Malware Analysis Report

2025-01-03 09:40

Sample ID 241018-yf249awhpp
Target LA FOTO.zip
SHA256 feb3f77f2ef8c0f4ce83780a547df6a131913b2cc57b211ed99e876ea4897f79
Tags
qr link discovery
score
5/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
5/10

SHA256

feb3f77f2ef8c0f4ce83780a547df6a131913b2cc57b211ed99e876ea4897f79

Threat Level: Likely benign

The file LA FOTO.zip was found to be: Likely benign.

Malicious Activity Summary

qr link discovery

Drops file in System32 directory

Drops file in Program Files directory

Drops file in Windows directory

One or more HTTP URLs in qr code identified

Browser Information Discovery

Suspicious use of AdjustPrivilegeToken

Modifies registry class

Suspicious behavior: GetForegroundWindowSpam

Suspicious use of FindShellTrayWindow

Suspicious use of SetWindowsHookEx

Modifies data under HKEY_USERS

Enumerates system info in registry

Suspicious behavior: EnumeratesProcesses

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of SendNotifyMessage

Suspicious use of WriteProcessMemory

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-10-18 19:44

Signatures

One or more HTTP URLs in qr code identified

qr link

Analysis: behavioral1

Detonation Overview

Submitted

2024-10-18 19:44

Reported

2024-10-18 19:49

Platform

win10v2004-20241007-it

Max time kernel

299s

Max time network

299s

Command Line

"C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\AppData\Local\Temp\LA FOTO.zip"

Signatures

Drops file in System32 directory

Description Indicator Process Target
File opened for modification C:\Windows\system32\config\systemprofile\AppData\Local\DataSharing\Storage\DSS.chk C:\Windows\System32\svchost.exe N/A
File opened for modification C:\Windows\system32\config\systemprofile\AppData\Local\DataSharing\Storage\DSS.jcp C:\Windows\System32\svchost.exe N/A
File opened for modification C:\Windows\system32\config\systemprofile\AppData\Local\DataSharing\Storage\DSS.jtx C:\Windows\System32\svchost.exe N/A
File created C:\Windows\system32\config\systemprofile\AppData\Local\DataSharing\Storage\DSStmp.log C:\Windows\System32\svchost.exe N/A
File created C:\Windows\system32\config\systemprofile\AppData\Local\DataSharing\Storage\DSSres00001.jrs C:\Windows\System32\svchost.exe N/A
File created C:\Windows\system32\config\systemprofile\AppData\Local\DataSharing\Storage\DSTokenDB2.jfm C:\Windows\System32\svchost.exe N/A
File opened for modification C:\Windows\system32\config\systemprofile\AppData\Local\DataSharing\Storage\DSS.log C:\Windows\System32\svchost.exe N/A
File created C:\Windows\system32\config\systemprofile\AppData\Local\DataSharing\Storage\DSSres00002.jrs C:\Windows\System32\svchost.exe N/A
File created C:\Windows\system32\config\systemprofile\AppData\Local\DataSharing\Storage\DSS.chk C:\Windows\System32\svchost.exe N/A
File opened for modification C:\Windows\system32\config\systemprofile\AppData\Local\DataSharing\Storage\DSTokenDB2.dat C:\Windows\System32\svchost.exe N/A
File created C:\Windows\system32\config\systemprofile\AppData\Local\DataSharing\Storage\DSTokenDB2.dat C:\Windows\System32\svchost.exe N/A

Drops file in Program Files directory

Description Indicator Process Target
File opened for modification C:\Program Files\Crashpad\settings.dat C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe N/A
File opened for modification C:\Program Files\Crashpad\metadata C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe N/A

Drops file in Windows directory

Description Indicator Process Target
File opened for modification C:\Windows\Debug\WIA\wiatrace.log C:\Windows\system32\mspaint.exe N/A
File opened for modification C:\Windows\INF\display.PNF C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Browser Information Discovery

discovery

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133737543147025611" C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\Mode = "1" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\0 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\0\NodeSlot = "2" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7} C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\0\MRUListEx = ffffffff C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\0 = 3a002e803accbfb42cdb4c42b0297fe99a87c641260001002600efbe11000000ebc694e59718db016ce4ec329621db01e7fbff3a9621db0114000000 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\LogicalViewMode = "3" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupView = "0" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Local Settings C:\Windows\system32\mspaint.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\GroupByKey:FMTID = "{00000000-0000-0000-0000-000000000000}" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 0202 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Mode = "4" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a0000001001000030f125b7ef471a10a5f102608c9eebac0e0000009000000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a000000a000000030f125b7ef471a10a5f102608c9eebac0e0000009000000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\IconSize = "48" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\GroupByDirection = "1" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\Shell C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\MRUListEx = ffffffff C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0a00000001000000 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0a00000001000000 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3} C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1 = 14001f50e04fd020ea3a6910a2d808002b30309d0000 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\MRUListEx = 00000000ffffffff C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\IconSize = "16" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4336a54d-038b-4685-ab02-99bb52d3fb8b}\Instance\ C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\GroupByKey:PID = "0" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:FMTID = "{00000000-0000-0000-0000-000000000000}" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0 = 3a001f44471a0359723fa74489c55595fe6b30ee260001002600efbe10000000fa6392e59718db0184b033b5ac18db0184ca4a479621db0114000000 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\Instance\ C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 00000000ffffffff C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 02 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\Shell\SniffedFolderType = "Generic" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Local Settings C:\Windows\system32\OpenWith.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\FFlags = "1092616257" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:PID = "0" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = ffffffff C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 0100000000000000ffffffff C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1092616257" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\FFlags = "1" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\GroupView = "0" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByDirection = "1" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Local Settings C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\LogicalViewMode = "1" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\NodeSlot = "1" C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious behavior: GetForegroundWindowSpam

Description Indicator Process Target
N/A N/A C:\Program Files\7-Zip\7zFM.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeRestorePrivilege N/A C:\Program Files\7-Zip\7zFM.exe N/A
Token: 35 N/A C:\Program Files\7-Zip\7zFM.exe N/A
Token: SeSecurityPrivilege N/A C:\Program Files\7-Zip\7zFM.exe N/A
Token: SeTcbPrivilege N/A C:\Windows\system32\svchost.exe N/A
Token: SeRestorePrivilege N/A C:\Windows\system32\svchost.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\7-Zip\7zFM.exe N/A
N/A N/A C:\Program Files\7-Zip\7zFM.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 884 wrote to memory of 3804 N/A C:\Windows\system32\svchost.exe C:\Windows\system32\dashost.exe
PID 884 wrote to memory of 3804 N/A C:\Windows\system32\svchost.exe C:\Windows\system32\dashost.exe
PID 5000 wrote to memory of 3820 N/A C:\Windows\system32\OpenWith.exe C:\Windows\system32\mspaint.exe
PID 5000 wrote to memory of 3820 N/A C:\Windows\system32\OpenWith.exe C:\Windows\system32\mspaint.exe
PID 2304 wrote to memory of 3624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2304 wrote to memory of 3624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2304 wrote to memory of 452 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2304 wrote to memory of 452 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2304 wrote to memory of 452 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2304 wrote to memory of 452 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2304 wrote to memory of 452 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2304 wrote to memory of 452 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2304 wrote to memory of 452 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2304 wrote to memory of 452 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2304 wrote to memory of 452 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2304 wrote to memory of 452 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2304 wrote to memory of 452 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2304 wrote to memory of 452 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2304 wrote to memory of 452 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2304 wrote to memory of 452 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2304 wrote to memory of 452 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2304 wrote to memory of 452 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2304 wrote to memory of 452 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2304 wrote to memory of 452 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2304 wrote to memory of 452 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2304 wrote to memory of 452 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2304 wrote to memory of 452 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2304 wrote to memory of 452 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2304 wrote to memory of 452 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2304 wrote to memory of 452 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2304 wrote to memory of 452 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2304 wrote to memory of 452 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2304 wrote to memory of 452 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2304 wrote to memory of 452 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2304 wrote to memory of 452 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2304 wrote to memory of 452 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2304 wrote to memory of 1680 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2304 wrote to memory of 1680 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2304 wrote to memory of 4360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2304 wrote to memory of 4360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2304 wrote to memory of 4360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2304 wrote to memory of 4360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2304 wrote to memory of 4360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2304 wrote to memory of 4360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2304 wrote to memory of 4360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2304 wrote to memory of 4360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2304 wrote to memory of 4360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2304 wrote to memory of 4360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2304 wrote to memory of 4360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2304 wrote to memory of 4360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2304 wrote to memory of 4360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2304 wrote to memory of 4360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2304 wrote to memory of 4360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2304 wrote to memory of 4360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2304 wrote to memory of 4360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2304 wrote to memory of 4360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2304 wrote to memory of 4360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2304 wrote to memory of 4360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2304 wrote to memory of 4360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2304 wrote to memory of 4360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2304 wrote to memory of 4360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2304 wrote to memory of 4360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2304 wrote to memory of 4360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2304 wrote to memory of 4360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Program Files\7-Zip\7zFM.exe

"C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\AppData\Local\Temp\LA FOTO.zip"

C:\Windows\system32\mspaint.exe

"C:\Windows\system32\mspaint.exe" "C:\Users\Admin\Desktop\LA FOTO.jpg" /ForceBootstrapPaint3D

C:\Windows\System32\svchost.exe

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s DsSvc

C:\Windows\system32\OpenWith.exe

C:\Windows\system32\OpenWith.exe -Embedding

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DeviceAssociationService

C:\Windows\system32\dashost.exe

dashost.exe {47a1ea64-c075-486a-8d310842e57499c1}

C:\Windows\system32\OpenWith.exe

C:\Windows\system32\OpenWith.exe -Embedding

C:\Windows\system32\mspaint.exe

"C:\Windows\system32\mspaint.exe" "C:\Users\Admin\Desktop\LA FOTO.jpg"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ff93feacc40,0x7ff93feacc4c,0x7ff93feacc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1768,i,16228601849249140535,15107421469227833144,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1760 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2156,i,16228601849249140535,15107421469227833144,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2196 /prefetch:3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2260,i,16228601849249140535,15107421469227833144,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2316 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3148,i,16228601849249140535,15107421469227833144,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3168 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3192,i,16228601849249140535,15107421469227833144,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3428 /prefetch:1

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4536,i,16228601849249140535,15107421469227833144,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4544 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4600,i,16228601849249140535,15107421469227833144,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4564 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4828,i,16228601849249140535,15107421469227833144,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4836 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5112,i,16228601849249140535,15107421469227833144,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4888 /prefetch:8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4768,i,16228601849249140535,15107421469227833144,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4760 /prefetch:8

C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe" --reenable-autoupdates --system-level

C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x284,0x288,0x28c,0x260,0x290,0x7ff7f5234698,0x7ff7f52346a4,0x7ff7f52346b0

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=5024,i,16228601849249140535,15107421469227833144,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4888 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=3496,i,16228601849249140535,15107421469227833144,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3548 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=4072,i,16228601849249140535,15107421469227833144,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3224 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=5052,i,16228601849249140535,15107421469227833144,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3240 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=5580,i,16228601849249140535,15107421469227833144,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5576 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5448,i,16228601849249140535,15107421469227833144,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5172 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=240,i,16228601849249140535,15107421469227833144,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5824 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=5716,i,16228601849249140535,15107421469227833144,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5732 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5760,i,16228601849249140535,15107421469227833144,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5772 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5684,i,16228601849249140535,15107421469227833144,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6064 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --field-trial-handle=5444,i,16228601849249140535,15107421469227833144,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5328 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --field-trial-handle=5940,i,16228601849249140535,15107421469227833144,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4700 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=5172,i,16228601849249140535,15107421469227833144,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6068 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --field-trial-handle=5668,i,16228601849249140535,15107421469227833144,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4964 /prefetch:1

Network

Country Destination Domain Proto
US 8.8.8.8:53 232.168.11.51.in-addr.arpa udp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
US 8.8.8.8:53 g.bing.com udp
US 150.171.28.10:443 g.bing.com tcp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
US 8.8.8.8:53 55.36.223.20.in-addr.arpa udp
US 8.8.8.8:53 154.239.44.20.in-addr.arpa udp
US 8.8.8.8:53 167.205.23.2.in-addr.arpa udp
US 8.8.8.8:53 c.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.2.0.f.f.ip6.arpa udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.200.36:443 www.google.com udp
GB 142.250.200.36:443 www.google.com tcp
US 8.8.8.8:53 chrome.google.com udp
GB 172.217.169.78:443 chrome.google.com tcp
US 8.8.8.8:53 3.213.58.216.in-addr.arpa udp
US 8.8.8.8:53 10.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 36.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 3.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 78.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 ogads-pa.googleapis.com udp
US 8.8.8.8:53 apis.google.com udp
GB 142.250.179.238:443 apis.google.com udp
GB 172.217.169.74:443 ogads-pa.googleapis.com udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 238.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 74.169.217.172.in-addr.arpa udp
GB 216.58.201.110:443 play.google.com udp
GB 216.58.201.110:443 play.google.com tcp
US 8.8.8.8:53 clients2.google.com udp
GB 172.217.169.78:443 clients2.google.com udp
N/A 224.0.0.251:5353 udp
GB 172.217.169.78:443 clients2.google.com tcp
US 8.8.8.8:53 110.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 56.163.245.4.in-addr.arpa udp
US 8.8.8.8:53 dns-tunnel-check.googlezip.net udp
US 8.8.8.8:53 tunnel.googlezip.net udp
US 216.239.34.157:443 tunnel.googlezip.net tcp
US 8.8.8.8:53 15.164.165.52.in-addr.arpa udp
US 8.8.8.8:53 2.213.58.216.in-addr.arpa udp
US 8.8.8.8:53 110.11.19.2.in-addr.arpa udp
US 8.8.8.8:53 157.34.239.216.in-addr.arpa udp
US 8.8.8.8:53 67.204.58.216.in-addr.arpa udp
US 216.239.34.157:443 tunnel.googlezip.net tcp
GB 216.58.201.110:443 play.google.com tcp
US 8.8.8.8:53 consent.google.com udp
US 8.8.8.8:53 scanqr.org udp
US 8.8.8.8:53 cdn.jsdelivr.net udp
US 8.8.8.8:53 static.cloudflareinsights.com udp
US 104.21.80.158:443 scanqr.org tcp
US 104.21.80.158:443 scanqr.org tcp
US 104.21.80.158:443 scanqr.org tcp
US 104.21.80.158:443 scanqr.org tcp
US 104.21.80.158:443 scanqr.org tcp
US 104.21.80.158:443 scanqr.org tcp
US 151.101.65.229:443 cdn.jsdelivr.net tcp
US 104.16.79.73:443 static.cloudflareinsights.com tcp
US 104.21.80.158:443 scanqr.org udp
US 151.101.65.229:443 cdn.jsdelivr.net udp
US 151.101.65.229:443 cdn.jsdelivr.net udp
US 8.8.8.8:53 static.addtoany.com udp
US 8.8.8.8:53 fundingchoicesmessages.google.com udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 142.250.200.14:443 fundingchoicesmessages.google.com tcp
GB 142.250.187.202:443 content-autofill.googleapis.com tcp
US 104.22.70.197:443 static.addtoany.com tcp
US 104.21.80.158:443 scanqr.org udp
US 8.8.8.8:53 a.nel.cloudflare.com udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
US 35.190.80.1:443 a.nel.cloudflare.com tcp
GB 142.250.200.2:443 googleads.g.doubleclick.net tcp
GB 142.250.200.14:443 fundingchoicesmessages.google.com udp
US 104.22.70.197:443 static.addtoany.com udp
US 104.22.70.197:443 static.addtoany.com tcp
US 8.8.8.8:53 229.65.101.151.in-addr.arpa udp
US 8.8.8.8:53 158.80.21.104.in-addr.arpa udp
US 8.8.8.8:53 73.79.16.104.in-addr.arpa udp
US 8.8.8.8:53 202.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 197.70.22.104.in-addr.arpa udp
US 8.8.8.8:53 34.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 232.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 1.80.190.35.in-addr.arpa udp
US 8.8.8.8:53 2.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 region1.google-analytics.com udp
US 216.239.32.36:443 region1.google-analytics.com tcp
US 35.190.80.1:443 a.nel.cloudflare.com udp
US 104.22.70.197:443 static.addtoany.com udp
US 8.8.8.8:53 lh3.googleusercontent.com udp
GB 142.250.180.1:443 lh3.googleusercontent.com tcp
GB 142.250.200.14:443 fundingchoicesmessages.google.com udp
US 8.8.8.8:53 36.32.239.216.in-addr.arpa udp
US 8.8.8.8:53 10.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 1.180.250.142.in-addr.arpa udp
GB 142.250.200.2:443 googleads.g.doubleclick.net tcp
GB 142.250.200.2:443 googleads.g.doubleclick.net tcp
GB 142.250.200.2:443 googleads.g.doubleclick.net tcp
GB 142.250.200.2:443 googleads.g.doubleclick.net tcp
US 8.8.8.8:53 tpc.googlesyndication.com udp
GB 142.250.187.225:443 tpc.googlesyndication.com tcp
GB 142.250.187.225:443 tpc.googlesyndication.com tcp
GB 142.250.200.36:443 www.google.com tcp
US 8.8.8.8:53 225.187.250.142.in-addr.arpa udp
GB 142.250.187.225:443 tpc.googlesyndication.com udp
GB 142.250.200.2:443 googleads.g.doubleclick.net udp
GB 142.250.187.202:443 content-autofill.googleapis.com udp
US 216.239.32.36:443 region1.google-analytics.com udp
US 8.8.8.8:53 79.190.18.2.in-addr.arpa udp
US 8.8.8.8:53 48.229.111.52.in-addr.arpa udp
US 35.190.80.1:443 a.nel.cloudflare.com udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
GB 172.217.169.67:443 beacons.gcp.gvt2.com tcp
GB 172.217.169.67:443 beacons.gcp.gvt2.com tcp
US 8.8.8.8:53 e2c60.gcp.gvt2.com udp
US 34.174.255.69:443 e2c60.gcp.gvt2.com tcp
US 8.8.8.8:53 67.169.217.172.in-addr.arpa udp
GB 172.217.169.67:443 beacons.gcp.gvt2.com tcp
GB 172.217.169.67:443 beacons.gcp.gvt2.com tcp
US 8.8.8.8:53 beacons.gvt2.com udp
NL 216.58.208.99:443 beacons.gvt2.com tcp
US 8.8.8.8:53 e2c67.gcp.gvt2.com udp
DE 34.32.10.90:443 e2c67.gcp.gvt2.com tcp
US 8.8.8.8:53 69.255.174.34.in-addr.arpa udp
US 8.8.8.8:53 99.208.58.216.in-addr.arpa udp
US 8.8.8.8:53 90.10.32.34.in-addr.arpa udp
US 8.8.8.8:53 tse1.mm.bing.net udp
US 150.171.28.10:443 tse1.mm.bing.net tcp
US 150.171.28.10:443 tse1.mm.bing.net tcp
US 150.171.28.10:443 tse1.mm.bing.net tcp
US 150.171.28.10:443 tse1.mm.bing.net tcp
US 150.171.28.10:443 tse1.mm.bing.net tcp
GB 142.250.200.36:443 www.google.com udp
US 104.21.80.158:443 scanqr.org udp
US 8.8.8.8:53 beacons2.gvt2.com udp
GB 172.217.169.67:443 beacons.gcp.gvt2.com tcp
GB 172.217.169.67:443 beacons.gcp.gvt2.com tcp
US 142.250.80.67:443 beacons2.gvt2.com tcp
US 8.8.8.8:53 e2cs53.gcp.gvt2.com udp
US 35.217.65.38:443 e2cs53.gcp.gvt2.com tcp
GB 172.217.169.74:443 content-autofill.googleapis.com udp
GB 142.250.179.238:443 apis.google.com udp
US 8.8.8.8:53 e2c54.gcp.gvt2.com udp
US 35.219.153.27:443 e2c54.gcp.gvt2.com tcp
NL 216.58.208.99:443 beacons.gvt2.com tcp
US 8.8.8.8:53 38.65.217.35.in-addr.arpa udp
US 8.8.8.8:53 67.80.250.142.in-addr.arpa udp
US 8.8.8.8:53 beacons3.gvt2.com udp
GB 216.58.201.110:443 consent.google.com udp
US 8.8.8.8:53 27.153.219.35.in-addr.arpa udp
US 8.8.8.8:53 qr.link udp
US 172.67.164.79:443 qr.link tcp
US 172.67.164.79:443 qr.link tcp
US 8.8.8.8:53 steamcommynnity.com udp
US 172.67.184.26:443 steamcommynnity.com tcp
US 172.67.184.26:443 steamcommynnity.com udp
GB 142.250.187.202:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 community.cloudflare.steamstatic.com udp
US 8.8.8.8:53 steamcdn-a.akamaihd.net udp
US 8.8.8.8:53 cdn.cloudflare.steamstatic.com udp
US 172.64.145.151:443 cdn.cloudflare.steamstatic.com tcp
US 172.64.145.151:443 cdn.cloudflare.steamstatic.com tcp
US 172.64.145.151:443 cdn.cloudflare.steamstatic.com tcp
US 172.64.145.151:443 cdn.cloudflare.steamstatic.com tcp
US 172.64.145.151:443 cdn.cloudflare.steamstatic.com tcp
US 172.64.145.151:443 cdn.cloudflare.steamstatic.com tcp
GB 2.19.117.23:443 steamcdn-a.akamaihd.net tcp
US 104.18.42.105:443 cdn.cloudflare.steamstatic.com tcp
US 172.64.145.151:443 cdn.cloudflare.steamstatic.com tcp
US 172.64.145.151:443 cdn.cloudflare.steamstatic.com tcp
US 8.8.8.8:53 avatars.steamstatic.com udp
GB 2.19.117.22:443 avatars.steamstatic.com tcp
GB 2.19.117.22:443 avatars.steamstatic.com tcp
US 8.8.8.8:53 79.164.67.172.in-addr.arpa udp
US 8.8.8.8:53 26.184.67.172.in-addr.arpa udp
US 8.8.8.8:53 151.145.64.172.in-addr.arpa udp
US 8.8.8.8:53 23.117.19.2.in-addr.arpa udp
US 8.8.8.8:53 105.42.18.104.in-addr.arpa udp
US 8.8.8.8:53 cdn.akamai.steamstatic.com udp
GB 2.19.117.29:443 cdn.akamai.steamstatic.com tcp
US 8.8.8.8:53 community.akamai.steamstatic.com udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.200.36:443 www.google.com tcp
GB 2.19.117.4:443 community.akamai.steamstatic.com tcp
GB 2.19.117.4:443 community.akamai.steamstatic.com tcp
GB 2.19.117.4:443 community.akamai.steamstatic.com tcp
GB 2.19.117.4:443 community.akamai.steamstatic.com tcp
GB 2.19.117.4:443 community.akamai.steamstatic.com tcp
GB 2.19.117.4:443 community.akamai.steamstatic.com tcp
US 172.64.145.151:443 cdn.cloudflare.steamstatic.com tcp
GB 142.250.187.202:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 22.117.19.2.in-addr.arpa udp
US 8.8.8.8:53 29.117.19.2.in-addr.arpa udp
US 8.8.8.8:53 14.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 4.117.19.2.in-addr.arpa udp
US 8.8.8.8:53 steamcommunity.com udp
GB 104.124.170.33:443 steamcommunity.com tcp
US 8.8.8.8:53 33.170.124.104.in-addr.arpa udp
US 8.8.8.8:53 252.15.104.51.in-addr.arpa udp
US 8.8.8.8:53 steamcommunity.com udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
NL 172.217.168.227:443 beacons.gcp.gvt2.com udp
NL 172.217.168.227:443 beacons.gcp.gvt2.com udp
NL 172.217.168.227:443 beacons.gcp.gvt2.com tcp
US 8.8.8.8:53 227.168.217.172.in-addr.arpa udp
GB 104.124.170.33:443 steamcommunity.com tcp
GB 104.124.170.33:443 steamcommunity.com tcp
US 8.8.8.8:53 community.steamstatic.com udp
GB 2.19.117.24:443 community.steamstatic.com tcp
GB 2.19.117.24:443 community.steamstatic.com tcp
GB 2.19.117.24:443 community.steamstatic.com tcp
GB 2.19.117.24:443 community.steamstatic.com tcp
GB 2.19.117.24:443 community.steamstatic.com tcp
US 8.8.8.8:53 24.117.19.2.in-addr.arpa udp
US 8.8.8.8:53 cdn.fastly.steamstatic.com udp
US 8.8.8.8:53 avatars.fastly.steamstatic.com udp
US 151.101.131.52:443 avatars.fastly.steamstatic.com tcp
US 151.101.195.52:443 avatars.fastly.steamstatic.com tcp
GB 2.19.117.24:443 community.steamstatic.com tcp
GB 2.19.117.24:443 community.steamstatic.com tcp
GB 2.19.117.24:443 community.steamstatic.com tcp
US 8.8.8.8:53 store.steamstatic.com udp
GB 2.19.117.18:443 store.steamstatic.com tcp
GB 2.19.117.18:443 store.steamstatic.com tcp
US 8.8.8.8:53 shared.fastly.steamstatic.com udp
GB 2.19.117.24:443 community.steamstatic.com tcp
US 8.8.8.8:53 52.131.101.151.in-addr.arpa udp
US 8.8.8.8:53 52.195.101.151.in-addr.arpa udp
US 8.8.8.8:53 18.117.19.2.in-addr.arpa udp
US 151.101.131.52:443 shared.fastly.steamstatic.com tcp
US 151.101.131.52:443 shared.fastly.steamstatic.com tcp
US 151.101.131.52:443 shared.fastly.steamstatic.com tcp
US 8.8.8.8:53 community.akamai.steamstatic.com udp
GB 2.19.117.23:443 community.akamai.steamstatic.com tcp
GB 2.19.117.23:443 community.akamai.steamstatic.com tcp
US 8.8.8.8:53 store.steampowered.com udp
GB 2.23.205.133:443 store.steampowered.com tcp
US 8.8.8.8:53 help.steampowered.com udp
GB 104.124.170.33:443 help.steampowered.com tcp
GB 2.19.117.18:443 store.steamstatic.com tcp
US 8.8.8.8:53 133.205.23.2.in-addr.arpa udp

Files

memory/1448-2-0x000001DB55F90000-0x000001DB55FA0000-memory.dmp

memory/1448-6-0x000001DB56960000-0x000001DB56970000-memory.dmp

memory/1448-13-0x000001DB5EC20000-0x000001DB5EC21000-memory.dmp

memory/1448-15-0x000001DB5ECA0000-0x000001DB5ECA1000-memory.dmp

memory/1448-17-0x000001DB5ECA0000-0x000001DB5ECA1000-memory.dmp

memory/1448-18-0x000001DB5ED30000-0x000001DB5ED31000-memory.dmp

memory/1448-19-0x000001DB5ED30000-0x000001DB5ED31000-memory.dmp

memory/1448-20-0x000001DB5ED40000-0x000001DB5ED41000-memory.dmp

memory/1448-21-0x000001DB5ED40000-0x000001DB5ED41000-memory.dmp

C:\Users\Admin\Desktop\LA FOTO.jpg

MD5 6304faa3da5e02f615b509c60699aa48
SHA1 16520397ecdafc2c765b5077d3b0cd5ef5728cf3
SHA256 4bc37f2484adcb0bed0f1e796798e483fc3bb3fb0ff33dbc99b82f6cca218dfd
SHA512 b5dbad9e4406b9edf17206de0643caff445aad8007c902971ecb4f067dafdf0ca602ecefa7ed0e0c9e9b9da7a4de022d00b179f5f8e99e4244d557f438abe4dd

\??\pipe\crashpad_2304_BRNYQMSXLIGCBVMB

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

MD5 85b809509987000c1b8410473ec231cc
SHA1 41fe9caa2c28f55dd60509a03891a5ef5f4bcf16
SHA256 5ae5f46c924efc2bfd26770bcaca98ea317eda3e14d65f931b7821253b32a254
SHA512 72fea96dfb981a62e1720de44a56e8a296b6e90c52a195a25245ac8a66658e42c3e7950930dd3aa342a4e3d82397c87420b24559ea1ff6134e72a4bdc1bc379d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 7cb64f50e69c97e529220f9b0016a65d
SHA1 f0e4ec8a8aa4216da90d8b99c4c017e58eaaaafe
SHA256 ae566cadad8a9f223dc17f2fd9688f9ffda6984c497214b8293b97889e6e7dae
SHA512 34767f96c912b71255e1d890817f204da721417ec263add31e4364d69856934d777ce6546c68d0f8b4f82556b12965fae622ec3aa8461951aba65a8706ab5f67

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 db90943a3f74e2a1923be429e02b14b3
SHA1 3a010e94e19fdce00a929df7b6aa26f38f0d6940
SHA256 2f5bea5c9e280306474a212625f398aa8e414586569b8cafe9e9fc2dd4e5aaa6
SHA512 2128139af586ef6a8f6a431868f48d50a5d5b05292cfc36166303244a4a73d9b0279cbc482198caf43c7f2cabb8b5f3bc973f1f89535566c64481ef84eb3f598

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 c38a485e91e718bc789ab30320495620
SHA1 4a0ae73a07c43f2c4856b49008f677904910a7f2
SHA256 21fde9fd247681bcee1cd95cf3b7227301a38f66b259c07a9b8152718c92f995
SHA512 1018215b0b68679698d4d0b5bb44aad9279677e1ab18d361003fcc285a266e43a14700613670ab09f491b3e213c170de8a7b79721b167fd3871932f1f3c62f02

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

MD5 195b13ed9770fd80754bfad05d99dea5
SHA1 f1f16595d2f835e21371ff305d3820fac6b6dbd2
SHA256 72e312593eff13cdee314d7bf015333ad4dd9a6ff1c6f4881e78399df32b19f1
SHA512 f29aa466e03d9413076c672fbda40457c6b04f75088412ac2ca2e71d5ca5d303e82e4c7bdf4aa1278dc0058fdc7501c1ead88d2c18eee34e362fa42ef1b89d12

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000023

MD5 e935b12f210f48b580b203af524d718f
SHA1 712d71ecb53eea48fe3105b771697f4911e7de87
SHA256 6fa4c3692bbae1df4b7a9fd0fca0c243fcb2ba37bfda14e84b9c4e4b3c4a707f
SHA512 6602a70d1b4d54abd1ce0125a20086530fc8a493f445c53071129bcbd8ab2d6dc4d9beba6aa311f7e8b16e696d2f7bd07b70a0ab7fce5bb9c7d5567b771fbd2a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000021

MD5 b3e330d9a2b44afad2d4477512409c60
SHA1 2fc7353393e223b7f43479c4d5f5a7d6930d9fee
SHA256 fc555d8b3345e678e51772bbf483649c792e98f68d12a66acb75a8416041c2a2
SHA512 74d32e2b0d0efd8f91ad0fd09181651323bd7c1222c7f6af9d199caea633695d8fc806d484e9dadbde414d5d8e0d1ede98845c01fb8a83c3c164f340cce45098

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\186d4a5c-1ca5-4f0f-ac9d-d1e3d0ca2c8e.tmp

MD5 b80fcf976ce09232a67f3f483f9300d0
SHA1 09d3e3c22c48f9bd0d017d2a81c34c28bf80283d
SHA256 0cb8494901bcb72c7deacdcd442c562f24edab2d3966abe0c72a71af5b6d7f95
SHA512 b09017e8a908afba133b6e222eb01e6a7e84b4cf569982d39b6ff971429b128928f40e1a7719d5948e982f1b0de80810b8f5f91c96b13f0fbc9cbbd2a3ff8296

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 6612c73e228c3af68f05b50166cb0870
SHA1 5200c552b2b4fbdf87404b0738ca2ce10944aab2
SHA256 2724741cb6f241a651a95a4b00b30a906ad78f48c21587ca206414862946de0d
SHA512 bdf88bc5d56b3fda1df1551ae8e6a519f96b76e10fd7ff80e1006e2498554c8827e2205eea01e08a9d8f562066b386ad3fbb554085f5b5597b8bf70fc39c2860

C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

MD5 f3b25701fe362ec84616a93a45ce9998
SHA1 d62636d8caec13f04e28442a0a6fa1afeb024bbb
SHA256 b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209
SHA512 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\7028cd436c4a77f9bd4d8ea1bb813f143a1e2682\index.txt~RFe588558.TMP

MD5 4f14954aaf9ce68508a07826668cd2cc
SHA1 c10a5c7627b5212db70a01b889253d2649835f23
SHA256 5fa90c47705cc1642881c5cf5dbd3f2a01a4725a07b5c0c19c0d0ea32d21c3ef
SHA512 e36ccccc5df4c4b32b02265c1120b44dd22a143e05dfc83a089ece4163c9976e211fb7a5794174827db122c171a67776d1805a04d34db0d38797bcd5c513831c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\7028cd436c4a77f9bd4d8ea1bb813f143a1e2682\index.txt

MD5 11e3f73e4df3585da187ae8d072f04ac
SHA1 127ce4e9789170785c28996dc2e8cfeb50143eeb
SHA256 d4bee8fc7d0ef0d235ce57fbb0490dccbd37408bf5df4853e33f25f0faacb5ab
SHA512 8f0a6d0b6f8328c909edf42e5d9ed97610d233e9ee03c2709df4ffbae0b679d16d443714b34b209d6c680323516abd706ecba00890db9273edb0ed89c3f2da84

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 058b50189c724f9d693d2a4def8a8ad9
SHA1 f95eb36b525b31c689917253bf35d4d5ddbc1baa
SHA256 3be5c5ba883f02c7ad054f26a7be0512e5720fb009ad452d19bdc11db75dbda4
SHA512 2ce15b1c5040c7e891c743aba94eba3a42717dca6e3970a64d4635e88132803a104846977a5d7abe4fc56a7c53010db1b78bf00f5c784faeeb68ba45fb6b7ba9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4a17faab3cad52780f11cf2223886299
SHA1 1a886754dcd618d80a851515a7e116ef8ae88191
SHA256 e9d19748e6e0b8eeb23b4d92ade07893dad06c8c81b05238cfeb91853eaef12a
SHA512 97386ebd7331ed95a9535292780a95e9bdbfbd8cbbdf3a74249c5b8b3c0617b9e7844fe72d32b15dcc4da58dbeb5a6259eecda2629d4e07a3e67f8cfaac37474

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 055e73ba1715412eb3e6a53bc6f045e9
SHA1 54b3334f437beb9975f14f551c91e7cc8167cdeb
SHA256 eda967639bf6e0a751c20a09b0ddcb36b10b692d3aebb31a24a40c0a9f9ea24e
SHA512 bde02957c64fafe2c9215db6267aef514785d3e671d426f2400e86d478626a9198b332e39403748d4e744cc509db87ceed322c4724e5a4b118347ee04d0642f3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 7a2cd0775ddfca6c57f16972c6a37497
SHA1 f8b30c8c24c179eab62ad8bba838b1904fdcd52b
SHA256 c2c94d98e73a866dad30b1048b4fb297a1d84675e3c3392cedf76b4249e568ea
SHA512 dbc41d3a3f04a93e513f4a10dff200d38f00814bfd6f6a4ed0548d2141ede0cf399af8f4eeff5659a5b374e52dcaadfed782186553b5d6de323c34f37f670325

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\d480c6c5-a059-4a5c-9769-6731e9f8358c.tmp

MD5 5193446fe6d469e35fd8be728acbaa18
SHA1 43def73d462e6828f739a0e1afebdf329b520a24
SHA256 fbb6fb2a829f0a3c1ea82e607706f45d7b48f79444fa4e10def95181b96074b1
SHA512 20cdff5696908546d62c46426364b7c64bf5dc3904a13b1d98f81d74990ddf973979a7542df6f9fe51e85730bcd2121783dd805b94c8f97f103cb028c70bdf17

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2c16827bc56e7080beeb72cf8ff156f4
SHA1 7b2c60ae0bbd4f277ace5e86696958aa1b16232f
SHA256 d22d1d40d653390b29c23366d09de948cac35a15798c88deb172a9b520f1acdf
SHA512 67c0589be41c4632db12ff4ca6e57a8c81f07bc5f14b4765961b6d55f83b636876c8fcca432c073bab2def6c6bd81b3fcef1ffeb162f7e72fd8a4ee553cde2d6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 6b735cce4aa4e25dbfddb137c641306b
SHA1 de60d4d1eccc94414ecefde1df01c03429b8946b
SHA256 a606ceb7ccfd48ef151499d54ff11cf3839cf511a18d2593691b5e8deade10ba
SHA512 b534477686a80cfa050a3838b6e1f99987a677e0802943a97df9cce80a9e6f413873a40dff8b08a7b080ce0b0ffd72eb4ef0ed881139bb5fc7a65a4829ab2a25

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b89e76dbe3dd0743392d0ee88e383f4a
SHA1 c481af744fb0ebf67d929da3ebe0943f185eb89e
SHA256 9f59206928a60aee88f84afcd7b1608d3d9f802898bf6f34422d35a68132d98a
SHA512 481ccbb431d38247f456dda385c7b3970be347996f2b85508114ee01d55dfd4181c73fe8fa62701bdca6ce30d4f12345f178c55f9c0a6803ea1a1cfe7a77b220

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e647aeba53fae595667fddf3eef835f3
SHA1 d9a5fe2a0e50688001a5026465fe3347ce797107
SHA256 ae0346eb93d42b244a305541d0f6956a0ab684212545d3cdec65eb3a31006e7e
SHA512 565b89c019882eebb3f82d288a710208fcab626dee6eb7b22ac9ddf73b63b26759c0487a2b2038a97ff2cbe5d029b99829e368ac5ff7718e09b1a4c59ccb1c48

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 6bcd6e89eec4f42bd516d20b19ff2dfc
SHA1 e8173391855189d78a9ed0a8f12f74951d6acbee
SHA256 52e85edd3f7dda5e693fa8fa048c893cbf09f0121a276a94ed66a0dfb2256101
SHA512 ea89a0996f7cf0a0fef6d68bdc849d48dbda192b458ea17d963f32a02c5a27c84ac0b4dd61b651dada0dcc953127108f6fbb54456c2a209ee73dae1f3dde24c1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 c8ba28041267f837d3c6895ee9024d23
SHA1 25b34dec75d0058240fde78282bc9c1f9d0b7def
SHA256 7928f8d2fc31b805a5809bcdac2393b87061633e0d7d74c3f0ef390c3f285d15
SHA512 1e7a83c784c37f2005dbb9a095890d55a2ba7a3611704e201eecc20a996253b95bd1859282991d12efa575467efad385c36f99ba8adcf173bd1d51170e0bf751

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 d93f8bde23b4b6d8234c9ad3b54dc875
SHA1 3bfb1a3ab665e06a47bc189b18ab5d44a17979c4
SHA256 b715a3a42374ad26fb823894602e1bf0dd838b944a98f71958a5a083094a3347
SHA512 f754820f4af65f2803d3b5a3c035a579d81e3599dd19d398b2e8f287577296abe94a2bd42967403eb81c91436c52e774417f7e79d28dea583dbdeaf9c811a963

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a118b83ee45964ab53d4305092fb96d2
SHA1 85ce9a595a9dc4be7c33e1a0ede504f68fc07730
SHA256 af9ceb30e5a7f533233305802bd3c1a95f106574917ecee53bf0c7da9a4714c3
SHA512 62198aedb7b272baf4c9d1f7ba91944a9083a2341171c8353070139b3d2f37e5a76bc0ed3f280808cee508c8d076e4fc3fe927b6a21427795e1d50027b7d1332

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8f82a962064040b455cfe383e1c1f2b1
SHA1 b77433fcaf2360a6750130b57f718b0aa5ec40f1
SHA256 5b71e9aec5d5a6ae3c5af263122186fa9529cd785d06d2b542c0fb353856201e
SHA512 ff3b844a24166e5a30e3138ac397e1b9bb1d6f01f9c340449211f5d9d6328e3a49f24f7a1ac28b00065951b9f0b7d7aba90e1d9324fd6881c8ed1811c2e61a5a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 b2ce37c56914a6b5d96b08d9ce7d03d9
SHA1 7758f6246eb254d9fee2156b94618cdfb49cba74
SHA256 cc68bca665d1ae14a76ce9f7a6d40284e10f945171078b5f617bcde64b122aef
SHA512 467db21cd597e8e11066e499d8d4e0fe5b8c4a8132c48a7381ebd79aceea64438f6377252747b0f1b57993623371b7225ebab73dd8da4a6a04df243448163fbb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3cb24a7ea206907168b13a69b3eeefd7
SHA1 4276306b265902582a0fd7cc9627714a739bc536
SHA256 42f4416d426dfdaa6be6ffa7784844bad173d4eae76b4a01ac219d68e30ea214
SHA512 a49f07e7c79d56830efe70f46952b47e7db107e70ed99907429dd8948d98ea87d9c7df5213422785344367190ded382c741c7e10119becc89bf9a9f68f296cf1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 23c040855e8e77eab965b8fec686a920
SHA1 9a045911d80e01af6d39e7e6cca2e56c9eb86ba4
SHA256 2cacb7f58d1bc840336608e54f5f24756390d697a573986418ab82a255942717
SHA512 0142295248ad1f451a8659abf0c1cddcb34021a01a75b4474f82d63bac562a500d60bbb0999c5956ffbecd8b1fe049654477beb80bbc1f32c1c3aa3a1d4093a0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f19b977221fe2e109e689df7feba695e
SHA1 0f58b4bc5da2a725bad9ed5bbe2a6e0ddf001a26
SHA256 74c2a02144573f0f7782e6ea4e9d146273d53a5b61992cc400f251b9b88d3a13
SHA512 8b5617b8bf7021d481b6db19c846c427356824c5f339be081523c26fb8be2b6fc25cd2f64866d8ef3151f28356a0bd724b68383784a9867558f4dd948c144a37

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 2ce42db807b48f8afbfc5e8559e17aa1
SHA1 2891c2417a8912543b16a28642cf4e25358f826a
SHA256 0ffa42824625b737a35e9b035bbb347b438c6ff4671e17396b95e7a48974e002
SHA512 3d59c16c8b6b496e5d89b6250d156bf2ea814a6a55bba3cf2db9de048912ff94e9b66a5bee026fea697bd1de7285da1eed1803e41d74dbd2dd63cd7a17fe5a19

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 8f45531861f3656a68a78dabad268c16
SHA1 c27599818be0f1d40e89dfdbbe9545d0817a0b43
SHA256 1cfee47da2228d68d4ef895dbfc66c75aea90f992578bb99d556f6f95b961f92
SHA512 bbf2cd3f86894ee54d509290a01b31af372fc206d78fb08c3dd085a29511e2be8d753cce0870e6e0417e8058b1840ceeb1fd700cd51c89561b68005550192f6b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 82402c2f80563e610fc9cd7b0c54b951
SHA1 7b3a898ebe106390257376f1b7b38fe500458e0d
SHA256 b41dbb0f530271651367b84f3e40b601467e03c7f433be00ad44c11ab911b46d
SHA512 db1ed58d480faee2f780c22f5596aabbea6d892f1c3fab6893741b14402b35964bc42f2c4cea8d31aae8d1f8b3e1de42389800afa00d784ff5b2ac8074eb31fd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 fd156ff65032601724b855d7ae464785
SHA1 e8d1e94b53f4076440ae4068810fa305babeebc9
SHA256 a49bb860396ae78b0c8e06d417e11d88a9d4f32655b46a6f938374fd4a939480
SHA512 531dbd36649c893349f4bad3a58ed86a511bba77c0a792f9ba9eb6860b3b46dce1f7165aa59a95b9e23befb5fd7908dc7db5adc4304c4bf457cd45fec683df9b