baceac7cd04c244a2c86086e1d6a2a2f1f3bf59fc21dc9116

                                                                                                              SHA512

                                                                                                              022970893da320afe98f8003316c0e7d9800ba6db6126bcf06ce611093153411f78fcbd0cf46e546ca3dde43ababcd9e8e283354e09d0c8d3128fc0129d5dea2

                                                                                                              Download Submit

                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000c
                                                                                                              Filesize

                                                                                                              182KB

                                                                                                              MD5

                                                                                                              ecc6c78a4c5fe3fd5ca7e48922bd53cd

                                                                                                              SHA1

                                                                                                              785605f684ffb68fafc27780aae1fe9e034834c2

                                                                                                              SHA256

                                                                                                              1d67dd93cad7f80b745168cee29cdc78fa27e988b2bce166b2c723238264d645

                                                                                                              SHA512

                                                                                                              b8e2021c3e5161d815ff37f8b789ed363f4e7c66ffe5b06484c8d57036903f27ea5705acef55f7d0d813eb09ef300a76eb120784aa04c37076406e37dfd874c1

                                                                                                              Download Submit

                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000d
                                                                                                              Filesize

                                                                                                              129KB

                                                                                                              MD5

                                                                                                              5cb4e44689e45b1183e09a5c856c2564

                                                                                                              SHA1

                                                                                                              9c9895b19d943b8a9153b91755fcf132dd30614d

                                                                                                              SHA256

                                                                                                              c5119d0ddfbeb65fc697de2a4411f36f611bca15585ab7ef8c200911200c4fd2

                                                                                                              SHA512

                                                                                                              25c75df1474f91ea0ee0bf67d19c9a236cefba4614a2ad240ae4993774584b56d7537f4dc48015c5b85aae623cea2b57a47c4277c141fd966d3d0582cc9e674a

                                                                                                              Download Submit

                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000e
                                                                                                              Filesize

                                                                                                              23KB

                                                                                                              MD5

                                                                                                              c377a6cea80bdfd2b6d66d89732ff5a5

                                                                                                              SHA1

                                                                                                              4610cf407b7e485916ee518bca2ccc82874bc076

                                                                                                              SHA256

                                                                                                              d7de250b748c1abb06a62f53403290d0e57b3861c59daab1da6a9b5437b49b33

                                                                                                              SHA512

                                                                                                              c96aa121b2c19db707a9aa3709babfe9cc12f4ad3c313d56c02d76406916f444438b9a865a08134d72e40384b6766182a05cca7ea3869e846453f73494aa6f09

                                                                                                              Download Submit

                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000f
                                                                                                              Filesize

                                                                                                              20KB

                                                                                                              MD5

                                                                                                              a6f79c766b869e079daa91e038bff5c0

                                                                                                              SHA1

                                                                                                              45a9a1e2a7898ed47fc3a2dc1d674ca87980451b

                                                                                                              SHA256

                                                                                                              d27842b8823f69f4748bc26e91cf865eceb2a4ec60258cbca23899a9aef8c35a

                                                                                                              SHA512

                                                                                                              ed56aaa8229e56142ffa5eb926e4cfa87ac2a500bfa70b93001d55b08922800fe267208f6bd580a16aed7021a56b56ae70dae868c7376a77b08f1c3c23d14ab7

                                                                                                              Download Submit

                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000010
                                                                                                              Filesize

                                                                                                              37KB

                                                                                                              MD5

                                                                                                              1b6703b594119e2ef0f09a829876ae73

                                                                                                              SHA1

                                                                                                              d324911ee56f7b031f0375192e4124b0b450395e

                                                                                                              SHA256

                                                                                                              0a8d23eceec4035c56dcfea9505de12a3b222bac422d3de5c15148952fec38a0

                                                                                                              SHA512

                                                                                                              62b38dd0c1cfb92daffd30d2961994aef66decf55a5c286f2274b725e72e990fa05cae0494dc6ad1565e4fbc88a6ddd9685bd6bc4da9100763ef268305f3afe2

                                                                                                              Download Submit

                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000011
                                                                                                              Filesize

                                                                                                              37KB

                                                                                                              MD5

                                                                                                              fed3d674a2f247d846667fb6430e60a7

                                                                                                              SHA1

                                                                                                              5983d3f704afd0c03e7858da2888fcc94b4454fb

                                                                                                              SHA256

                                                                                                              001c91272600648126ab2fd51263117c17f14d1447a194b318394d8bb9b96c5d

                                                                                                              SHA512

                                                                                                              f2b9d820ac40a113d1ab3ed152dfed87322318cd38ba25eb5c5e71107df955b37448ab14a2779b29fce7ebd49cc0bbafbd505748786bc00cd47c3a138aefdddc

                                                                                                              Download Submit

                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000012
                                                                                                              Filesize

                                                                                                              19KB

                                                                                                              MD5

                                                                                                              7eab02c9122098646914e18bd7324a42

                                                                                                              SHA1

                                                                                                              5e2044e849182f1d3c8bcf7aa91d413b970fc52f

                                                                                                              SHA256

                                                                                                              d58d66c51a1feb9af55ba4a2dcf2c339b7976dd011fbd5d071ca86b9d7f58a42

                                                                                                              SHA512

                                                                                                              dbb0f94de62d7d77d4bfe6c298043c559a0d4bc117bd7dc1d627caabffa8e712cec5e3adb4a737b350429493ac0ebfb81c8759aebed41b30218d0e7ff6f3196f

                                                                                                              Download Submit

                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000013
                                                                                                              Filesize

                                                                                                              18KB

                                                                                                              MD5

                                                                                                              2e23d6e099f830cf0b14356b3c3443ce

                                                                                                              SHA1

                                                                                                              027db4ff48118566db039d6b5f574a8ac73002bc

                                                                                                              SHA256

                                                                                                              7238196a5bf79e1b83cacb9ed4a82bf40b32cd789c30ef790e4eac0bbf438885

                                                                                                              SHA512

                                                                                                              165b1de091bfe0dd9deff0f8a3968268113d95edc9fd7a8081b525e0910f4442cfb3b4f5ac58ecfa41991d9dcabe5aa8b69f7f1c77e202cd17dd774931662717

                                                                                                              Download Submit

                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                                                              Filesize

                                                                                                              2KB

                                                                                                              MD5

                                                                                                              918a9ad36283b117ca3acd51659a9c76

                                                                                                              SHA1

                                                                                                              ec57c78fa27ae6ffaa2351fc8d27b713f7169f4b

                                                                                                              SHA256

                                                                                                              a3f4eca37cf074ad086300de4cd5686760db6d2fdd4afeeef01e8424024646d1

                                                                                                              SHA512

                                                                                                              9abf980c03e1521d60f8baaee100116031bba2d02aae05f0e7aeb153330d7a3c8db84348acda6bcd3e60c1d58b5297ba93d95347ab75bb196e0eb5640bfcd535

                                                                                                              Download Submit

                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                                                              Filesize

                                                                                                              4KB

                                                                                                              MD5

                                                                                                              0ae97259465337c78a2a98789fde9e7f

                                                                                                              SHA1

                                                                                                              271151dd9736af845e28c7e3cd0fbbb845d8567e

                                                                                                              SHA256

                                                                                                              09010a5da343ea50856b6626c30fa2c364125684f846065e4be6f67f9a9548cb

                                                                                                              SHA512

                                                                                                              d2ba92486e2bd6a6f9a4914eb978ed6e4def12f0ca3114d8615551d5e2b9019c25ae6991e888a69081431cd3be2f1f5c92a6f8e0a8a5c35f0d397db6df1e7c31

                                                                                                              Download Submit

                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index~RFe59f320.TMP
                                                                                                              Filesize

                                                                                                              2KB

                                                                                                              MD5

                                                                                                              60ed83cb711614567347a6baa1a67d92

                                                                                                              SHA1

                                                                                                              07ccf36affe40b37ebeee09ee072f6ab0e9ed4e0

                                                                                                              SHA256

                                                                                                              cd31e5c047a7ea9612c7c8a3841b56dff6d62286223932ae82e6d30cdb5cccf6

                                                                                                              SHA512

                                                                                                              208a5bad4970c2694060ef4fe038686837e82ace4c7613f4f0d7bd7c918e61e00407cc63b53d14e88ab264609d998e2935ac73b3321a7982021a0b9abb13c8a5

                                                                                                              Download Submit

                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\DawnCache\data_1
                                                                                                              Filesize

                                                                                                              264KB

                                                                                                              MD5

                                                                                                              e1c4eb41464f3302a4286974f60c2621

                                                                                                              SHA1

                                                                                                              54528b03cec12d428af62744fc05f5b4c6d1838a

                                                                                                              SHA256

                                                                                                              ae34519e253cfdfbe8b9c49f8b6f4aeed1438e33de73bfc403e91676fa4ffc53

                                                                                                              SHA512

                                                                                                              34445d0dc492f7520f55aaac7e6d9301a431021c42591787a7282a85159adbed43a5f3bfdcbe680e0c78cd6c3e50c85263f534e312d5ab3c957d5ee4457bd016

                                                                                                              Download Submit

                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Favicons
                                                                                                              Filesize

                                                                                                              24KB

                                                                                                              MD5

                                                                                                              e1676bef3226c2ac5c5a85796e55c17a

                                                                                                              SHA1

                                                                                                              c4102554afa6586e902019bea5ec6f0eb20aa811

                                                                                                              SHA256

                                                                                                              923b312b0a81c2277d3d1a9c788531e46a383d8f32b51327328ef4a7ffc26bff

                                                                                                              SHA512

                                                                                                              1682a5b0eeee16f32a958c50b893ec58e57959566e1de5cf7383197d31d1e347357588ac23018cffb6fbafd8e92fd92d642f87b5d39e4ce807d5f910cbfc1113

                                                                                                              Download Submit

                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\History
                                                                                                              Filesize

                                                                                                              160KB

                                                                                                              MD5

                                                                                                              c8557346a76ee89d1b0a094e9f8e48ae

                                                                                                              SHA1

                                                                                                              86ee5cd1d692f2d8bcf9b81e3265d079f764b7e3

                                                                                                              SHA256

                                                                                                              6315f29b557e555a6ea41fa6a539f8f05a6c719049b411308bababdd5df56810

                                                                                                              SHA512

                                                                                                              6ad978fc5e641b97e00f0173414e143f0a2b8323f79095f8f9a10df380a127a66974309ca317c2c76c9c57417fda1c8dd54ba5ebc35005aa26b88c879dc6054c

                                                                                                              Download Submit

                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
                                                                                                              Filesize

                                                                                                              4KB

                                                                                                              MD5

                                                                                                              2be3c7d86d73e6eaccc94067efcf5533

                                                                                                              SHA1

                                                                                                              ae8c0f9170af3eb2c80aa51428f808bccb90c654

                                                                                                              SHA256

                                                                                                              b22d4d723720b75b00a277eeeb0387f1afcf72fccedd2a8909a3a17bd0e7440a

                                                                                                              SHA512

                                                                                                              35dbca2966b8cd24321220aa5317360bffbb2f08700e8accf0c50c79093284e2edcabf37a6351383edf244da6a658780bbb0bcfcb5a91b1073afec05082882e3

                                                                                                              Download Submit

                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
                                                                                                              Filesize

                                                                                                              10KB

                                                                                                              MD5

                                                                                                              ee0f87f27d963aa8e64d68a4b497c536

                                                                                                              SHA1

                                                                                                              b6da8b6e6561f8663978c74bb3e5633ffcd5266d

                                                                                                              SHA256

                                                                                                              ee8ee2f5915c96e8b33daa23e8f5b7ab962bcea4abaf39922f09fda9a9b6f9c3

                                                                                                              SHA512

                                                                                                              f774c0e49c6e42f0d3c678d78491000b370dfa3439a39d98f781805a2d7a265f44beaf0ad25656dc50df3fb83bad75bc46bf474966dee5d4f08638382de7cf25

                                                                                                              Download Submit

                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
                                                                                                              Filesize

                                                                                                              2B

                                                                                                              MD5

                                                                                                              d751713988987e9331980363e24189ce

                                                                                                              SHA1

                                                                                                              97d170e1550eee4afc0af065b78cda302a97674c

                                                                                                              SHA256

                                                                                                              4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

                                                                                                              SHA512

                                                                                                              b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

                                                                                                              Download Submit

                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
                                                                                                              Filesize

                                                                                                              356B

                                                                                                              MD5

                                                                                                              c722ada9958bfbf35a329618b4d1e73e

                                                                                                              SHA1

                                                                                                              48d8ec74c4ce79ee7b8350255b97080629c6ca78

                                                                                                              SHA256

                                                                                                              685c3c2f7c988b274f2e8dbf9802ec2869be10d1c657cba361aa1ba5cf2dafc0

                                                                                                              SHA512

                                                                                                              e191c0ba768d787b5e4d70c3418a75c4eb064b0fe474f66c848bed6505b5b5ecd49c3d2866aede170ba99ff9ed0b17299ad653e7db21914dc273c55c6cf6b641

                                                                                                              Download Submit

                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
                                                                                                              Filesize

                                                                                                              1KB

                                                                                                              MD5

                                                                                                              234912a0af4ec4c72f97675d96b3cc93

                                                                                                              SHA1

                                                                                                              3040631926e42c16ee6c54fc1c039cae6584a89a

                                                                                                              SHA256

                                                                                                              bfd681d9c3abe09f475c7d719856f689ec58ed32a5ee4b94476732281c3e1c3a

                                                                                                              SHA512

                                                                                                              42441fa74eda12252e6882a78e1d574b403c985cb65813a746877359bf08911f36ce8d36ade468894c1c3a09070ebd5a20dce542536be59f6c3171e49b318d2c

                                                                                                              Download Submit

                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
                                                                                                              Filesize

                                                                                                              1KB

                                                                                                              MD5

                                                                                                              c80fb1c5aea8f98040dae9e53a13847f

                                                                                                              SHA1

                                                                                                              0231935a4dd713b08f2634f26fa6efe5ed2d7318

                                                                                                              SHA256

                                                                                                              0d30c1523c6eeeec54f2b338abe1f1c85bdbb1c26ad70cb1885701a870c28113

                                                                                                              SHA512

                                                                                                              cb998cd05f81cf129ee2f1d673c70202cca89738ee33fb582dc002d53bd498236470fb90ff2d3ead8e6a8371be1d482d5aa786d6807937af3ad39e7ecb128f10

                                                                                                              Download Submit

                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
                                                                                                              Filesize

                                                                                                              1KB

                                                                                                              MD5

                                                                                                              399e31943505b28bad77ebf5872d06cb

                                                                                                              SHA1

                                                                                                              26d7c8ab078341c6deac7274d376c78978205993

                                                                                                              SHA256

                                                                                                              6d31051d94f77b60c1c4f3c7adac1551a5a26f098a35eff661cac3cdb810cc64

                                                                                                              SHA512

                                                                                                              ff0a22ebf8cebb5f6a858bd2aff2f9969f7a7b2426a22e3023a28fc94eba04de5fd69b3895d52c59a73a579880c3e4cbdb188dc5a5a0eec5102fc951cb7c68ee

                                                                                                              Download Submit

                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
                                                                                                              Filesize

                                                                                                              2KB

                                                                                                              MD5

                                                                                                              06cf3e76c21f1d085a95fee6f09d6af8

                                                                                                              SHA1

                                                                                                              2aad1ab9c425772180d8fe09f7af0f12b62b8a13

                                                                                                              SHA256

                                                                                                              e98c26d1216c3443195da286b21cf6180dba2529b82b293ab2be27ac168fc6eb

                                                                                                              SHA512

                                                                                                              27b847bb7f7da9b6a317c03ebccf4719051bd6ded5f09dffffa75242da5a7ca5ec735640a9c7ee8805618462d9f33b0b0e2af40c866b68932298ce452474970c

                                                                                                              Download Submit

                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
                                                                                                              Filesize

                                                                                                              3KB

                                                                                                              MD5

                                                                                                              5d4e3e1c9be5d50da9f651dab4974090

                                                                                                              SHA1

                                                                                                              0fd438813fe0c1ca863a8585bc6c0b709a99dec5

                                                                                                              SHA256

                                                                                                              2d25444d3f1704940fa02456a04c99987ec62edbfcff47e5aaaf1eea8193a697

                                                                                                              SHA512

                                                                                                              d940795d441675217b91a5581b0cdbcfd8846ff9b6d87824ee8a02f77382bc53b9d2e09916731831cdc3277185879460bbb63f5026190edae6f8feb66a2c14ff

                                                                                                              Download Submit

                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
                                                                                                              Filesize

                                                                                                              1KB

                                                                                                              MD5

                                                                                                              d37dec9122b6285c5960fa1c3e2430c3

                                                                                                              SHA1

                                                                                                              8ddd70f6dcdd6aec50786fccf3bcf6d0f21175dd

                                                                                                              SHA256

                                                                                                              84ba40734c0f04c5a8daa39989f3bc24a4ad6c8e09b830465c63ae904a62a8d8

                                                                                                              SHA512

                                                                                                              26472d01d903befa14d246099fc9a177853cce18388b844eff21f52eb31da42a4dd66cdeb12db5f681e200479848ac7819b12dc53fe6abd243d98517c374750a

                                                                                                              Download Submit

                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
                                                                                                              Filesize

                                                                                                              3KB

                                                                                                              MD5

                                                                                                              0496f30fb89969bc384de56a754a37aa

                                                                                                              SHA1

                                                                                                              da1ae0aca2bdb403ec2c88760aa36f5d0234cb5a

                                                                                                              SHA256

                                                                                                              00af12966f798ab56503669c48d7dd30c0a4c6a5a33f72b6f639a0b39c6a0e4f

                                                                                                              SHA512

                                                                                                              4fddccd3086801a9569f9ff812f0ff433677938632cd5dc3483fcdd0686ff0979c882d32f15c5fc86fdf3368dabf4ae7d6125f4ca70b37410462629955deb2dc

                                                                                                              Download Submit

                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
                                                                                                              Filesize

                                                                                                              11KB

                                                                                                              MD5

                                                                                                              010e7e29f09a20abae320beb228158cf

                                                                                                              SHA1

                                                                                                              03798b7cfc0226fc26517b54c71c922ffd8f7ee0

                                                                                                              SHA256

                                                                                                              583c31d2a34ce93688d62307d2d7ee25779a62e862d7fdbd34cb73dc9fc87540

                                                                                                              SHA512

                                                                                                              36c806b05f25e8e8d80bc281b76480c8ffa4888045175689a5da56eca4ad218cabfcd8c213258c1151e04369acf6073060ace0febdd3a4d764e467a1a09108b3

                                                                                                              Download Submit

                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
                                                                                                              Filesize

                                                                                                              9KB

                                                                                                              MD5

                                                                                                              8464ace2cbd16930b93a90ea91bd9e4f

                                                                                                              SHA1

                                                                                                              8edc789fc14f37ccc11f7d13b609d90a761cbfef

                                                                                                              SHA256

                                                                                                              5116464a30439f4843a14def509fc13e0c9b18f7bce524803fa08eaad486367e

                                                                                                              SHA512

                                                                                                              7eb84596e57c2681fe7f36616168ce89f74cecf97a653c6ab75e5a0ac2507f6c538481f50b4ff74986509f72517580f785b3669d04b80c4f44fba3795535d245

                                                                                                              Download Submit

                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
                                                                                                              Filesize

                                                                                                              10KB

                                                                                                              MD5

                                                                                                              928f8a6c9a967c2a387e3d5b15be0eb6

                                                                                                              SHA1

                                                                                                              7bf5ce9b852bd247289ae6065079d99713efe086

                                                                                                              SHA256

                                                                                                              24cf332e8051e4ce60ee54c8b47916c019020847ee2ae8a454af194d98c536e1

                                                                                                              SHA512

                                                                                                              5547464d39ceda461a5b3d04be4ac8ecb878b53e6423a2cc0d513181d43c96b5ef130dd0741a84249b84b7b89771d8c01afd05dd549cebebc3aeb84724c28031

                                                                                                              Download Submit

                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
                                                                                                              Filesize

                                                                                                              10KB

                                                                                                              MD5

                                                                                                              4aa26bfb4175636f7eb008a7e1017f0f

                                                                                                              SHA1

                                                                                                              2432e63769b0a6b157c8ad11e10df6d10b1d51a9

                                                                                                              SHA256

                                                                                                              98e9830655521701f5253843f7336154abfca7655611f596e0b02c2637ee580d

                                                                                                              SHA512

                                                                                                              b8d7c55a0ea278d2f64b39d286af74adecc80a47697ae7fa27eb6e72d4ab4ff21fc6c2f1c54b6069862142ac2f0109918cbfbdd1084c4a6a7c52e4a88976dfbc

                                                                                                              Download Submit

                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
                                                                                                              Filesize

                                                                                                              9KB

                                                                                                              MD5

                                                                                                              0cca87c5fa6f61d237b34268728c1886

                                                                                                              SHA1

                                                                                                              72b35ebb9aa42d6173daf8a1792fd4666f23b248

                                                                                                              SHA256

                                                                                                              39afa30f6391de4942d76e092db5f936cac4e1dd8094edc380b1f219b9e0977d

                                                                                                              SHA512

                                                                                                              cbdbd3d3e9c168211f69416a93d5f2216cf2b7cfcd2452e0e9503e64e8fb874685deb6986af1b6c3e049ced224f8ab08e24ee19a4686491c5ab40e7dfe9b39e0

                                                                                                              Download Submit

                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
                                                                                                              Filesize

                                                                                                              11KB

                                                                                                              MD5

                                                                                                              2b4db33a91c8a89d0cd2c8dc6f090533

                                                                                                              SHA1

                                                                                                              5acd63a39f6b2b0540eb75f085873ec08dff028e

                                                                                                              SHA256

                                                                                                              db01f4b0230c7a9966cf450412f0b404fef554897b432163492bf4f399786b3b

                                                                                                              SHA512

                                                                                                              c6024412c84984cb9f6bdc1d287f6562b967b322b41c7e700d8eb259fb9f1450c0cd8a4cc0bd2e6be435770b99538e8026d3fc7fbd88c92e663669745814a688

                                                                                                              Download Submit

                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
                                                                                                              Filesize

                                                                                                              10KB

                                                                                                              MD5

                                                                                                              933e0b2dd6de1f8b2b1ff2df75276efd

                                                                                                              SHA1

                                                                                                              64f6905f6303771f6cf410062ca906c89890cf02

                                                                                                              SHA256

                                                                                                              179716bd3f0e58710729ea595f9e9f53ca119468e276db6ed59f30f171a90e96

                                                                                                              SHA512

                                                                                                              e627291940a393b4c38d1f4fb505005f163b6f22a5878dc74fbc556dc8f09fa6afe4710bbcfcf6c048f91309d49e4f587b04c285940026830db74d09b2a863c2

                                                                                                              Download Submit

                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
                                                                                                              Filesize

                                                                                                              10KB

                                                                                                              MD5

                                                                                                              1f6d8a54ff20c4f320327ad8774bb067

                                                                                                              SHA1

                                                                                                              f3f448567ff5ea8cf2859a1c9cd2b6fe7f69d31e

                                                                                                              SHA256

                                                                                                              0f2f899247e1551566ec7c0906ba1e2838ca7fc438df0f893f6036bcc23a7484

                                                                                                              SHA512

                                                                                                              a6ba5586758b41ca34313d64abbda90360079d19e1aa1b36c57a040a08d267cf7cded1cca02eda9ce1510a07a454e3c9d6ade8493da16dac5ae5430b4228e1e1

                                                                                                              Download Submit

                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
                                                                                                              Filesize

                                                                                                              10KB

                                                                                                              MD5

                                                                                                              d4dba1a313a259cc79baf1e339b06df3

                                                                                                              SHA1

                                                                                                              4371ce0bf1ebe81b440be97494c3f681ec39e41f

                                                                                                              SHA256

                                                                                                              13206d6dc60ef6c6d02bedae374bf487822ac938ecb8598dbf8a84c6393c8c59

                                                                                                              SHA512

                                                                                                              db4788223779ff825437ac8034cc5d831c567cfaa17fe403fb5917a48684b73a43d151e6ddd1f8fe4b5e550cf285b979b321ad24012cc8b10c18e1a0aa4128e4

                                                                                                              Download Submit

                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
                                                                                                              Filesize

                                                                                                              15KB

                                                                                                              MD5

                                                                                                              0bb5b600600d94c337ea894d19aceefd

                                                                                                              SHA1

                                                                                                              db310657211727522d9b7517b9a09d41165439cf

                                                                                                              SHA256

                                                                                                              c8d66dd8776f3671a3b5376d34bb52836471524f105360bb45872d85b24d0d62

                                                                                                              SHA512

                                                                                                              01b4d814b3069b125e22c283c9d661482b8eef2b96e50a681d498091f07a52204affbae26de8277790f78cf44f8e91ae988e7e6bcc37560d8472830218074157

                                                                                                              Download Submit

                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG
                                                                                                              Filesize

                                                                                                              321B

                                                                                                              MD5

                                                                                                              f9030e344bd421d1ad4cd2d45b3b279b

                                                                                                              SHA1

                                                                                                              88a4e25a40bd036550602f42dea1faa1c139f3bd

                                                                                                              SHA256

                                                                                                              113810b00d60f799afe26e2553ff0159ecf183e749df16a9d91bfcb3e43de586

                                                                                                              SHA512

                                                                                                              5ad7202b307b898b2a3a5bf80a3412baca8dae4844d154145d194ea0ff2ae1a61a8ebec507bf7f3002a76707e707c4ebda53c8a2addcebe7a3d263030236ef5d

                                                                                                              Download Submit

                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\bfe4b75c-52fe-42ee-9872-c670eb4c26c9.tmp
                                                                                                              Filesize

                                                                                                              10KB

                                                                                                              MD5

                                                                                                              9a3daf973c91bba4503d45326c4dfadc

                                                                                                              SHA1

                                                                                                              d71da6a25fba75b42dba04fcf1ba06956759b54a

                                                                                                              SHA256

                                                                                                              43f0271c6e2a5bd1bca36342f1d7e3946c7aa8fb661f090baad525fa3ea2554e

                                                                                                              SHA512

                                                                                                              330b8942eeb9d43ee13310a6ff52a3a0b09dcd54cdd7445c208586bbda83c4d01738e14694405428370d73c7f909cd460caa3b439215b046717e8291b0ae87f4

                                                                                                              Download Submit

                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Version
                                                                                                              Filesize

                                                                                                              14B

                                                                                                              MD5

                                                                                                              ef48733031b712ca7027624fff3ab208

                                                                                                              SHA1

                                                                                                              da4f3812e6afc4b90d2185f4709dfbb6b47714fa

                                                                                                              SHA256

                                                                                                              c9ce8dbbe51a4131073db3d6ceef1e11eaca6308ad88a86125f221102d2cee99

                                                                                                              SHA512

                                                                                                              ce3a5a429e3796977a8019f47806b8c0671b597ead642fcbfbe3144e2b8112d35a9f2250896b7f215d237d0d19c5966caf3fe674165a6d50e14cb2b88c892029

                                                                                                              Download Submit

                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
                                                                                                              Filesize

                                                                                                              228KB

                                                                                                              MD5

                                                                                                              48604a7c56e4dfad60a95e04e141454e

                                                                                                              SHA1

                                                                                                              86700d1720e49c1dc8c1b36c82dda7fcba0927bc

                                                                                                              SHA256

                                                                                                              15a91256a111d24206bb04fbdba6c4c22541183090cbc131039c13512d7982b3

                                                                                                              SHA512

                                                                                                              b9a2fe34449e6b64ae8c67f004f31d0a2d0d502c8a3972fb27018d9df1850ef62e1c6f102790746b71c9b0a337ac18a84a6259f93fc2a7069ee70acf1f30bdf9

                                                                                                              Download Submit

                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
                                                                                                              Filesize

                                                                                                              116KB

                                                                                                              MD5

                                                                                                              e8e911a2082fcbf68a1096ce99568269

                                                                                                              SHA1

                                                                                                              6658081cae9c3216526c4ce4e53745b0b1b4f9e0

                                                                                                              SHA256

                                                                                                              480cc6c70022ce549781b1633d35436f734e1de92e5353fbdeacef9bb1febd41

                                                                                                              SHA512

                                                                                                              730e7d45e8096f15d7c4662102976d6e89a0a128a613e5a71c94f3017a8a571a694676db3586b55563f9883e27af45c01154fb0f440c6388af87d23f9ef0f00f

                                                                                                              Download Submit

                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
                                                                                                              Filesize

                                                                                                              228KB

                                                                                                              MD5

                                                                                                              b0ab5b8e8fd273ef0f4cef2a70183ce2

                                                                                                              SHA1

                                                                                                              4d3dc346f54d41515a7d5e2ca3a1696a7d3b73f2

                                                                                                              SHA256

                                                                                                              d7edd78a851939ea478566a3399b083e379e89a897edd4248a3119dd28aa6805

                                                                                                              SHA512

                                                                                                              c34be8c8fa1dfc512b85f0817f3259b4e22dc9c5c2b2fe6fcef243ba815c843a7970b6de1c95d4832489c04062ff13730803d33510716d0d59c443c33301830e

                                                                                                              Download Submit

                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
                                                                                                              Filesize

                                                                                                              116KB

                                                                                                              MD5

                                                                                                              e8a28023f7115b9c72c6717a23eb94df

                                                                                                              SHA1

                                                                                                              84191dd8c93d81286d5a5b77339c9d7d09826aa8

                                                                                                              SHA256

                                                                                                              bdf3b3b180f73cb2002792a351f613ea5b2eeabce1e0dd38e4b08895b31cd321

                                                                                                              SHA512

                                                                                                              a804896dc1b6788eff2a089cc05b91fe59f0239bae3fd4c4654786c10104b11ba43baa3545ae77f4215cc69b86df44d9a9f00ba9a26b6fb05c8c7343b7423aa2

                                                                                                              Download Submit

                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
                                                                                                              Filesize

                                                                                                              116KB

                                                                                                              MD5

                                                                                                              279c42d9a95225f6e2bcd3d0d9f59d72

                                                                                                              SHA1

                                                                                                              860e35de991a2f5584c43c7d4ac0a825866e97d0

                                                                                                              SHA256

                                                                                                              36ea1343706a4641578aecf5361b1d32d6366df57a4a840287dd130522f0225f

                                                                                                              SHA512

                                                                                                              258db5ec082f4bf9e81dd016ec1467efc782ba383fc0bd6df29bd782c5a1ad541cd3feadaec09ed63d1f9223784f67c4d8f2557888bdc0693632419311120b7a

                                                                                                              Download Submit

                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
                                                                                                              Filesize

                                                                                                              228KB

                                                                                                              MD5

                                                                                                              fd54285c7c51fc588992d077acde6233

                                                                                                              SHA1

                                                                                                              d85d6658ff60188cd3d9a47ec502220cc7515355

                                                                                                              SHA256

                                                                                                              ba49fc10c8720cb40a4d2f55ec0e2ec4322c43c7abe1e26f82440373aca0b1a5

                                                                                                              SHA512

                                                                                                              7f8c15249f644cbce7e2e07f2b4752fd5ae84b5b04cb740445380cf03f492f8284cd07716137ae175922bc9002cb6997040dfa86285584694679df6b6cf7872e

                                                                                                              Download Submit

                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1
                                                                                                              Filesize

                                                                                                              264KB

                                                                                                              MD5

                                                                                                              50134a2b439388b366d12aeab908e189

                                                                                                              SHA1

                                                                                                              d2656075e00bb6ec053e4735d5709c64c6d92003

                                                                                                              SHA256

                                                                                                              1a31761594b59af741ca23bfbc1c1a528fbd9ccdc2027e9f30953d544612540c

                                                                                                              SHA512

                                                                                                              2ea2eee8596c22a7a7cd9065e9abb9dad49127727e84b7dd0f13c2b3161a18c2b31b3e46153e0e3a9eaa41775b51a7455d6527a334079c6bc6cb24a971f77933

                                                                                                              Download Submit

                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations
                                                                                                              Filesize

                                                                                                              86B

                                                                                                              MD5

                                                                                                              961e3604f228b0d10541ebf921500c86

                                                                                                              SHA1

                                                                                                              6e00570d9f78d9cfebe67d4da5efe546543949a7

                                                                                                              SHA256

                                                                                                              f7b24f2eb3d5eb0550527490395d2f61c3d2fe74bb9cb345197dad81b58b5fed

                                                                                                              SHA512

                                                                                                              535f930afd2ef50282715c7e48859cc2d7b354ff4e6c156b94d5a2815f589b33189ffedfcaf4456525283e993087f9f560d84cfcf497d189ab8101510a09c472

                                                                                                              Download Submit

                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\first_party_sets.db
                                                                                                              Filesize

                                                                                                              48KB

                                                                                                              MD5

                                                                                                              5a1706ef2fb06594e5ec3a3f15fb89e2

                                                                                                              SHA1

                                                                                                              983042bba239018b3dced4b56491a90d38ba084a

                                                                                                              SHA256

                                                                                                              87d62d8837ef9e6ab288f75f207ffa761e90a626a115a0b811ae6357bb7a59dd

                                                                                                              SHA512

                                                                                                              c56a8b94d62b12af6bd86f392faa7c3b9f257bd2fad69c5fa2d5e6345640fe4576fac629ed070b65ebce237759d30da0c0a62a8a21a0b5ef6b09581d91d0aa16

                                                                                                              Download Submit

                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\segmentation_platform\ukm_db
                                                                                                              Filesize

                                                                                                              28KB

                                                                                                              MD5

                                                                                                              c74ae32ce53895c761b887380849322e

                                                                                                              SHA1

                                                                                                              3d6673735e5d17244d0ae396a5dc9f0e995d7e5c

                                                                                                              SHA256

                                                                                                              0c51ac03feb6fb5d3c39a408162111b53e531e05eeaaf25363fd745e1ff9571b

                                                                                                              SHA512

                                                                                                              29e2ca67c391f5fa14029c4b7df8f339c6c2a1358fda31e8f50bd2ae4c087f19159519d7aedf0a81dde32d8deb63aa0e4bc2770006f8138baa450c2ec94b40e2

                                                                                                              Download Submit

                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\segmentation_platform\ukm_db-journal
                                                                                                              Filesize

                                                                                                              24KB

                                                                                                              MD5

                                                                                                              9d8002e5188c78826bafba8547f28b8e

                                                                                                              SHA1

                                                                                                              3afcd87f5485168f9861dc9f5587434e0e5ba813

                                                                                                              SHA256

                                                                                                              8d2ff8e0eeeda605dcfd3c61c8f6c9b8e525f9fb97c001b1c3eefaf062587f2d

                                                                                                              SHA512

                                                                                                              b40612ecd26ecd20ffc57d9aaeff5e60cd0a38b2a0a06ada6b27c2c7d571eb04560e510977a08f319737f9eb8b87e793fc1902b220e68f0a4882cad77cb2ebce

                                                                                                              Download Submit

                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                                                              Filesize

                                                                                                              152B

                                                                                                              MD5

                                                                                                              f426165d1e5f7df1b7a3758c306cd4ae

                                                                                                              SHA1

                                                                                                              59ef728fbbb5c4197600f61daec48556fec651c1

                                                                                                              SHA256

                                                                                                              b68dfc21866d0abe5c75d70acc54670421fa9b26baf98af852768676a901b841

                                                                                                              SHA512

                                                                                                              8d437fcb85acb0705bf080141e7a021740901248985a76299ea8c43e46ad78fb88c738322cf302f6a550caa5e79d85b36827e9b329b1094521b17cf638c015b6

                                                                                                              Download Submit

                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                                                              Filesize

                                                                                                              152B

                                                                                                              MD5

                                                                                                              6960857d16aadfa79d36df8ebbf0e423

                                                                                                              SHA1

                                                                                                              e1db43bd478274366621a8c6497e270d46c6ed4f

                                                                                                              SHA256

                                                                                                              f40b812ce44e391423eb66602ac0af138a1e948aa8c4116045fef671ef21cd32

                                                                                                              SHA512

                                                                                                              6deb2a63055a643759dd0ae125fb2f68ec04a443dbf8b066a812b42352bbcfa4517382ed0910c190c986a864559c3453c772e153ee2e9432fb2de2e1e49ca7fe

                                                                                                              Download Submit

                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\7af439f6-6677-4787-9a34-d5a95840eb8b.tmp
                                                                                                              Filesize

                                                                                                              1B

                                                                                                              MD5

                                                                                                              5058f1af8388633f609cadb75a75dc9d

                                                                                                              SHA1

                                                                                                              3a52ce780950d4d969792a2559cd519d7ee8c727

                                                                                                              SHA256

                                                                                                              cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

                                                                                                              SHA512

                                                                                                              0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

                                                                                                              Download Submit

                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                                                                              Filesize

                                                                                                              111B

                                                                                                              MD5

                                                                                                              807419ca9a4734feaf8d8563a003b048

                                                                                                              SHA1

                                                                                                              a723c7d60a65886ffa068711f1e900ccc85922a6

                                                                                                              SHA256

                                                                                                              aa10bf07b0d265bed28f2a475f3564d8ddb5e4d4ffee0ab6f3a0cc564907b631

                                                                                                              SHA512

                                                                                                              f10d496ae75db5ba412bd9f17bf0c7da7632db92a3fabf7f24071e40f5759c6a875ad8f3a72bad149da58b3da3b816077df125d0d9f3544adba68c66353d206c

                                                                                                              Download Submit

                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                              Filesize

                                                                                                              6KB

                                                                                                              MD5

                                                                                                              e4412a9d94a8ffbea0bcd641eac67243

                                                                                                              SHA1

                                                                                                              3d71c265f75748c1ffa2c88cfe80a70453cdf2b6

                                                                                                              SHA256

                                                                                                              ca8f550ae93eada50387223366526b3db32f318c6f0d5ec3aa30140a195ac742

                                                                                                              SHA512

                                                                                                              1b81a72e56050b334bd3c8e5832dfe07dbe79d0c56474e19aef38b94f3f31dce231a7d660183a89bef7eecb15388ce8b33ff85ba0929222ebc52d592713b1327

                                                                                                              Download Submit

                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\fff340b7-1d78-43b8-b1d0-63b19d6715dd.tmp
                                                                                                              Filesize

                                                                                                              6KB

                                                                                                              MD5

                                                                                                              5938f947840ab97f81a306a335e636c6

                                                                                                              SHA1

                                                                                                              3b29cc34afd624370f0f6e29b0a4d793304fb560

                                                                                                              SHA256

                                                                                                              5526e2ce16ca84cdf5f6edfef1af59db803b86d32f53480a49c28547cc510e2f

                                                                                                              SHA512

                                                                                                              1a34774fcdfa1ce27867d01514ab1f25c342b89f002c85c4003824159f192ce7d1535be240c60f5384d6ac4f1dd3aa5d53096b7a6d3f5c00ac83c987c57f6189

                                                                                                              Download Submit

                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                              Filesize

                                                                                                              10KB

                                                                                                              MD5

                                                                                                              14580d7f237e2864a3f67b0e87e8d09e

                                                                                                              SHA1

                                                                                                              f7c91b4afc1cf7b905d01138ae1359883246f0d6

                                                                                                              SHA256

                                                                                                              617129db4c6ce5930d02dc194ed8f37de707efd8103d410cd566fa8ada9e2a9f

                                                                                                              SHA512

                                                                                                              5220428f6cdc6a9fa15f8caac9887ef666972f33a50aea50ad139b38250e8706706b1751ec0e4a506e81fd64c0303a1f4244a2149e1f17763a0e798d287132d1

                                                                                                              Download Submit

                                                                                                            • C:\Users\Admin\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\DeviceSearchCache\AppCache133732343661954592.txt
                                                                                                              Filesize

                                                                                                              75KB

                                                                                                              MD5

                                                                                                              9bdfe81671ae36f4eae52e4b7f67a96e

                                                                                                              SHA1

                                                                                                              6d72f3dc69304c873dea3e5ee1c01b1ff4fa55c0

                                                                                                              SHA256

                                                                                                              edc2762a6d388b17eee7d9193b991e2355d99d8e010062560cd162640c94f83c

                                                                                                              SHA512

                                                                                                              520cdd227c55ab267df1b205988ad6d7de26a719dc35867c8d2b240439767b983076b586f047c096224f6eb9acc3a5516847a2bc1df7a635a2607b8efb0709df

                                                                                                              Download Submit

                                                                                                            • C:\Users\Admin\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\DeviceSearchCache\SettingsCache.txt
                                                                                                              Filesize

                                                                                                              670KB

                                                                                                              MD5

                                                                                                              9eb5f69e443e7d835e78519e5f3b3ef4

                                                                                                              SHA1

                                                                                                              5ba40cd4a127359dbd006eb3b0f800809c138659

                                                                                                              SHA256

                                                                                                              4aa1fa29fd0a2d15b9204426cfee2e348dcf65f5b444b53fc5425a0418a3fdcd

                                                                                                              SHA512

                                                                                                              b14fd14a1ac0aa59e0b648b64af0fa4848a4601124fe8b37d0c3f7e4066908237eb1c9d01a43aa45444db104c68380a60e1e1625d1f4eda5d501a3c33206cf4f

                                                                                                              Download Submit

                                                                                                            • C:\Users\Admin\Downloads\!Please Read Me!.txt
                                                                                                              Filesize

                                                                                                              797B

                                                                                                              MD5

                                                                                                              afa18cf4aa2660392111763fb93a8c3d

                                                                                                              SHA1

                                                                                                              c219a3654a5f41ce535a09f2a188a464c3f5baf5

                                                                                                              SHA256

                                                                                                              227082c719fd4394c1f2311a0877d8a302c5b092bcc49f853a5cf3d2945f42b0

                                                                                                              SHA512

                                                                                                              4161f250d59b7d4d4a6c4f16639d66d21b2a9606de956d22ec00bedb006643fedbbb8e4cde9f6c0c977285918648314883ca91f3442d1125593bf2605f2d5c6b

                                                                                                              Download Submit

                                                                                                            • C:\Users\Admin\Downloads\!WannaDecryptor!.exe.lnk
                                                                                                              Filesize

                                                                                                              590B

                                                                                                              MD5

                                                                                                              0e783237ac721a0f38ec36656c6d52d5

                                                                                                              SHA1

                                                                                                              e276f68f4fc5a52820265cf27e9f1fc8ba0426dd

                                                                                                              SHA256

                                                                                                              9a1c960ad22d1a57e9b73c0a274d7ca6cff71fe64c9b8914d2421cb72f1c258c

                                                                                                              SHA512

                                                                                                              4844de07642c6819bd797c2c8027c67576a86c4fdb830324a9bfe0afc1ddb98546edf9032eaa1bc4db2dfb17da459190056698aa84f42d32a640db5edbde2502

                                                                                                              Download Submit

                                                                                                            • C:\Users\Admin\Downloads\00000000.res
                                                                                                              Filesize

                                                                                                              136B

                                                                                                              MD5

                                                                                                              6de1c800a21b64797991ff6f1a2f5e85

                                                                                                              SHA1

                                                                                                              c492c0273e44921e52beaf7bf353e41c5f57c6b2

                                                                                                              SHA256

                                                                                                              2e060f9086698534a29b9c77751c343c14e59deaeeb7d5c9d389821167c257a0

                                                                                                              SHA512

                                                                                                              3762da71ef55d749d6d9a65638973dbe9cc334bedc14ca9bca54a6954b17cab9446fb62cf23d4f4e6abdcbc1d0ec62b4e68007292a8753ffff7def837139cd32

                                                                                                              Download Submit

                                                                                                            • C:\Users\Admin\Downloads\00000000.res
                                                                                                              Filesize

                                                                                                              136B

                                                                                                              MD5

                                                                                                              06ca2c4239f0c89966c7979e7881ef66

                                                                                                              SHA1

                                                                                                              aa85bb75328a242b66bc089a838c1b1f329f8b91

                                                                                                              SHA256

                                                                                                              2f2ee442d5951ec48c70e1a1283859e2590b98cc16c31a27c7dc33a393885690

                                                                                                              SHA512

                                                                                                              cb75dc2e0c39b4ad9ba1b71c7cf113aae5497ea95666148c7b6aea855f87b59a063560f847adc1f51f34ea53c16f8f1a7d0f88feff15e464efd52ef55fb72bfd

                                                                                                              Download Submit

                                                                                                            • C:\Users\Admin\Downloads\00000000.res
                                                                                                              Filesize

                                                                                                              136B

                                                                                                              MD5

                                                                                                              b21e6eeab1ffbbdb1e8e4c1196febbf8

                                                                                                              SHA1

                                                                                                              8401214c28205a461463616fdb392e7b13b14ff7

                                                                                                              SHA256

                                                                                                              f4510950ccb6577389eca5b01fca72a95a377f248e2b3ad866f0956696051e16

                                                                                                              SHA512

                                                                                                              1925777186e36bd6f1bead2ba8093224bc29bc17848534bfba8a2b7447810d77a32e72896a0fb210e7daef3b60cd23db6d35a35adc3134a4f026c856927ef7fb

                                                                                                              Download Submit

                                                                                                            • C:\Users\Admin\Downloads\148781728760281.bat
                                                                                                              Filesize

                                                                                                              318B

                                                                                                              MD5

                                                                                                              a261428b490a45438c0d55781a9c6e75

                                                                                                              SHA1

                                                                                                              e9eefce11cefcbb7e5168bfb8de8a3c3ac45c41e

                                                                                                              SHA256

                                                                                                              4288d655b7de7537d7ea13fdeb1ba19760bcaf04384cd68619d9e5edb5e31f44

                                                                                                              SHA512

                                                                                                              304887938520ffcc6966da83596ccc8688b7eace9572982c224f3fb9c59e6fb2dcaa021a19d2aae47346e954c0d0d8145c723b7143dece11ac7261dc41ba3d40

                                                                                                              Download Submit

                                                                                                            • C:\Users\Admin\Downloads\WannaCry.exe
                                                                                                              Filesize

                                                                                                              224KB

                                                                                                              MD5

                                                                                                              5c7fb0927db37372da25f270708103a2

                                                                                                              SHA1

                                                                                                              120ed9279d85cbfa56e5b7779ffa7162074f7a29

                                                                                                              SHA256

                                                                                                              be22645c61949ad6a077373a7d6cd85e3fae44315632f161adc4c99d5a8e6844

                                                                                                              SHA512

                                                                                                              a15f97fad744ccf5f620e5aabb81f48507327b898a9aa4287051464019e0f89224c484e9691812e166471af9beaddcfc3deb2ba878658761f4800663beef7206

                                                                                                              Download Submit

                                                                                                            • C:\Users\Admin\Downloads\c.vbs
                                                                                                              Filesize

                                                                                                              201B

                                                                                                              MD5

                                                                                                              02b937ceef5da308c5689fcdb3fb12e9

                                                                                                              SHA1

                                                                                                              fa5490ea513c1b0ee01038c18cb641a51f459507

                                                                                                              SHA256

                                                                                                              5d57b86aeb52be824875008a6444daf919717408ec45aff4640b5e64610666f1

                                                                                                              SHA512

                                                                                                              843eeae13ac5fdc216b14e40534543c283ecb2b6c31503aba2d25ddd215df19105892e43cf618848742de9c13687d21e8c834eff3f2b69a26df2509a6f992653

                                                                                                              Download Submit

                                                                                                            • C:\Users\Admin\Downloads\c.wry
                                                                                                              Filesize

                                                                                                              628B

                                                                                                              MD5

                                                                                                              33ca9355c79ec07d685b682ec8796dc0

                                                                                                              SHA1

                                                                                                              0317f7ba66eed420a43686e5ef7bfb32823da26c

                                                                                                              SHA256

                                                                                                              e369e1ae41baa0b41a395e099e10878149a0c8511b8b74f876c95382b1ab1d8e

                                                                                                              SHA512

                                                                                                              0cb77450634b180296628793948b0b08d42f845a311a2d81014e558f670019ef95d201c1e954c14b8b67b3e2f9376bda357e534bb36ee81f526eef81aba474f9

                                                                                                              Download Submit

                                                                                                            • C:\Users\Admin\Downloads\m.wry
                                                                                                              Filesize

                                                                                                              42KB

                                                                                                              MD5

                                                                                                              980b08bac152aff3f9b0136b616affa5

                                                                                                              SHA1

                                                                                                              2a9c9601ea038f790cc29379c79407356a3d25a3

                                                                                                              SHA256

                                                                                                              402046ada270528c9ac38bbfa0152836fe30fb8e12192354e53b8397421430d9

                                                                                                              SHA512

                                                                                                              100cda1f795781042b012498afd783fd6ff03b0068dbd07b2c2e163cd95e6c6e00755ce16b02b017693c9febc149ed02df9df9b607e2b9cca4b07e5bd420f496

                                                                                                              Download Submit

                                                                                                            • C:\Users\Admin\Downloads\u.wry
                                                                                                              Filesize

                                                                                                              236KB

                                                                                                              MD5

                                                                                                              cf1416074cd7791ab80a18f9e7e219d9

                                                                                                              SHA1

                                                                                                              276d2ec82c518d887a8a3608e51c56fa28716ded

                                                                                                              SHA256

                                                                                                              78e3f87f31688355c0f398317b2d87d803bd87ee3656c5a7c80f0561ec8606df

                                                                                                              SHA512

                                                                                                              0bb0843a90edacaf1407e6a7273a9fbb896701635e4d9467392b7350ad25a1bec0c1ceef36737b4af5e5841936f4891436eded0533aa3d74c9a54efa42f024c5

                                                                                                              Download Submit

                                                                                                            • C:\Users\Admin\Downloads\wanakiwi.zip.crdownload
                                                                                                              Filesize

                                                                                                              354KB

                                                                                                              MD5

                                                                                                              e4f370b101104c15269a3b888ed98e08

                                                                                                              SHA1

                                                                                                              ad5b797c7cc788a21403ca0cc959bb548580c84f

                                                                                                              SHA256

                                                                                                              40da854572ad619f1e48ebc62e7ac42fc46b2f3fbdd0dd9069eb451b79f578f4

                                                                                                              SHA512

                                                                                                              5fd22a7bc6ae20461aab75d0806309d0ed5f926219437a2a252dd96a4dcae616c0b7faa91a7f12d693c75ef9e36c26f0f876cf3fa82d85d419bfe08b1b8ab6ef

                                                                                                              Download Submit

                                                                                                            • memory/656-2492-0x000002B508B40000-0x000002B508B60000-memory.dmp

                                                                                                              Filesize

                                                                                                              128KB

                                                                                                              Download

                                                                                                            • memory/656-2509-0x000002B508F10000-0x000002B508F30000-memory.dmp

                                                                                                              Filesize

                                                                                                              128KB

                                                                                                              Download

                                                                                                            • memory/656-2502-0x000002B508B00000-0x000002B508B20000-memory.dmp

                                                                                                              Filesize

                                                                                                              128KB

                                                                                                              Download

                                                                                                            • memory/2472-305-0x0000000010000000-0x0000000010012000-memory.dmp

                                                                                                              Filesize

                                                                                                              72KB

                                                                                                              Download

                                                                                                            • memory/4196-2635-0x000001C08F370000-0x000001C08F371000-memory.dmp

                                                                                                              Filesize

                                                                                                              4KB

                                                                                                              Download

                                                                                                            • memory/4196-2634-0x000001C08F370000-0x000001C08F371000-memory.dmp

                                                                                                              Filesize

                                                                                                              4KB

                                                                                                              Download

                                                                                                            • memory/4196-2639-0x000001C08F370000-0x000001C08F371000-memory.dmp

                                                                                                              Filesize

                                                                                                              4KB

                                                                                                              Download

                                                                                                            • memory/4196-2645-0x000001C08F370000-0x000001C08F371000-memory.dmp

                                                                                                              Filesize

                                                                                                              4KB

                                                                                                              Download

                                                                                                            • memory/4196-2644-0x000001C08F370000-0x000001C08F371000-memory.dmp

                                                                                                              Filesize

                                                                                                              4KB

                                                                                                              Download

                                                                                                            • memory/4196-2643-0x000001C08F370000-0x000001C08F371000-memory.dmp

                                                                                                              Filesize

                                                                                                              4KB

                                                                                                              Download

                                                                                                            • memory/4196-2642-0x000001C08F370000-0x000001C08F371000-memory.dmp

                                                                                                              Filesize

                                                                                                              4KB

                                                                                                              Download

                                                                                                            • memory/4196-2640-0x000001C08F370000-0x000001C08F371000-memory.dmp

                                                                                                              Filesize

                                                                                                              4KB

                                                                                                              Download

                                                                                                            • memory/4196-2641-0x000001C08F370000-0x000001C08F371000-memory.dmp

                                                                                                              Filesize

                                                                                                              4KB

                                                                                                              Download

                                                                                                            • memory/4196-2633-0x000001C08F370000-0x000001C08F371000-memory.dmp

                                                                                                              Filesize

                                                                                                              4KB

                                                                                                              Download