Malware Analysis Report

2024-12-07 14:31

Sample ID 241015-nh6v4svhrm
Target http://google.com
Tags
defense_evasion discovery execution exploit persistence privilege_escalation
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

Threat Level: Likely malicious

The file http://google.com was found to be: Likely malicious.

Malicious Activity Summary

defense_evasion discovery execution exploit persistence privilege_escalation

Downloads MZ/PE file

Possible privilege escalation attempt

Creates new service(s)

Manipulates Digital Signatures

Event Triggered Execution: Component Object Model Hijacking

Modifies file permissions

Executes dropped EXE

Loads dropped DLL

Enumerates connected drives

Checks installed software on the system

Subvert Trust Controls: Mark-of-the-Web Bypass

Launches sc.exe

Drops file in Windows directory

Drops file in Program Files directory

System Location Discovery: System Language Discovery

Program crash

Enumerates physical storage devices

Browser Information Discovery

Opens file in notepad (likely ransom note)

Suspicious use of FindShellTrayWindow

Checks processor information in registry

Modifies Internet Explorer settings

Suspicious use of WriteProcessMemory

Suspicious use of AdjustPrivilegeToken

Suspicious behavior: LoadsDriver

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Modifies data under HKEY_USERS

Suspicious behavior: EnumeratesProcesses

NTFS ADS

Suspicious use of SendNotifyMessage

Modifies registry class

Runs net.exe

Suspicious behavior: AddClipboardFormatListener

Suspicious use of SetWindowsHookEx

Suspicious behavior: GetForegroundWindowSpam

Enumerates system info in registry

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-10-15 11:24

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-10-15 11:24

Reported

2024-10-15 11:58

Platform

win11-20241007-en

Max time kernel

1943s

Max time network

1882s

Command Line

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.com

Signatures

Creates new service(s)

persistence execution

Downloads MZ/PE file

Manipulates Digital Signatures

Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Signature\{189A3842-3041-11D1-85E1-00C04FC295EE}\$DLL = "WINTRUST.DLL" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Initialization\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\$Function = "DriverInitializePolicy" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Certificate\{189A3842-3041-11D1-85E1-00C04FC295EE}\$DLL = "WINTRUST.DLL" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Cleanup\{FC451C16-AC75-11D1-B4B8-00C04FB66EA0}\$Function = "SoftpubCleanup" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Initialization\{64B9D180-8DA2-11CF-8736-00AA00A485EB}\$Function = "SoftpubInitialize" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllPutSignedDataMsg\{C689AABA-8E78-11D0-8C47-00C04FC295EE}\Dll = "WINTRUST.DLL" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllRemoveSignedDataMsg\{9BA61D3F-E73A-11D0-8CD2-00C04FC295EE}\Dll = "WINTRUST.DLL" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Initialization\{573E31F8-DDBA-11D0-8CCB-00C04FC295EE}\$DLL = "WINTRUST.DLL" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllEncodeObject\1.3.6.1.4.1.311.2.1.20\Dll = "WINTRUST.DLL" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllDecodeObject\1.3.6.1.4.1.311.2.1.28\FuncName = "WVTAsn1SpcLinkDecode" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Initialization\{189A3842-3041-11D1-85E1-00C04FC295EE}\$Function = "SoftpubDefCertInit" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Message\{FC451C16-AC75-11D1-B4B8-00C04FB66EA0}\$Function = "SoftpubLoadMessage" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllPutSignedDataMsg\{C689AAB8-8E78-11D0-8C47-00C04FC295EE}\FuncName = "CryptSIPPutSignedDataMsg" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\FinalPolicy\{64B9D180-8DA2-11CF-8736-00AA00A485EB}\$Function = "SoftpubAuthenticode" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\FinalPolicy\{189A3842-3041-11D1-85E1-00C04FC295EE}\$DLL = "WINTRUST.DLL" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllEncodeObject\1.3.6.1.4.1.311.2.1.27\Dll = "WINTRUST.DLL" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllDecodeObject\1.3.6.1.4.1.311.2.1.27\FuncName = "WVTAsn1SpcFinancialCriteriaInfoDecode" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllVerifyIndirectData\{DE351A42-8E59-11D0-8C47-00C04FC295EE}\Dll = "WINTRUST.DLL" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllCreateIndirectData\{C689AAB8-8E78-11D0-8C47-00C04FC295EE}\Dll = "WINTRUST.DLL" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\DiagnosticPolicy\{573E31F8-DDBA-11D0-8CCB-00C04FC295EE}\$DLL = "WINTRUST.DLL" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Signature\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\$DLL = "WINTRUST.DLL" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Usages\1.3.6.1.5.5.7.3.1\CallbackAllocFunction = "SoftpubLoadDefUsageCallData" C:\Windows\SysWOW64\regsvr32.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\WOW6432NODE\MICROSOFT\CRYPTOGRAPHY\OID\ENCODINGTYPE 0\CRYPTSIPDLLGETSIGNEDDATAMSG\{C689AAB9-8E78-11D0-8C47-00C04FC295EE} C:\Windows\SysWOW64\regsvr32.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\WOW6432NODE\MICROSOFT\CRYPTOGRAPHY\OID\ENCODINGTYPE 0\CRYPTSIPDLLREMOVESIGNEDDATAMSG\{C689AAB9-8E78-11D0-8C47-00C04FC295EE} C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\DiagnosticPolicy\{573E31F8-DDBA-11D0-8CCB-00C04FC295EE}\$Function = "SoftpubDumpStructure" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Signature\{64B9D180-8DA2-11CF-8736-00AA00A485EB}\$Function = "SoftpubLoadSignature" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Certificate\{573E31F8-DDBA-11D0-8CCB-00C04FC295EE}\$Function = "WintrustCertificateTrust" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Initialization\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}\$DLL = "WINTRUST.DLL" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllEncodeObject\1.3.6.1.4.1.311.2.1.11\Dll = "WINTRUST.DLL" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllEncodeObject\#2007\FuncName = "WVTAsn1SpcSpOpusInfoEncode" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllDecodeObject\1.3.6.1.4.1.311.2.1.20\Dll = "WINTRUST.DLL" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Certificate\{573E31F8-DDBA-11D0-8CCB-00C04FC295EE}\$DLL = "WINTRUST.DLL" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllEncodeObject\1.3.6.1.4.1.311.2.1.15\Dll = "WINTRUST.DLL" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllEncodeObject\1.3.6.1.4.1.311.2.1.20\FuncName = "WVTAsn1SpcLinkEncode" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Cleanup\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}\$Function = "SoftpubCleanup" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\CertCheck\{64B9D180-8DA2-11CF-8736-00AA00A485EB}\$DLL = "WINTRUST.DLL" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllPutSignedDataMsg\{C689AAB8-8E78-11D0-8C47-00C04FC295EE}\Dll = "WINTRUST.DLL" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Usages\1.3.6.1.5.5.7.3.2\CallbackAllocFunction = "SoftpubLoadDefUsageCallData" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Certificate\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\$DLL = "WINTRUST.DLL" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Usages\2.16.840.1.113730.4.1\DefaultId = "{573E31F8-AABA-11D0-8CCB-00C04FC295EE}" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\FinalPolicy\{FC451C16-AC75-11D1-B4B8-00C04FB66EA0}\$Function = "GenericChainFinalProv" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllDecodeObject\1.3.6.1.4.1.311.2.1.26\FuncName = "WVTAsn1SpcMinimalCriteriaInfoDecode" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Signature\{573E31F8-DDBA-11D0-8CCB-00C04FC295EE}\$DLL = "WINTRUST.DLL" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\CertCheck\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}\$Function = "SoftpubCheckCert" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Signature\{FC451C16-AC75-11D1-B4B8-00C04FB66EA0}\$Function = "SoftpubLoadSignature" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Usages\1.3.6.1.5.5.7.3.1\DefaultId = "{573E31F8-AABA-11D0-8CCB-00C04FC295EE}" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Usages\1.3.6.1.5.5.7.3.2\DefaultId = "{573E31F8-AABA-11D0-8CCB-00C04FC295EE}" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllGetSignedDataMsg\{DE351A43-8E59-11D0-8C47-00C04FC295EE}\Dll = "WINTRUST.DLL" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Signature\{64B9D180-8DA2-11CF-8736-00AA00A485EB}\$Function = "SoftpubLoadSignature" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllDecodeObject\1.3.6.1.4.1.311.2.1.26\Dll = "WINTRUST.DLL" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\CertCheck\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}\$DLL = "WINTRUST.DLL" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllVerifyIndirectData\{DE351A43-8E59-11D0-8C47-00C04FC295EE}\Dll = "WINTRUST.DLL" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllDecodeObject\1.3.6.1.4.1.311.16.4\Dll = "cryptdlg.dll" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Message\{64B9D180-8DA2-11CF-8736-00AA00A485EB}\$Function = "SoftpubLoadMessage" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\DiagnosticPolicy\{573E31F8-DDBA-11D0-8CCB-00C04FC295EE}\$DLL = "WINTRUST.DLL" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\FinalPolicy\{C6B2E8D0-E005-11CF-A134-00C04FD7BF43}\$DLL = "WINTRUST.DLL" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllDecodeObject\1.3.6.1.4.1.311.2.1.12\Dll = "WINTRUST.DLL" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Certificate\{64B9D180-8DA2-11CF-8736-00AA00A485EB}\$Function = "WintrustCertificateTrust" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Certificate\{C6B2E8D0-E005-11CF-A134-00C04FD7BF43}\$DLL = "WINTRUST.DLL" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllPutSignedDataMsg\{9BA61D3F-E73A-11D0-8CD2-00C04FC295EE}\Dll = "WINTRUST.DLL" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllEncodeObject\#2130\FuncName = "WVTAsn1SpcSigInfoEncode" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllEncodeObject\1.3.6.1.4.1.311.2.4.4\FuncName = "WVTAsn1SealingTimestampAttributeEncode" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Usages\1.3.6.1.4.1.311.10.3.3\CallbackAllocFunction = "SoftpubLoadDefUsageCallData" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllEncodeObject\#2222\Dll = "WINTRUST.DLL" C:\Windows\SysWOW64\regsvr32.exe N/A

Possible privilege escalation attempt

exploit
Description Indicator Process Target
N/A N/A C:\Windows\SysWOW64\takeown.exe N/A
N/A N/A C:\Windows\SysWOW64\icacls.exe N/A
N/A N/A C:\Windows\SysWOW64\takeown.exe N/A
N/A N/A C:\Windows\SysWOW64\icacls.exe N/A
N/A N/A C:\Windows\SysWOW64\takeown.exe N/A
N/A N/A C:\Windows\SysWOW64\icacls.exe N/A

Event Triggered Execution: Component Object Model Hijacking

persistence privilege_escalation

Loads dropped DLL

Description Indicator Process Target
N/A N/A C:\Users\Admin\Downloads\UnityHubSetup.exe N/A
N/A N/A C:\Users\Admin\Downloads\UnityHubSetup.exe N/A
N/A N/A C:\Users\Admin\Downloads\UnityHubSetup.exe N/A
N/A N/A C:\Users\Admin\Downloads\UnityHubSetup.exe N/A
N/A N/A C:\Users\Admin\Downloads\UnityHubSetup.exe N/A
N/A N/A C:\Users\Admin\Downloads\UnityHubSetup.exe N/A
N/A N/A C:\Users\Admin\Downloads\UnityHubSetup.exe N/A
N/A N/A C:\Users\Admin\Downloads\UnityHubSetup.exe N/A
N/A N/A C:\Users\Admin\Downloads\UnityHubSetup.exe N/A
N/A N/A C:\Users\Admin\Downloads\UnityHubSetup.exe N/A
N/A N/A C:\Users\Admin\Downloads\UnityHubSetup.exe N/A
N/A N/A C:\Users\Admin\Downloads\UnityHubSetup.exe N/A
N/A N/A F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
N/A N/A F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
N/A N/A F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\62320E1A-FC3A-4C1D-8E76-A6301AEECE17\dismhost.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\62320E1A-FC3A-4C1D-8E76-A6301AEECE17\dismhost.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\62320E1A-FC3A-4C1D-8E76-A6301AEECE17\dismhost.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\62320E1A-FC3A-4C1D-8E76-A6301AEECE17\dismhost.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\62320E1A-FC3A-4C1D-8E76-A6301AEECE17\dismhost.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\62320E1A-FC3A-4C1D-8E76-A6301AEECE17\dismhost.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\62320E1A-FC3A-4C1D-8E76-A6301AEECE17\dismhost.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\62320E1A-FC3A-4C1D-8E76-A6301AEECE17\dismhost.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\62320E1A-FC3A-4C1D-8E76-A6301AEECE17\dismhost.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\62320E1A-FC3A-4C1D-8E76-A6301AEECE17\dismhost.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\62320E1A-FC3A-4C1D-8E76-A6301AEECE17\dismhost.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\62320E1A-FC3A-4C1D-8E76-A6301AEECE17\dismhost.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\62320E1A-FC3A-4C1D-8E76-A6301AEECE17\dismhost.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\62320E1A-FC3A-4C1D-8E76-A6301AEECE17\dismhost.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\62320E1A-FC3A-4C1D-8E76-A6301AEECE17\dismhost.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\62320E1A-FC3A-4C1D-8E76-A6301AEECE17\dismhost.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\62320E1A-FC3A-4C1D-8E76-A6301AEECE17\dismhost.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\62320E1A-FC3A-4C1D-8E76-A6301AEECE17\dismhost.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\62320E1A-FC3A-4C1D-8E76-A6301AEECE17\dismhost.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\62320E1A-FC3A-4C1D-8E76-A6301AEECE17\dismhost.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\62320E1A-FC3A-4C1D-8E76-A6301AEECE17\dismhost.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\62320E1A-FC3A-4C1D-8E76-A6301AEECE17\dismhost.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\62320E1A-FC3A-4C1D-8E76-A6301AEECE17\dismhost.exe N/A
N/A N/A C:\Program Files\ldplayer9box\Ld9BoxSVC.exe N/A
N/A N/A C:\Program Files\ldplayer9box\Ld9BoxSVC.exe N/A
N/A N/A C:\Program Files\ldplayer9box\Ld9BoxSVC.exe N/A
N/A N/A C:\Program Files\ldplayer9box\Ld9BoxSVC.exe N/A
N/A N/A C:\Program Files\ldplayer9box\Ld9BoxSVC.exe N/A
N/A N/A C:\Program Files\ldplayer9box\Ld9BoxSVC.exe N/A
N/A N/A C:\Program Files\ldplayer9box\Ld9BoxSVC.exe N/A
N/A N/A C:\Program Files\ldplayer9box\Ld9BoxSVC.exe N/A
N/A N/A C:\Program Files\ldplayer9box\Ld9BoxSVC.exe N/A
N/A N/A C:\Program Files\ldplayer9box\Ld9BoxSVC.exe N/A
N/A N/A C:\Windows\SYSTEM32\regsvr32.exe N/A
N/A N/A C:\Windows\SYSTEM32\regsvr32.exe N/A
N/A N/A C:\Windows\SYSTEM32\regsvr32.exe N/A
N/A N/A C:\Windows\SYSTEM32\regsvr32.exe N/A
N/A N/A C:\Windows\SYSTEM32\regsvr32.exe N/A
N/A N/A C:\Windows\SYSTEM32\regsvr32.exe N/A
N/A N/A C:\Windows\SYSTEM32\regsvr32.exe N/A
N/A N/A C:\Windows\SYSTEM32\regsvr32.exe N/A
N/A N/A C:\Windows\SysWOW64\regsvr32.exe N/A
N/A N/A C:\Windows\SysWOW64\regsvr32.exe N/A
N/A N/A C:\Windows\SysWOW64\regsvr32.exe N/A
N/A N/A C:\Windows\SysWOW64\regsvr32.exe N/A
N/A N/A C:\Windows\SysWOW64\regsvr32.exe N/A
N/A N/A C:\Windows\SysWOW64\regsvr32.exe N/A
N/A N/A C:\Windows\SysWOW64\regsvr32.exe N/A
N/A N/A C:\Windows\SysWOW64\regsvr32.exe N/A

Modifies file permissions

discovery
Description Indicator Process Target
N/A N/A C:\Windows\SysWOW64\takeown.exe N/A
N/A N/A C:\Windows\SysWOW64\icacls.exe N/A
N/A N/A C:\Windows\SysWOW64\takeown.exe N/A
N/A N/A C:\Windows\SysWOW64\icacls.exe N/A
N/A N/A C:\Windows\SysWOW64\takeown.exe N/A
N/A N/A C:\Windows\SysWOW64\icacls.exe N/A

Checks installed software on the system

discovery

Enumerates connected drives

Description Indicator Process Target
File opened (read-only) \??\F: C:\Users\Admin\Downloads\LDPlayer9_ens_1001_ld.exe N/A
File opened (read-only) \??\F: C:\Windows\SysWOW64\takeown.exe N/A
File opened (read-only) \??\F: C:\Windows\SysWOW64\takeown.exe N/A
File opened (read-only) \??\F: C:\Windows\SysWOW64\takeown.exe N/A

Drops file in Program Files directory

Description Indicator Process Target
File created C:\Program Files\ldplayer9box\load.cmd F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
File created C:\Program Files\ldplayer9box\Qt5Core.dll F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
File created C:\Program Files\ldplayer9box\VBoxRes.dll F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
File created C:\Program Files\ldplayer9box\x86\api-ms-win-core-synch-l1-2-0.dll F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
File created C:\Program Files\ldplayer9box\Ld9VirtualBox.exe F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
File created C:\Program Files\ldplayer9box\SUPLoggerCtl.exe F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
File created C:\Program Files\ldplayer9box\tstPDMAsyncCompletion.exe F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
File created C:\Program Files\ldplayer9box\tstVMREQ.exe F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
File created C:\Program Files\ldplayer9box\VBoxDD.dll F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
File created C:\Program Files\ldplayer9box\x86\api-ms-win-crt-math-l1-1-0.dll F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
File created C:\Program Files\ldplayer9box\x86\VBoxRT-x86.dll F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
File created C:\Program Files\ldplayer9box\api-ms-win-crt-conio-l1-1-0.dll F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
File created C:\Program Files\ldplayer9box\NetFltUninstall.exe F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
File created C:\Program Files\ldplayer9box\VBoxNetDHCP.exe F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
File created C:\Program Files\ldplayer9box\api-ms-win-core-heap-l1-1-0.dll F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
File created C:\Program Files\ldplayer9box\UICommon.dll F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
File created C:\Program Files\ldplayer9box\api-ms-win-core-processenvironment-l1-1-0.dll F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
File created C:\Program Files\ldplayer9box\tstVBoxDbg.exe F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
File created C:\Program Files\ldplayer9box\VirtualBoxVM.exe F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
File created C:\Program Files\ldplayer9box\x86\api-ms-win-core-errorhandling-l1-1-0.dll F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
File created C:\Program Files\ldplayer9box\api-ms-win-core-namedpipe-l1-1-0.dll F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
File created C:\Program Files\ldplayer9box\api-ms-win-crt-convert-l1-1-0.dll F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
File created C:\Program Files\ldplayer9box\x86\api-ms-win-core-handle-l1-1-0.dll F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
File created C:\Program Files\ldplayer9box\GLES12Translator.dll F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
File created C:\Program Files\ldplayer9box\driver-PreW10\Ld9VMMR0.r0 F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
File created C:\Program Files\ldplayer9box\VBoxDD2.dll F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
File created C:\Program Files\ldplayer9box\VBoxDragAndDropSvc.dll F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
File created C:\Program Files\ldplayer9box\VBoxSharedFolders.dll F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
File created C:\Program Files\ldplayer9box\api-ms-win-core-datetime-l1-1-0.dll F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
File created C:\Program Files\ldplayer9box\driver-PreW10\Ld9BoxDDR0.r0 F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
File created C:\Program Files\ldplayer9box\x86\padlock.dll F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
File created C:\Program Files\ldplayer9box\SDL.dll F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
File created C:\Program Files\ldplayer9box\tstPDMAsyncCompletionStress.exe F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
File created C:\Program Files\ldplayer9box\x86\api-ms-win-core-interlocked-l1-1-0.dll F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
File created C:\Program Files\ldplayer9box\x86\api-ms-win-crt-conio-l1-1-0.dll F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
File created C:\Program Files\ldplayer9box\x86\msvcp100.dll F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
File created C:\Program Files\ldplayer9box\x86\msvcp120.dll F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
File created C:\Program Files\ldplayer9box\x86\vccorlib140.dll F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
File created C:\Program Files\ldplayer9box\concrt140.dll F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
File created C:\Program Files\ldplayer9box\driver-PreW10\Ld9BoxSup.inf F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
File created C:\Program Files\ldplayer9box\x86\api-ms-win-crt-process-l1-1-0.dll F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
File created C:\Program Files\ldplayer9box\api-ms-win-core-sysinfo-l1-1-0.dll F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
File created C:\Program Files\ldplayer9box\VBoxNetNAT.exe F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
File created C:\Program Files\ldplayer9box\VBoxRT.dll F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
File created C:\Program Files\ldplayer9box\x86\ucrtbase.dll F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
File created C:\Program Files\ldplayer9box\x86\VBoxClient-x86.dll F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
File created C:\Program Files\ldplayer9box\Qt5Widgets.dll F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
File created C:\Program Files\ldplayer9box\VBoxDDU.dll F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
File created C:\Program Files\ldplayer9box\VBoxGuestPropSvc.dll F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
File created C:\Program Files\ldplayer9box\Qt5PrintSupport.dll F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
File created C:\Program Files\ldplayer9box\VBoxVMMPreload.exe F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
File created C:\Program Files\ldplayer9box\x86\capi.dll F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
File created C:\Program Files\ldplayer9box\x86\libssl-1_1.dll F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
File opened for modification C:\Program Files\ldplayer9box\msvcp140.dll F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
File created C:\Program Files\ldplayer9box\vcruntime140.dll F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
File created C:\Program Files\ldplayer9box\driver-PreW10\Ld9BoxNetLwf.cat F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
File created C:\Program Files\ldplayer9box\x86\api-ms-win-core-util-l1-1-0.dll F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
File created C:\Program Files\ldplayer9box\api-ms-win-core-debug-l1-1-0.dll F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
File created C:\Program Files\ldplayer9box\ossltest.dll F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
File created C:\Program Files\ldplayer9box\SUPInstall.exe F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
File created C:\Program Files\ldplayer9box\VBoxAutostartSvc.exe F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
File created C:\Program Files\ldplayer9box\api-ms-win-crt-environment-l1-1-0.dll F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
File created C:\Program Files\ldplayer9box\api-ms-win-crt-heap-l1-1-0.dll F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
File created C:\Program Files\ldplayer9box\driver-PreW10\Ld9BoxNetLwf.sys F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A

Drops file in Windows directory

Description Indicator Process Target
File opened for modification C:\Windows\SystemTemp C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File opened for modification C:\Windows\SystemTemp C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File opened for modification C:\Windows\SystemTemp C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File opened for modification C:\Windows\Logs\DISM\dism.log C:\Windows\SysWOW64\dism.exe N/A
File opened for modification C:\Windows\Logs\DISM\dism.log C:\Users\Admin\AppData\Local\Temp\62320E1A-FC3A-4C1D-8E76-A6301AEECE17\dismhost.exe N/A
File opened for modification C:\Windows\SystemTemp C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Subvert Trust Controls: Mark-of-the-Web Bypass

defense_evasion
Description Indicator Process Target
File opened for modification C:\Users\Admin\Downloads\UnityHubSetup.exe:Zone.Identifier C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File opened for modification C:\Users\Admin\Downloads\LDPlayer9_ens_1001_ld.exe:Zone.Identifier C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Browser Information Discovery

discovery

Enumerates physical storage devices

System Location Discovery: System Language Discovery

discovery
Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\regsvr32.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\takeown.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\dism.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\sc.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\regsvr32.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\UnityHubSetup.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\regsvr32.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\sc.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\regsvr32.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\takeown.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\UnityHubSetup.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\icacls.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\regsvr32.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\sc.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\sc.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\regsvr32.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language F:\LDPlayer\LDPlayer9\dnplayer.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\DllHost.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\UnityHubSetup.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\LDPlayer9_ens_1001_ld.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language F:\LDPlayer\LDPlayer9\LDPlayer.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\sc.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\sc.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\UnityHubSetup.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\net.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\icacls.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\regsvr32.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\takeown.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\regsvr32.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\icacls.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\sc.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language F:\LDPlayer\LDPlayer9\driverconfig.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\net1.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\regsvr32.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\sc.exe N/A

Checks processor information in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 F:\LDPlayer\LDPlayer9\dnplayer.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString F:\LDPlayer\LDPlayer9\dnplayer.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Set value (int) \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\ldnews.exe = "11001" F:\LDPlayer\LDPlayer9\dnplayer.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\dnplayer.exe = "11001" F:\LDPlayer\LDPlayer9\dnplayer.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION C:\Users\Admin\Downloads\UnityHubSetup.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\UnityHubSetup.exe = "11000" C:\Users\Admin\Downloads\UnityHubSetup.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\UnityHubSetup.exe = "11000" C:\Users\Admin\Downloads\UnityHubSetup.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION C:\Users\Admin\Downloads\UnityHubSetup.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION F:\LDPlayer\LDPlayer9\dnplayer.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\UnityHubSetup.exe = "11000" C:\Users\Admin\Downloads\UnityHubSetup.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000\Software\Microsoft\Internet Explorer\Toolbar C:\Windows\explorer.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000\Software\Microsoft\Internet Explorer\Toolbar\Locked = "1" C:\Windows\explorer.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION C:\Users\Admin\Downloads\UnityHubSetup.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\UnityHubSetup.exe = "11000" C:\Users\Admin\Downloads\UnityHubSetup.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION C:\Users\Admin\Downloads\UnityHubSetup.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133734651807844361" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies registry class

Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-AEDF-461C-BE2C-99E91BDAD8A1}\NumMethods\ = "47" C:\Windows\SysWOW64\regsvr32.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-26F1-4EDB-8DD2-6BDDD0912368} C:\Windows\SysWOW64\regsvr32.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{00020422-0000-0000-C000-000000000046} F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-C196-4D26-B8DB-4C8C389F1F82} C:\Windows\SYSTEM32\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-93AF-42A7-7F13-79AD6EF1A18D}\NumMethods\ = "45" C:\Windows\SYSTEM32\regsvr32.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-58D9-43AE-8B03-C1FD7088EF15}\NumMethods C:\Windows\SYSTEM32\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-B7DB-4616-AAC6-CFB94D89BA78}\ProxyStubClsid32\ = "{20191216-1807-4249-5BA5-EA42D66AF0BF}" C:\Windows\SYSTEM32\regsvr32.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-F6D4-4AB6-9CBF-558EB8959A6A} C:\Windows\SysWOW64\regsvr32.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-D4FC-485F-8613-5AF88BFCFCDC}\ProxyStubClsid32 C:\Program Files\ldplayer9box\Ld9BoxSVC.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-A862-4DC9-8C89-BF4BA74A886A} C:\Windows\SYSTEM32\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-42F8-CD96-7570-6A8800E3342C}\ = "IDnDBase" C:\Windows\SYSTEM32\regsvr32.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-80E1-4A8A-93A1-67C5F92A838A} C:\Windows\SYSTEM32\regsvr32.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-3E78-11E9-B25E-7768F80C0E07} C:\Windows\SYSTEM32\regsvr32.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-5637-472A-9736-72019EABD7DE}\ProxyStubClsid32 C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\AllFolders\Shell\Microsoft.Windows.ControlPanel\ShowCmd = "1" C:\Windows\explorer.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-32E7-4F6C-85EE-422304C71B90} C:\Windows\SYSTEM32\regsvr32.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000_Classes\WOW6432Node\CLSID C:\Windows\SysWOW64\regsvr32.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-C8E9-466B-9660-45CB3E9979E4}\NumMethods C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-26F1-4EDB-8DD2-6BDDD0912368}\NumMethods\ = "16" C:\Windows\SysWOW64\regsvr32.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-3E87-11E9-8AF2-576E84223953}\TypeLib C:\Program Files\ldplayer9box\Ld9BoxSVC.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-AEDF-461C-BE2C-99E91BDAD8A1} C:\Windows\SYSTEM32\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-F7B7-4B05-900E-2A9253C00F51}\ = "ICloudProfile" C:\Windows\SYSTEM32\regsvr32.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-23D0-430A-A7FF-7ED7F05534BC} C:\Windows\SYSTEM32\regsvr32.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-0126-43E0-B05D-326E74ABB356}\NumMethods C:\Program Files\ldplayer9box\Ld9BoxSVC.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-FD1C-411A-95C5-E9BB1414E632}\NumMethods C:\Program Files\ldplayer9box\Ld9BoxSVC.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-81a9-4005-9d52-fc45a78bf3f5} C:\Program Files\ldplayer9box\Ld9BoxSVC.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-BF98-47FB-AB2F-B5177533F493}\TypeLib\Version = "1.3" C:\Program Files\ldplayer9box\Ld9BoxSVC.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-4453-4F3E-C9B8-5686939C80B6}\TypeLib C:\Program Files\ldplayer9box\Ld9BoxSVC.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-7FF8-4A84-BD34-0C651E118BB5} C:\Windows\SYSTEM32\regsvr32.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-5409-414B-BD16-77DF7BA3451E} C:\Windows\SYSTEM32\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-8084-11E9-B185-DBE296E54799}\ = "IDisplaySourceBitmap" C:\Windows\SYSTEM32\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-34B8-42D3-ACFB-7E96DAF77C22}\ProxyStubClsid32\ = "{20191216-1807-4249-5BA5-EA42D66AF0BF}" C:\Windows\SYSTEM32\regsvr32.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-8CE7-469F-A4C2-6476F581FF72}\ProxyStubClsid32 C:\Windows\SYSTEM32\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-9070-4F9C-B0D5-53054496DBE0}\ = "IMousePointerShape" C:\Windows\SYSTEM32\regsvr32.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-9070-4f9c-b0d5-53054496dbe0} C:\Program Files\ldplayer9box\Ld9BoxSVC.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-319C-4E7E-8150-C5837BD265F6} C:\Windows\SYSTEM32\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-04D0-4DB6-8D66-DC2F033120E1}\ProxyStubClsid32\ = "{20191216-1807-4249-5BA5-EA42D66AF0BF}" C:\Windows\SYSTEM32\regsvr32.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-5637-472A-9736-72019EABD7DE}\NumMethods C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-44A0-A470-BA20-27890B96DBA9}\TypeLib\ = "{20191216-1750-46f0-936e-bd127d5bc264}" C:\Program Files\ldplayer9box\Ld9BoxSVC.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-0721-4CDE-867C-1A82ABAF914C}\TypeLib\ = "{20191216-1750-46f0-936e-bd127d5bc264}" C:\Program Files\ldplayer9box\Ld9BoxSVC.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-787B-44AB-B343-A082A3F2DFB1}\ = "IMedium" C:\Windows\SYSTEM32\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-6E0B-492A-A8D0-968472A94DC7}\NumMethods\ = "15" C:\Windows\SysWOW64\regsvr32.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-7E67-4144-BF34-41C38E8B4CC7}\ProxyStubClsid32 C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-8079-447A-A33E-47A69C7980DB}\ProxyStubClsid32\ = "{20191216-1807-4249-5BA5-EA42D66AF0BF}" C:\Windows\SysWOW64\regsvr32.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-CF37-453B-9289-3B0F521CAF27}\NumMethods C:\Program Files\ldplayer9box\Ld9BoxSVC.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-4974-A19C-4DC6-CC98C2269626}\ = "IGuestDirectory" C:\Windows\SYSTEM32\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-2354-4267-883F-2F417D216519}\ProxyStubClsid32\ = "{20191216-1807-4249-5BA5-EA42D66AF0BF}" C:\Windows\SYSTEM32\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-C8E9-466B-9660-45CB3E9979E4}\TypeLib\ = "{20191216-1750-46f0-936e-bd127d5bc264}" C:\Program Files\ldplayer9box\Ld9BoxSVC.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-6588-40A3-9B0A-68C05BA52C4B}\NumMethods C:\Program Files\ldplayer9box\Ld9BoxSVC.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-057D-4391-B928-F14B06B710C5}\NumMethods C:\Program Files\ldplayer9box\Ld9BoxSVC.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-CC7B-431B-98B2-951FDA8EAB89}\ProxyStubClsid32 C:\Program Files\ldplayer9box\Ld9BoxSVC.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-A227-4F23-8278-2F675EEA1BB2} C:\Windows\SYSTEM32\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-A227-4F23-8278-2F675EEA1BB2}\ = "ISerialPort" C:\Windows\SYSTEM32\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-BCB2-4905-A7AB-CC85448A742B}\ = "IGuestProcessOutputEvent" C:\Windows\SYSTEM32\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-7071-4894-93D6-DCBEC010FA91}\NumMethods\ = "58" C:\Windows\SYSTEM32\regsvr32.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-C380-4510-BC7C-19314A7352F1}\NumMethods C:\Windows\SysWOW64\regsvr32.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-486E-472F-481B-969746AF2480}\ProxyStubClsid32 C:\Program Files\ldplayer9box\Ld9BoxSVC.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-2FD3-47E2-A5DC-2C2431D833CC}\ProxyStubClsid32 C:\Program Files\ldplayer9box\Ld9BoxSVC.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-2F05-4D28-855F-488F96BAD2B2}\TypeLib C:\Program Files\ldplayer9box\Ld9BoxSVC.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-CD54-400C-B858-797BCB82570E} C:\Windows\SYSTEM32\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-D545-44AA-8013-181B8C288554}\ = "IExtPackPlugIn" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-CC7B-431B-98B2-951FDA8EAB89}\NumMethods\ = "31" C:\Windows\SysWOW64\regsvr32.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-73A5-46CC-8227-93FE57D006A6}\NumMethods C:\Windows\SysWOW64\regsvr32.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-26F1-4EDB-8DD2-6BDDD0912368}\ProxyStubClsid32 C:\Program Files\ldplayer9box\Ld9BoxSVC.exe N/A

NTFS ADS

Description Indicator Process Target
File opened for modification C:\Users\Admin\Downloads\UnityHubSetup.exe:Zone.Identifier C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File opened for modification C:\Users\Admin\Downloads\LDPlayer9_ens_1001_ld.exe:Zone.Identifier C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File opened for modification C:\Users\Admin\Downloads\zip.txt:Zone.Identifier C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Opens file in notepad (likely ransom note)

ransomware
Description Indicator Process Target
N/A N/A C:\Windows\system32\NOTEPAD.EXE N/A

Runs net.exe

Suspicious behavior: AddClipboardFormatListener

Description Indicator Process Target
N/A N/A C:\Windows\explorer.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\Downloads\LDPlayer9_ens_1001_ld.exe N/A
N/A N/A C:\Users\Admin\Downloads\LDPlayer9_ens_1001_ld.exe N/A
N/A N/A C:\Users\Admin\Downloads\LDPlayer9_ens_1001_ld.exe N/A
N/A N/A C:\Users\Admin\Downloads\LDPlayer9_ens_1001_ld.exe N/A
N/A N/A F:\LDPlayer\LDPlayer9\LDPlayer.exe N/A
N/A N/A F:\LDPlayer\LDPlayer9\LDPlayer.exe N/A
N/A N/A F:\LDPlayer\LDPlayer9\LDPlayer.exe N/A
N/A N/A F:\LDPlayer\LDPlayer9\LDPlayer.exe N/A
N/A N/A F:\LDPlayer\LDPlayer9\LDPlayer.exe N/A
N/A N/A F:\LDPlayer\LDPlayer9\LDPlayer.exe N/A
N/A N/A F:\LDPlayer\LDPlayer9\LDPlayer.exe N/A
N/A N/A F:\LDPlayer\LDPlayer9\LDPlayer.exe N/A
N/A N/A F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
N/A N/A F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
N/A N/A C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe N/A
N/A N/A C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe N/A
N/A N/A C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe N/A
N/A N/A C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe N/A
N/A N/A C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe N/A
N/A N/A C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe N/A
N/A N/A F:\LDPlayer\LDPlayer9\LDPlayer.exe N/A
N/A N/A F:\LDPlayer\LDPlayer9\LDPlayer.exe N/A
N/A N/A C:\Users\Admin\Downloads\LDPlayer9_ens_1001_ld.exe N/A
N/A N/A C:\Users\Admin\Downloads\LDPlayer9_ens_1001_ld.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A F:\LDPlayer\LDPlayer9\dnplayer.exe N/A
N/A N/A F:\LDPlayer\LDPlayer9\dnplayer.exe N/A

Suspicious behavior: GetForegroundWindowSpam

Description Indicator Process Target
N/A N/A F:\LDPlayer\LDPlayer9\dnplayer.exe N/A

Suspicious behavior: LoadsDriver

Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A F:\LDPlayer\LDPlayer9\dnplayer.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 4736 wrote to memory of 1748 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4736 wrote to memory of 1748 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4736 wrote to memory of 1984 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4736 wrote to memory of 1984 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4736 wrote to memory of 1984 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4736 wrote to memory of 1984 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4736 wrote to memory of 1984 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4736 wrote to memory of 1984 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4736 wrote to memory of 1984 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4736 wrote to memory of 1984 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4736 wrote to memory of 1984 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4736 wrote to memory of 1984 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4736 wrote to memory of 1984 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4736 wrote to memory of 1984 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4736 wrote to memory of 1984 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4736 wrote to memory of 1984 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4736 wrote to memory of 1984 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4736 wrote to memory of 1984 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4736 wrote to memory of 1984 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4736 wrote to memory of 1984 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4736 wrote to memory of 1984 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4736 wrote to memory of 1984 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4736 wrote to memory of 1984 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4736 wrote to memory of 1984 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4736 wrote to memory of 1984 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4736 wrote to memory of 1984 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4736 wrote to memory of 1984 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4736 wrote to memory of 1984 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4736 wrote to memory of 1984 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4736 wrote to memory of 1984 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4736 wrote to memory of 1984 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4736 wrote to memory of 1984 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4736 wrote to memory of 1984 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4736 wrote to memory of 1984 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4736 wrote to memory of 1984 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4736 wrote to memory of 1984 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4736 wrote to memory of 1984 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4736 wrote to memory of 1984 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4736 wrote to memory of 1984 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4736 wrote to memory of 1984 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4736 wrote to memory of 1984 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4736 wrote to memory of 1984 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4736 wrote to memory of 1164 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4736 wrote to memory of 1164 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4736 wrote to memory of 448 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4736 wrote to memory of 448 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4736 wrote to memory of 448 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4736 wrote to memory of 448 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4736 wrote to memory of 448 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4736 wrote to memory of 448 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4736 wrote to memory of 448 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4736 wrote to memory of 448 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4736 wrote to memory of 448 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4736 wrote to memory of 448 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4736 wrote to memory of 448 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4736 wrote to memory of 448 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4736 wrote to memory of 448 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4736 wrote to memory of 448 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4736 wrote to memory of 448 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4736 wrote to memory of 448 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4736 wrote to memory of 448 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4736 wrote to memory of 448 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4736 wrote to memory of 448 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4736 wrote to memory of 448 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

Processes

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.com

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffb92293cb8,0x7ffb92293cc8,0x7ffb92293cd8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1916,1068133681003993903,17037938188475115709,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1924 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1916,1068133681003993903,17037938188475115709,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2076 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1916,1068133681003993903,17037938188475115709,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2808 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,1068133681003993903,17037938188475115709,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3188 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,1068133681003993903,17037938188475115709,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3212 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,1068133681003993903,17037938188475115709,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4628 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1916,1068133681003993903,17037938188475115709,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5192 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1916,1068133681003993903,17037938188475115709,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5436 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,1068133681003993903,17037938188475115709,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5088 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,1068133681003993903,17037938188475115709,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3492 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,1068133681003993903,17037938188475115709,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5652 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,1068133681003993903,17037938188475115709,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3744 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,1068133681003993903,17037938188475115709,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2672 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,1068133681003993903,17037938188475115709,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2948 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,1068133681003993903,17037938188475115709,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5408 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb8da5cc40,0x7ffb8da5cc4c,0x7ffb8da5cc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1932,i,1951944689773224395,12774195403763329894,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1928 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1760,i,1951944689773224395,12774195403763329894,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2084 /prefetch:3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2092,i,1951944689773224395,12774195403763329894,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2184 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3084,i,1951944689773224395,12774195403763329894,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3092 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3100,i,1951944689773224395,12774195403763329894,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3144 /prefetch:1

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"

C:\Windows\system32\BackgroundTransferHost.exe

"BackgroundTransferHost.exe" -ServerName:BackgroundTransferHost.13

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3544,i,1951944689773224395,12774195403763329894,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3528 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4388,i,1951944689773224395,12774195403763329894,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4632 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4624,i,1951944689773224395,12774195403763329894,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4628 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4816,i,1951944689773224395,12774195403763329894,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4856 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4860,i,1951944689773224395,12774195403763329894,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4912 /prefetch:8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=5076,i,1951944689773224395,12774195403763329894,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4896 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=3436,i,1951944689773224395,12774195403763329894,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4976 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-appcompat-clear --field-trial-handle=4340,i,1951944689773224395,12774195403763329894,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3724 /prefetch:8

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x00000000000004BC 0x00000000000004C0

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=4956,i,1951944689773224395,12774195403763329894,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3748 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5516,i,1951944689773224395,12774195403763329894,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5548 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5684,i,1951944689773224395,12774195403763329894,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5696 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5264,i,1951944689773224395,12774195403763329894,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3424 /prefetch:8

C:\Users\Admin\Downloads\UnityHubSetup.exe

"C:\Users\Admin\Downloads\UnityHubSetup.exe"

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -pss -s 444 -p 492 -ip 492

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -u -p 492 -s 1536

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb8da5cc40,0x7ffb8da5cc4c,0x7ffb8da5cc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1956,i,11690245960796432928,4355573669148174914,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=1952 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1788,i,11690245960796432928,4355573669148174914,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=1988 /prefetch:3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2236,i,11690245960796432928,4355573669148174914,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=2248 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3116,i,11690245960796432928,4355573669148174914,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=3264 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3192,i,11690245960796432928,4355573669148174914,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=3408 /prefetch:1

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3576,i,11690245960796432928,4355573669148174914,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=3108 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4596,i,11690245960796432928,4355573669148174914,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=4632 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4636,i,11690245960796432928,4355573669148174914,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=4712 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4976,i,11690245960796432928,4355573669148174914,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=4984 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4828,i,11690245960796432928,4355573669148174914,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=4804 /prefetch:8

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

C:\Users\Admin\Downloads\UnityHubSetup.exe

"C:\Users\Admin\Downloads\UnityHubSetup.exe"

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 4396 -ip 4396

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -u -p 4396 -s 1552

C:\Users\Admin\Downloads\UnityHubSetup.exe

"C:\Users\Admin\Downloads\UnityHubSetup.exe"

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -pss -s 528 -p 4688 -ip 4688

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -u -p 4688 -s 1504

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb8da5cc40,0x7ffb8da5cc4c,0x7ffb8da5cc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=2056,i,14860659497647931514,7822022273072074869,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=2044 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1684,i,14860659497647931514,7822022273072074869,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=2088 /prefetch:3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=1652,i,14860659497647931514,7822022273072074869,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=2244 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=2940,i,14860659497647931514,7822022273072074869,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=3228 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3156,i,14860659497647931514,7822022273072074869,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=3256 /prefetch:1

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4396,i,14860659497647931514,7822022273072074869,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=4288 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4512,i,14860659497647931514,7822022273072074869,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=4560 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4528,i,14860659497647931514,7822022273072074869,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=4672 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4556,i,14860659497647931514,7822022273072074869,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=4552 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4876,i,14860659497647931514,7822022273072074869,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=4860 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=4536,i,14860659497647931514,7822022273072074869,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=3732 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=3364,i,14860659497647931514,7822022273072074869,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=3244 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=4652,i,14860659497647931514,7822022273072074869,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=3308 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=5160,i,14860659497647931514,7822022273072074869,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=4332 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5532,i,14860659497647931514,7822022273072074869,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=5520 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5544,i,14860659497647931514,7822022273072074869,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=5564 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5852,i,14860659497647931514,7822022273072074869,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=5864 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5872,i,14860659497647931514,7822022273072074869,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=5996 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=6024,i,14860659497647931514,7822022273072074869,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=6152 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --field-trial-handle=4660,i,14860659497647931514,7822022273072074869,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=6304 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --field-trial-handle=3344,i,14860659497647931514,7822022273072074869,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=3284 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --field-trial-handle=5844,i,14860659497647931514,7822022273072074869,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=5032 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=6240,i,14860659497647931514,7822022273072074869,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=6040 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=6036,i,14860659497647931514,7822022273072074869,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=6112 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --field-trial-handle=5888,i,14860659497647931514,7822022273072074869,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=6272 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --field-trial-handle=5828,i,14860659497647931514,7822022273072074869,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=5588 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --field-trial-handle=6608,i,14860659497647931514,7822022273072074869,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=6672 /prefetch:1

C:\Users\Admin\Downloads\LDPlayer9_ens_1001_ld.exe

"C:\Users\Admin\Downloads\LDPlayer9_ens_1001_ld.exe"

F:\LDPlayer\LDPlayer9\LDPlayer.exe

"F:\LDPlayer\LDPlayer9\\LDPlayer.exe" -silence -downloader -openid=1001 -language=en -path="F:\LDPlayer\LDPlayer9\"

F:\LDPlayer\LDPlayer9\dnrepairer.exe

"F:\LDPlayer\LDPlayer9\dnrepairer.exe" listener=328234

C:\Windows\SysWOW64\net.exe

"net" start cryptsvc

C:\Windows\SysWOW64\net1.exe

C:\Windows\system32\net1 start cryptsvc

C:\Windows\SysWOW64\regsvr32.exe

"regsvr32" Softpub.dll /s

C:\Windows\SysWOW64\regsvr32.exe

"regsvr32" Wintrust.dll /s

C:\Windows\SysWOW64\regsvr32.exe

"regsvr32" Initpki.dll /s

C:\Windows\SysWOW64\regsvr32.exe

"C:\Windows\system32\regsvr32" Initpki.dll /s

C:\Windows\SysWOW64\regsvr32.exe

"regsvr32" dssenh.dll /s

C:\Windows\SysWOW64\regsvr32.exe

"regsvr32" rsaenh.dll /s

C:\Windows\SysWOW64\regsvr32.exe

"regsvr32" cryptdlg.dll /s

C:\Windows\SysWOW64\takeown.exe

"takeown" /f "F:\LDPlayer\LDPlayer9\vms" /r /d y

C:\Windows\SysWOW64\icacls.exe

"icacls" "F:\LDPlayer\LDPlayer9\vms" /grant everyone:F /t

C:\Windows\SysWOW64\takeown.exe

"takeown" /f "F:\LDPlayer\LDPlayer9\\system.vmdk"

C:\Windows\SysWOW64\icacls.exe

"icacls" "F:\LDPlayer\LDPlayer9\\system.vmdk" /grant everyone:F /t

C:\Windows\SysWOW64\dism.exe

C:\Windows\system32\dism.exe /Online /English /Get-Features

C:\Users\Admin\AppData\Local\Temp\62320E1A-FC3A-4C1D-8E76-A6301AEECE17\dismhost.exe

C:\Users\Admin\AppData\Local\Temp\62320E1A-FC3A-4C1D-8E76-A6301AEECE17\dismhost.exe {EC9C9265-CD06-4CEE-9109-2B4E3105B26E}

C:\Windows\SysWOW64\sc.exe

sc query HvHost

C:\Windows\SysWOW64\sc.exe

sc query vmms

C:\Windows\SysWOW64\sc.exe

sc query vmcompute

C:\Program Files\ldplayer9box\Ld9BoxSVC.exe

"C:\Program Files\ldplayer9box\Ld9BoxSVC.exe" /RegServer

C:\Windows\SYSTEM32\regsvr32.exe

"regsvr32" "C:\Program Files\ldplayer9box\VBoxC.dll" /s

C:\Windows\SysWOW64\regsvr32.exe

"regsvr32" "C:\Program Files\ldplayer9box\x86\VBoxClient-x86.dll" /s

C:\Windows\SYSTEM32\regsvr32.exe

"regsvr32" "C:\Program Files\ldplayer9box\VBoxProxyStub.dll" /s

C:\Windows\SysWOW64\regsvr32.exe

"regsvr32" "C:\Program Files\ldplayer9box\x86\VBoxProxyStub-x86.dll" /s

C:\Windows\SysWOW64\sc.exe

"C:\Windows\system32\sc" create Ld9BoxSup binPath= "C:\Program Files\ldplayer9box\Ld9BoxSup.sys" type= kernel start= auto

C:\Windows\SysWOW64\sc.exe

"C:\Windows\system32\sc" start Ld9BoxSup

C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe

"powershell.exe" New-NetFirewallRule -DisplayName "Ld9BoxSup" -Direction Inbound -Program 'C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe' -RemoteAddress LocalSubnet -Action Allow

C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe

"powershell.exe" New-NetFirewallRule -DisplayName "Ld9BoxNat" -Direction Inbound -Program 'C:\Program Files\ldplayer9box\VBoxNetNAT.exe' -RemoteAddress LocalSubnet -Action Allow

C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe

"powershell.exe" New-NetFirewallRule -DisplayName "dnplayer" -Direction Inbound -Program 'F:\LDPlayer\LDPlayer9\dnplayer.exe' -RemoteAddress LocalSubnet -Action Allow

F:\LDPlayer\LDPlayer9\driverconfig.exe

"F:\LDPlayer\LDPlayer9\driverconfig.exe"

C:\Windows\SysWOW64\takeown.exe

"takeown" /f F:\LDPlayer\ldmutiplayer\ /r /d y

C:\Windows\SysWOW64\icacls.exe

"icacls" F:\LDPlayer\ldmutiplayer\ /grant everyone:F /t

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://discord.gg/4bUcwDd53d

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ffb92293cb8,0x7ffb92293cc8,0x7ffb92293cd8

F:\LDPlayer\LDPlayer9\dnplayer.exe

"F:\LDPlayer\LDPlayer9\\dnplayer.exe"

C:\Windows\SysWOW64\sc.exe

sc query HvHost

C:\Windows\SysWOW64\sc.exe

sc query vmms

C:\Windows\SysWOW64\sc.exe

sc query vmcompute

C:\Program Files\ldplayer9box\Ld9BoxSVC.exe

"C:\Program Files\ldplayer9box\Ld9BoxSVC.exe" -Embedding

C:\Program Files\ldplayer9box\vbox-img.exe

"C:\Program Files\ldplayer9box\vbox-img.exe" setuuid --filename "F:\LDPlayer\LDPlayer9\vms\..\system.vmdk" --uuid 20160302-bbbb-bbbb-54d7-bbbb00000000

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1968,13453937120938823114,5541132826089122447,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=2096 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1968,13453937120938823114,5541132826089122447,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2340 /prefetch:3

C:\Program Files\ldplayer9box\vbox-img.exe

"C:\Program Files\ldplayer9box\vbox-img.exe" setuuid --filename "F:\LDPlayer\LDPlayer9\vms\leidian0\data.vmdk" --uuid 20160302-cccc-cccc-54d7-000000000000

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1968,13453937120938823114,5541132826089122447,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2868 /prefetch:8

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files\ldplayer9box\vbox-img.exe

"C:\Program Files\ldplayer9box\vbox-img.exe" setuuid --filename "F:\LDPlayer\LDPlayer9\vms\leidian0\sdcard.vmdk" --uuid 20160302-dddd-dddd-54d7-000000000000

C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe

"C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe" --comment leidian0 --startvm 20160302-aaaa-aaaa-54d7-000000000000 --vrde config

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,13453937120938823114,5541132826089122447,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3688 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,13453937120938823114,5541132826089122447,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3724 /prefetch:1

C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe

"C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe" --comment leidian0 --startvm 20160302-aaaa-aaaa-54d7-000000000000 --vrde config

C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe

"C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe" --comment leidian0 --startvm 20160302-aaaa-aaaa-54d7-000000000000 --vrde config

C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe

"C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe" --comment leidian0 --startvm 20160302-aaaa-aaaa-54d7-000000000000 --vrde config

C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe

"C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe" --comment leidian0 --startvm 20160302-aaaa-aaaa-54d7-000000000000 --vrde config

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.ldplayer.net/blog/how-to-enable-vt.html

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffb92293cb8,0x7ffb92293cc8,0x7ffb92293cd8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,13453937120938823114,5541132826089122447,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2412 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,13453937120938823114,5541132826089122447,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5468 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,13453937120938823114,5541132826089122447,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4984 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,13453937120938823114,5541132826089122447,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6260 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1968,13453937120938823114,5541132826089122447,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5840 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,13453937120938823114,5541132826089122447,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6124 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,13453937120938823114,5541132826089122447,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5948 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,13453937120938823114,5541132826089122447,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4840 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1968,13453937120938823114,5541132826089122447,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6888 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb8da5cc40,0x7ffb8da5cc4c,0x7ffb8da5cc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1720,i,16895116822722014282,18106727567212185668,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=1716 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2044,i,16895116822722014282,18106727567212185668,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=2096 /prefetch:3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2168,i,16895116822722014282,18106727567212185668,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=2180 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x104,0x108,0x10c,0x94,0x110,0x7ffb8da5cc40,0x7ffb8da5cc4c,0x7ffb8da5cc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3108,i,16895116822722014282,18106727567212185668,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=3128 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3324,i,16895116822722014282,18106727567212185668,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=3344 /prefetch:1

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4632,i,16895116822722014282,18106727567212185668,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=4600 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4748,i,16895116822722014282,18106727567212185668,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=4256 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4740,i,16895116822722014282,18106727567212185668,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=4736 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,13453937120938823114,5541132826089122447,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5380 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,13453937120938823114,5541132826089122447,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5316 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,13453937120938823114,5541132826089122447,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3852 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,13453937120938823114,5541132826089122447,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6300 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,13453937120938823114,5541132826089122447,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5328 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,13453937120938823114,5541132826089122447,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6340 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,13453937120938823114,5541132826089122447,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6260 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,13453937120938823114,5541132826089122447,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6276 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,13453937120938823114,5541132826089122447,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6328 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,13453937120938823114,5541132826089122447,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6072 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,13453937120938823114,5541132826089122447,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6376 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4916,i,16895116822722014282,18106727567212185668,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=4952 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=4908,i,16895116822722014282,18106727567212185668,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=4980 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5216,i,16895116822722014282,18106727567212185668,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=5272 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5412,i,16895116822722014282,18106727567212185668,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=5448 /prefetch:8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=5180,i,16895116822722014282,18106727567212185668,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=5212 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=3336,i,16895116822722014282,18106727567212185668,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=3408 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=3428,i,16895116822722014282,18106727567212185668,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=3260 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-appcompat-clear --field-trial-handle=3432,i,16895116822722014282,18106727567212185668,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=5292 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5400,i,16895116822722014282,18106727567212185668,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=3232 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=3400,i,16895116822722014282,18106727567212185668,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=5512 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --field-trial-handle=5632,i,16895116822722014282,18106727567212185668,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=3396 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --field-trial-handle=5796,i,16895116822722014282,18106727567212185668,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=3384 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --field-trial-handle=3232,i,16895116822722014282,18106727567212185668,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=5864 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=6276,i,16895116822722014282,18106727567212185668,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=6264 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5788,i,16895116822722014282,18106727567212185668,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=5960 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=6280,i,16895116822722014282,18106727567212185668,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=6124 /prefetch:8

C:\Windows\system32\NOTEPAD.EXE

"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Downloads\zip.txt

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --field-trial-handle=6524,i,16895116822722014282,18106727567212185668,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=6240 /prefetch:1

C:\Users\Admin\Downloads\UnityHubSetup.exe

"C:\Users\Admin\Downloads\UnityHubSetup.exe"

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -pss -s 180 -p 1360 -ip 1360

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -u -p 1360 -s 1544

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --field-trial-handle=6596,i,16895116822722014282,18106727567212185668,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=5892 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --field-trial-handle=6828,i,16895116822722014282,18106727567212185668,262144 --variations-seed-version=20241014-180259.667000 --mojo-platform-channel-handle=6836 /prefetch:1

C:\Windows\system32\BackgroundTransferHost.exe

"BackgroundTransferHost.exe" -ServerName:BackgroundTransferHost.13

C:\Windows\SysWOW64\DllHost.exe

C:\Windows\SysWOW64\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}

C:\Windows\explorer.exe

C:\Windows\explorer.exe /factory,{5BD95610-9434-43C2-886C-57852CC8A120} -Embedding

Network

Country Destination Domain Proto
US 8.8.8.8:53 google.com udp
GB 216.58.204.78:80 google.com tcp
GB 216.58.204.78:80 google.com tcp
GB 142.250.200.36:80 www.google.com tcp
GB 142.250.200.36:443 www.google.com tcp
GB 142.250.200.36:443 www.google.com udp
US 8.8.8.8:53 68.159.190.20.in-addr.arpa udp
US 8.8.8.8:53 36.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 83.210.23.2.in-addr.arpa udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
GB 142.250.179.238:443 apis.google.com tcp
GB 216.58.212.238:443 play.google.com tcp
N/A 224.0.0.251:5353 udp
GB 216.58.201.110:443 play.google.com tcp
GB 216.58.204.78:443 encrypted-tbn0.gstatic.com tcp
GB 216.58.204.78:443 encrypted-tbn0.gstatic.com tcp
GB 216.58.204.78:443 encrypted-tbn0.gstatic.com tcp
GB 216.58.204.78:443 encrypted-tbn0.gstatic.com tcp
GB 216.58.204.78:443 encrypted-tbn0.gstatic.com tcp
GB 216.58.204.78:443 encrypted-tbn0.gstatic.com tcp
GB 216.58.204.78:443 encrypted-tbn0.gstatic.com udp
GB 142.250.180.1:443 lh5.googleusercontent.com tcp
GB 142.250.180.1:443 lh5.googleusercontent.com tcp
GB 142.250.200.35:443 id.google.com tcp
GB 216.58.212.238:443 play.google.com udp
GB 96.17.178.56:443 unity.com tcp
GB 96.17.178.56:443 unity.com tcp
US 104.18.86.42:443 cdn.cookielaw.org tcp
US 104.18.86.42:443 cdn.cookielaw.org tcp
US 34.120.195.249:443 o488710.ingest.sentry.io tcp
US 34.120.195.249:443 o488710.ingest.sentry.io tcp
US 34.120.195.249:443 o488710.ingest.sentry.io udp
GB 92.123.128.149:443 www.bing.com tcp
GB 104.86.110.114:443 tcp
GB 92.123.128.174:443 r.bing.com tcp
GB 92.123.128.174:443 r.bing.com tcp
GB 92.123.128.174:443 r.bing.com tcp
GB 92.123.128.174:443 r.bing.com tcp
GB 92.123.128.174:443 r.bing.com tcp
GB 92.123.128.174:443 r.bing.com tcp
GB 92.123.128.174:443 r.bing.com tcp
GB 92.123.128.174:443 r.bing.com tcp
GB 92.123.128.174:443 r.bing.com tcp
GB 92.123.128.174:443 r.bing.com tcp
GB 142.250.200.36:443 www.google.com tcp
GB 142.250.200.36:443 www.google.com tcp
GB 142.250.200.36:443 www.google.com tcp
GB 142.250.200.36:443 www.google.com tcp
GB 142.250.179.238:443 apis.google.com udp
GB 216.58.201.110:443 play.google.com udp
GB 216.58.201.110:443 play.google.com tcp
GB 172.217.169.78:443 clients2.google.com udp
GB 172.217.169.78:443 clients2.google.com tcp
GB 142.250.200.36:443 www.google.com udp
US 216.239.34.157:443 tunnel.googlezip.net tcp
US 216.239.34.157:443 tunnel.googlezip.net tcp
GB 216.58.201.110:443 play.google.com tcp
GB 216.58.201.110:443 play.google.com udp
GB 96.17.178.56:443 unity.com tcp
GB 96.17.178.56:443 unity.com tcp
GB 96.17.178.56:443 unity.com tcp
GB 96.17.178.56:443 unity.com tcp
GB 96.17.178.56:443 unity.com tcp
GB 96.17.178.56:443 unity.com tcp
US 104.18.86.42:443 cdn.cookielaw.org tcp
US 34.120.195.249:443 o488710.ingest.sentry.io tcp
US 34.120.195.249:443 o488710.ingest.sentry.io tcp
BE 35.205.92.229:443 api.unity.com tcp
US 104.18.86.42:443 cdn.cookielaw.org tcp
US 172.64.155.119:443 geolocation.onetrust.com tcp
US 35.225.183.115:443 plausible.it.unity3d.com tcp
US 151.101.129.229:443 cdn.jsdelivr.net tcp
US 104.18.42.61:443 stream.mux.com tcp
US 104.18.42.61:443 stream.mux.com tcp
US 104.18.42.61:443 stream.mux.com tcp
US 104.18.42.61:443 stream.mux.com tcp
US 8.8.8.8:53 119.155.64.172.in-addr.arpa udp
US 8.8.8.8:53 229.129.101.151.in-addr.arpa udp
US 8.8.8.8:53 115.183.225.35.in-addr.arpa udp
US 35.225.183.115:443 plausible.it.unity3d.com tcp
US 151.101.194.217:443 chunk-gcp-us-east1-vop1.fastly.mux.com tcp
US 151.101.194.217:443 chunk-gcp-us-east1-vop1.fastly.mux.com tcp
US 151.101.130.217:443 chunk-gcp-us-east1-vop1.fastly.mux.com tcp
US 151.101.130.217:443 chunk-gcp-us-east1-vop1.fastly.mux.com tcp
US 34.120.195.249:443 o488710.ingest.sentry.io udp
GB 2.19.117.71:443 public-cdn.cloud.unity3d.com tcp
GB 2.19.117.71:443 public-cdn.cloud.unity3d.com tcp
US 104.18.32.137:443 privacyportal-eu.onetrust.com tcp
GB 172.217.169.3:443 beacons.gcp.gvt2.com tcp
GB 172.217.169.3:443 beacons.gcp.gvt2.com tcp
GB 142.250.200.36:443 www.google.com udp
GB 142.250.200.36:443 www.google.com tcp
GB 172.217.169.42:443 jnn-pa.googleapis.com udp
GB 172.217.169.42:443 jnn-pa.googleapis.com tcp
GB 216.58.201.110:443 www.youtube.com udp
GB 216.58.201.110:443 www.youtube.com tcp
GB 172.217.169.78:443 clients2.google.com udp
GB 172.217.169.78:443 clients2.google.com tcp
GB 142.250.200.36:443 www.google.com udp
GB 142.250.200.36:443 www.google.com tcp
GB 172.217.169.42:443 jnn-pa.googleapis.com udp
GB 172.217.169.42:443 jnn-pa.googleapis.com tcp
GB 216.58.201.110:443 www.youtube.com udp
GB 216.58.201.110:443 www.youtube.com tcp
GB 172.217.169.78:443 clients2.google.com udp
GB 172.217.169.78:443 clients2.google.com tcp
GB 142.250.200.35:443 id.google.com tcp
US 216.239.34.157:443 tunnel.googlezip.net tcp
GB 216.58.204.86:443 i.ytimg.com tcp
US 216.239.34.157:443 tunnel.googlezip.net tcp
GB 172.217.16.238:443 www.youtube.com tcp
GB 172.217.16.238:443 www.youtube.com udp
GB 172.217.16.238:443 www.youtube.com tcp
GB 172.217.16.238:443 www.youtube.com udp
GB 216.58.204.86:443 i.ytimg.com tcp
GB 142.250.200.38:443 static.doubleclick.net tcp
GB 216.58.201.110:443 www.youtube.com udp
GB 172.217.169.42:443 jnn-pa.googleapis.com udp
GB 216.58.201.106:443 jnn-pa.googleapis.com tcp
GB 216.58.201.110:443 www.youtube.com tcp
GB 172.217.169.42:443 jnn-pa.googleapis.com tcp
GB 216.58.201.106:443 jnn-pa.googleapis.com udp
GB 216.58.201.110:443 www.youtube.com tcp
GB 216.58.201.110:443 www.youtube.com tcp
US 8.8.8.8:53 238.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 38.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 106.201.58.216.in-addr.arpa udp
GB 216.58.201.110:443 www.youtube.com udp
US 8.8.8.8:53 cdn.ldplayer.net udp
US 8.8.8.8:53 res.ldrescdn.com udp
US 104.26.4.6:443 cmp.setupcmp.com tcp
US 104.26.4.6:443 cmp.setupcmp.com tcp
GB 163.181.154.238:443 res.ldrescdn.com tcp
GB 163.181.154.238:443 res.ldrescdn.com tcp
GB 79.133.176.186:443 cdn.ldplayer.net tcp
US 104.26.4.6:443 cmp.setupcmp.com tcp
GB 172.217.169.78:443 fundingchoicesmessages.google.com tcp
GB 172.217.169.78:443 fundingchoicesmessages.google.com tcp
GB 172.217.169.78:443 fundingchoicesmessages.google.com udp
US 8.8.8.8:53 238.154.181.163.in-addr.arpa udp
US 8.8.8.8:53 186.176.133.79.in-addr.arpa udp
GB 142.250.179.238:443 www.youtube.com tcp
GB 142.250.180.10:443 jnn-pa.googleapis.com tcp
SG 47.236.4.49:443 usersdk.ldmnq.com tcp
GB 142.250.179.246:443 play-lh.googleusercontent.com tcp
GB 142.250.179.238:443 www.youtube.com udp
GB 79.133.176.174:443 apien.ldplayer.net tcp
GB 79.133.176.174:443 apien.ldplayer.net tcp
GB 79.133.176.174:443 apien.ldplayer.net tcp
US 8.8.8.8:53 bat.bing.com udp
US 8.8.8.8:53 www.clarity.ms udp
US 8.8.8.8:53 hm.baidu.com udp
US 13.107.246.64:443 www.clarity.ms tcp
US 150.171.27.10:443 bat.bing.com tcp
US 216.239.34.36:443 region1.google-analytics.com tcp
GB 172.217.169.78:443 fundingchoicesmessages.google.com udp
US 216.239.34.36:443 region1.google-analytics.com tcp
CN 111.45.11.83:443 hm.baidu.com tcp
NL 173.194.69.84:443 accounts.google.com tcp
US 4.153.129.168:443 b.clarity.ms tcp
US 8.8.8.8:53 174.176.133.79.in-addr.arpa udp
US 8.8.8.8:53 226.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 49.4.236.47.in-addr.arpa udp
US 8.8.8.8:53 10.27.171.150.in-addr.arpa udp
US 8.8.8.8:53 64.246.107.13.in-addr.arpa udp
US 8.8.8.8:53 14.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 36.34.239.216.in-addr.arpa udp
CN 111.45.11.83:443 hm.baidu.com tcp
NL 173.194.69.84:443 accounts.google.com udp
US 4.153.129.168:443 b.clarity.ms tcp
GB 142.250.200.36:443 www.google.com tcp
GB 163.181.154.238:443 res.ldrescdn.com tcp
US 216.239.34.36:443 region1.analytics.google.com udp
GB 163.181.154.238:443 res.ldrescdn.com tcp
GB 172.217.169.35:443 www.google.co.uk tcp
GB 172.217.169.35:443 www.google.co.uk tcp
GB 142.250.200.36:443 www.google.com udp
US 104.18.31.49:443 stpd.cloud tcp
GB 172.217.169.35:443 www.google.co.uk udp
GB 216.58.213.2:443 securepubads.g.doubleclick.net tcp
GB 142.250.187.225:443 tpc.googlesyndication.com tcp
US 151.101.1.229:443 cdn.jsdelivr.net tcp
NL 178.250.1.11:443 gum.criteo.com tcp
DE 162.19.138.117:443 lb.eu-1-id5-sync.com tcp
NL 18.65.39.76:443 tagan.adlightning.com tcp
NL 18.239.70.203:443 c.amazon-adsystem.com tcp
GB 142.250.187.225:443 tpc.googlesyndication.com tcp
GB 142.250.200.36:443 www.google.com tcp
US 8.8.8.8:53 adx.adform.net udp
US 8.8.8.8:53 rtb.openx.net udp
US 172.67.68.162:443 prebid-stag.setupad.net tcp
US 172.67.68.162:443 prebid-stag.setupad.net tcp
NL 89.149.193.81:443 prg.smartadserver.com tcp
NL 185.184.8.90:443 prebid-eu.creativecdn.com tcp
FR 163.5.194.30:443 prebid.a-mo.net tcp
DK 37.157.4.29:443 adx.adform.net tcp
US 35.186.253.211:443 rtb.openx.net tcp
NL 178.250.1.11:443 gum.criteo.com tcp
DE 162.19.138.83:443 lb.eu-1-id5-sync.com tcp
NL 18.239.70.203:443 c.amazon-adsystem.com tcp
NL 18.238.243.82:443 config.aps.amazon-adsystem.com tcp
DK 37.157.6.237:443 cm.adform.net tcp
NL 18.239.88.34:443 aax.amazon-adsystem.com tcp
DE 162.19.138.117:443 lb.eu-1-id5-sync.com tcp
US 8.8.8.8:53 tags.crwdcntrl.net udp
US 8.8.8.8:53 cdn.id5-sync.com udp
US 8.8.8.8:53 cdn.hadronid.net udp
GB 104.78.175.230:443 secure.cdn.fastclick.net tcp
GB 104.78.175.230:443 secure.cdn.fastclick.net tcp
US 104.22.52.86:443 cdn.id5-sync.com tcp
NL 18.239.18.78:443 tags.crwdcntrl.net tcp
US 104.22.53.173:443 cdn.hadronid.net tcp
DK 37.157.4.29:443 adx.adform.net tcp
US 35.186.253.211:443 rtb.openx.net tcp
NL 178.250.1.11:443 gum.criteo.com tcp
US 8.8.8.8:53 bcp.crwdcntrl.net udp
FR 5.196.111.68:443 ssbsync-global.smartadserver.com tcp
IE 34.255.228.185:443 bcp.crwdcntrl.net tcp
US 8.8.8.8:53 229.1.101.151.in-addr.arpa udp
US 8.8.8.8:53 11.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 117.138.19.162.in-addr.arpa udp
US 8.8.8.8:53 76.39.65.18.in-addr.arpa udp
US 8.8.8.8:53 203.70.239.18.in-addr.arpa udp
US 8.8.8.8:53 162.68.67.172.in-addr.arpa udp
US 8.8.8.8:53 90.8.184.185.in-addr.arpa udp
US 8.8.8.8:53 30.194.5.163.in-addr.arpa udp
US 8.8.8.8:53 81.193.149.89.in-addr.arpa udp
US 8.8.8.8:53 83.138.19.162.in-addr.arpa udp
US 8.8.8.8:53 82.243.238.18.in-addr.arpa udp
US 8.8.8.8:53 34.88.239.18.in-addr.arpa udp
US 8.8.8.8:53 237.6.157.37.in-addr.arpa udp
US 8.8.8.8:53 211.253.186.35.in-addr.arpa udp
US 8.8.8.8:53 78.18.239.18.in-addr.arpa udp
US 8.8.8.8:53 86.52.22.104.in-addr.arpa udp
US 8.8.8.8:53 29.4.157.37.in-addr.arpa udp
US 8.8.8.8:53 230.175.78.104.in-addr.arpa udp
US 8.8.8.8:53 173.53.22.104.in-addr.arpa udp
GB 142.250.187.225:443 tpc.googlesyndication.com udp
GB 216.58.213.2:443 securepubads.g.doubleclick.net udp
GB 142.250.200.36:443 www.google.com udp
US 104.22.4.69:443 id.hadron.ad.gt tcp
US 35.244.159.8:443 us-u.openx.net tcp
NL 89.207.16.146:443 proc.ad.cpe.dotomi.com tcp
GB 142.250.180.1:443 8d607f7f76058292eb88f46e8eaa8580.safeframe.googlesyndication.com tcp
US 35.244.159.8:443 us-u.openx.net udp
US 172.67.23.234:443 id.hadron.ad.gt tcp
US 172.67.68.162:443 prebid-stag.setupad.net tcp
DK 37.157.2.228:443 c1.adform.net tcp
IE 54.239.33.159:443 aax-eu.amazon-adsystem.com tcp
NL 185.89.210.90:443 ib.adnxs.com tcp
US 3.33.220.150:443 match.adsrvr.org tcp
GB 216.58.204.66:443 cm.g.doubleclick.net tcp
GB 216.58.204.66:443 cm.g.doubleclick.net tcp
DK 77.243.51.121:443 uipglob.semasio.net tcp
US 8.8.8.8:53 159.33.239.54.in-addr.arpa udp
US 8.8.8.8:53 121.51.243.77.in-addr.arpa udp
DE 159.89.25.223:443 node.setupad.com tcp
IE 54.75.14.246:443 ice.360yield.com tcp
NL 46.228.164.13:443 d.turn.com tcp
NL 185.89.210.90:443 ib.adnxs.com tcp
US 3.33.220.150:443 match.adsrvr.org tcp
IE 52.208.128.117:443 ce.lijit.com tcp
IE 34.248.113.108:443 rtb.gumgum.com tcp
NL 178.250.1.9:443 dis.criteo.com tcp
GB 142.250.187.225:443 tpc.googlesyndication.com udp
GB 142.250.200.33:443 cdn.ampproject.org tcp
GB 142.250.200.33:443 cdn.ampproject.org tcp
GB 142.250.200.33:443 cdn.ampproject.org tcp
GB 142.250.200.33:443 cdn.ampproject.org tcp
GB 142.250.200.33:443 cdn.ampproject.org tcp
US 35.186.253.211:443 rtb.openx.net udp
FR 45.137.176.88:443 sync.adotmob.com tcp
DE 80.82.210.217:443 dsp-cookie.adfarm1.adition.com tcp
FR 163.5.194.37:443 pb-am.a-mo.net tcp
DE 91.228.74.159:443 cms.quantserve.com tcp
NL 178.250.1.9:443 dis.criteo.com tcp
US 35.186.253.211:443 rtb.openx.net tcp
DE 91.228.74.159:443 cms.quantserve.com tcp
FR 5.196.111.72:443 rtb-csync.smartadserver.com tcp
US 34.96.105.8:443 tr.blismedia.com tcp
IE 63.34.215.139:443 pr-bh.ybp.yahoo.com tcp
NL 185.184.8.90:443 creativecdn.com tcp
NL 35.214.136.108:443 x.bidswitch.net tcp
FR 5.196.111.72:443 rtb-csync.smartadserver.com tcp
FR 5.196.111.72:443 rtb-csync.smartadserver.com tcp
US 35.186.253.211:443 rtb.openx.net udp
GB 216.58.204.66:443 cm.g.doubleclick.net udp
FR 5.196.111.72:443 rtb-csync.smartadserver.com tcp
FR 5.196.111.72:443 rtb-csync.smartadserver.com tcp
US 34.96.105.8:443 tr.blismedia.com udp
US 104.19.158.19:443 assets.a-mo.net tcp
NL 35.214.136.108:443 x.bidswitch.net udp
GB 216.58.204.66:443 cm.g.doubleclick.net tcp
US 8.8.8.8:53 108.136.214.35.in-addr.arpa udp
US 8.8.8.8:53 139.215.34.63.in-addr.arpa udp
DK 37.157.6.237:443 cm.adform.net tcp
FR 5.196.111.68:443 ssbsync-global.smartadserver.com tcp
NL 35.214.241.248:443 ads.creative-serving.com tcp
NL 69.173.156.148:443 pixel.rubiconproject.com tcp
NL 198.47.127.18:443 image8.pubmatic.com tcp
DE 79.127.216.47:443 id.rtb.mx tcp
US 172.64.151.101:443 ssum.casalemedia.com tcp
IE 108.129.11.192:443 ap.lijit.com tcp
DE 57.129.18.109:443 ws.rqtrk.eu tcp
NL 188.42.34.65:443 ads.betweendigital.com tcp
NL 35.214.241.248:443 ads.creative-serving.com udp
FR 163.5.194.30:443 pb-am.a-mo.net tcp
US 172.64.151.101:443 ssum.casalemedia.com udp
GB 185.64.191.210:443 image2.pubmatic.com tcp
FR 163.5.194.30:443 pb-am.a-mo.net tcp
GB 163.181.154.239:443 res.ldrescdn.com tcp
NL 198.47.127.20:443 image4.pubmatic.com tcp
FR 163.5.194.36:443 pb-am.a-mo.net tcp
US 8.8.8.8:53 248.241.214.35.in-addr.arpa udp
US 8.8.8.8:53 148.156.173.69.in-addr.arpa udp
US 8.8.8.8:53 18.127.47.198.in-addr.arpa udp
US 8.8.8.8:53 101.151.64.172.in-addr.arpa udp
US 8.8.8.8:53 47.216.127.79.in-addr.arpa udp
US 8.8.8.8:53 192.11.129.108.in-addr.arpa udp
US 8.8.8.8:53 109.18.129.57.in-addr.arpa udp
US 8.8.8.8:53 65.34.42.188.in-addr.arpa udp
US 8.8.8.8:53 210.191.64.185.in-addr.arpa udp
US 8.8.8.8:53 239.154.181.163.in-addr.arpa udp
US 8.8.8.8:53 20.127.47.198.in-addr.arpa udp
US 8.8.8.8:53 133.130.101.151.in-addr.arpa udp
US 8.8.8.8:53 36.194.5.163.in-addr.arpa udp
GB 79.133.176.185:443 apien.ldmnq.com tcp
NL 185.89.208.11:443 prebid.adnxs.com tcp
DE 79.127.216.47:443 id.rtb.mx tcp
NL 185.64.189.116:443 ow.pubmatic.com tcp
GB 163.181.154.239:443 res.ldrescdn.com tcp
GB 163.181.154.239:443 res.ldrescdn.com tcp
SG 8.219.4.49:443 middledata.ldplayer.net tcp
GB 79.133.176.185:443 apien.ldmnq.com tcp
SG 8.219.136.97:443 middledata.ldplayer.net tcp
SG 8.219.4.49:443 middledata.ldplayer.net tcp
SG 8.219.48.146:443 middledata.ldplayer.net tcp
SG 8.219.136.97:443 middledata.ldplayer.net tcp
SG 8.219.136.97:443 middledata.ldplayer.net tcp
SG 8.219.136.97:443 middledata.ldplayer.net tcp
SG 8.219.136.97:443 middledata.ldplayer.net tcp
SG 8.219.136.97:443 middledata.ldplayer.net tcp
SG 8.219.136.97:443 middledata.ldplayer.net tcp
GB 163.181.154.241:443 res.ldrescdn.com tcp
GB 163.181.154.241:443 res.ldrescdn.com tcp
GB 79.133.176.192:443 ad.ldplayer.net tcp
GB 79.133.176.174:443 apien.ldplayer.net tcp
GB 163.181.154.241:443 res.ldrescdn.com tcp
GB 163.181.154.241:443 res.ldrescdn.com tcp
SG 8.219.136.97:443 middledata.ldplayer.net tcp
US 8.8.8.8:53 241.154.181.163.in-addr.arpa udp
US 8.8.8.8:53 192.176.133.79.in-addr.arpa udp
GB 163.181.154.241:443 res.ldrescdn.com tcp
GB 163.181.154.241:443 res.ldrescdn.com tcp
US 8.8.8.8:53 www.ldplayer.net udp
GB 163.181.154.241:443 www.ldplayer.net tcp
GB 163.181.154.238:443 www.ldplayer.net tcp
GB 163.181.154.238:443 www.ldplayer.net tcp
US 8.8.8.8:53 cdn.ldplayer.net udp
US 104.26.4.6:443 cmp.setupcmp.com tcp
GB 79.133.176.186:443 cdn.ldplayer.net tcp
GB 79.133.176.186:443 cdn.ldplayer.net tcp
GB 163.181.154.241:443 www.ldplayer.net tcp
US 104.26.4.6:443 cmp.setupcmp.com tcp
US 8.8.8.8:53 www.youtube.com udp
GB 172.217.16.238:443 www.youtube.com tcp
GB 163.181.154.241:443 res.ldrescdn.com tcp
GB 172.217.169.78:443 fundingchoicesmessages.google.com tcp
GB 163.181.154.241:443 res.ldrescdn.com tcp
GB 79.133.176.192:443 ad.ldplayer.net tcp
US 104.18.31.49:443 stpd.cloud tcp
US 104.26.4.6:443 cmp.setupcmp.com tcp
GB 79.133.176.185:80 apien.ldmnq.com tcp
GB 163.181.154.239:443 res.ldrescdn.com tcp
GB 163.181.154.239:443 res.ldrescdn.com tcp
GB 163.181.154.239:443 res.ldrescdn.com tcp
GB 163.181.154.239:443 res.ldrescdn.com tcp
GB 163.181.154.239:443 res.ldrescdn.com tcp
GB 163.181.154.239:443 res.ldrescdn.com tcp
GB 172.217.16.238:443 www.youtube.com udp
GB 216.58.204.86:443 i.ytimg.com tcp
GB 172.217.169.78:443 fundingchoicesmessages.google.com udp
US 104.18.31.49:443 stpd.cloud tcp
GB 79.133.176.185:443 apien.ldmnq.com tcp
GB 163.181.154.241:443 res.ldrescdn.com tcp
GB 172.217.169.78:443 fundingchoicesmessages.google.com tcp
GB 172.217.169.78:443 fundingchoicesmessages.google.com tcp
GB 163.181.154.241:443 res.ldrescdn.com tcp
GB 163.181.154.241:443 res.ldrescdn.com tcp
US 8.8.8.8:53 apis.google.com udp
GB 142.250.200.38:443 static.doubleclick.net tcp
GB 216.58.201.106:443 jnn-pa.googleapis.com tcp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 yt3.ggpht.com udp
GB 142.250.200.36:443 www.google.com udp
GB 142.250.178.1:443 yt3.ggpht.com tcp
GB 142.250.200.36:443 www.google.com tcp
GB 163.181.154.241:443 res.ldrescdn.com tcp
GB 142.250.178.1:443 yt3.ggpht.com tcp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 1.178.250.142.in-addr.arpa udp
GB 216.58.201.106:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 apien.ldplayer.net udp
GB 216.58.201.110:443 play.google.com udp
US 8.8.8.8:53 usersdk.ldmnq.com udp
US 8.8.8.8:53 securepubads.g.doubleclick.net udp
GB 216.58.201.110:443 play.google.com tcp
GB 79.133.176.174:443 apien.ldplayer.net tcp
SG 8.222.254.73:443 usersdk.ldmnq.com tcp
GB 216.58.204.66:443 securepubads.g.doubleclick.net tcp
GB 216.58.204.66:443 securepubads.g.doubleclick.net tcp
SG 8.222.254.73:443 usersdk.ldmnq.com tcp
GB 216.58.204.86:443 i.ytimg.com udp
GB 163.181.154.241:443 res.ldrescdn.com tcp
GB 142.250.200.38:443 static.doubleclick.net tcp
GB 142.250.179.238:443 apis.google.com udp
GB 216.58.201.110:443 play.google.com udp
GB 142.250.179.238:443 apis.google.com tcp
GB 216.58.201.110:443 play.google.com tcp
US 8.8.8.8:53 cdn.jsdelivr.net udp
US 8.8.8.8:53 c.amazon-adsystem.com udp
NL 18.65.39.121:443 tagan.adlightning.com tcp
US 151.101.129.229:443 cdn.jsdelivr.net tcp
US 8.8.8.8:53 73.254.222.8.in-addr.arpa udp
NL 18.239.70.203:443 c.amazon-adsystem.com tcp
GB 79.133.176.185:443 apien.ldmnq.com tcp
US 8.8.8.8:53 accounts.google.com udp
NL 173.194.69.84:443 accounts.google.com tcp
GB 163.181.154.241:443 res.ldrescdn.com tcp
US 8.8.8.8:53 121.39.65.18.in-addr.arpa udp
GB 163.181.154.241:443 res.ldrescdn.com tcp
NL 173.194.69.84:443 accounts.google.com tcp
GB 163.181.154.241:443 res.ldrescdn.com tcp
NL 173.194.69.84:443 accounts.google.com udp
US 8.8.8.8:53 google.com udp
US 8.8.8.8:53 google.com udp
US 8.8.8.8:53 prod.us-east-1.cxm-bcn.publisher-services.amazon.dev udp
US 8.8.8.8:53 aax.amazon-adsystem.com udp
US 8.8.8.8:53 secure.cdn.fastclick.net udp
US 8.8.8.8:53 tags.crwdcntrl.net udp
US 104.22.53.173:443 cdn.hadronid.net tcp
US 104.22.52.86:443 cdn.id5-sync.com tcp
NL 18.238.243.122:443 config.aps.amazon-adsystem.com tcp
US 67.202.6.126:443 prod.us-east-1.cxm-bcn.publisher-services.amazon.dev tcp
GB 104.78.175.230:443 secure.cdn.fastclick.net tcp
GB 104.78.175.230:443 secure.cdn.fastclick.net tcp
NL 18.239.18.78:443 tags.crwdcntrl.net tcp
NL 18.239.68.199:443 aax.amazon-adsystem.com tcp
NL 18.239.68.199:443 aax.amazon-adsystem.com tcp
NL 18.239.68.199:443 aax.amazon-adsystem.com tcp
NL 18.239.83.27:80 crt.rootg2.amazontrust.com tcp
NL 18.239.68.199:443 aax.amazon-adsystem.com tcp
US 8.8.8.8:53 27.83.239.18.in-addr.arpa udp
US 8.8.8.8:53 id.hadron.ad.gt udp
US 104.22.4.69:443 id.hadron.ad.gt tcp
NL 63.215.202.146:443 proc.ad.cpe.dotomi.com tcp
US 104.22.5.69:443 id.hadron.ad.gt tcp
GB 142.250.200.36:443 www.google.com udp
GB 142.250.200.36:443 www.google.com tcp
GB 216.58.201.110:443 play.google.com udp
GB 216.58.201.110:443 play.google.com tcp
GB 172.217.169.3:443 beacons.gcp.gvt2.com udp
GB 142.250.200.36:443 www.google.com udp
BG 142.250.187.131:443 id.google.com udp
US 216.239.34.157:443 tunnel.googlezip.net tcp
US 216.239.34.157:443 tunnel.googlezip.net tcp
GB 216.58.201.110:443 play.google.com udp
GB 216.58.201.110:443 play.google.com tcp
GB 172.217.169.78:443 clients2.google.com udp
GB 172.217.169.78:443 clients2.google.com tcp
US 216.239.34.157:443 tunnel.googlezip.net tcp
US 216.239.34.157:443 tunnel.googlezip.net tcp
US 8.8.8.8:53 stats.wp.com udp
BZ 190.115.31.179:443 fitgirl-repacks.site tcp
BZ 190.115.31.179:443 fitgirl-repacks.site tcp
BZ 190.115.31.179:443 fitgirl-repacks.site tcp
BZ 190.115.31.179:443 fitgirl-repacks.site tcp
BZ 190.115.31.179:443 fitgirl-repacks.site tcp
BZ 190.115.31.179:443 fitgirl-repacks.site tcp
US 192.0.76.3:443 stats.wp.com tcp
US 8.8.8.8:53 i0.wp.com udp
GB 142.250.200.14:443 www.youtube.com tcp
GB 142.250.200.14:443 www.youtube.com tcp
US 192.0.77.2:443 i0.wp.com tcp
US 192.0.77.2:443 i0.wp.com tcp
US 192.0.77.2:443 i0.wp.com tcp
US 192.0.77.2:443 i0.wp.com tcp
US 192.0.77.2:443 i0.wp.com tcp
US 192.0.77.2:443 i0.wp.com tcp
GB 172.217.16.234:443 ogads-pa.googleapis.com tcp
US 192.0.77.2:443 i0.wp.com udp
GB 142.250.200.14:443 www.youtube.com udp
GB 216.58.213.22:443 i.ytimg.com tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 172.217.169.34:443 googleads.g.doubleclick.net tcp
GB 142.250.200.38:443 static.doubleclick.net tcp
GB 142.250.200.36:443 www.google.com tcp
GB 216.58.213.10:443 jnn-pa.googleapis.com tcp
GB 142.250.178.1:443 yt3.ggpht.com tcp
GB 172.217.169.34:443 googleads.g.doubleclick.net udp
GB 216.58.213.22:443 i.ytimg.com udp
GB 216.58.213.10:443 jnn-pa.googleapis.com udp
GB 142.250.178.1:443 yt3.ggpht.com udp
GB 216.58.201.110:443 www.youtube.com tcp
GB 216.58.201.110:443 www.youtube.com tcp
GB 216.58.201.110:443 www.youtube.com tcp
GB 216.58.201.110:443 www.youtube.com udp
US 8.8.8.8:53 22.213.58.216.in-addr.arpa udp
US 8.8.8.8:53 34.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 10.213.58.216.in-addr.arpa udp
US 192.0.76.3:443 stats.wp.com udp
RU 82.146.61.17:443 i3.imageban.ru tcp
US 104.21.30.45:443 s01.riotpixels.net tcp
US 104.21.30.45:443 s01.riotpixels.net tcp
US 104.21.30.45:443 s01.riotpixels.net tcp
FR 87.98.254.167:443 torrent-stats.info tcp
US 104.21.30.45:443 s01.riotpixels.net tcp
US 104.21.30.45:443 s01.riotpixels.net tcp
US 104.21.30.45:443 s01.riotpixels.net tcp
US 199.232.196.134:443 fitgirl-repacks-site.disqus.com tcp
US 199.232.196.134:443 fitgirl-repacks-site.disqus.com tcp
US 192.0.77.48:443 s.w.org tcp
US 151.101.64.134:443 disqus.com tcp
CZ 65.9.95.83:443 c.disquscdn.com tcp
US 151.101.64.134:443 disqus.com tcp
CZ 65.9.95.83:443 c.disquscdn.com tcp
CZ 65.9.95.83:443 c.disquscdn.com tcp
US 8.8.8.8:53 134.196.232.199.in-addr.arpa udp
US 8.8.8.8:53 48.77.0.192.in-addr.arpa udp
US 8.8.8.8:53 134.64.101.151.in-addr.arpa udp
US 8.8.8.8:53 83.95.9.65.in-addr.arpa udp
US 199.232.198.49:443 a.disquscdn.com tcp
US 199.232.196.134:443 referrer.disqus.com tcp
GB 172.217.16.234:443 jnn-pa.googleapis.com udp
US 199.232.196.134:443 referrer.disqus.com tcp
US 54.227.95.54:443 realtime.services.disqus.com tcp
GB 216.58.201.110:443 www.youtube.com udp
US 192.0.76.3:443 stats.wp.com udp
US 192.0.76.3:443 stats.wp.com tcp
GB 172.217.169.67:443 beacons.gcp.gvt2.com tcp
GB 172.217.169.67:443 beacons.gcp.gvt2.com udp
GB 172.217.169.14:443 google.com tcp
NO 91.149.227.100:443 pastefg.hermietkreeft.site tcp
NO 91.149.227.100:443 pastefg.hermietkreeft.site tcp
US 34.37.6.135:443 e2c72.gcp.gvt2.com tcp
BZ 190.115.31.179:443 fitgirl-repacks.site tcp
GB 172.217.16.234:443 jnn-pa.googleapis.com tcp
NO 91.149.227.100:443 pastefg.hermietkreeft.site tcp
GB 142.250.179.227:443 beacons.gvt2.com tcp
US 8.8.8.8:53 135.6.37.34.in-addr.arpa udp
US 13.107.136.10:443 artxxx-my.sharepoint.com tcp
US 13.107.136.10:443 artxxx-my.sharepoint.com tcp
GB 104.123.88.104:443 shell.cdn.office.net tcp
GB 2.22.249.212:443 res-1.cdn.office.net tcp
GB 2.22.249.212:443 res-1.cdn.office.net tcp
GB 2.22.249.212:443 res-1.cdn.office.net tcp
GB 2.22.249.212:443 res-1.cdn.office.net tcp
GB 2.22.249.212:443 res-1.cdn.office.net tcp
GB 2.22.249.212:443 res-1.cdn.office.net tcp
GB 2.22.249.212:443 res-1.cdn.office.net tcp
GB 2.22.249.212:443 res-1.cdn.office.net udp
US 8.8.8.8:53 104.88.123.104.in-addr.arpa udp
US 8.8.8.8:53 212.249.22.2.in-addr.arpa udp
GB 2.22.249.212:443 res-1.cdn.office.net udp
GB 2.22.249.175:443 r4.res.office365.com tcp
US 13.107.6.163:443 upload.fp.measure.office.com tcp
IE 20.50.80.213:443 eu-mobile.events.data.microsoft.com tcp
IE 20.50.80.213:443 eu-mobile.events.data.microsoft.com tcp
US 52.182.143.214:443 browser.events.data.microsoft.com tcp
US 13.107.136.10:443 artxxx-my.sharepoint.com tcp
US 52.182.143.214:443 browser.events.data.microsoft.com tcp
GB 2.22.249.154:443 res.cdn.office.net tcp
GB 2.22.249.154:443 res.cdn.office.net tcp
US 52.96.32.2:443 f433f088b08930821e88addb9dd44e16.fp.measure.office.com tcp
GB 40.99.150.178:443 outlook.office365.com tcp
GB 52.97.133.242:443 outlook.office365.com tcp
GB 40.99.150.178:443 outlook.office365.com tcp
GB 52.97.133.242:443 outlook.office365.com tcp
GB 2.19.117.14:443 spo.nel.measure.office.net tcp
GB 2.19.117.14:443 spo.nel.measure.office.net tcp
SG 8.219.136.97:443 middledata.ldplayer.net tcp
GB 142.250.200.14:443 www.youtube.com udp
GB 172.217.169.67:443 beacons.gcp.gvt2.com udp
GB 172.217.169.14:443 google.com tcp
GB 172.217.169.67:443 beacons.gcp.gvt2.com udp
GB 2.22.249.197:443 res-1.cdn.office.net udp
GB 172.217.169.67:443 beacons.gcp.gvt2.com udp
GB 172.217.169.14:443 google.com udp
US 13.107.138.10:443 artxxx-my.sharepoint.com tcp
GB 172.217.169.14:443 google.com udp
US 13.107.138.10:443 artxxx-my.sharepoint.com tcp
IE 20.50.73.9:443 browser.events.data.microsoft.com tcp
US 13.107.138.10:443 artxxx-my.sharepoint.com tcp
GB 2.19.117.14:443 spo.nel.measure.office.net tcp
GB 142.250.200.46:443 www.youtube.com udp
US 8.8.8.8:53 46.200.250.142.in-addr.arpa udp
GB 172.217.16.238:443 play.google.com udp
GB 142.250.200.36:443 www.google.com udp
GB 142.250.200.36:443 www.google.com udp
GB 172.217.169.14:443 google.com udp
GB 172.217.169.67:443 beacons.gcp.gvt2.com udp
SG 8.219.136.97:443 middledata.ldplayer.net tcp
US 8.8.8.8:53 www.google.com udp
US 151.101.1.140:443 styles.redditmedia.com tcp
US 151.101.1.140:443 styles.redditmedia.com tcp
GB 142.250.179.228:443 www.google.com udp
GB 172.217.169.67:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 www.redditstatic.com udp
US 151.101.129.140:443 w3-reporting.reddit.com tcp
US 151.101.129.140:443 w3-reporting.reddit.com tcp
US 151.101.1.140:443 w3-reporting.reddit.com tcp
US 151.101.129.140:443 w3-reporting.reddit.com tcp
US 151.101.193.140:443 w3-reporting.reddit.com tcp
US 151.101.193.140:443 w3-reporting.reddit.com tcp
US 151.101.193.140:443 w3-reporting.reddit.com tcp
US 151.101.193.140:443 w3-reporting.reddit.com tcp
US 151.101.193.140:443 w3-reporting.reddit.com tcp
US 151.101.193.140:443 w3-reporting.reddit.com tcp
US 104.26.3.70:443 ad-delivery.net tcp
US 8.8.8.8:53 140.193.101.151.in-addr.arpa udp
US 151.101.193.140:443 w3-reporting.reddit.com tcp
GB 142.250.179.228:443 www.google.com tcp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 142.250.200.42:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 accounts.google.com udp
NL 173.194.69.84:443 accounts.google.com tcp
GB 142.250.179.228:443 www.google.com tcp
GB 142.250.200.42:443 content-autofill.googleapis.com udp
NL 173.194.69.84:443 accounts.google.com udp
US 8.8.8.8:53 42.200.250.142.in-addr.arpa udp
GB 142.250.179.228:443 www.google.com udp
SG 8.219.4.49:443 middledata.ldplayer.net tcp
US 8.8.8.8:53 43.58.199.20.in-addr.arpa udp
US 150.171.28.10:443 tse1.mm.bing.net tcp
US 150.171.28.10:443 tse1.mm.bing.net tcp
US 150.171.28.10:443 tse1.mm.bing.net tcp
US 150.171.28.10:443 tse1.mm.bing.net tcp
US 150.171.28.10:443 tse1.mm.bing.net tcp
SG 8.219.4.49:443 middledata.ldplayer.net tcp
GB 104.86.110.114:443 tcp
GB 92.123.128.164:443 www.bing.com tcp
US 8.8.8.8:53 164.128.123.92.in-addr.arpa udp
US 13.89.179.11:443 browser.pipe.aria.microsoft.com tcp
GB 92.123.128.174:443 r.bing.com tcp
GB 104.86.110.114:443 tcp
US 20.140.151.75:443 fp-afd.azurefd.us tcp
JP 104.215.5.225:443 c94e47342d7aae3b6d8cafef5cbc1060.azr.footprintdns.com tcp
US 8.8.8.8:53 254.18.107.13.in-addr.arpa udp
US 13.89.179.11:443 browser.pipe.aria.microsoft.com tcp
US 172.202.64.254:443 arc-ring.msedge.net tcp
TW 51.53.80.32:443 e99bcfee42003b3b895e5c75fdd641d0.azr.footprintdns.com tcp
US 8.8.8.8:53 dual-s-ring.msedge.net udp
US 52.123.129.254:443 dual-s-ring.msedge.net tcp
US 8.8.8.8:53 254.129.123.52.in-addr.arpa udp
US 150.171.31.254:443 ev2-ring.msedge.net tcp
US 52.247.12.246:443 ca39aae5df274587d804175d7d872854.azr.footprintdns.com tcp
US 8.8.8.8:53 254.31.171.150.in-addr.arpa udp

Files

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 02a4b762e84a74f9ee8a7d8ddd34fedb
SHA1 4a870e3bd7fd56235062789d780610f95e3b8785
SHA256 366e497233268d7cdf699242e4b2c7ecc1999d0a84e12744f5af2b638e9d86da
SHA512 19028c45f2e05a0cb32865a2554513c1536bf9da63512ff4e964c94a3e171f373493c7787d2d2a6df8012648bbefab63a9de924f119c50c39c727cf81bdc659f

\??\pipe\LOCAL\crashpad_4736_RMJBCAKQMJYEUFWE

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 826c7cac03e3ae47bfe2a7e50281605e
SHA1 100fbea3e078edec43db48c3312fbbf83f11fca0
SHA256 239b1d7cc6f76e1d1832b0587664f114f38a21539cb8548e25626ed5053ea2ab
SHA512 a82f3c817a6460fd8907a4ac6ab37c2129fb5466707edcfb565c255680d7f7212a5669fe2a42976150f16e4e549ea8310078f22ed35514ee1b7b45b46d8cc96e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 0c5188d52a8a90cf53edfd9617388e9e
SHA1 0fdf707e90e1443fe1f3a4e69cd04260886a3e97
SHA256 1d2c55359f1d6972651861219bc61b2b88237a10a8cec01a391b6d4b8f8f346f
SHA512 be9c14f8ae0540cc10d6fd6aea5e25139f2a553b9f95e29086c727d885221710960b81b1ac9fc24b5fd8fcfeaa9548d59d7c6da262b3b08647179800f49d7a4e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 6752a1d65b201c13b62ea44016eb221f
SHA1 58ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA256 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA512 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 f3048720f1b295da5a55c4cfc506cf4d
SHA1 d14b4077fc270389ede0d5f178e7a237e3cb3657
SHA256 72df439992d58906fd97fe941266720bac58778e5b610f1ac3f52d95923c37d6
SHA512 24ea6cb03ad72a4c89e7f73f2c67bd067b08bef385e86be11bf60c016a3b32cc2b13d060d3dc0ed4cbac007709b009e6194bbf7c9e848a5452482bfe85f14403

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 25d0eba8a449086b03def7ce1b75304a
SHA1 504f47ea4b563d9e3ecd2d000115a76339c25299
SHA256 2c7bef3258668498eb318db0c2de3ae9aececf7313167bb1dc5aa256a59072ac
SHA512 4439dbd5e04a2ddc353f5396a31377fabaa23363b441dea5d10afb74738f944b437e1c5977576239c025873a4a37c7c79e42b160a63f851bb277097cc66399dd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 e57cc066bbcf1ecfbeda92812aced8d3
SHA1 35f05a17050d071b80bfdf90d27b5f4a53d7e07c
SHA256 ac6880491f7e779a2e45f101de2cd3c836e81e42f89322f3f21ec3ad63b42c91
SHA512 1f82fb475bc4194727c4711f7c176d219323bd928c83b1e2c0090077b4c94f254031401aeb94140d6c5d0236556edb4e299d325dd79c1884e63195341a437983

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 76bbfcdb4df1e9ed82f05e72dfe12ca3
SHA1 58469797afda060876ed6ee3b29ee2558dab41e0
SHA256 22265f5f97293235421e3989d55fdf153b18db9b994aac71dd01309fccd2780b
SHA512 a7ce9667105e70c9a225ffdbfab5a4f41d82901c4618a90429a0c29f79e9eecefa0ff96f364cb735ea47aa36e32e42df191be033bd8ad62a57200ef100d2ca26

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 1f791d98d59698e5f8640f675a8f4e7a
SHA1 3545c099a6bb5cfec40e03c6bd205feb7d9086d1
SHA256 2a9409f7e85f96a9a7f990c77bd81af77e687db9522bc4e99fcade8e2280d46a
SHA512 b3de18430086f0dadfaf27bca45d00484b41b1f5697b25a7b27d31dd2851e636b026df5d44c6a849aef14a7c4913d0c93ca604d71a1a5114e45a21839f6dbdc2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_00000a

MD5 8235f98068f731038d8520df4727c625
SHA1 6ef1e3ca36d59de490e593ec195b632e8e09565d
SHA256 98280dcf81e7ed7a29b2d383c12027481bf771aa6358012ee5ffcc8b3af21e38
SHA512 d75d4b688898ee9c9ee07f7be6e9dafd0154518ac54042270666969dd15dbc3b7c8cf92997c510f42f20a5ad8270d5324dd8f2ef91666a9d6d0450d60bacfd83

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 40106196ce683eaaef49b6df1430e865
SHA1 820ae5fadc452bba9de18c5dba0ba6b5daf9f696
SHA256 32ef32fcce2573980bd727a0b76c196013f18b313bc45846c1ddad524ca240a6
SHA512 9164c3e9bb2c9c3befbf749bdb66705f373beb393d651cb75023ef2c5554a435e67fd65e9ea14f042dfc558e946898b230fb50a6015121dfc0f4c648bd91da07

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe584a62.TMP

MD5 8a09a2dbcbecb43ee467d530102e5655
SHA1 3ee4e208a073f1bd71678248da4b18e4fb59b99d
SHA256 bfed521af9d28b3acff51ab2fb3f79c908427f8a56f4efc2e787e6d77342e433
SHA512 4aa237510b1546a1922e572e717d5e751830103fb7401e789801861cbed0dabdcd1baaab5414f79eb3106b5230fdaf317001daeef5197cd2da96b0369e433550

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\5fd4b130-c443-401b-a3c8-5058db874feb.tmp

MD5 bf30f20572c30dd58117b8fc70c40a45
SHA1 625921f6362a6b1a179144bbb474ea4edbad3531
SHA256 2ccbb6fd08446fdf141a9ed3153c922ee35e8fecf9fe1880947f40fb390be78a
SHA512 23858a3ded5b3c8859fada1d70191fd85fc3ed6e2b607f2a11169a9923e795dc28b2b728326ee09e252b4c151f085ef4b625154e3da165b34b9eedebf5cca549

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 826303d9c71b4649e46f21e1a98b11cb
SHA1 8d6f84bf9072ceebe2c289a9d0a4cc3e5286d3cf
SHA256 a0847ba85a66fb3d40cdc94cdd6eedc111aee1f632dcbdc00a8104a5fee73e0e
SHA512 351c4ac3d230a85e72b51c77cb4da59ded0226911fd280851e68afb2ae8513e34fe69a7533373f1b82668c414ea2ca53ce3fd9a689893316119e91a0d2d5c707

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 4f25f517bfadeecb39a2d1475b185823
SHA1 e1d856aec89d747bdde8a9dc1efbb9afd2095507
SHA256 7a7f4a23417c973b7223b7fcf7d8dd06826587ffe4f3e0d945d88194902647b9
SHA512 02c529ebfcbb64fbbaabf69ac439e8e864fba14004a53b0dc3aab075a101480be5bcf2897b9d9d7100a42ca7df0b3b94c2f4460dd2d8bd5406fc520843a2face

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 ac8060e6f6895eaced71ef9cc3323ca2
SHA1 42e42daac624e5f497d4e22f3d7cf33f9b1c0b17
SHA256 cfd52ac48afd2bc1ac101aa02ad99f70af8a809c57d4fc2eb1b73d9b9b3dfd24
SHA512 f976483b1763238d8eb227cea61536f3bc9060f6b63191e5248bea8a418432b3598ecb602923613961cdcdb4c93e214cb23ad847c0193e96263c7e3e64dcb5e8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 1c3f6fc335638a9324f1950d9e49befc
SHA1 8d456d7cdda04cbf4bfd11f223f793fa47ab1ee5
SHA256 d418149eb64e7da51cd73d398ae40a7e6b3e4f9042227b547d39a21f83fe6ee6
SHA512 ac05c5bea22298734ab5c11c444a9fdbdf15f99934e717d0f4a9be59db3c2472bec3d4640ee71db34f541ea47b130b83c1da0b9da1283d41441fb2d76b5907aa

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 e31ab997453444ef82b19b2966867c8b
SHA1 588754aaf4877e54391da337e166656ff78adb2d
SHA256 a229dde9bfbe36ab3056bb851f07b3b5ed344afd2cac7740fe36a439d8fc0187
SHA512 c06cb7064121b1594b4b6d9cf9b1302d7ae1f1c17a26f08537b7715c14c16fd9e39d68747a3c22cba4ea1afc16ef069b26e118ec3236541b4d253520e30eee2a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

MD5 b3e3a4fb1521dcf945116fa9e812c472
SHA1 d7a0940a75e394d6acdb5b48bdf80c462dd20b34
SHA256 7caad4b574a502372caf8e2aa1062d9c01f8fe04635217130fa8545a787f2e0f
SHA512 f803e26f1ceb9887a9182a05f715fe0d921cebb4aad048b84d950980a8a0d88c81e887216a76a041109e6a12854dd8f9ce130c3ec7d19b27deed1a111647cae7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\5d67e2d6-3e0f-4ff1-8fcc-b294f0a82f58.tmp

MD5 b9f71c1676ec60554147307dbee1c23c
SHA1 dc9b30b5b91c4cf616b634afae080ebfc4cf97e1
SHA256 3f5ebafd100ff53a373c24594a10fe9c72b5531e717b20bef33b248155ec7697
SHA512 a5a843f611024f445221895dfd80dee33e2695dcb55adb1c162abea395d4a95924744e0551cbe88b6805c4fc56eb0590c18131fe21f82bb349fc5dad830f775f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c8849f4fb7044225458f11d499ec788a
SHA1 46368fe615d85d0310c8d1b054310be840e78606
SHA256 d2087afed025fd074956c3d9cbc4f90dcb206bb17bbc78f8d2ebbeac60f74933
SHA512 7f65b6410c1749f7bee12d9b8e36b1b2860ddca3fdcf1507a58045bc3fa4140d3aab05fcbc64940a665d5f04ed3fbe18889320d721d697842a56263bb396ffcd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 ad85d47edd66e749a4cbb94433a20793
SHA1 c501b1ac7bfdd9c73ee2d7435bf1484fe5d5896a
SHA256 4f426ee2365c6d121e3eed0dcb05dff82bd5d52baaf218233b5b7a421107a172
SHA512 e3a0278cdd52ecc798f46a5037aa0a453bcb156a7a077ad050b63c70c71400d40c739dee2e76da64cca920f90927923da15329d529a2f5a19cbd07569d332c6f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 f9ae20bcc81596d133b4a75c2731383b
SHA1 95e4b7cfffa49789808f5211ab6b25d2d041ad70
SHA256 0144a798efda56742108961d9996867137571763f5cb4b71617c32a91b481c2e
SHA512 4300bcf59d5cd8ab090a9a6f3f54ed37fc728af052b6e669a3e658d90db5f45e465cbe387e51d994a98018be554b24c7ac22d5a2f7cd6545c6b3cbdb9cb9f5fe

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000008

MD5 1585c4c0ffdb55b2a4fdc0b0f5c317be
SHA1 aac0e0f12332063c75c690458b2cfe5acb800d0a
SHA256 18a1cfc3b339903a71e6a68791cde83fca626a4c1a22be5cb7755c9f2343e2a5
SHA512 7021ed87f0c97edc3a8ff838202fa444841eafcbfa4e00e722b723393a1ac679279aa744e8edde237a05be6060527a0c7e64a36148bd2d1316d5589d78d08e23

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

MD5 be73c294e1d3603b91940bc8ebb1298a
SHA1 455c4113e038d15b16a4aa4946e6d0d11b1c16aa
SHA256 56f4c309770d06688d1c83b517bc5d9bdceef117ac6499abd9967347ed2d108e
SHA512 e7f719302db4805ae9b99bdae462ebf25ff4c3dda8134fe7107a2d7781d3d1bfcd76e317150d25d437f95db090ef26508200947a187d4607ece3e2fd01e75b13

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 089fb3c1416da9442ce9c58a249f0774
SHA1 0bfb874ef51d92105907e8beb0ab4f782cd8bfe1
SHA256 e6f446d10a01fd770e35e2cbd3e6cd876d142d575d017543acab6a471fb11f18
SHA512 e1e492e3232d237f92238e3f28d6454f51c0c10795d136d00e34330a9d827e9a85d305f3213ec9fd80036325e8e85cf729147622dd7d044aabdae58535c3e083

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 387d1b908a8f2c83fcc7e9a41d10455e
SHA1 a061402bc094c47dffe0d77b0c7824a608d6c852
SHA256 d9a303b9b86ed4be4ea1e1ecd04299f39de545d3c779f1f82a655f29607f7405
SHA512 64ac0435e1e5a392e8c96cb66250bfa2eeeea55ea1164ab5f14420f78a7f3fabc98d1ee88b5fa28157a0e02fc467b13de7f23ef6f38cecff4437bda0e9561c1a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 aea98dde604173e31315ddebed956e73
SHA1 bce3abd76365148e2de37ab96b267b7672b6cc86
SHA256 93cf9907d4fb55ad71571ef79f628ad9a4eb7b6cd7b5813b6caf90d07a8e965b
SHA512 f350fffe214cc041a596ae88110a7f9ae85cc6068b4e9cac078309da49b92ed7339d98e0a3bf239545dd38f9db6590379d00bc7180a1796dffa5c9193fdd6c42

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 9322d6298445db7e5baa830d19f7f9f5
SHA1 a0552ff5a6c39c3bdba35d6b9f5d17d2633b63a3
SHA256 74fc73b4ee4ccb833be96c257912aad527bd0287438b9f32e10ea6bc4eaf1445
SHA512 b9e4cc053d108841dc9f6fd6791cf988dcec80432289d09e03df0e7279e0b7537c83a3104a958b207cf26f025aad15ce9688c3560ad479a90976d76b0df6999d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 112f541baeba3358495ab85e33eea27d
SHA1 1bd6a54481c7a9d61a0eaa6d7459f30f72fbae52
SHA256 78b8d40907ab3a7fc552d3ea7dcacf7f8a55ad37ed26e8f55b2752109c3fd3ec
SHA512 38b60aa4fbeebe888c90e9846dbb4728574b0932240e66cd7f576e2484faac5fdec8c8f7a5be028c9fe23504cb5901eaea61e2ffdaf547154db8dd748a662005

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 1ec582aef491e279ded00ce4c47a7a22
SHA1 5189b0968570a97ad7fee2f7bac2d1a7ab110d01
SHA256 2b678695f55723b09e339058b38098a92082b1f8dec3d6cc5996d629b2f4f2ea
SHA512 dd62d8ebfaaff164d4df6d36d898c2e0ad73d962be53d878b2f76034c6b167762f05ad493c2746b44690ed37010cdd813dfdb5bcc3c2af85238fe85e97194ba2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b0c724eb465cb1b11bc1d52524a78acc
SHA1 0c3fd20953d531878f0aa93573571f94b9759d64
SHA256 a9513c9c7413d961561bb51dccfb08db5f5e32d61d4819e159c07f50de78e685
SHA512 f71911556c1eda2127b6b927b6ab09ac926732b40e12f99b655fe28588f813d358aa24cffebb2693d5e4503092a95d2a487235958210d063a95ad9e1cff924a1

C:\Users\Admin\Downloads\UnityHubSetup.exe:Zone.Identifier

MD5 fbccf14d504b7b2dbcb5a5bda75bd93b
SHA1 d59fc84cdd5217c6cf74785703655f78da6b582b
SHA256 eacd09517ce90d34ba562171d15ac40d302f0e691b439f91be1b6406e25f5913
SHA512 aa1d2b1ea3c9de3ccadb319d4e3e3276a2f27dd1a5244fe72de2b6f94083dddc762480482c5c2e53f803cd9e3973ddefc68966f974e124307b5043e654443b98

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 3901dc261957b1a0a6fbfaabc164722e
SHA1 f934e153239bccdf9ff73266e18c286f756e1835
SHA256 40f744d888237efb548529fd291374cdf2b732fa17aea8fc72d939c5e7496fa7
SHA512 b5b001943fff6d37e2d69d1723c1ad9de990f831dd2d9a6a3e8dc4ce831c96325563ea15d680fd389038e525c2ee957676365ae97db46ad6efe88060b9a6c1e1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 23a71cf5924f2b3ce2dd4f3034547a70
SHA1 f7962a0f57ac798cbc06c04919fe7c0d4214b0c4
SHA256 fa64570328ac1ca64b85304b4c8e09d5e1fdfb720c68dedc3d249fc8dccc6a83
SHA512 935f8f36831560e639a85501368f920f7320af023bcba9a8bfe09efbcd61a02dd892c3338813aa560282698d5c43b6f8cb60ab75dbc93962dd4bbf080ad8b96b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 3c645d73bd70bc9b1785054751f57e5f
SHA1 5f8ecfe1ebea5a3008c74b86b350416864a01af5
SHA256 c379748461e40f66f00b29dd74d3673c4be22934d4c66ed5f4aa67078ac8e13e
SHA512 97fe3b922d288f5517336596ded956814a24fead76934020f81727988f0c4a47e635c51d75d05ed8a062f2b4492ed3aa986005b8c02f7dd6daa1b8ad1f6df3b1

C:\Users\Admin\AppData\Local\Temp\nshC7AC.tmp\System.dll

MD5 0d7ad4f45dc6f5aa87f606d0331c6901
SHA1 48df0911f0484cbe2a8cdd5362140b63c41ee457
SHA256 3eb38ae99653a7dbc724132ee240f6e5c4af4bfe7c01d31d23faf373f9f2eaca
SHA512 c07de7308cb54205e8bd703001a7fe4fd7796c9ac1b4bb330c77c872bf712b093645f40b80ce7127531fe6746a5b66e18ea073ab6a644934abed9bb64126fea9

C:\Users\Admin\AppData\Local\Temp\nshC7AC.tmp\UAC.dll

MD5 adb29e6b186daa765dc750128649b63d
SHA1 160cbdc4cb0ac2c142d361df138c537aa7e708c9
SHA256 2f7f8fc05dc4fd0d5cda501b47e4433357e887bbfed7292c028d99c73b52dc08
SHA512 b28adcccf0c33660fecd6f95f28f11f793dc9988582187617b4c113fb4e6fdad4cf7694cd8c0300a477e63536456894d119741a940dda09b7df3ff0087a7eada

C:\Users\Admin\AppData\Local\Temp\nshC7AC.tmp\StdUtils.dll

MD5 c6a6e03f77c313b267498515488c5740
SHA1 3d49fc2784b9450962ed6b82b46e9c3c957d7c15
SHA256 b72e9013a6204e9f01076dc38dabbf30870d44dfc66962adbf73619d4331601e
SHA512 9870c5879f7b72836805088079ad5bbafcb59fc3d9127f2160d4ec3d6e88d3cc8ebe5a9f5d20a4720fe6407c1336ef10f33b2b9621bc587e930d4cbacf337803

C:\Users\Admin\AppData\Local\Temp\nshC7AC.tmp\EmbedHTML.dll

MD5 c08431578109da597240a3cbaf65fd63
SHA1 687ef12f3db594332a3c9e679b8822eb9bed89e1
SHA256 ee95b019b9c8681be56038bf4a4455f74c4f83c287fbaded6b5aa7b5dcf4a38e
SHA512 8c8814a4c11ebe48be075e228477f394077efac04f2b7ffbc39339270d9a0b699f8398a17aa4cd4a0570c8f8c9e7de757facd30c326f1dde480a799542b07e8f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 9ea33a0f0088247a518a422dab36b1f7
SHA1 86a9556bd05508d210b24e3a2121fd6a6f183980
SHA256 5012397820db5683641f429722d51fdb16f7c39dfe998c7dfffb5e5310990387
SHA512 7a9a78ddec2cdc2767b7060c16d12616dc3f7bd9e2db36b0ce7993a85a165acf4791921020774ef7a95c39178850f729eaaab4e059513e0bf71bf10466fe1be1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 39a25f99c8366b25ac53b3d140540154
SHA1 ebe0b0d5839fffcad2fb37105817f78ae6e9733b
SHA256 ac2521bde18c20e818ab738d8dec1f9bbc753e7b825aeeb0504dd221b22e6479
SHA512 c303fd1cae602e98ee60cb1febb9f9b3bac7a45f6850c2ced1b7ed166389a76f915f0473ae75113792c8fb7039ae6c228980055a9a8af6e1a44b4e88378586b0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 88324ee6869c9d2254373af08bfa9f2b
SHA1 d111bfd44b6fb80db6b8bf94969a943a67ef143b
SHA256 553e39c59dbd2c6b80b0aaae6ce34434ecf84c0c24a80a3856fe8e69b2f88b30
SHA512 deb26f8abb5ac38ad7abbfed992098266c6f79fd07cb2c2b9366c6c679c581677949c412410db56d54e500a7ed32c73de906be548ff79b0cdd6be0827fb36f0e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 142cf3efac32edbacda360d2960b4bc7
SHA1 4f392983c449611d8b86eb83d093b1857d345b4e
SHA256 5424e1adbc765ea350c811b3120b30ba3d9074c1b5ff5b3bbe59ea8194ed3b12
SHA512 f629db04b6dfe6d4b6e51289d2bb39d47a1dd0d4039160542f062ac1fe4261db4f84fc1fbec143e879baeb50476ae146d924ccf62d0fe46e83135bad87d0f2e3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GraphiteDawnCache\data_1

MD5 50c2eaa4fa0b4f3a59db796794325bec
SHA1 e6e5b4c03349c7cdd3b6701ea575b83f567ac99f
SHA256 b292448e45fd63fd0e020957b0d667c2acb13247fba945f2a760b430ec69386a
SHA512 0ca68515b673a128cb3f08303c3a73b5f1898e0e0e8877ac4826866a5c98d6022278d0e1ae27f92b551ba7b41e023834631208dcb192d77e5ad1a8209f150e20

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

MD5 79e90b79849ab24f7077995c4e45f1d5
SHA1 3dae744f25bcaa1b690d61b789a8b1e58a790953
SHA256 3d2a7a2b6c89618f30d26fd5dac9ff7d52d6cf1d3651fd7aaa1d1229464b1507
SHA512 6169379e245102bc4b1ff74bc2c7cf356f24fdef55e5f3f8a7323da36f6ca92f1ec38bf230cacecc89c33e12e1b201de417a570a998f31cb281bed3ae8f8deb1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 bc6142469cd7dadf107be9ad87ea4753
SHA1 72a9aa05003fab742b0e4dc4c5d9eda6b9f7565c
SHA256 b26da4f8c7e283aa74386da0229d66af14a37986b8ca828e054fc932f68dd557
SHA512 47d1a67a16f5dc6d50556c5296e65918f0a2fcad0e8cee5795b100fe8cd89eaf5e1fd67691e8a57af3677883a5d8f104723b1901d11845b286474c8ac56f6182

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000e

MD5 6ee91c368f2ccb27602daade4d6a0c6d
SHA1 07417fb3286163c5aa48364a5b07e1b4c170fe66
SHA256 9b9b540f18a899f45bc1261fdf85db06ac0524e47cad52edb27e1de5defcb1e9
SHA512 6263d93d37f93669a203152df119c59f59ed5bc48e6ca2b4b9b1941ddb3a1176c4bc76f6e02665a6563c6eff2b8683a88aa51aeeeb8aecfea343182f8a01bcc3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000d

MD5 68cf502e2ad004b6ebe2e620c55274dd
SHA1 557b74a22427f1146155cac0ccd7346e535b487d
SHA256 fa6e62d495b4d2d4f6f5c1f99d1a5662cf609b1353a77fe152630cbab893a37f
SHA512 3e3662cb49138a24ffcb240f6afb2e684f337c3a1419dd6a0d2e224b87859217a4aee80d588a095e47d30ef8fc9397e040519f128784a8be5ed520a39fa3f971

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000c

MD5 87c2b09a983584b04a63f3ff44064d64
SHA1 8796d5ef1ad1196309ef582cecef3ab95db27043
SHA256 d4a4a801c412a8324a19f21511a7880815b373628e66016bc1785a5a85e0afb0
SHA512 df1f0d6f5f53306887b0b16364651bda9cdc28b8ea74b2d46b2530c6772a724422b33bbdcd7c33d724d2fd4a973e1e9dbc4b654c9c53981386c341620c337067

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000b

MD5 bf3941267721bd7937dc6764cce1eb6a
SHA1 d159642e19e03c48ee52fb67b44bbc5c27c2aaad
SHA256 c6b1d1be90c8f728dc2a75f052d049c7e0f39cfafa2be67f238bbd3113721972
SHA512 2fe3b1503814593db8ca32af3035b7645dff8a7c52c6d867b93b72792534cf52f3f1fde44f118b8b16c4618b120ae7d59a8921368722eaf67038f52cdc014cd5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a

MD5 a11454e926e1316ff204c51490080b58
SHA1 4506cf5752c819ff30cc7be1689a7dacb875fd9c
SHA256 4e48a05e1b8a89a995c09c71e1bede50474a7f5d0bb19a82c9901bd774ed95c2
SHA512 e9ca0d00e4694b2b0dfd60bade7a7bdf85c4208d321f6be493a8a1c556a67502096aeed862e7465b3b6b1635d83a0888431edbd095a4c4a30cf58f5e2970acda

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009

MD5 ad084ae94f2a62341c8a94c326acae69
SHA1 12a3d4b5b0224b69c252e6de42f9c2d38221e2d0
SHA256 be5a10dd2bb7d409794492a1c6aab8ac0aa7f6f8ffb487d2eac22c10e556afed
SHA512 c95be5871884c93e3f5d857f7065fa749d78573ef136577f3dcac7855ecd32231a990986be3b206b75b7ae31d88e2c55fffaf05da6bb4e41eb836f2a8d36d9ac

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000007

MD5 abda4d3a17526328b95aad4cfbf82980
SHA1 f0e1d7c57c6504d2712cec813bc6fd92446ec9e8
SHA256 ee22a58fa0825364628a7618894bcacb1df5a6a775cafcfb6dea146e56a7a476
SHA512 91769a876df0aea973129c758d9a36b319a9285374c95ea1b16e9712f9aa65a1be5acf996c8f53d8cae5faf68e4e5829cd379f523055f8bcfaa0deae0d729170

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006

MD5 50c1a7bfbe54367271f77203fd806c5a
SHA1 c224ff0ad20341cffc7a0d5d3cbd131143af902c
SHA256 22c4ba20611acbef25780904e39fe8b610b8f5185aa0c82c60083c03e8da91d6
SHA512 db83429f4641fac4e78156b660d32993b47ccbba2349220cd30a5d1a8058f8afdfb89b9ed854efea96101c35101273bbe2afd144dfd06e3e470820f2240715de

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000005

MD5 bda14d5442dc4ceed2514149ca42db81
SHA1 d3e0f14d070e572320517dcd1e31c48201aa35d8
SHA256 a8673f1311ff748a80798ffbce7c0bdc9933c4c9e8d3202e9a63c9728ade1562
SHA512 ac721da7295f4afc68b967f1085f4d3a5f8e76808b47fc910ce1c35b30a218a3831c8d8ae44074fc8cdd058eecbc413edac5be313c9d38073b0bf4c0db49702f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_3

MD5 fb9a919ea8a2c070b5b38a282d047bf1
SHA1 a4f54d653c92d3ab8909f0911c813bb2b2d3733f
SHA256 b6ddefb422cddc768988e9fcdd490d8190b981eb857d2d6131f7352ffbe7ee8d
SHA512 a97dc8bcab60b364fd1dad2f236c99f61bb38f3eefb22b24d5308fc4be929790b0453f960bb5819bc45bba844b511d94bc0a6e57e50ec32b6987bf00949ecb78

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\LOG

MD5 0dba01ab2f4e3dfa9f4ef35b6f02798d
SHA1 3361b1218e7dfa71d1ef72085e55a22b9c3028b0
SHA256 94458ac1c50f7e2152cc6af79a6303042c84eb04229ead74f0734a6edcaf950d
SHA512 a9f5bfd95ccf85ee28f0b4ab0d306239ba4c51aff82daba56365bfb68abf6cfb17f68e702eb9ba2f6999f6eeb556c0f3e605f6d4cee4ab4835244310814b90ca

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_2

MD5 d04ce95af110ce57369a565549bdb435
SHA1 8aff697371b9251421420da745e94af269205c05
SHA256 5b8254f881d1be274109543f7b189a04cebe9394aadcae8aac60862a86c055cb
SHA512 025cd0e15da0a4f5f12dcd6e91d31f4e40b0eddf5aee4dbb38ee49b96adfc4621b4ed235ad8d7a1c422d45b7c6e14caf6890275dda1fa6c019accd1beda9fcb0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_1

MD5 f1876deb695d3f59a8f44228dc98fa88
SHA1 e168bca9408342fe00c0fc3af8fdc9931a2ca7b3
SHA256 8aa6642ea90482e7cd9ed1105f402eaecebc80a9127aedceb7b05c0a96d75c56
SHA512 96208d2f91ef7fc527b59ddd2d4d9863be34d62859fdeda0afe486ed547ef039c49bb7edfc5bcdf1b7d8a857941730f8829fabcc5f2481dc1646fd58c9ceb660

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_0

MD5 b6169ff9c9d2f3331cb88a69e796a426
SHA1 2c0834fb66c58e767011b1ee0591cb83cab9d198
SHA256 3c3bfcd73a39eb0eb88ae2f9cb03052ac28ad21ea42bf22a64ac119c4f7c83f0
SHA512 f8364e85194ce59f045695528f32e4ac96c4a5be2ba68adc52d678e24c9957de46d0a1d60cca4f310b87a425814b873cd07b463ab281dd3e267ddc7642bee4a1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\History

MD5 486ddd735493462e7d7e40ff6e494e05
SHA1 479071b94ab7aaf36bbda808ffac38889d4f865b
SHA256 f98c2d6da6f9961766e920efc320d11153f919452c047f8c9dbbcd7c4437aa09
SHA512 97edd713459c8100694cf9600797473e3f8042b99452976c835ea3b66656b77dae7b5868187f35c7df18f5511dca4315e7708e81eb45ac2f75506faa878989f5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG

MD5 1ad32d9a035ac763e5bd132a75e82a32
SHA1 7f739b346e13efb79be7be90eb2c868524f0cd81
SHA256 e26d1aeb59625a9cc25357cf306270044685fa8b8015428df4d5d4911acd7b4b
SHA512 4e6c6f9c974fb101a3bfbdf18a98db7e743cba4382bdcf9fe41695633e6adabb0f3eb0906026230e0e5e9c5962d3e87be22cdc4cd405b8da5f32cacbcd938ab8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1

MD5 0f344098f314e18ee76279f27141d293
SHA1 0e6952abf67caf6aa73c8da0ac3cd177eb52a779
SHA256 f5dd23640d4919a124367176bd927cd65e719d6e2f73ea08803194050242c735
SHA512 22daba5a19642bbc3f9a52b96acb2dbdfc0a22f236918c4d89008f603f580a4e24754054702c2be9e86bf51a726b79874b851098a0930cb131987f865f405f77

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\segmentation_platform\ukm_db-journal

MD5 d4bea4bf6f416f26ad86ce0143c7511b
SHA1 b42ae32a367538e46536c9e064c872a15b409258
SHA256 3c72b17033526e7218d1a30064f42b147c125d4e419c8155b515362c381e701d
SHA512 fd6757be32ecdee63462f25ee26188762185d512f507036a2686f148ac0a42c781e42b7eddbf85774785618892d77c8e38ad44ea74e4bc53165d0a6f0c292cd7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\segmentation_platform\ukm_db

MD5 05d12410ed600723b8db30bc86512c54
SHA1 9909545cb4d0b1100c6a9f987c824c6d8f0e911a
SHA256 f75d9931f122a32b49aa1acf6bb1b334103ac319e575cf6dcf905e305846aeb6
SHA512 91c87ed7ca154188b9c606bd85972d8ec798a276e5f6d30ee53cc128e2fd7110490214e4c861872cec4a77f686ee110746b4ed9d716cfa0a8e5527823c52811f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Version

MD5 ef48733031b712ca7027624fff3ab208
SHA1 da4f3812e6afc4b90d2185f4709dfbb6b47714fa
SHA256 c9ce8dbbe51a4131073db3d6ceef1e11eaca6308ad88a86125f221102d2cee99
SHA512 ce3a5a429e3796977a8019f47806b8c0671b597ead642fcbfbe3144e2b8112d35a9f2250896b7f215d237d0d19c5966caf3fe674165a6d50e14cb2b88c892029

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\0f4239b1-f8bc-4ef9-b59c-775c33629c14.tmp

MD5 5058f1af8388633f609cadb75a75dc9d
SHA1 3a52ce780950d4d969792a2559cd519d7ee8c727
SHA256 cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8
SHA512 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 ebf3aa80080a274d001a51c8c68bd0d4
SHA1 30bef8b51437232d78fc409103af1b591928de5d
SHA256 b3f8a5458f9607f1c14b097079b13bab7b76116dc2452a9d17f664a8190f7dba
SHA512 a42fbb22324b9d2a5b220f4e46bc88b84adbd3da5bc9bb1869e3d1c4783889453cfb2c667887b531f21f7d1740aac15a6fc1c9842caca9c9cdc82ec597c066c6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2ef40b7ed3fa63b930b9df9cd269b46d
SHA1 a35a5c1873f7fea1fa6efeb581aab90bb5d4ad38
SHA256 662f8f3336f034089c392fca5f0e979ac78a66961942384da513f7d807742b55
SHA512 84dbc47fea695b3441e888af5cfe142341c4ac51a28914d986f8f70d9c4edb4bbdf26f8dd64c6d6d6aa3e3fc99a3b1bdcc949c03051af50700a628a9fadbe419

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 4908bedb51c85b552037441d08f7c3a4
SHA1 0299a52769aa28f733261dd846c2c42eaaea7501
SHA256 30f4f2e51d16c52d8025db3e34958934482a33a2b62cf9d3d3225d5524c87b44
SHA512 649b9c8d1133d97af4ef004c310e89664d44ce7d6070e55b4b5dff718aff161221b56cef0a189a9ddd99018a5615c06bd3e7309dceec4986922c63d70e0b3520

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 b5a22dbbb53e949377f6d8191aa066e0
SHA1 601a749b2fca7924c0a41c22823736ef137a583f
SHA256 fcebbcfdf43617436964ec88403d2666d6cdb0e7ad5abb7ef3e1aa65337f699b
SHA512 9447f41e3f7c73d799f6ae028617f87c9a6ca6f0d3b653ec85ef4c4c24788f6758155cff54e51205541e0ebc7005ff1db894bea54fde08acc7c59e596ea2721a

C:\Users\Admin\AppData\Local\Temp\nsa4D19.tmp\license.html

MD5 2a55eef1dbfa31a5df65484d2cdfce8c
SHA1 f1b36d4cafdb2922bca1f4721cffc170fcd1b64c
SHA256 223f54604da92aa58886ef5467837077a76d6d5061ee701128f45a4fe8e60a96
SHA512 ec414f6aa58cd692bef59c4577502f97f56c0b7d53c8972bf6095691ca6e7601d8f07555ab69b18793767b1fac32c808a5d2731d33a4c352f732842648cb8b8b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 d58d96ba0c7b9afaf4133f1ee2be3069
SHA1 d6cac29f513f94664d9935775bc45487c4d0687b
SHA256 9d3dc5526c4fe1db920331c1a7c40477f7f958468d77acf2a30fa9b610530be5
SHA512 fb535cd128074e7787ae75b5baa3801283ca721d2e258dd8d09499f3ff18e56e84633bf485f349e24ca745f4493bc3b05a168c308233aed45d3168f587c89843

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d5769d9fe31b4970e0436e5e1b7aa58e
SHA1 761fb0641fbb5c9d1179d80c120090e7d8a3cae5
SHA256 51d12b2d5b10cc6117edc2dad83ce41b87edec48639ef93eaae733fc71295da8
SHA512 04f5dad65cfb4ba85565ed6404d23aa14ff8bb0963383fd718a792f1714a84483aa30095b4b415c7fde83d9b2548f4dfbf582f018572904bc924308b1f9ad48f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 7194922d0a945a92e7b1c95f7ef3f04d
SHA1 73e654a053181141074e751a39746174dfd9cfcb
SHA256 f580cbed8215a905594610ff7bb324c6913216063c27dd4bd7f5b4489e9c3adf
SHA512 1fdd43c9770d31cc7044eb71c91b79dee2c9b3d98b31c4af62c4ef92403e645e7dbb6187e62eaa7ae0ba9f0337321ab2fa8603f62ef966a1467a7d3db1099109

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\2\CacheStorage\index.txt

MD5 a7a2f6dbe4e14a9267f786d0d5e06097
SHA1 5513aebb0bda58551acacbfc338d903316851a7b
SHA256 dd9045ea2f3beaf0282320db70fdf395854071bf212ad747e8765837ec390cbc
SHA512 aa5d81e7ee3a646afec55aee5435dc84fe06d84d3e7e1c45c934f258292c0c4dc2f2853a13d2f2b37a98fe2f1dcc7639eacf51b09e7dcccb2e29c2cbd3ba1835

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\2\CacheStorage\index.txt~RFe5b0fac.TMP

MD5 692ed566e2c88ba5d198b2fad7e14519
SHA1 08467667c1c0dd5ec19bb509cf7183ca81a912f9
SHA256 46846c9095257a69f528d63754e72825d958b93d61def5a0770e936a73f9b2d3
SHA512 f2fa54f82f0f92a89532688e9f52d70881d188d3a9746c8f5629ad8ca735afe520e06158dfd1f0101aaa79dd2ba36a6d060c1cbaf7024177ccd3cdc9e7783c7a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 94a9eb42c6b46a5666f18b743f45ca0d
SHA1 4813e9070097eb08502927383a860a120271bfda
SHA256 6cf4201e4aeb85b8ffc5f9a780bd18fd6fce8e62794b2283b3cda8e6006e3a30
SHA512 5bfe6119051f43701398db0a3771d7421b25394153cda691ffc64357342c2354db7da151265cdbf83988deb8aae74e3fafa1b55a324c369add515132e9867477

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00006d

MD5 24e2a32e7e8a190a08af9d386f5b59b3
SHA1 4a609894398d5e85d07af10af19f85edfedb7f17
SHA256 a99e8f750e7601902e9fd11052906362b1031381f9f6fe63ffe2c4cd2b8a6d05
SHA512 901e49d54709d2232b1dc521a1f91098d38efa173d1a40247019dbe74cbf624fb2c546f4f643e24056137b08c3365cc2cd67841ec522fdcd5cf77ee9d613f8f6

C:\Users\Admin\Downloads\Unconfirmed 612581.crdownload

MD5 9855e448af8561fc920d69a7b45a309b
SHA1 9ceb185e61fde58d6db6e3c4e2e7932ca53ce712
SHA256 aebbda8979b54ca3094e835ec7bffb08aca6c79480675d46bc5df75d9750a583
SHA512 a37495c629c9fd636702f1e1479b0ffd8c7b921cc914a7208478d2b9c348149634bd7736ed41d6627902e8b8e5d5316dbeb3d5783b93574a48b7fb1786fc6d6c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 088f6951f2ae63460e9b84a5fe412675
SHA1 2d4b3a5fd4c34f366064e45288be8276892a299c
SHA256 607310563407f3a543bcbb3b3ca504d58830aadc1d742da0dbd55420386e9e14
SHA512 abd0c3654e78817d0a59198cc72b4b66972f45a430f71763e2abdc17a7be35e2382ee63ffbd7c92f20e5a48a3936e0f7bf1f41b78f1d4a896fe63b54e9a34ab5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 281d3b274317881e32a179f99fc8155b
SHA1 ab1b4fe8466e6f3af929890c091eafc4baf05d8f
SHA256 eee7b28f5ef586fcd2e6551db9429ff752c7d07405a3bf2be3e3d11274dad154
SHA512 211a967a462de701a1c232ef64e970eee72175bfc709025fc5589c46ff18c0a001eb00882fa329e38667d61e4bd1ccb71b1c472e9f4d4be8640cd39c26766971

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 8835c7c1251f8d638d102e36363a17cd
SHA1 fbad21071d938503fedb2feffad75ee176f62437
SHA256 924393f879f28b602fc5b0dd3fb9a3e6e06eb1aef3bcf96b1aeb895df2da4059
SHA512 1572229c285f16fca16cb7bc0b71fb219e99943bee8c5bd89f2a574d77e9e2db289f21e1c39be8bfcb2a19a861f76737cdd34730f0d34cea3d9aadcf0503fe10

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 5f6d374e8653c7836b516c2f9e726753
SHA1 5853881082215c8c6cd163a7b6741146f7b78cef
SHA256 3a08ccf1907fab905840d256c8d69c9657cba5f88e39dd53fed22c3a90ad65ce
SHA512 fca01f5c573e61afe2983dfe5c9d7dde7a5a28cd90d876201c31275ef7fbdb1b27b3e165d6759b6fd01a2c8add14aa30734bd031ba42efbeec8c1b86544c2b37

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 5b0db31a99b82fe48fa8a16a523d68ba
SHA1 6257b5b0749272212386fbfbe9071cec23013df3
SHA256 9acb2ace75d519878df3ad1c623bf17b5a5e9d31e2e6bf6e6c28c5e8d0dcf89e
SHA512 9622cbfcff7fb087e398dce9b3e73bb89372ca176c15660215431fb081a07acff763c50c473fd285e3a226d966a495d1d6aeb9888a0a4cf9f4df698b3ddf42c9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 eaf2f13eb973cb9e8c65347beec1c85f
SHA1 ef89a6f6d25fb999bac2cb191cfbf4cda941add1
SHA256 9685ac649288f776f7aac97596088ed1709078bca723404b6bafc0ceaf085ac2
SHA512 7f34a7c8bbd9011c74d80118578c9fb0bb8f12a9022dac1a39a2045cf019f158870cc51b57b9be57a0e821a034620176d60876b0a18541a0daaf933901528ab1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 a9692eec9ecfe627b52c52123283b992
SHA1 f72325bd146f3d0cd8ff75c9ab4a3c0b61ffaa99
SHA256 e04241a057473017e1587b7928b0304be0b4505ccd88765917d713e89951c0e9
SHA512 e9ba0b6b92190b90e33b519e00aef13a46be316dbbd79f03e66b74a3762abf642d9b18c7b555712370b42a067a4adcae4711906dfe1a5cb8adbfa31c35d4e116

C:\Windows\Logs\DISM\dism.log

MD5 02ba43cb8c74093ef194e163827210cf
SHA1 b402503d1b49b51dc27a19b5aab5729aeb03db97
SHA256 46503a9ebdc8d63b1691359e1af005d863342e3d66811485611a2e0f0feb4ed6
SHA512 d08f20e22a21712131d6961cc5e3fa34490d6380aa01c32618bcfac8f16d70601a0363a07172e9d2487937135ce377e27da0682dafc365d52469feb52463989c

memory/3388-2583-0x0000000004E20000-0x0000000004E56000-memory.dmp

memory/3388-2584-0x0000000005580000-0x0000000005BAA000-memory.dmp

memory/3388-2585-0x0000000005530000-0x0000000005552000-memory.dmp

memory/3388-2586-0x0000000005D20000-0x0000000005D86000-memory.dmp

memory/3388-2587-0x0000000005D90000-0x0000000005DF6000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\__PSScriptPolicyTest_jiwgosfi.0tm.ps1

MD5 d17fe0a3f47be24a6453e9ef58c94641
SHA1 6ab83620379fc69f80c0242105ddffd7d98d5d9d
SHA256 96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7
SHA512 5b592e58f26c264604f98f6aa12860758ce606d1c63220736cf0c779e4e18e3cec8706930a16c38b20161754d1017d1657d35258e58ca22b18f5b232880dec82

memory/3388-2596-0x0000000005E00000-0x0000000006157000-memory.dmp

memory/3388-2597-0x00000000062C0000-0x00000000062DE000-memory.dmp

memory/3388-2598-0x00000000062E0000-0x000000000632C000-memory.dmp

memory/3388-2599-0x0000000006870000-0x00000000068A4000-memory.dmp

memory/3388-2600-0x000000006F680000-0x000000006F6CC000-memory.dmp

memory/3388-2609-0x00000000068D0000-0x00000000068EE000-memory.dmp

memory/3388-2610-0x00000000074A0000-0x0000000007544000-memory.dmp

memory/3388-2611-0x0000000007C40000-0x00000000082BA000-memory.dmp

memory/3388-2612-0x0000000007600000-0x000000000761A000-memory.dmp

memory/3388-2613-0x0000000007680000-0x000000000768A000-memory.dmp

memory/3388-2614-0x0000000007890000-0x0000000007926000-memory.dmp

memory/3388-2615-0x0000000007810000-0x0000000007821000-memory.dmp

memory/3388-2616-0x0000000007850000-0x000000000785E000-memory.dmp

memory/3388-2617-0x0000000007930000-0x000000000794A000-memory.dmp

memory/2500-2625-0x0000000005850000-0x0000000005BA7000-memory.dmp

memory/2500-2629-0x000000006F680000-0x000000006F6CC000-memory.dmp

memory/1288-2647-0x000000006F680000-0x000000006F6CC000-memory.dmp

F:\LDPlayer\ldmutiplayer\fonts\Roboto-Regular.otf

MD5 4acd5f0e312730f1d8b8805f3699c184
SHA1 67c957e102bf2b2a86c5708257bc32f91c006739
SHA256 72336333d602f1c3506e642e0d0393926c0ec91225bf2e4d216fcebd82bb6cb5
SHA512 9982c1c53cee1b44fd0c3df6806b8cbf6b441d3ed97aeb466dba568adce1144373ce7833d8f44ac3fa58d01d8cdb7e8621b4bb125c4d02092c355444651a4837

F:\LDPlayer\LDPlayer9\fonts\NanumGothicLight.otf

MD5 e2e37d20b47d7ee294b91572f69e323a
SHA1 afb760386f293285f679f9f93086037fc5e09dcc
SHA256 153161ab882db768c70a753af5e8129852b9c9cae5511a23653beb6414d834a2
SHA512 001500f527e2d3c3b404cd66188149c620d45ee6510a1f9902aacc25b51f8213e6654f0c1ecc927d6ff672ffbe7dc044a84ec470a9eb86d2cba2840df7390901

F:\LDPlayer\LDPlayer9\ldmutiplayer\ssleay32.dll

MD5 0054560df6c69d2067689433172088ef
SHA1 a30042b77ebd7c704be0e986349030bcdb82857d
SHA256 72553b45a5a7d2b4be026d59ceb3efb389c686636c6da926ffb0ca653494e750
SHA512 418190401b83de32a8ce752f399b00c091afad5e3b21357a53c134cce3b4199e660572ee71e18b5c2f364d3b2509b5365d7b569d6d9da5c79ae78c572c1d0ba0

F:\LDPlayer\LDPlayer9\ldmutiplayer\msvcr120.dll

MD5 50097ec217ce0ebb9b4caa09cd2cd73a
SHA1 8cd3018c4170072464fbcd7cba563df1fc2b884c
SHA256 2a2ff2c61977079205c503e0bcfb96bf7aa4d5c9a0d1b1b62d3a49a9aa988112
SHA512 ac2d02e9bfc2be4c3cb1c2fff41a2dafcb7ce1123998bbf3eb5b4dc6410c308f506451de9564f7f28eb684d8119fb6afe459ab87237df7956f4256892bbab058

F:\LDPlayer\LDPlayer9\ldmutiplayer\msvcr110.dll

MD5 4ba25d2cbe1587a841dcfb8c8c4a6ea6
SHA1 52693d4b5e0b55a929099b680348c3932f2c3c62
SHA256 b30160e759115e24425b9bcdf606ef6ebce4657487525ede7f1ac40b90ff7e49
SHA512 82e86ec67a5c6cddf2230872f66560f4b0c3e4c1bb672507bbb8446a8d6f62512cbd0475fe23b619db3a67bb870f4f742761cf1f87d50db7f14076f54006f6c6

F:\LDPlayer\LDPlayer9\ldmutiplayer\msvcp120.dll

MD5 50260b0f19aaa7e37c4082fecef8ff41
SHA1 ce672489b29baa7119881497ed5044b21ad8fe30
SHA256 891603d569fc6f1afed7c7d935b0a3c7363c35a0eb4a76c9e57ef083955bc2c9
SHA512 6f99d39bfe9d4126417ff65571c78c279d75fc9547ee767a594620c0c6f45f4bb42fd0c5173d9bc91a68a0636205a637d5d1c7847bd5f8ce57e120d210b0c57d

F:\LDPlayer\LDPlayer9\ldmutiplayer\msvcp110.dll

MD5 3e29914113ec4b968ba5eb1f6d194a0a
SHA1 557b67e372e85eb39989cb53cffd3ef1adabb9fe
SHA256 c8d5572ca8d7624871188f0acabc3ae60d4c5a4f6782d952b9038de3bc28b39a
SHA512 75078c9eaa5a7ae39408e5db1ce7dbce5a3180d1c644bcb5e481b0810b07cb7d001d68d1b4f462cd5355e98951716f041ef570fcc866d289a68ea19b3f500c43

F:\LDPlayer\LDPlayer9\ldmutiplayer\libssl-1_1.dll

MD5 e8fd6da54f056363b284608c3f6a832e
SHA1 32e88b82fd398568517ab03b33e9765b59c4946d
SHA256 b681fd3c3b3f2d59f6a14be31e761d5929e104be06aa77c883ada9675ca6e9fd
SHA512 4f997deebf308de29a044e4ff2e8540235a41ea319268aa202e41a2be738b8d50f990ecc68f4a737a374f6d5f39ce8855edf0e2bb30ce274f75388e3ddd8c10b

F:\LDPlayer\LDPlayer9\ldmutiplayer\libssh2.dll

MD5 52c43baddd43be63fbfb398722f3b01d
SHA1 be1b1064fdda4dde4b72ef523b8e02c050ccd820
SHA256 8c91023203f3d360c0629ffd20c950061566fb6c780c83eaa52fb26abb6be86f
SHA512 04cc3d8e31bd7444068468dd32ffcc9092881ca4aaea7c92292e5f1b541f877bdec964774562cb7a531c3386220d88b005660a2b5a82957e28350a381bea1b28

F:\LDPlayer\LDPlayer9\ldmutiplayer\libeay32.dll

MD5 ba46e6e1c5861617b4d97de00149b905
SHA1 4affc8aab49c7dc3ceeca81391c4f737d7672b32
SHA256 2eac0a690be435dd72b7a269ee761340099bf444edb4f447fa0030023cbf8e1e
SHA512 bf892b86477d63287f42385c0a944eee6354c7ae557b039516bf8932c7140ca8811b7ae7ac111805773495cf6854586e8a0e75e14dbb24eba56e4683029767b6

F:\LDPlayer\LDPlayer9\ldmutiplayer\libcurl.dll

MD5 2d40f6c6a4f88c8c2685ee25b53ec00d
SHA1 faf96bac1e7665aa07029d8f94e1ac84014a863b
SHA256 1d7037da4222de3d7ca0af6a54b2942d58589c264333ef814cb131d703b5c334
SHA512 4e6d0dc0dc3fb7e57c6d7843074ee7c89c777e9005893e089939eb765d9b6fb12f0e774dc1814f6a34e75d1775e19e62782465731fd5605182e7984d798ba779

F:\LDPlayer\LDPlayer9\ldmutiplayer\libcrypto-1_1.dll

MD5 01c4246df55a5fff93d086bb56110d2b
SHA1 e2939375c4dd7b478913328b88eaa3c91913cfdc
SHA256 c9501469ad2a2745509ab2d0db8b846f2bfb4ec019b98589d311a4bd7ac89889
SHA512 39524d5b8fc7c9d0602bc6733776237522dcca5f51cc6ceebd5a5d2c4cbda904042cee2f611a9c9477cc7e08e8eadd8915bf41c7c78e097b5e50786143e98196

F:\LDPlayer\LDPlayer9\ldmutiplayer\cximagecrt.dll

MD5 66df6f7b7a98ff750aade522c22d239a
SHA1 f69464fe18ed03de597bb46482ae899f43c94617
SHA256 91e3035a01437b54adda33d424060c57320504e7e6a0c85db2654815ba29c71f
SHA512 48d4513e09edd7f270614258b2750d5e98f0dbce671ba41a524994e96ed3df657fce67545153ca32d2bf7efcb35371cae12c4264df9053e4eb5e6b28014ed20e

F:\LDPlayer\LDPlayer9\ldmutiplayer\7za.exe

MD5 ad9d7cbdb4b19fb65960d69126e3ff68
SHA1 dcdc0e609a4e9d5ff9d96918c30cb79c6602cb3d
SHA256 a6c324f2925b3b3dbd2ad989e8d09c33ecc150496321ae5a1722ab097708f326
SHA512 f0196bee7ad8005a36eea86e31429d2c78e96d57b53ff4a64b3e529a54670fa042322a3c3a21557c96b0b3134bf81f238a9e35124b2d0ce80c61ed548a9791e7

F:\LDPlayer\LDPlayer9\dnplayer.exe

MD5 fa2c08e402cc1c1fca849ba2e4eb56aa
SHA1 133dbe827d469e8dcfb792734f1fced97690efca
SHA256 bd6ed960624c4ffb99ce82611f23365733df329b1ff3216590292ee8034a4421
SHA512 d96f84f06784f6d2c2182301ae4437303f5f3ab8936e6e3512606c28cc99de268bd186a4eb73b092c1e54995fa849c38080a26fe6dc2b8c1e7171781677d3eb6

F:\LDPlayer\LDPlayer9\dnmultiplayer.exe

MD5 38f88ca4211fb378c41412c23af886e2
SHA1 7c904c5fdf84d13ffd47703be39380861b5a6a7f
SHA256 6b149b8b72bf3631111f0e7b95b4dbe2646b786a3de1b414110438927d3f9c38
SHA512 6ff289ee872bb96de9de4a3ef82d043f93542545f1555885bd4b6aa008892a8e3fd5f59eb4ed76a402aaa884989725168206aaec6582ea37bd556e7f642d681b

memory/1404-2739-0x00000000011A0000-0x00000000011B6000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 49ce2522dfafce29b5b2537f304f6340
SHA1 5da05153b123d275faebec9dafd823197f1daef7
SHA256 054ccb20828b309994b76468681664341528ff3d7c5d77b8c01bad56e3f7f441
SHA512 664c058063425db71263b3125ed47f2437f4c2479f4441427b8d1cd0b396fcdcac9b93ffe50016a975592220ac0f3c1aceae2837ca11cf32d1ec878c9277b34b

C:\Users\Admin\AppData\Roaming\XuanZhi9\ldopengl32x.dll

MD5 395970be72d1bcc7755f95a04b3b303d
SHA1 f4019b43fd95f1748e2392d5cb1aa4486aadbc13
SHA256 5fa3f4cb4f4f603bd8b9a538b54658ebbcf9198d99f2b0e1ce447322b22fb312
SHA512 2f4968b8564bd3bbc624a6838ec33de22413afb8711e08cc36b082863f4e146212c1b6173921ea110c65a0dc20b97c9e187a8ef006005711efcf4237db0bcd1e

memory/1404-2760-0x00000000367E0000-0x00000000367F0000-memory.dmp

F:\LDPlayer\LDPlayer9\vms\leidian0\sdcard.vmdk

MD5 4d592fd525e977bf3d832cdb1482faa0
SHA1 131c31bcff32d11b6eda41c9f1e2e26cc5fbc0ef
SHA256 f90ace0994c8cae3a6a95e8c68ca460e68f1662a78a77a2b38eba13cc8e487b6
SHA512 afa31b31e1d137a559190528998085c52602d79a618d930e8c425001fdfbd2437f732beda3d53f2d0e1fc770187184c3fb407828ac39f00967bf4ae015c6ba77

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 3a876dd091637c121157e20a9342f88f
SHA1 41b327f93b6be2903b1cf8f3216443aab631a17d
SHA256 273eb2a7dc021fc63a2bd9a42e018bbf8cc8c4ac4f682472dff0a72ce522e36c
SHA512 3c73f4aea1dfc27d297c16acafa4be9a1202629830d2a81ccbc372ceb5cca6b1a5f8b1e27fbea372421fb0c6ee45b2539e568c8c72a2d8b03ee00ca170ec680a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 f7e703dc4a3814b361ccad9835ccbfed
SHA1 b49f53aa045fa16520f13c76333b35382cb2cad8
SHA256 9487ad07b0be1a5c3dfb48a85cca577af382bd19ae36e45d2c3635b88b79b2b6
SHA512 df75e4a5a2ca3c8bd9e371531c5c204e4135c2c53bbea57e8399ee546409c9314a368d184ca6625ff8d0007f45b04ba1b631f5fe097800ac6d37b1ddcc52ee1f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\MANIFEST-000001

MD5 3fd11ff447c1ee23538dc4d9724427a3
SHA1 1335e6f71cc4e3cf7025233523b4760f8893e9c9
SHA256 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed
SHA512 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 2892eee3e20e19a9ba77be6913508a54
SHA1 7c4ef82faa28393c739c517d706ac6919a8ffc49
SHA256 4f110831bb434c728a6895190323d159df6d531be8c4bb7109864eeb7c989ff2
SHA512 b13a336db33299ab3405e13811e3ed9e5a18542e5d835f2b7130a6ff4c22f74272002fc43e7d9f94ac3aa6a4d53518f87f25d90c29e0d286b6470667ea9336ae

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 b849ea8b902e975282ae18f6b8482d4d
SHA1 41185c7cd8878990e197ede55c746011dc377481
SHA256 130a1634480ab2d2b921449810400ebf268b184049376a80043161d909fdc31d
SHA512 9f2a27517fae0bc2e50de37828b45960e8d694d4fb87e1018b74e0744d98161d5a19fa1ed9fc7b5faff8f8738b6c599fe661d1521d821aa6a62150a88a5e71c5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001f

MD5 97244a4b866e404446dc139016cf23fc
SHA1 54b2c9d1498907d75c6722b145729361b2353f47
SHA256 2fb7c27a7ff245726c6d886d5342cbd81ebb451c0dcd9a231af2252e8952ffac
SHA512 aede88d704c2bc0210189880d4260b9e35a9081eb21c51409048287ff35fa88aeecb036661baff2605419897ab644a4fc8e7fcfd93c14096d5e91503f5a4fc65

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 de0a1ae888593d372e5321d9f70c0816
SHA1 eaa5b002d57479a13cad0f1783a8126dade06cc6
SHA256 a88d0dd70ee834f329d0844523c24c6316aa717bc398690d64f0f168f2f86d50
SHA512 4c104e6ae260b6c43d572fafbf11540fabfcee629184da92c4d25d5a970cae8e336c6784617eb44d33a708f19f5837391b961b3affa172f26c96e891337f9135

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000037

MD5 574b412678877da62c68048e452f7808
SHA1 79b064d03b1d70cffab75559138baea385f5efd1
SHA256 00be94a8193aae2f38c48ae1af55ce3b7d242cbad68d3309aeffda8f426268df
SHA512 4626fd1debe6dd5db06693fb7e0783dd2bb06d433fa48dcca2a6c134550aff8554dc40254a6cc50b3dba2bb02c566ec6185a4eee3daf79aa9f32fb3687fe8b8a

memory/1404-3040-0x0000000072E60000-0x0000000072EB9000-memory.dmp

memory/1404-3034-0x0000000070B80000-0x0000000071126000-memory.dmp

memory/1404-3039-0x0000000070A10000-0x0000000070A8A000-memory.dmp

memory/1404-3038-0x0000000070A90000-0x0000000070B0E000-memory.dmp

memory/1404-3041-0x0000000071130000-0x0000000072B2B000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 26ffde245be3bb76b68616ab3c2ede06
SHA1 37cc65aec26513f4182b5e9245b6cf906bac9714
SHA256 4dc0f04690d8e29e6ad87eab9776e83b410295c80de21b3d35289d90dd3f45e3
SHA512 2c6d68bed49221a766f7268f3d973379cab24e586dc54e95b6d954a7083618c5519b04ee7f60faf71ea55efe6714a99f1c098191825a480498b7f11c4d03b87a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000044

MD5 05e9679509b61424a07cc4d4efb7247f
SHA1 db4fcfac1d89c7e4f0bdbea9023034b64a9dbd81
SHA256 31798b2630a882be758010dfa51b12026c8fd81f0e4068b38fd739cac78cba0b
SHA512 1cbe7343e19b41f3f116a93d598d7b67779d29c6bc0a7b086d112dfcc76fee60811290b67b5d2561751700be483f6cd460b9b4c8325397813314ba064e4c2208

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000047

MD5 d155610d38d34dccd977ac213ab42e1d
SHA1 a343e08abb19f7d4110c64de08aee504cac318d3
SHA256 6ec5dee6a9dfb42ef97cd410c2e3387f53d2eff7d1fcf159f96b5ab129036ab5
SHA512 eb735bd87238215d54613f6065e61d48e1578908117af2a215b88dbdc3c4d155cd2b60e035ff2cde17605445bd89129de07aceb74ce8c16dcd355e4214986c8c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000048

MD5 89a574ff00e6b0ec61d995d059ce6e65
SHA1 aea09e96808ab77165ffa712eaa58b8f056d0bb6
SHA256 e5c29c139842fd487473d0824f2c01b374680fb35d22fa929686d17896602a44
SHA512 30d0d40bd680e61968273155b740901cdfa66670fc2af6f23e44c6b998b67cc1fcd0b51bd5f9470f209f188e75d071355e592b2a7c97f4bfd15d07d455e0909d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000049

MD5 cfa2ab4f9278c82c01d2320d480258fe
SHA1 ba1468b2006b74fe48be560d3e87f181e8d8ba77
SHA256 d64d90cc9fa9be071a5e067a068d8afda2819b6e9926560dd0f8c2aaabeca22e
SHA512 4016e27b20442a84ea9550501eded854f84c632eeced46b594bcd4fc388de8e6a3fbfe3c1c4dbd05f870a2379034893bfd6fd73ac39ef4a85cbf280ab8d44979

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004a

MD5 8a42ba5472aa4afa3d3ac12f31d47408
SHA1 2add574424ac47c1e83b0b7fae5d040c46ac38a7
SHA256 759bfec59bce5ddea7751b7f93408074a8c27cb2c387b08b6b9f4aa111266ec4
SHA512 3e1081a6e1c29f6dae28ab997c551a6d107d4f4b7e0981a19ba81a30a4e420dee1791321dca8f4b500c9e7e4a41c5e5c75013a72e5a5cde3f7e6c50393eb10b0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 6c18a568b0ef5f87964d2249cca65f88
SHA1 f30b6e7922fd53d5e14b6487c2868d9eb173af5b
SHA256 702d35252605afac54eda44c06bc5306dc0b76a1f0ee412809dcf15b110cc742
SHA512 0553e92c774ea86f3599702951b2bcb4c14e37ad789db6f8378b5c8bd6285332ef1c8f35f754656320553575c3555bf61f618e354f9e3f6758f4bd6b16ec7c1f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 aefd77f47fb84fae5ea194496b44c67a
SHA1 dcfbb6a5b8d05662c4858664f81693bb7f803b82
SHA256 4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611
SHA512 b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 0c29b1909feee99c397554292c602f76
SHA1 dc4fcd612b6eb1c438011b7927d5bd6bed97cdd0
SHA256 d51c81d66d4618fe51e2c4ff7aa47239fb889fd0807b19323f3afe46870229e0
SHA512 b6d2c68f26a5ffde7e20b6eadb47bf138b4b29b0aa5fd8273a33f70b219919b35e5a3be8b922684b226110abf4aac8f76d55986f9100b04ff32e202abded015d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 16743a0bcf03bc5d7a58c9eb87563650
SHA1 182c6b62d43388f60c9f874543027b87ae37886f
SHA256 e8dd822555bd6bd2005b7bb72ba83c9c0f0497eaedff88f1996461ada97a5b44
SHA512 e498d2aba4ab125f797f918ae0571dad1f238a8d817ead50c0ee6a05b18be9de7509dd202044c8fdf478b8c97dcdcfd85abded03d46823ab4e350f6480077948

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 6e64a715f494518a9f03f182f277e140
SHA1 ce9188041216306595363578f5417d0e9bb82fb8
SHA256 59232156e34e654ef23d490ad2881b93d23603cdaf83e1bbab2862e32133368a
SHA512 d8fb97e67c4a0b5f8b533570d0c8d6db27693902135b86c5f4c232bf262c418462e547dc3d9c1f5a93eb85529022a2cbe21f292cb643d23d83a7bdd276ea2096

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 83efccc5ee688d3bb5af25536fb44e39
SHA1 f9bd78111b05a16f6976e9ab9fed0df62367b511
SHA256 61875c66cdb46b5f175271a2393e380493e53c336907746536133666987c1f87
SHA512 1bcd1d85dcf0b144759a65fa4ace3b10ec6dea477911a565bab2a6bba3f45fb22ee8244ff5a86432821c4ac7edf50a723df62ea5a10d9f3a069918679ef66634

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 c8434d7c65b48fe056bd82aa61cee98d
SHA1 c045550e4e78ad9c79d8492e58940e2363bd8970
SHA256 ab6d16e757ec7d06e63528ee8d71075953267f7d76921daf63f472eb90c41dbf
SHA512 6e274c477f92ebe74a6857ccdde6af90560144a4d736735879773c2dd043e847b3309a92574c708883e9ec867ddc07c8bca45938c0e0e269123b33c442a943bc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 07475d1a436f00e8f38b9558c028554e
SHA1 af8c2af6d8793df9cb762e8a6e0e51390eec2032
SHA256 4959f23b02ba87645aa1659931fb2aa6e5b10da3da338513dac3813dee0c8c1c
SHA512 1a86f6f551007eca7c5185337c72d93ac39aedfcf4811ebc0dcdd660ff53e9ca9b48adfbab977803d50e2e30a6b1fc8a766220f9823a7fd63583b3a123da31d6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b806bfa452505d21fb528156e9ce7b34
SHA1 92a8c698f7e86b52c8d30ab9af2c96aa5e675032
SHA256 ac9648b040a0b9443e595b55a37cdc92bafa0f7c79d69ec065d672a46babd0e9
SHA512 f080be358d5df070901b6d3668e48c9765e86bd53e639b54b8d295ccfc3ea365a776d2cf063ceb9bd62a3d6b32a4b27e46f5bc563405237211cf7ea1422352fe

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 e45d7bd262de520cee1da905b1acc6c5
SHA1 efbf81302a5510a99e2837ea6e65e450fbbdd38b
SHA256 b1eaab8f93686205970a6539c554689c49b695d2a4f0e7f81323135ed7c18240
SHA512 c566b0b8097ed1844a93f458773db455386fd6c9013b843a24345a26f93c7e61ed7e40d1e7206c42719c8dcd5417e209f53fa551b835da644f1fa1591eeaacd5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 25d605823f8df62402ea6a0d1688338c
SHA1 54cf596154987760c008626cc363410dad4a1ad6
SHA256 285a17b6e528263af8454922c106b97a8474b9fc3843e728ded79abbee927d5f
SHA512 9bd17342486c1a9b87643c38b0ba0982eec68f97f00cc900a3ee08ed8ebebd809cd6e72e5979573fed4f1158baa1946200f1d5618910bbfbaf63b308a76426a9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 da5b1767e025b3ac0431053dce295226
SHA1 e9ee504c52cb98b6627c5164c35c96e0c5c407f4
SHA256 070640402c6b7f72d5f0cc46073b103995a0d618fd987ba04055f5ed5bd42e23
SHA512 05c869772cb59cf4226341f1f7631450a823f068b537754aaef20ae074fa3f2eabd81ccb968c01561984505b3ca626f855825105290c27c36b0bfc596da81a56

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ec0a3b6111770e45b6c63774408d6011
SHA1 58665f0e72b0ec3835731c06517f4f61bd1e0afb
SHA256 076aff617665b5b9a891205edc713c9ef2f6fb2dcad89c4e2be9461c41dff258
SHA512 c0a09288a8ea4cf3577a65fa432087a790782465a4a2b4bd5c97f2d895fb10064fd19dae40dcd3f3937eb3539a5445fab325df6c4aff4964f7be33f1ab5b4e17

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 54a971d9e328a3850ee28f1124d6f8aa
SHA1 323969e93a9beb734bdeb8d881e1c0395f23480d
SHA256 5ac5f884896a5c660178b9809cafa97366f1b93585db0021df9a8d94fb9cb11d
SHA512 421cd7bb1a6d6e69048b6656a61f99f8977b45e8cc1abee156f710bcec646a8918014ca709678f2c86e5a7c9ad0612afa44166072527e6643b79613667ce19e5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 8e25e5e072663a7c872c62c1af91d4ec
SHA1 122d2e36f810416693f058695b0dea56f6674a4a
SHA256 e463936dec625b02daf9f5cb6422e7e2307081d2c28cef0ca88610c8e181675b
SHA512 03bd5fd161d56f80ec7035cf7d3919e73691e7e4c95306454b33e025cb9aa4420e99e96e409507aea0f8d8366647a76479fe8c2cfd7bbeed5955b9b8f8e9bbc9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8989d569626042fc9cc0639d00870e11
SHA1 a1b9d254b191cef8118f8d4edd4aa7280b6b3ca8
SHA256 bf07ac1da533a409f522a9dcba42ef7d8a2bbb2ebe8cbaf43468d040c6380c37
SHA512 02e011ecabef6980a255e813a73b332645949bd68901ce26d6d53229834fe64cf6d11ae85afa2c54abeefada4b4734e55e8b37079341be8e17897e9da29d6476

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 264953953632630e820f4c4638c9bb6f
SHA1 7453918863d73dd2458512bc3cd7733a93ed4ad1
SHA256 aad08ae39103de842127c7db8d23c08b26af8dd23478798f40e950a7666e2c29
SHA512 33460b9112dded81943f236f53b887e15c5edae38065faaf48a24b975c9c15e068b54b0bad535433d1dd13a38c911181d4f51447d5240f7fb2338c2df7e18cfb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1d50527f1d9da70fba42d97c8d5f8122
SHA1 c80556b58c3747ce591ea91c787cbf239ce48d91
SHA256 dad99f13ff4c323c09ffd98c82d0b0c74b22a514fa2e39c8659e8e55d9db0d5e
SHA512 32c21718c6bbaedb7cac2b6d8f0ddb3d04224d3296a6b369d50539a518b1d6b98b2fcb69e8098e0ccfae72d6b685662f6268e3b9ca1c85f6bfe33324c19fef38

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock

MD5 f49655f856acb8884cc0ace29216f511
SHA1 cb0f1f87ec0455ec349aaa950c600475ac7b7b6b
SHA256 7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba
SHA512 599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx

MD5 b5ad5caaaee00cb8cf445427975ae66c
SHA1 dcde6527290a326e048f9c3a85280d3fa71e1e22
SHA256 b6409b9d55ce242ff022f7a2d86ae8eff873daabf3a0506031712b8baa6197b8
SHA512 92f7fbbcbbea769b1af6dd7e75577be3eb8bb4a4a6f8a9288d6da4014e1ea309ee649a7b089be09ba27866e175ab6f6a912413256d7e13eaf60f6f30e492ce7f

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val

MD5 d222b77a61527f2c177b0869e7babc24
SHA1 3f23acb984307a4aeba41ebbb70439c97ad1f268
SHA256 80dc3ffa698e4ff2e916f97983b5eae79470203e91cb684c5ccd4ff1a465d747
SHA512 d17d836ea77aeaff4cd01f9c7523345167a4a6bc62528aac74acde12679f48079d75d159e9cea2e614da50e83c2dcd92c374c899ea6c4fe8e5513d9bf06c01ff

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 936683d79459b2e260fbb94628cbe673
SHA1 e005002cf97464e487921b86a43efbd522c1e669
SHA256 81b543f4f9540b64a79d9e7d52729141bc2bf6edd7edb2410993e574e9058d69
SHA512 9177505e9813a30cf1aa84ec87bf0ace3d5f9950aa7e4b4da7885bf93690fb5b18dfd76bc08b65f31e50a0ac638ff810807a3d073f1aeebc9f155e63a878a503

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 3abd35f18560c97e18f4a8626a018436
SHA1 f42535de130260efd843995fc745c08e1949ca3c
SHA256 e8dd36421149c5d6b725e98e8cd693b4480fd08179639853d70a50c43ee30774
SHA512 1cfef4cc1f5708d7bd42b90ba88b22264e0cfd0b234541211d7c7ee3bc32c149e53ffa20c31793d8ddbb5c31df3d5e59641a19d3be40e580181a8b4832f21940

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d1c22a62393c3786e03b12848bfd0f90
SHA1 b16292d1b1eaa9214282baad864c3f2d5448aad0
SHA256 2360ecebe5f02ce048e9c49546587b1faf66af8ef6987cc618b8db0e91c2e987
SHA512 5c505eecdb22bbd98a7db81f00f7dd82ba3f7a44f2ddd13e5355a042e7fa75fe76ae87943ba714a32ab9fa2b93f5969fe494b46ac909a040fb8fad1fc0ed8791

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00009f

MD5 0e517981100ca39652ce2154bebbf537
SHA1 13b66e8b24fe84e30fce9a55d768cbb337aa7cb3
SHA256 10c2671e31732afa316c7431ee03b84f09074b9ccdba769b86b1a2e998da0381
SHA512 07aab4f2927743ceb4f729d4cb368512df61702de4752c90b886802c9b0c14176b5a731f99aa8fef6cfd61c51de2cb46a1b9fa618326ca8ac8c02903e598717c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000a1

MD5 6499d15e8ab4c113563fef0cab905275
SHA1 bee743dc9dfd69c29fe994f5431cdd2df43c680b
SHA256 e7dda044b203311fae549a5df9329597dbe5ec52ed7aaad4925834776daef25e
SHA512 d5e6663b28cd19f5de0e786d23a90f0d53c2e5792b05dd85f2de455d7ac358850b778fd29bb1b6a0cf1eb34fcf84572d75818017a2f15afa594eaa71773534c6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000a2

MD5 88a9890100088ed7d63d4919f91abff1
SHA1 674d39846d4d859bb9521970a7f599aa87e0cabb
SHA256 76856a079aca8ee2ef7717c8d80d8c0d4b7a805e809f97218e53c71875b798a6
SHA512 bf452b030430506dd53049979e6f0d531c7c3c760cc6fd726183cbd8efa955a9f4dbfba0d73d9b985a38f44a76eccf5ac8d4d75e733334b6015bb5ebd6a43cd2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\3\CacheStorage\index.txt

MD5 0353d2fe8324be912cb6ac14c955d87d
SHA1 e22de95399e356c74f798eac0dcc90cea3743d5b
SHA256 429a859a7dba726aeca648094eb785a5194b8fd8dd8f9cfc27317b2a186c949e
SHA512 feae614ab3016cf121e2ef47aa7f98c0800626721eea53eef3ad80a5ba4420da62556d920cfdd1ef5dd14198fd03c2df37d20aa319718646af7ae7382c8a825a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\3\CacheStorage\index.txt~RFe5fd441.TMP

MD5 f81ac907ccf65d3a743fda8514fa7b2f
SHA1 67f5487f4f8a6e6f49270599728c7a329a091a49
SHA256 d3005b9fa394af7cf3444d6a656be5e5750dcaba0d7b21ae24b8e7f78169bc0f
SHA512 d58d64504bfcfe9644de678ed5cc3b91f01511cb0fbf155d0e4f2251b2665b841616b4af06d0ef13ae732877ea7354efd089173a4ef0bdb51fd5cd59607203d9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000a8

MD5 3684c7775bc328aedb86315ec6891439
SHA1 cfbff177f45afdf36026595ba0abd3bb59f86a43
SHA256 e8d182897c2ec12664cd8e86b31ed441f775479b41a7f1ba39278d32e29fed87
SHA512 2f5f00b2018c4632260b7b26ed4d524dcdcc02f66c3e561a3ccef3a023c042ffefc3028329b4c58b59c4186936d51514b892bed0da00a410502b81bc95b6230f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\3\CacheStorage\index.txt

MD5 27b630ce03d827e783157fa297ee5a4e
SHA1 374b7aff871ab14e35a6e4380ba1af82bbd4c7a1
SHA256 bce1c3df8dd48796dc44f3008f675f5af462c89deadaad60caa6ddb0bc59edca
SHA512 8768806e73d00d9d69b9974212ed678b2ab13fc6609bafe2626a537b246606a6861748af426e600b1887365b34e7126495e80eacbe1ffbd1a90c887c4e18f2b2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\3\CacheStorage\e4dee7d9-1de6-4696-aa85-4832f221ab27\index

MD5 54cb446f628b2ea4a5bce5769910512e
SHA1 c27ca848427fe87f5cf4d0e0e3cd57151b0d820d
SHA256 fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d
SHA512 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\3\CacheStorage\index.txt

MD5 c898bbf2c55816882577225dbdb819f5
SHA1 b93bb91d6c71f1a5e53a813bce87bb58df1a5453
SHA256 266ea5fcc89ca56dcc78f6bf8f71b16a2976ba557212fdaee0a2935b566b9bdc
SHA512 9799b9473881bbe815dec1e3ce5ca83021862ea3ff3725a08db99c7b7a58e67f5ecd62f46efd007e152c5f9e792d8ecd9ada6a2172a2ff12f5fa0e12ba6886f0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 7006715889b0032825fa41d9b9612a06
SHA1 0c7090bad60c2df7e8c920a239eafd6a4c937293
SHA256 1b05c58898d6ab175eedd0a948bf45e70f4d724a2d2dc293bf3b9740fb1c9dad
SHA512 9c503578a01cc8f1f6089b80e0cf9a6f3fd32f157cde34dbf75a76e5d8cc66845fb273035168bcae8dc84a7adda467fc2fe28f9182793ad9b7aae4a4235c120a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 787caa7bb6546875791ef62987da1346
SHA1 391543d4761212a5ce5f051172e4f3a22003c657
SHA256 4fe8f189f0d56e83f3ef712d32ae523b2af584517a04d9eda5a6ca5cf7a4b058
SHA512 57da5b599fe0c86b2d14aee8f5da6ccd8db0b77735e9243915704d778c3e86f7b6712f0bfb4168873b2ca66ad45d3054f1e614002b2cce2410002916bdbbcdbd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 5e10a85699cd873aaeadb43660125bd3
SHA1 c5934f9fde75630a772b55ed1a5d1856c2ce5b0f
SHA256 797b15bf02a4828ef97173c8e34c6d349799b06641fc9fd1c7856a63ca7567c4
SHA512 2bfa554376ae53e9d994293a8f36acf474b89b7c8c30121c2d34e6d284a70c6fa4da98ebada5355506b26903a62270b716584c7773bbb479e7397ccebeaa995f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 09ce509489fd14f12a079be6a07fcd1f
SHA1 2c147778b6de1eaf4a2f3585566ea40655d86613
SHA256 5c0825733b5009bf0e0d2433ef2b2bce18f747f263e01e8175163d86051592fb
SHA512 5831fab40a37e0a217deaa18c20774a6f166cde33c83d6cc543c39312d99ea02c54c1ef01d7e593cdd8c079bf17f9f4192e1356a2c9ed3ce1c4498f143afe2d8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a2e5aa67d0488fe28b1fa91af338f602
SHA1 5dcf180e6f561372e179165b58bd012e0b7fec5d
SHA256 5b41ec50b32430592f8633c4bb5fe723e43447fdd4ee557738cc5a209dac12f5
SHA512 50647f661685d646b839fc78bb5233f7527a56e75d3e35c4bae9aeaa1d4fef2e1ec76caeaed901081ce263cf7d4132d94e687dc5fb1e0c2dab4fccce5cc2d726

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e6e2e60b495e8d936db982db97e92d2e
SHA1 38236c9cd0717e85aeb06120b2da1ae09e44bfeb
SHA256 e5ca743c69db57d5d1c747ebedc9b1bbf7fe39126dbdb4665119f642578971e4
SHA512 f3e5856add2f112669c779ca04c0bf0147f275f0a0b2f28ccb2119437f4e598ac3302170194531ca77023e1a143f166d5860fb41302861aab3dc68b6645b102d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 0fabaca57db20cb802be0ff0358efc32
SHA1 ba77f427f0e034af93cc68aa3d23b8c02a7e694b
SHA256 7d112a89cfb714ae9a9cd90d95ef1d39846125b0d6ce92a8e5b4151b862d4417
SHA512 eed200551c286b33ba6021375ada8beb26f0699cdeba7aa3e30cc6c151d563ca627fb2459a34794e474c98953cc5859fa5b1a47b80a7b55836b7706a25311747

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e36a5f8369d58212de288116f2155323
SHA1 246a6ee2e096c95cb31f0eb6f69180ef48467d31
SHA256 1b82fea7e77109c8a894841dda27bd283d337d23f81bb038eeafbb59677dc357
SHA512 5fcb18528b290c50a325f03939324bddf5b33c5eb244bd8682feb517ce7cdf245f98d91e33baf6d8d9892484f0e48873cabe62858f9d70b1e3b3f8c95806db2a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 cb9fc5eb2fb9375fc126c09abb06c647
SHA1 31c0d8648fe9a9052b5f7da0ccb555616875049f
SHA256 54d83bc7dff2ede338d131377ad6d7d12f4b8d84d1592b8f934a4cfb1ff9e381
SHA512 138d71b1ca182fe9de6c8147c891107f4ba41fd9e4d0ef1dc920a1a14fe43fe679f7d03d1cc80c351aa16c914bc69f28e0084aef5c1f194f7167c1040ecbc588

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 f4af3d908ee348b0cf0947dc0890f629
SHA1 d719be53938cc9cfcef8abcef84b2c04431b3963
SHA256 01ec8788faa411afbbaeee0515c6f63c277e41089ed52c42a932f0325a393370
SHA512 99245c00c32a1cbdb540d251bc04ef83d1b7c33d8168199cbf08ff6b26db3d3cd5be3bc44fb6d936e2579f9107b96c9cc9ce40e93639f38043322c189ed22503

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 fdc1de367b4741584bea9e6c5d55d9aa
SHA1 df7278304f0f749b7c66325eb8b8e7daaf93aac0
SHA256 3e60c9df88e260b622b4146d9f6bc1be9f725e69f5d277d049f239946ce14aa0
SHA512 c8a867a2a5f217e2e8f21fa41974e3d870d610935cbed07a4f097e3a7aded6e2017be24da7599cfac50374c40ba9a7952093cb311f140b7b0cfa5c3d691690d7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 eb2bdbb82791116ed5340ceddbe7d56c
SHA1 3881ba052beb10b3bef7a7cbc41c7fc6cc7fb7ec
SHA256 d6acbddf1a5eb72123b766bbbf48ef3e1b290a137efe7aa59c07fc6e4bc58d1b
SHA512 52efe27f860d864c0f2cdd2eae688ab4e33049add6fbe476bdcb9fe2272c69a85217842478ef8a3db4388a434bab44eafcdf1d885e86486335e9d4d992e56b87

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\d0c5ea3e2aee71c5e6336e93a5d9a515a496624d\index.txt

MD5 4993b2cc6805992c47a363a7728d5023
SHA1 8de12fe99be72b8944085fa3957a5695222cd31d
SHA256 0526d66cebe7ce1353a97fc6fae303159f59023791cec102ee31902b634bf06e
SHA512 3fa64a60cc9f4dd5aa8001e6aaad38d945a76a91911dacb1ceecb11c4af055c065d3e5bf7f165274aef8826b72053d4cd2438520fded09f258362a789a2322a8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\d0c5ea3e2aee71c5e6336e93a5d9a515a496624d\index.txt~RFe6166c8.TMP

MD5 d37293f72d9239c467c0ef011d0d4938
SHA1 d8bd1be946955e995a8316be5107856642bcbb8c
SHA256 2545a172bdaad496ca0c611ef9221fc070f8e3f492477c98c6b821eb95dd9252
SHA512 6bb5ebb7bd77bf724ec275222ed997e93b02c8d952832bb8a177061d87ed23ec92a2186c23b56340b183395e19bd63a3776f53d3769ed814a959c927d8ffe814

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000c5

MD5 225e6a64d999677229d5e7737d4333a7
SHA1 42395338a8c05b39186bfbda642e271c8109e6ed
SHA256 f7cff3616ffc2eff26856ae98246a42e858609bf3eb0abd20519da9e9f773408
SHA512 f5f6833deab7ee31f8c30ae8e8cd13f315fae460f2cd4d92013c005d4303660667ad6728842578734c11ada1afb8815258132c79a81ac85aa4c4051335382bcd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 c7e126ecdb6e0335d9ae4084b0f5dd3b
SHA1 899431b2269dc3cefbda216de90f61250011a73d
SHA256 7f7b482a1002a6aeac915a3507da907d897d31c2e6e1e06cddfec975ff5b79d3
SHA512 5aae9b92313dddfedd31c74841ff9605d40827f68536688323fa0c9d3811d6273787008baa90b769be19d8bb802f3888ab96d9a111159f7a4f73c555f521adc9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\d0c5ea3e2aee71c5e6336e93a5d9a515a496624d\c693df2a-4191-43a7-8ae8-5932bfd3f6dd\todelete_7a48c130a6a40c0e_1_2

MD5 9af607e97aa302684d15b762852f0d39
SHA1 95fd61aa5d37763554762f3a3a7cd8900a39b44a
SHA256 b14582e096014f5fab7593be59ffca037b259fec3a33925795342ec3589b81ee
SHA512 d6f68d5913716ce5e24c8757d32e6037119414c9d9d91086d357cb360cd9920052f9c10e8bdfe840a1124326caa78fe14a343ff069c664871036e4ce3c83bdb9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\d0c5ea3e2aee71c5e6336e93a5d9a515a496624d\c693df2a-4191-43a7-8ae8-5932bfd3f6dd\todelete_7a48c130a6a40c0e_0_2

MD5 6d2bd7ab3eb2f9f5177943533f3d9c1b
SHA1 d2a20ff48347edcd1e486af7e6c6d1507b2a39da
SHA256 b4ecdc17b83274407d18ddc1e220d8882f0d89af111bb00fc91d4c229dbeb4d0
SHA512 485ac197ff2411582ae662ad91a34f550d62cd91af9bf7cddbf0151533164d4e9bba20ad9e9a63e94bb243040f952416c4a1660f944656b283d8e1b3ff6eb36b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 cf37f12f3b48474d49f4124c905c7c69
SHA1 0201369f087e4ca81af7b4e076cd16ac193eb58d
SHA256 5cc5eff177663252401ad34b5d479b64eec7655257c9bc4c67943798b63c03ab
SHA512 40009ae6c27d220d6364a919c95bcef5d3594bb2cae5d9e8ddecfaa4910a5baeb24cb7de34545da4cb102173e55f478ff36d7dce7284dd8ec021f4b1c42734a8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 ba116e5f8f2506f2d7db0106d56aa82b
SHA1 bb4134ba62f4f7edb36030ac3cde687ad930e262
SHA256 ba9b9bf7d319b40c747f2682c9f0f0680f8aa3478b9df548a2ec49bc117c1442
SHA512 1f309ab31a26454132479e56156679126598dc234ecf0a4971f479d440fd6819d1e1e70701fe80a5cc0a63260a06f9de7d4233c725c8532d2ac02097a096df90

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 1276cb74d104fc08baf5231e950f05c2
SHA1 5c72d8373c9e3d5cc8012fea1d1f22748b81e451
SHA256 a896231e9132e6120af42ebc8cf25c3fc8f3c3a1e8e387ca1e7cb86d599d638a
SHA512 75c6a8958d8eafee6230d5ba4d4f8928c8c7bb235dde910f255ab08ed0794f9ef6756f3d8708443842f62ea0c5b442d8b1a808186623428fb7d245201d2bd9fd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 176cb7293e62169e71b1a60c7df028ff
SHA1 9cb14d7aaa50640707294e2f346ea2382e2ae3c2
SHA256 48b38e33266ceebabde92281cb7cf7cf9618120ca6dc57da36e50a23308022c3
SHA512 bcdad608faf4f53c8ed2cfbb8ac3d69a4f4ee0749e937091fc5eceb40dee9476437ce1a417a55b57aece5def1c0cc6170ce161307e0010952ed705f3fcf8fd15

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\d0c5ea3e2aee71c5e6336e93a5d9a515a496624d\c693df2a-4191-43a7-8ae8-5932bfd3f6dd\index-dir\the-real-index

MD5 acaf6afac01cab8dea8418e2d6b01d76
SHA1 7d356becd6c7430d15f9409c612f82bd45b876ba
SHA256 0a164bafba38bbc85aec8aa6f468d222fd69507c6a55c0f63a90c82393ec82c6
SHA512 204d4267c41862b5433eb53b49aa6798820a1c7126c48193761c64a98e826a1a578c054dfa53413fbaefa5c6b97266092f62847c3cac21b91c47187344d6e0d4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\d0c5ea3e2aee71c5e6336e93a5d9a515a496624d\c693df2a-4191-43a7-8ae8-5932bfd3f6dd\index-dir\the-real-index~RFe61ba37.TMP

MD5 bacfff0683f38b32b12526b7a0b1a0f3
SHA1 e79673a83ad9cedcbc6c357d3484a027c8a6b5f6
SHA256 0bdfbcc8c8efc34456b168741f16453cf4cd00cc5588af8631c3bd982a9e0ac4
SHA512 4ef5e80f4c519d507fffd298ecd920cb9c1d6806fc7a728670b35e131a251b2d7dd9546748d00549cbc11a94506b3d36ea7aa8d933f7cdad6c4194b477a14376

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 3d8f06295ce444f3a389413a443139e8
SHA1 72699a14c383941863981346e83b5a356e970cb2
SHA256 287da6d541a061fad639ac5f2873a5884311ce761d4078df4921b5cfe1f1896f
SHA512 7257ebe19ff32107d517ad6d229403c3a648c5af199e53c94dc17fa15a4009f49f69d9b10388f5e45d45446c3c30e8ae477e8292cdc47bec3f1ae4d25c474b27

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\d0c5ea3e2aee71c5e6336e93a5d9a515a496624d\6d62fbae-518d-48a2-a097-602138a9c4ad\index-dir\the-real-index

MD5 e6b0156f2423dac9586a749268c15295
SHA1 e84d164bfa583bc0510d715d7c94fd82dbf04181
SHA256 467c8590fb94ba281b63f0dc49f956cadfc30984ce65e5d260439cbd112fba6e
SHA512 015e29d464b3f4ef736f77a1f5c172ff49c9910597c957f166a89032cd7cd8c8caec2996019149f4377e22c9fe80d7c22e2f2d0110530e02f762d6dfd28f1dc0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\d0c5ea3e2aee71c5e6336e93a5d9a515a496624d\6d62fbae-518d-48a2-a097-602138a9c4ad\index-dir\the-real-index~RFe61baa4.TMP

MD5 95b1eb4c4d9a2e6ff0485a8e02c8e74a
SHA1 f3de6dd2e32ab110f74f1335c60976a9e7a9c7f2
SHA256 ab0aef987a8d58084e21ab22bf547532caee8f4d95fff9d20a0ae35fdc42dc03
SHA512 2e08efad96296438cd13281f1724e9edad212f51992444916042483173148f9eb41e7f67cb94f9f7266d51e07bec438d377246e2131399ffac9a9df2d98f33b6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\d0c5ea3e2aee71c5e6336e93a5d9a515a496624d\index.txt

MD5 459b64a1fe1eabf8370c8fb1f5a5fd90
SHA1 002656048bd0756b3200902deb576d206644dafd
SHA256 1550c0f54841b1885a7a5b1e7ef04ce81d5c6b69a6af69ba7fce014673017bb7
SHA512 0038705f8c74139498a8d13f0a3b5fec50a8ffd378ef4b13973871189b45220486f77b8e24eafcd252c55c9482e9365aa5c0768ded2298911ec798bf4f4018ce

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 bdbed5f82f357cdbb6dbd9c60aa392d1
SHA1 a10ca1d7d2141572eadd9ff81bd318f0fd2d5b17
SHA256 609c7248bfbdff448d481f9ac454a36899af0b6403ad4b53d0213b0127596ea7
SHA512 34f3df9b5d8f13c078d5b98fd9265de2f98f91be215b96cfb241c11c607ed89a7116380abe38418188aff8b19a840f96473b8ba235c1eda6f6558185b6f37224

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 835e17aff6408a4bf37bcfc2ec82f458
SHA1 3c7d1f2218fd7ae365a6b6a7be6d59e0d2f8669e
SHA256 2c36f72e37eaedbfcafa9910825c5149b7d698d0456d99f5ff50c2b99adce657
SHA512 80e694f1f2b5aa132b8c7e9a3b0cfe9c580d40377b36167d12cf885a7dc38169e97f5e1d33b4d5dd77d61594cb5c07852dd29ddf71472214fdcf75ae473da8f9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7b2333c895de9d122048f709ebaa805e
SHA1 87baefaea3084302cdf83cd6e0c7852d3eb42858
SHA256 917374930f3899ea20d5a7b9ea24ab12eb7fbba9e89456377889bb6a0dc39566
SHA512 7187ec3957e75e5fe37295fc716263460891df60d49b77db532b1fd5db5bc8e0580b7ce25b21a7363e47c70844990b74634c8f7f98359bc26912e7a280af90c8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\d0c5ea3e2aee71c5e6336e93a5d9a515a496624d\c693df2a-4191-43a7-8ae8-5932bfd3f6dd\index-dir\the-real-index

MD5 58fc30c727785817e43533ce49f246c1
SHA1 045bc5840cbb0e1fcd6e9ed6a818e771e126016a
SHA256 bf1fcf9b9606d3f5facde0db473de4530add8a508a2fffdb4222a17f44c4d4cf
SHA512 ad162e97c4b640347a6ee87a8680ebc2c6da191e1f59939ff7ebda097a43053bb198d945eacc4d9dfa27af202b1c2639a3f51421e2e76257623407bcbaed297f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\d0c5ea3e2aee71c5e6336e93a5d9a515a496624d\index.txt

MD5 3b4cfdfd9ea42ca572991cb5cace416c
SHA1 6522f9e2bf17c6ecf38941d7968af07342cf2f3d
SHA256 1e47c01508b436390076906c65ada4c2333a60773a3fd2c943d706371eab5135
SHA512 9fe25c3069557997be416e1ce36bc3cb65e9eff2f7a7dad0a8ec291a743383a94e56cb2746fe886450fe5a2019949e6dd6b84304a3c102c37cb99dc9915a656c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0efa3b54aaa93debb5066cdbebc384cb
SHA1 7de7c11ac1a92082d72705e79d3226fd6d6f6b08
SHA256 c1d4df761ead21121151e5d384f0543741728d6ae3b56bfae8b0c60fd62efdf6
SHA512 be00518dbaa81275938832163c8a6ab587286caa37bc2a3efef7a398c2f86794f5f8f1e7e77bddd177684f14209f21f4aa7e96ec090b1e8dbfa6f7557464443a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8a4d5ce530ac9a657b43c44ffb16a25f
SHA1 b18d9c1b90826926a09bf7366dc1968110367b5b
SHA256 a75b157681f41d8a92dbf057ef9add02909ea88f0c60803c6a69dd0500656364
SHA512 ec32e5523cb44c4b2f671fe9c4f4cfe425888c7f1a5122d17bad350307c7ac9492b69ec09563c9c29cd6b43d4eebeb049125928e2081b8180d80699477dc377f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a040ca0b8fc640d812f0d6891a1b91ec
SHA1 d5e58ef136775ebf57fa32ed50163eb852e6bfcd
SHA256 c39a003fe8712aa59f49cfe5cac3c20606726ccfe9e914924c7d2ef494ea498d
SHA512 152a411967d0297266b8259c28d0a016e742d52d0c0fb182962f92ef72e968d7be87ef85b5e6ea4191d0812095c29d335b45ce9571733b4c157e0498e9b15565

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8f90005b2d34ed52aedc42e71315d439
SHA1 5a4b374baf2824e531fb4119196d574771935da6
SHA256 84c55a5142815a673070f66ae142bddbc685bdc3124e37a42f46acc7eae78852
SHA512 5e0b23aa72f18f7f5c1c9efaab58c2202dea694efe86c3d823309aacbf14002987c64eb6a194c1715cd5280bdeffabb6780b1bef2c0b95ea15524a0d7cd39a48

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4ab8260772a47f90338dba5b6841dde6
SHA1 41187e77bb7b45250285d2b1bdaed38417fb4c5d
SHA256 38072cbd6d4205dd9599d23a61de0809c66583d3ad4c2ab288f31bbb8655279d
SHA512 22b46ed7570c244fc4cae8df1a3e2e0f97fbfff85666c55001d2b6015df684be1b8d4d7af6da42645619a057731f51d3f69c3eadb9e9c4b064c6a1fd46c8430b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1ebc8a257ffed5aeb71ca69bfca53280
SHA1 f8d29815eea22a4fadc819e1cea84e4f2518d34f
SHA256 101d08f9b76d6713d513c3ec0f32354d3142a49ee58472a6f9e7a71dcc3d6b02
SHA512 bf6ac4198291fc061834a28bff488c66677fa9e76a082385a5ffbcf0743524ce97b92fffc1acaf3549e286a75a1881aef97e1a6ce9d9d5a34e2ddd18c3500af7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 36a812752cd1e0b6492b784e3230b653
SHA1 1ba1522767ef2d8e10194797fedbaae483f07bb9
SHA256 06d312294452fbd374f8391467413416062b06b483c80e53623ba53c4069cd97
SHA512 d1b938685b03665772a5fa38ef3bdef2273996c3f5f997c58c932cfe27ae0d094bd522656bdabc2bebf49ceb564491ecf0a2edcce7c93272e305b794f404e360

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3cef592c3fcc585923712aa4af7c42a5
SHA1 7f5894d7cd83272533421b9105477c2c2eb6907c
SHA256 df1411130c5966d58a8f2d7d92a6f833157c60169596f33493514f01383bde7b
SHA512 74e5a7f95471615b8a2f0022e4c3b12e003bceda5113aead042af60e265ef72f8d592f92eb823dcc6ee4a3b368885a8c766d6b7b9f8b696351623d93627c8193

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 effba076437636af533c0218cdb59e5e
SHA1 b43af9933200642a50bbb79801cb08e66e746cb4
SHA256 af7f07dd19d3cc5dda704ce9889f036652e85a8a7b61445a7a2f2621bda5afdc
SHA512 a40af5356bad1ac942c7d0a32b1a053a9173af0cc407ca1ea0e3fa8b2a78483be2448a18e0fab57b5495fb2d8f495024218ea17bd63aa31d5ae40c6ad63dc9a2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4e1b8c47ba786ef35ee2ef24a93ca4d7
SHA1 be8ce78fb34aa9574df9b7ac6d15fa38e0f4ed5a
SHA256 c203321f7a69effd0153b4480597f0d8e4a03b9a47b675f3fb31f2e6d3ea7e80
SHA512 8eaddf6f452121f8e410e37c31b7e34d3c10238786e1e43265959676d7dba2876f9a7652bcb0fdcaa37f960a71ad0b343a6627b014831596e1a2f64b2e983725

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d34645944b206944f4efc648ff93efde
SHA1 38ed81c374e878c63f1300c500cb50f8b33316b1
SHA256 5cca4e16052bf419922e787a93e8e058fd53738b291b096606489acc025feafd
SHA512 b73307cfb953503eb6aa1df6d3554deaf99146b390306b4cb15f2022181edd55d61bf1fe468a70459cdbb26792b4bc9e1552a0fe6d4a82bed14aa4016871b02b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 9e5bf92570cd5c992441d2d53eccee8f
SHA1 87d9f6cc2b2da783c6d5fa04d7f28d471d540551
SHA256 01fc8fad747de02a11a59947d8748fcd4a2c710e49a177ce7433070c70201770
SHA512 e7b20ec1826480feaddc781c310baa85a3718264a86e008d5d0b43bd79d3b80799b8020969cf45518a98d7c72bfc2aeebc2c055b287a1952867f93eaecd7f9d4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\d0c5ea3e2aee71c5e6336e93a5d9a515a496624d\c693df2a-4191-43a7-8ae8-5932bfd3f6dd\a4e5036f58e9d133_1

MD5 a9a98294d06e4049a8d0f76f8ed131ef
SHA1 6f6e981d3dca45e2cd0fb8d7d5f16bdbadb317b3
SHA256 50616ddaa6c48c35fec5bbf03b0cd812af53b230a4ff682b75d3a7f72f7d527f
SHA512 5b8aee6ada45cf9235c5f4289ab91b17e37cd954039672fe7bbf099198ef830523d54d367991b3eaad0a0153a1fccc5a07ebbd8acf34786886e996122cf5cde6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\d0c5ea3e2aee71c5e6336e93a5d9a515a496624d\c693df2a-4191-43a7-8ae8-5932bfd3f6dd\a4e5036f58e9d133_0

MD5 cfe7ac730fd450f1a653d32079e307c3
SHA1 e6af1e768b69c6e1a70a7e8b352cb91114cbba30
SHA256 9264a4c585e3b5a8ad8d52cb15a24eb85b3eb070b1fa613e65fac7a76d759d3e
SHA512 e5619a9a21a8cc0ea65e3370c28304177e04189d3a6f326f4ab0e8ca83879ec9a156323cb6fdeeb27af95278b264cfbf86428e710b98e70420e8bf57180c8020

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\d0c5ea3e2aee71c5e6336e93a5d9a515a496624d\c693df2a-4191-43a7-8ae8-5932bfd3f6dd\d8da3c21b1afe4b4_1

MD5 a0cd43dc50e9697c4af3540c073cdf02
SHA1 1eac13fe0b07b6d4a2904631fc0619c0540bd6cb
SHA256 cd32f579f1c9a00d33632e433eb82889cd4921d967dc91f3e65e8cffbb287d08
SHA512 7c2c0c5837220c270c4cbdbc5b3bc90ebb6a7bae30ae5f6b9c5836f7e84ca95e7e49620e3244cf2c785011c4e2e51492d9ad44540d1fcf3114436ba26cf0438a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e2c7006e81b11393105caad2e9c1ac8a
SHA1 25a65a192df4c7d29cebdf9c3cedb03cc4315a26
SHA256 1698e15e71928d747cc0314b9981be3fd9443834725548ca27c270430edeb5b6
SHA512 80e3e45ce732cbfb4c79e8f37c467a228248f95383015af80b6fcb8ed19ac86a5f828aee7bfb4f1254f85753db5cf4ac956f579bcf701fd69da5e564d7327293

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 ca7418f40e832934ec109fa16f2ce509
SHA1 bfe8124c4107e511012512b45e1d0c756c8664ef
SHA256 fb85aec82161f6606b951282248cdcd755c2cbcd7036e15f32a38d9b0f786611
SHA512 f8e2295e10d3c05a1ddcef1bfaed52125e9616ebcec2a792fb378be622647e84df2b2f61b3136f9910a7b4f41a60c742b03a80e80775e99f57ec60c554aaa056

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e2a6377794b4f24ca3b152d806f8cde6
SHA1 afb98c9b5b96aa6fe0a3cec86d8a057216abeacd
SHA256 903bb53662696b8bbe29c70495f58b9b1cfe010997a80105bad26c840b7ad7d3
SHA512 f4003a38a55760496dd995b08328ac962e950313f249be4eb68fd57e1ce993ddc89edd9a7f5e36874daf19b8dcffb4331489b1cbecc4112cf81a042675fc0b0d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 62fb6af4dc591f0637260641d2f8d041
SHA1 cdfde79bbadaef9c363c73ef00ee1c081205bdd9
SHA256 2475cc432e50d1732b4680b4e2e06bf82e32137e6cfba41d34486b19706026a8
SHA512 22e0d9876da453733b49e42cd0da862cc9e196a36b28d9ac330b6368bdbbeb47d6e0e85f094bc814108187ad2b2dbeecf0a48cebf875581d99274e7b5149be9b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\d0c5ea3e2aee71c5e6336e93a5d9a515a496624d\c693df2a-4191-43a7-8ae8-5932bfd3f6dd\index-dir\the-real-index~RFe652806.TMP

MD5 eab9c7a0aee57953382c944fb5b39409
SHA1 8ccfbbd1ce39a6a2153729f2bcfe128e030ff48b
SHA256 417616ae4ce39b49134febac9a6f63547ac67baf513af9b325b6e6e858d721a1
SHA512 f2755eee4480e28d99aa008c5e430524be8a8e0d0e1ce9ff289460b9dc77d090ebbbdf09a79c4fb21dad5b516f9388aa241d93cb8455372d626530ba4af9d5d8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\d0c5ea3e2aee71c5e6336e93a5d9a515a496624d\c693df2a-4191-43a7-8ae8-5932bfd3f6dd\index-dir\the-real-index

MD5 c2774cc1936906857243dd3327917b09
SHA1 3039b1e931f1b26651540225453a61839b56276f
SHA256 3d92af8d800d05fef8170ce62280a3d945eb0d96cbdd5da3879caa1c488eaa0c
SHA512 984b2b93bd451b11bca64d78206fb8c2590635918c8d45c4996305e656aa7ce09605e6295e9200864604255a7ed491e239ebc86a9d861979a6a9dcc54bd3d8b1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\d0c5ea3e2aee71c5e6336e93a5d9a515a496624d\index.txt

MD5 72ed5780068b4b1d097b025c54e2b167
SHA1 589bc114aa0bd872603612008a4f09523a8366b1
SHA256 a3ed0236506f26ae92404ec912ab0609747d929c208d84c58b3fa19673143906
SHA512 ebbfc3b9251cc5cca596c8f96068abaa22f055ad65fa039638cba099bdac0042c97f83947441ec8f8dbc31702ba8729543ca23f66f49a1bd8c23986ae3fcbcf4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 86116a7cb879b8b4e7091d51419fcd28
SHA1 bcde337df6b886c50ac0cdad655f01998070b1f4
SHA256 c6f954106b28aea34f43f1c93d9128e1c575e52eb68b7b1639967e293b98630d
SHA512 63e10d85346aa595fe0ee258d2e0e1308a062d109226a08aa04b7d374d31b7ad208225e4fb1bc5e7c59f735e0e349bcd5fd566ad5e29a94b501f27ca4c38d6ff

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 be5f0791a122870292ea63103a333be8
SHA1 7063bcdcdf608ca97319778ca61404ee21145ea9
SHA256 c836d443f5fab64a81bc2941ae0f8dcd56d242e72175cc911a816d6429fe083a
SHA512 2ea41204215437ecaee6c369f0e16043394c3546de48b31f1be3cd5d32f8d4907de5465342a2acfbe85e52c5e39cac89ae1056dd268aac5784130b1d71b5f00e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 9b8fc171ae63d4e7d9ed3f6bee04fbd1
SHA1 649bf65bfe3a839b7b76a2b065b3c70795de0eeb
SHA256 a74c41c5f161dd02a8d3c37956ff2c47b3e04d713daf48933fd3e21f8a341d96
SHA512 c866ff57118641660e3b28e6e6fbf72bdfed200c2e71165059a3c68d0af13b21b736cd809557f23a5272d0049f0dd4109a7846dfcf7f4621a08c591cc3d9759f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9ecaa6153647d994fd306b47b685bef9
SHA1 26039b20181c1b017d4c0bb6bfd8ea87760c30e3
SHA256 b76f864373d7ec8bbcb9398de13ce79a2afbf6b7c2b0224f4b9bbb709ad9c3ff
SHA512 0e565f0dec54df293d6de9049ea2e0234c4b31ceab612a24a3bbb362b2e547498025e076c4a34fed7ab1f4257c6522250932cc4bfb1bf601e17059d113336754

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f88be20c3afac9bb7a1baa321452b442
SHA1 16d2a84b78c04e9c982c955ca754ff4aa9dbc7df
SHA256 ac60a9212f79b2d3bccacff6e6c18cab5200b28246fb850c1fd3ab9ac0485023
SHA512 c5da700d402cd8dc2a812287cd900aea1ca15b2f0fa88ad9463219eea886ba35b008907793de35ea87252327c2b0e2beda821b2c8c257fa66ebf411ca3e20e00

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5cbfa7a2708f24bb2d5d7232d0ff1505
SHA1 0a3b46db3013723aeca0a3760a411bbc0b14a6a3
SHA256 dee33036f640073cb11a950623dddc25d8738f323a9083955ce85772d2091da4
SHA512 92fb7a8493acc4cde62fc2235742090c00b72fe4742918ec1cf87210e7aa1e526539f5aa2bc0e009596fb6aa7498101988d60d10639bfaf0340d2f927fc989aa

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\f656c8af-081d-44fa-bd71-bffc86028b86.tmp

MD5 66e2b895417da881a126eeea8c15e354
SHA1 6a843c3693c6d8b8db33fa39c16c432d6271503c
SHA256 528d62a9da84f69b189f1de306cc4d3b45fd00951d52011fed0e32a5abadc7d6
SHA512 b9886e13d6c502ae4b000c54c42ec25bacae917bb8dcc91f4ce2416eda83416f2c6d3fc822a502ee38db8915922637d07c2bff0ef66ae7bcf1ce8d6c8e944624

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 04f621630ded5358ccee5980b61c3744
SHA1 cb510644b4e121bf8529e07fb0cff70bcc09bc43
SHA256 eb65bfcd3f101f9f4df5f5a131a75308bd1f48c44c1830b4e4ef0945688070cd
SHA512 239b16cff9d8b00c44b5b480ba410dc8d5494bf0809f13619331d65a57ade04dbeaaa7d8e04f14b65304c00b6e3cac42661a2d74b6b41a887f1a4e0cdc4318fa

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b546e8aef08614f9ce5b3e39a01036b0
SHA1 e73ed5f8b4910ce0acb9c82e34b0cc288ccab6a5
SHA256 ccf4bd9bbd3bf0ce14743892182daa2e584a46a66257b5d4cf1b598f63a4210a
SHA512 4aa83c923143fe821a93a016926557f75393febade4ae61edf506f90d1f30d2f7f2e0a0dc398166073a0a8fd119cb49e6a47947bf3221c2a637547da3d3ab103

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 91d2761d2cb484548d8b580041787c98
SHA1 f6d565ed5b506a2464347d43f10407d52a9ff4e5
SHA256 9051402c3529eafa656ed7de48e1bce82690c9ca852bf0cfcc493ba40466f07d
SHA512 aea056d64458d5181e9829f762c054f1ee92b6084f0b65059952fbdc81df8d3778355253fb717ae958c204c95e9a3a3680e8c33d0420d0be318126253dc1af4e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 15f84cfb379bcd6297fea057640342a2
SHA1 4671c8268d38df8281929d55fc8b2f982350e0e9
SHA256 b912aaa0a2d84f41ce8ba7a6409f148de7a54dd504358a885e31ff1f43a7be9a
SHA512 9bd85b8d7e982332955c5efb3ce1d1e2890dea53771d889e52372fc35a616280c83208b37e575039f4b1e1fd5d607227ae5cf19f485c7d540facaea6dd01b869

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 400546bff176d10e49d50c716fdaf367
SHA1 6f68c1be3d4ee512041a295f49c71b0d03193677
SHA256 1228dd5f6970e0734833c2ced3fc55a1630973280239e516fc40ab2f329e154c
SHA512 101831ddb156e1e0ec232487691a430ab158721d64012ac70c9969bc5d03af70ca12e6bf31d5af8948e56f0c1f14efca90289a318ce781dd44a21865c1965a14

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2923e8b5751b6c1f39248920c5af6e8d
SHA1 1bc7db87a0a473edc481c46530ff5321210e21e4
SHA256 efd0c78dc2040a85e9e4db0ea7ac64752caafcb8f2c1ebc8e6919951dd7cf472
SHA512 5f105da50e04052024f985dba84fb86dfa5e9c565d5e936afa112ddce34acdbe1cdc4203242f885637eaa10ad80b9201ddb0ffc5fa538dfed608c72045913524

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0163a9b3b540b1db97d3dae65c18aa5f
SHA1 059c5e1bdde4f5ef7f119c56e824f5ad35940a46
SHA256 b623ac4bd773bdf84eede8d4c0bdc87b262fc007bd3063a3c86a9254d02b59b8
SHA512 eb88a34786b508ec7e84f4640442fee1089f77c8bc0e60218fdadf80709e8648b63bfbc788f6064b1cd1ccac5b83a1f4f3d53b18de1e746a27f14dd1ec6448ff

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 183411ca0a6835915298e0c1ca336537
SHA1 936cf0e1c6b392efcadbb70bb66acdbe0ed64546
SHA256 0e8018096a1a0c94435687f8f3520485650e7f45003cfe3b3b2ef6fd1131e964
SHA512 75a70762560c22b043b771cef9ea3865667e207c5d53560b2c8b8c7f41b37d025cda8b6122ba1925ac542758cbeba228f1834db0267be29809e8221e3aa46ef8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 49147d8859c51fe87b640d64dfdeb661
SHA1 b6e1b49b0300d23d2129e0854be7c442a4ae3355
SHA256 91364f1af5bf5c41970b821095c469f6d56a0cccb45d085dd328572e9e4fdf74
SHA512 638178f9efa24729fbc20060bde531403ddbf922d9dd72bae33375f9a6da753caac1691a74e5ee8505bd24114b5ae2180daa3bb5c3ffcecf8def0c118440ca7e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index

MD5 07c52311e984b65c47dd32716948fd4f
SHA1 66eb395d5cdac5a137030de0d7eea7da0f79e0c8
SHA256 b589710afd3db5e404023ab8c470056ba173a340e426078456a19f3e5da567a9
SHA512 9d0132e51fa006d2ab9e84587970b283074b86b2ee90d0c771f94343f5329d76441a079662c5c1f4123cd2a8a76af3c55a37d5a0b26b10e52dbc4790c4c2fb48

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 54f700650e30c41fb60253bc27683bd3
SHA1 bf56c56d4eddfe1069e8bf85b665786d95f9ed9e
SHA256 362de6437d598597549b7abb9297a042af75f3fcfbdac8b8e09dd464c1684678
SHA512 f32bc970df559d0fbd9dfc11f481c01b85d6fc832222b5273884b8425e0c3cf158feeffbacca8a90a383ea82a6722ac1291684ff06bcd806542f927be3d24b55

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 e65308e6144d02d865ad6ca8ff19255e
SHA1 ff9f1f43d7d1b011708d31e9d424049cd5e3ef9b
SHA256 8ca381eef4c021c156a259d3d8122cc28454b5c3322ae1d9ef1ec1f675167d8c
SHA512 154b9967ff4136ba50bc475f2c805fd85fe69a163f6c6daafc033604e30f2c1ea895f5fb22f31b1666ece66d90d6708f3a456db8f42283e4a31cba28566a0349

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f6d3bc1eb14cc9ff68d22809169beabe
SHA1 469d52f2a9477724bba84eae0150d7fb87945daa
SHA256 34a001faa9ba4195057bf0bec32072f25c66bfd496a8abfaa8d60551c8db9988
SHA512 6a11b357f1611d802ac98ceb81539ff0b0f76421c2672ba10f4bf6dc8d920a0e6eda3008d410729600eb7d148574c390800ded5630db61bddb4a5ba2555f3212

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 330fedd5b34846269cb3f2e1ef6f2325
SHA1 0944df3ea34760bbbab1a913d3dc273919326d13
SHA256 fa4b633c7d1c026556f1cecf12acc9cc687ebe3de88374db5a1bbfd3d515def7
SHA512 7ef3494b3c194e3326461153db139f554ce626b3ffb593139aaca805efecbaac86e5889fb95e815cddd4f48481951e0ef9ebf7ce054e2e218f474a045e704f3c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5c821468f7ee66c9aec9c92972a89b3e
SHA1 e55c66dcb50e83947d9a549adacda0eb7c5df642
SHA256 c4f81ac2f6a68a046e5fc1fd36da60276bad1a68a04e7d46b0360b93299cc505
SHA512 f64490256c2b8c60cc99570cf0f03358f99821d5037600a469c576da3b598e7656ff00c522bca764149ecf0fccf0ffe55fa4c083f8513e89fba94783524004fa

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b7128461747b51d817367faa66bc1ea9
SHA1 6948b9c38519cd0c1b9394a792eac4f01e9895f7
SHA256 02e56806707edef0d8384afc1b19b959e167d4a30d87dfcc3a316ae5c3be9a4d
SHA512 faa2ff41b0d34089c861c8754ca841692e4c88c72fa319d4a0f092b444d6a1a9fa60e102c3b42e5b909d00c94782e38aa3cba04b4d6ab8f22af8612f0312dddb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 78ada48712b0a3f2da78ee2260a27a02
SHA1 bdfabef04ed2c1776d3a45c8284360557771c121
SHA256 88d712edfceebdce5f8618b8dce0574040a5e8844b67671d3cecc5617630d35e
SHA512 5e0b569fb58848d0417f1c09371d1f54bf710d2ff8acd11af9c4fb5776e0d2922d2b978fea5398627cbbf458d44e6be3a732cad8df6531b68f61508f13851760

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a98cb21256b9fa5f58ee6b19bdea2fb9
SHA1 16a31942a6f7834d94c508772da86f57785a0270
SHA256 2eca5fc5714360adb2660d381490d47630930c54a3d93d48a2dce98ab743434f
SHA512 d06d5fdf2f396bad02863ddbd648d9e6c046ba0bfa2401b2a0ef6de97d503abcd8b73abc149ce6cd0398d3b426023ab9f58d411cd1888cf51a209f8b7d87ba8b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 02c9e04c131afa2046ac745aaae531ee
SHA1 b51e30225539495c57c8a76a5e95eaf66a638645
SHA256 563574b423cdbc2fa0bf7e710e2302ce5a9f5e43bac622aa734b555bfca6bdfa
SHA512 8f2fa8826cd6e90508b8400ee1b37970f4587b83aaca0247420e49e6ee35a7657f75e79d878ae6e576181e432644216cb83aeb1f27412e8c6901188424b57880

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 320958348005b4c022925856fffbb7c1
SHA1 722a1f80bbfb482b09e38497c65f2ccdf8ff4c4d
SHA256 65fbf4b0a541166a836f8b721d8da1aff3faeb0d7a9839a36d845a5fc1933bf2
SHA512 5ebf89c5612ce4cdf83eec023ac2097776da74352cf0a224ede39031716fd1e7067d0cd335a2a95656e2d4c725d6abb80ec4aa532211c2534437d6f59011f3ba

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 73e6b29f865566a460edadf413c6a62c
SHA1 8e1784a1ea65231ea79bef5620dfac22a8b3a2f6
SHA256 b100c610a78c423d3da8be0e90081423743943da664b8e3aac1c25cd25799c99
SHA512 06f3cead3a02a12fe3ecab4cbf024ef1ae5f24c305e0741f4aacd37d513558fd2bdde2d670c0987d6e745526f092e7c799791db8d3f49316b8975b677ec88a0d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 afeb1f2d94a0d3c87b1449c2b6127d3b
SHA1 b895f5ffd83c0b3d59763e0555fea085aab78630
SHA256 c71b14fcb8fe98a8813d5b9f2ca55b2ca561332efcf70abbafebb3b475689bb2
SHA512 1d8535f835584ce508429be9a31aef08988681a7c5a94b3198bd5495a1cdd6bd1a2064ae6f4d9625c8ebe683668d0dcc236b04f4bbb774fc2ade465393594f4b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5fbe835a360f21f0b3878116a2c54835
SHA1 abfa430843396fb4c615a32650d8e34553fff609
SHA256 28a577a49277fb165133dc9e23e4c8572d9dcac95bf5cf42c29c1b796fd8455f
SHA512 64220f8fc88aa2a5f64e263c93028b44f703ff3f8dd880e1c379e9857e6becd401b9742d53b724eebcc580568c3b782c763ce6693592085245ea5ef60ff14252

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3d6e1da1e5cf996f0eacc306ea04435a
SHA1 f41ab2fafbb12faeeab91249eb23d0d27bc2872f
SHA256 307c33927fc1f318657f9d4738f7712aaec8fb758c91f27789521ba4cf084470
SHA512 b008fac67771b5aa60d5e46905a32fa815a8720399f4a681734652ade5a31fff766afddffeb93c6838c837e2296bd48909d8e9d344e30f2d4d72294f42d97dd5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3f8fd8da5ddfc7d1d786b9866acaec7a
SHA1 e5de19e619889604cc760f127bca59f1b7495c87
SHA256 fb9a906f4867813cb5ad3be7ef777a71fdb82af17b3b3885e837b85b1c67c7c2
SHA512 15e10fe6046fd1d6a0d4c84164d57d353a81cdaefd3ebbad8a004dbf8fd51956404f57f7d98591c6571fa0daa2acc9fd13deb7b4a4b3810f30f00d7fbb55d7d6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a8b502c7a299e4159c0902b7d11f3641
SHA1 8e0765d9704b9d817cd8fc77f4f443e15dde3c82
SHA256 5de60f9fe5dedce71165e52c878c1385189ec7e911f54d09aeed8631cb1bdc67
SHA512 02f26942d3c3a9ff8431f9dfcb49f085ed5048db5f41624a017f80d4682616c312b1dae08a1dc149e06c3cdd345a70bd933f8a9a686f85a78ecadb5ae5792f0a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 00003fd42b23a8022cade6698d6f0a85
SHA1 c147c56d33be32b01dbca74ba98c6b4290a21a46
SHA256 8d387e41f1b5bf2b469b665a5b8a93f13d248ec920ffd1db5c6d7808a3c5f104
SHA512 636858f18b9e47edc9d308ed60089298f9a0ef6d3882d1de503dc643308937ce4c2b405d57f49ae282a1238b598ebea7637030f5fafe2dac54a4a73a3b48d786

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6a2e0744b7cea037663bb1b50996fbd7
SHA1 9f5f11a43d8d10505e7ae3672183a2ce7429b553
SHA256 3e6357fdcd0f6b9e3fddc4797f80870b2b419a38aac0fff4d363c18e5ae6bfec
SHA512 6b30f7af2f768e79c6e9bec9f15ddd5a4a3bdef9a41e2f925b15cfd94df791395c5dc5728c5c16f2c56d9764f504b9b96c658ab41253549407e6b284e857b0f5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7c267cce90589e2d05e5f8bb2556807c
SHA1 b8ab0048a087382116b1485c4ae843d50acbd833
SHA256 0365894cada277a9907e0c573f8b67f2316a9994dae777f3c63af2ab1a8a341a
SHA512 9d7c5582f77353c4dc0834622f77e13c3f49b8da713bfe56c4d8f2151c60ba3a02aa63b8255f4cf1d08e680db4454f6af2a8273e7ce05436413845c3f4ab73a9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 cbbd728328291c145da6581d38c1c11e
SHA1 0aeb705b4d1794c024a025647a6de95b7e07150d
SHA256 7ef96d282bca65f455afbccfc42279d6ccde779f9417cb0a98964c74a476477a
SHA512 1f5d92d55c1e58396ceb3fb77ad95c51258194cf482a496e24b0edec5d2a38e0ce0dcc1654c033c8968f171312f69ebe96d8a41f96deb5f0363c2a11ca0b7af2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f886f15f8b87f59c336e1a2c5e1bed44
SHA1 79186ac192d5fd64a56ac07502a685c3b4759ae4
SHA256 eb08885654ec39dbf0d21b319147dc84939bd8308fbc4d8364029420e2729a17
SHA512 7bbb9147fda7ab48a81afb8b87e9035cd9ff4a2c6c56d236da35bf58590b0621314cfbda67d73cc4e9d913ded76ae0aa8c5305ac9883436cf3625bdaa0128b18

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 561704d57afaadcc7d409a786666d132
SHA1 8eb69d95d98a50eb20808ac0282635d6b9a0a54e
SHA256 b7c62a6ced485c8aecf4f3d07463e3eac5cea265b28bdba2bbf259d4b1822392
SHA512 578604cc9b0a3664b1a06a2221016f21a5ff436835f6e00c0d25c5f389ff97d0170ff70d31e4639f98df729b209141eb4507c71be95b89312e427c2f97caa736

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a08c75935128756ba91bac2b1290f409
SHA1 3d1be067cf753abff4158a4d6a7c029c13892183
SHA256 041c6f615906343a20f2e3a7e39bbc8fb2277ab2b1306ce12640466cc4b1d99b
SHA512 b9524231ea39085550480b4a313f1808d94ea9c4e1cf0b030bdea2c3bbbc6ad5ce708a468b573dc53bd6166015e035f276da61106a738dddb001c88e523a132b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7bde0f5557a10b41268ad37b3d34cae3
SHA1 2ead3642b55b82c1acd88f199e22cc9e8c9d4972
SHA256 ec9cc066f695a6bf8066e74f007deb87e775441fd2d93a0503e30b14332ffdce
SHA512 9907aba62ededff22b73559a7dc1c563b4321fe231c6e0b0437e799f2467e82418dd120a94330e613cce696ab1c1853d5e446281d442b4a65ffa08cc8e3b7509

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 970f3a104527772eef62bda8f3277da6
SHA1 62c422491a0504f79479cfcb4bb91ba6fc6574e4
SHA256 6939b18d0d41d42dc2e6812581e823776b984952713bb2ff0a69f6149a52cf50
SHA512 a2fec8d878cd2c8ec340eaefbbb4c7b293794616a3847d9a45f6a3122203be557e3e3a50d9d0132065dfdf56e569e5752900614f33381cf15f3a34bbb0f680f0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 49f2884016d316b1ef0079e04d0a43f4
SHA1 3c891bc86627fbcf42d2ff8994fd014d2f5e3ac8
SHA256 087aecabd0d36a27e68ff3a9e8f71ed768176ee9a3d92287e91107295f10b91d
SHA512 a59e30d4b750141eb6fb1bde5a34dbc7fe7f22a6e75e6ed2f8b4659613fc721ac500fcc1d5bf4010a37b6936df3b2d82a700eb5a55f91679fa0bf38dcf84d9d0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e2de1d1c2708b0b20871c9f8f37a588c
SHA1 31994f68d01fe384efc61155e73ca49bcc039cb0
SHA256 0f3d33683cc4fa433a3e8a2ae40d8f130df49213a93a46d5892231374fc18021
SHA512 1c10d3894aa5d54bcae14def2f3935489a95581661f0d0fbf79492598c04e1cd6045dae099edf70f206feab3b827962d6814a0f12da4e511e03102c70c269ef3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 cfb1decee30286429869a4e26fd03de1
SHA1 1899e0c15f7e3272b4d29a853269b022df502c3d
SHA256 2ad5d2b00f68f52f91e37ed87a27604a4f84f0a0f548732f04b6571598be20a7
SHA512 f91456fab9f89a2c5fcbfdc4860bb19e248e7251eccc216cd2c0c129cde5fd57907d124666873158895d1c4b8560c0065d3bbd51163b1060b9cdc0c5696e6754

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f43dd5c0b055798101d6fac8b9fbffbc
SHA1 02591f97f957fdcd8bb314f9409152c51a3d17b3
SHA256 e615b2236eed1e883869765d8ddff1bf5229d9e7c05d7f62b270bc947659ce08
SHA512 62b19cb992c8c35b3cff50f935a232a8ad02e536280817ac92352fd4c0781ce2426f0950e7f03d936e5efbff5229bf4f4351fcbf8ad1c996478c631d0516a304

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 b977addfe674765b8cef4306160a754c
SHA1 49f66bcca0f96c38a2d04c876f706003fa258558
SHA256 884d3396ab9f0090cd41d2bf19a3e1daec4fd014f45ccce73ec55135adc4deda
SHA512 a1abe212c1906e3c2e07a5aa4d39856fb66985885ca1fd38b04c3736e7e757793cce3c333851d55acaeb8a824237e5528deb8f046a089317264602c0e6bc0617

C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\AC\BackgroundTransferApi\a44695b6-0272-42b0-a82b-458bb7653083.down_data

MD5 5683c0028832cae4ef93ca39c8ac5029
SHA1 248755e4e1db552e0b6f8651b04ca6d1b31a86fb
SHA256 855abd360d8a8d6974eba92b70cbd09ce519bc8773439993f9ab37cb6847309e
SHA512 aba434bd29be191c823b02ea9b639beb10647bbe7759bbffdaa790dfb1ec2c58d74c525ef11aacda209e4effe322d1d3a07b115446c8914b07a3bce4d8a0e2c3