Analysis Overview
SHA256
d390cedf4222277eccbc02514a5d9a47c67379d14bc1d67ee95b096addce601f
Threat Level: Known bad
The file Roblox.zip was found to be: Known bad.
Malicious Activity Summary
Asyncrat family
AsyncRat
Async RAT payload
Executes dropped EXE
Drops file in Windows directory
Browser Information Discovery
System Location Discovery: System Language Discovery
Event Triggered Execution: Accessibility Features
Suspicious behavior: GetForegroundWindowSpam
Suspicious use of WriteProcessMemory
Suspicious use of SetWindowsHookEx
Checks SCSI registry key(s)
Modifies registry class
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Checks processor information in registry
Enumerates system info in registry
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Modifies data under HKEY_USERS
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-10-30 00:33
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-10-30 00:33
Reported
2024-10-30 00:52
Platform
win10ltsc2021-20241023-en
Max time kernel
1132s
Max time network
1077s
Command Line
Signatures
AsyncRat
Asyncrat family
Async RAT payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\7zO40593EC7\Roblox.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\7zO4053A248\Roblox.exe | N/A |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\SystemTemp | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| File opened for modification | C:\Windows\Debug\WIA\wiatrace.log | C:\Windows\system32\mspaint.exe | N/A |
Browser Information Discovery
Event Triggered Execution: Accessibility Features
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\7zO40593EC7\Roblox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\7zO4053A248\Roblox.exe | N/A |
Checks SCSI registry key(s)
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A | C:\Windows\system32\taskmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A | C:\Windows\system32\taskmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000 | C:\Windows\system32\taskmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A | C:\Windows\system32\taskmgr.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\FriendlyName | C:\Windows\system32\taskmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000 | C:\Windows\system32\taskmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A | C:\Windows\system32\taskmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000 | C:\Windows\system32\taskmgr.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\FriendlyName | C:\Windows\system32\taskmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000 | C:\Windows\system32\taskmgr.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\FriendlyName | C:\Windows\system32\taskmgr.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\FriendlyName | C:\Windows\system32\taskmgr.exe | N/A |
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Windows\system32\taskmgr.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Windows\system32\taskmgr.exe | N/A |
| Key opened | \Registry\Machine\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Windows\System32\perfmon.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Windows\System32\perfmon.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133747224816990582" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-4152190078-1497776152-96910572-1000_Classes\Local Settings | C:\Windows\helppane.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\7-Zip\7zFM.exe | N/A |
| N/A | N/A | C:\Windows\System32\perfmon.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\helppane.exe | N/A |
| N/A | N/A | C:\Windows\helppane.exe | N/A |
| N/A | N/A | C:\Windows\system32\mspaint.exe | N/A |
| N/A | N/A | C:\Windows\system32\mspaint.exe | N/A |
| N/A | N/A | C:\Windows\system32\mspaint.exe | N/A |
| N/A | N/A | C:\Windows\system32\mspaint.exe | N/A |
| N/A | N/A | C:\Windows\System32\osk.exe | N/A |
| N/A | N/A | C:\Windows\System32\osk.exe | N/A |
| N/A | N/A | C:\Windows\System32\osk.exe | N/A |
| N/A | N/A | C:\Windows\System32\osk.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Program Files\7-Zip\7zFM.exe
"C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\AppData\Local\Temp\Roblox.zip"
C:\Users\Admin\AppData\Local\Temp\7zO40593EC7\Roblox.exe
"C:\Users\Admin\AppData\Local\Temp\7zO40593EC7\Roblox.exe"
C:\Users\Admin\AppData\Local\Temp\7zO4053A248\Roblox.exe
"C:\Users\Admin\AppData\Local\Temp\7zO4053A248\Roblox.exe"
C:\Windows\system32\taskmgr.exe
"C:\Windows\system32\taskmgr.exe" /0
C:\Windows\system32\resmon.exe
"C:\Windows\system32\resmon.exe"
C:\Windows\System32\perfmon.exe
"C:\Windows\System32\perfmon.exe" /res
C:\Windows\system32\taskmgr.exe
"C:\Windows\system32\taskmgr.exe" /0
C:\Windows\helppane.exe
C:\Windows\helppane.exe -Embedding
C:\Windows\system32\taskmgr.exe
"C:\Windows\system32\taskmgr.exe" /0
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x220,0x224,0x228,0x1fc,0x22c,0x7ffdeb4acc40,0x7ffdeb4acc4c,0x7ffdeb4acc58
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=2024,i,6946688323578673768,9382679123566886449,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=2036 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1920,i,6946688323578673768,9382679123566886449,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=2372 /prefetch:3
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2192,i,6946688323578673768,9382679123566886449,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=2448 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3160,i,6946688323578673768,9382679123566886449,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=3168 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3192,i,6946688323578673768,9382679123566886449,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=3328 /prefetch:1
C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3704,i,6946688323578673768,9382679123566886449,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=4580 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4688,i,6946688323578673768,9382679123566886449,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=4748 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=3700,i,6946688323578673768,9382679123566886449,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=4664 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=3152,i,6946688323578673768,9382679123566886449,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=4988 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5160,i,6946688323578673768,9382679123566886449,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=5152 /prefetch:8
C:\Windows\system32\mspaint.exe
"C:\Windows\system32\mspaint.exe"
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DeviceAssociationService
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4736,i,6946688323578673768,9382679123566886449,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=4760 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4956,i,6946688323578673768,9382679123566886449,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=5296 /prefetch:8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s NgcCtnrSvc
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.4355 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=3208,i,6946688323578673768,9382679123566886449,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=5076 /prefetch:8
C:\Windows\system32\sethc.exe
sethc.exe 211
C:\Windows\system32\EaseOfAccessDialog.exe
"C:\Windows\system32\EaseOfAccessDialog.exe" 211
C:\Windows\system32\sethc.exe
sethc.exe 211
C:\Windows\system32\EaseOfAccessDialog.exe
"C:\Windows\system32\EaseOfAccessDialog.exe" 211
C:\Windows\System32\ATBroker.exe
C:\Windows\System32\ATBroker.exe /start osk
C:\Windows\System32\osk.exe
"C:\Windows\System32\osk.exe"
C:\Windows\system32\taskmgr.exe
"C:\Windows\system32\taskmgr.exe" /0
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 75.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 50.23.12.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.31.95.13.in-addr.arpa | udp |
| N/A | 127.0.0.1:7707 | tcp | |
| N/A | 127.0.0.1:7707 | tcp | |
| N/A | 127.0.0.1:6606 | tcp | |
| N/A | 127.0.0.1:7707 | tcp | |
| N/A | 127.0.0.1:6606 | tcp | |
| N/A | 127.0.0.1:8808 | tcp | |
| N/A | 127.0.0.1:8808 | tcp | |
| US | 8.8.8.8:53 | 79.190.18.2.in-addr.arpa | udp |
| N/A | 127.0.0.1:8808 | tcp | |
| US | 8.8.8.8:53 | 13.227.111.52.in-addr.arpa | udp |
| N/A | 127.0.0.1:7707 | tcp | |
| N/A | 127.0.0.1:7707 | tcp | |
| N/A | 127.0.0.1:6606 | tcp | |
| US | 8.8.8.8:53 | checkappexec.microsoft.com | udp |
| GB | 51.140.242.104:443 | checkappexec.microsoft.com | tcp |
| US | 8.8.8.8:53 | 104.242.140.51.in-addr.arpa | udp |
| N/A | 127.0.0.1:8808 | tcp | |
| US | 8.8.8.8:53 | 1.0.127.10.in-addr.arpa | udp |
| N/A | 127.0.0.1:7707 | tcp | |
| US | 8.8.8.8:53 | 252.0.0.224.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.0.0.0.1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.2.0.f.f.ip6.arpa | udp |
| N/A | 127.0.0.1:8808 | tcp | |
| N/A | 127.0.0.1:7707 | tcp | |
| N/A | 127.0.0.1:7707 | tcp | |
| US | 8.8.8.8:53 | 66.112.168.52.in-addr.arpa | udp |
| N/A | 127.0.0.1:8808 | tcp | |
| N/A | 127.0.0.1:7707 | tcp | |
| N/A | 127.0.0.1:6606 | tcp | |
| N/A | 127.0.0.1:6606 | tcp | |
| N/A | 127.0.0.1:6606 | tcp | |
| N/A | 127.0.0.1:7707 | tcp | |
| N/A | 127.0.0.1:8808 | tcp | |
| N/A | 127.0.0.1:7707 | tcp | |
| N/A | 127.0.0.1:6606 | tcp | |
| N/A | 127.0.0.1:8808 | tcp | |
| N/A | 127.0.0.1:6606 | tcp | |
| N/A | 127.0.0.1:8808 | tcp | |
| N/A | 127.0.0.1:7707 | tcp | |
| N/A | 127.0.0.1:8808 | tcp | |
| N/A | 127.0.0.1:7707 | tcp | |
| N/A | 127.0.0.1:8808 | tcp | |
| N/A | 127.0.0.1:8808 | tcp | |
| N/A | 127.0.0.1:7707 | tcp | |
| N/A | 127.0.0.1:8808 | tcp | |
| N/A | 127.0.0.1:7707 | tcp | |
| N/A | 127.0.0.1:6606 | tcp | |
| N/A | 127.0.0.1:7707 | tcp | |
| N/A | 127.0.0.1:6606 | tcp | |
| N/A | 127.0.0.1:7707 | tcp | |
| N/A | 127.0.0.1:7707 | tcp | |
| N/A | 127.0.0.1:6606 | tcp | |
| N/A | 127.0.0.1:8808 | tcp | |
| N/A | 127.0.0.1:8808 | tcp | |
| N/A | 127.0.0.1:6606 | tcp | |
| N/A | 127.0.0.1:6606 | tcp | |
| N/A | 127.0.0.1:7707 | tcp | |
| N/A | 127.0.0.1:8808 | tcp | |
| N/A | 127.0.0.1:8808 | tcp | |
| N/A | 127.0.0.1:8808 | tcp | |
| N/A | 127.0.0.1:6606 | tcp | |
| N/A | 127.0.0.1:6606 | tcp | |
| N/A | 127.0.0.1:8808 | tcp | |
| N/A | 127.0.0.1:6606 | tcp | |
| N/A | 127.0.0.1:8808 | tcp | |
| N/A | 127.0.0.1:7707 | tcp | |
| N/A | 127.0.0.1:8808 | tcp | |
| N/A | 127.0.0.1:8808 | tcp | |
| N/A | 127.0.0.1:8808 | tcp | |
| N/A | 127.0.0.1:7707 | tcp | |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 172.217.169.36:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | 195.212.58.216.in-addr.arpa | udp |
| GB | 172.217.169.36:443 | www.google.com | tcp |
| GB | 172.217.169.36:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | ogads-pa.googleapis.com | udp |
| GB | 172.217.169.42:443 | ogads-pa.googleapis.com | udp |
| GB | 172.217.169.42:443 | ogads-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | 202.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 42.169.217.172.in-addr.arpa | udp |
| N/A | 127.0.0.1:7707 | tcp | |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.187.206:443 | play.google.com | udp |
| US | 8.8.8.8:53 | 206.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| GB | 142.250.178.14:443 | clients2.google.com | udp |
| GB | 142.250.178.14:443 | clients2.google.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 14.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 167.57.26.184.in-addr.arpa | udp |
| N/A | 127.0.0.1:7707 | tcp | |
| N/A | 127.0.0.1:6606 | tcp | |
| N/A | 127.0.0.1:7707 | tcp | |
| N/A | 127.0.0.1:6606 | tcp | |
| N/A | 127.0.0.1:7707 | tcp | |
| N/A | 127.0.0.1:6606 | tcp | |
| N/A | 127.0.0.1:7707 | tcp | |
| N/A | 127.0.0.1:6606 | tcp | |
| N/A | 127.0.0.1:8808 | tcp | |
| N/A | 127.0.0.1:6606 | tcp | |
| N/A | 127.0.0.1:6606 | tcp | |
| N/A | 127.0.0.1:7707 | tcp | |
| N/A | 127.0.0.1:6606 | tcp | |
| N/A | 127.0.0.1:7707 | tcp | |
| N/A | 127.0.0.1:6606 | tcp | |
| N/A | 127.0.0.1:7707 | tcp | |
| N/A | 127.0.0.1:6606 | tcp | |
| N/A | 127.0.0.1:8808 | tcp | |
| N/A | 127.0.0.1:7707 | tcp | |
| N/A | 127.0.0.1:6606 | tcp | |
| N/A | 127.0.0.1:7707 | tcp | |
| N/A | 127.0.0.1:6606 | tcp | |
| N/A | 127.0.0.1:6606 | tcp | |
| N/A | 127.0.0.1:6606 | tcp | |
| N/A | 127.0.0.1:8808 | tcp | |
| N/A | 127.0.0.1:7707 | tcp | |
| N/A | 127.0.0.1:7707 | tcp | |
| N/A | 127.0.0.1:6606 | tcp | |
| N/A | 127.0.0.1:6606 | tcp | |
| N/A | 127.0.0.1:8808 | tcp | |
| N/A | 127.0.0.1:6606 | tcp | |
| N/A | 127.0.0.1:6606 | tcp | |
| N/A | 127.0.0.1:6606 | tcp | |
| N/A | 127.0.0.1:6606 | tcp | |
| N/A | 127.0.0.1:8808 | tcp | |
| N/A | 127.0.0.1:6606 | tcp | |
| N/A | 127.0.0.1:6606 | tcp | |
| N/A | 127.0.0.1:8808 | tcp | |
| N/A | 127.0.0.1:6606 | tcp | |
| N/A | 127.0.0.1:8808 | tcp | |
| N/A | 127.0.0.1:7707 | tcp | |
| N/A | 127.0.0.1:7707 | tcp | |
| N/A | 127.0.0.1:8808 | tcp | |
| N/A | 127.0.0.1:7707 | tcp | |
| N/A | 127.0.0.1:6606 | tcp | |
| N/A | 127.0.0.1:8808 | tcp | |
| N/A | 127.0.0.1:7707 | tcp | |
| N/A | 127.0.0.1:8808 | tcp | |
| N/A | 127.0.0.1:6606 | tcp | |
| N/A | 127.0.0.1:7707 | tcp | |
| N/A | 127.0.0.1:7707 | tcp | |
| N/A | 127.0.0.1:8808 | tcp | |
| N/A | 127.0.0.1:6606 | tcp | |
| N/A | 127.0.0.1:6606 | tcp | |
| N/A | 127.0.0.1:8808 | tcp | |
| N/A | 127.0.0.1:7707 | tcp | |
| N/A | 127.0.0.1:8808 | tcp | |
| N/A | 127.0.0.1:8808 | tcp | |
| N/A | 127.0.0.1:6606 | tcp | |
| N/A | 127.0.0.1:8808 | tcp | |
| N/A | 127.0.0.1:6606 | tcp | |
| N/A | 127.0.0.1:7707 | tcp | |
| N/A | 127.0.0.1:8808 | tcp | |
| N/A | 127.0.0.1:7707 | tcp | |
| N/A | 127.0.0.1:8808 | tcp | |
| N/A | 127.0.0.1:6606 | tcp | |
| N/A | 127.0.0.1:8808 | tcp | |
| N/A | 127.0.0.1:6606 | tcp | |
| N/A | 127.0.0.1:6606 | tcp | |
| N/A | 127.0.0.1:7707 | tcp | |
| N/A | 127.0.0.1:8808 | tcp | |
| US | 8.8.8.8:53 | cxcs.microsoft.net | udp |
| GB | 2.18.27.82:443 | www.bing.com | tcp |
| GB | 23.62.195.195:443 | cxcs.microsoft.net | tcp |
| US | 8.8.8.8:53 | 82.27.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.195.62.23.in-addr.arpa | udp |
| N/A | 127.0.0.1:6606 | tcp | |
| N/A | 127.0.0.1:6606 | tcp | |
| N/A | 127.0.0.1:8808 | tcp | |
| N/A | 127.0.0.1:6606 | tcp | |
| N/A | 127.0.0.1:7707 | tcp | |
| N/A | 127.0.0.1:6606 | tcp | |
| N/A | 127.0.0.1:7707 | tcp | |
| N/A | 127.0.0.1:7707 | tcp | |
| N/A | 127.0.0.1:6606 | tcp | |
| N/A | 127.0.0.1:7707 | tcp | |
| N/A | 127.0.0.1:6606 | tcp | |
| US | 8.8.8.8:53 | cxcs.microsoft.net | udp |
| GB | 2.18.27.82:443 | www.bing.com | tcp |
| GB | 23.62.195.195:443 | cxcs.microsoft.net | tcp |
| N/A | 127.0.0.1:8808 | tcp | |
| N/A | 127.0.0.1:6606 | tcp | |
| N/A | 127.0.0.1:8808 | tcp | |
| N/A | 127.0.0.1:8808 | tcp | |
| US | 8.8.8.8:53 | checkappexec.microsoft.com | udp |
| GB | 51.140.242.104:443 | checkappexec.microsoft.com | tcp |
| N/A | 127.0.0.1:6606 | tcp | |
| N/A | 127.0.0.1:7707 | tcp | |
| N/A | 127.0.0.1:6606 | tcp | |
| N/A | 127.0.0.1:7707 | tcp | |
| N/A | 127.0.0.1:6606 | tcp | |
| N/A | 127.0.0.1:8808 | tcp | |
| N/A | 127.0.0.1:6606 | tcp | |
| N/A | 127.0.0.1:8808 | tcp |
Files
C:\Users\Admin\AppData\Local\Temp\7zO40593EC7\Roblox.exe
| MD5 | 4068c787e0957ef2bcace223b329e350 |
| SHA1 | 64953413198c9e73d3cb2dee812bf80a359c4d60 |
| SHA256 | 0fe742209ac27e9da3613b6a5a6007f45c9ffbf4f71583752cdf0fa9a70c7780 |
| SHA512 | f3794b639c45becfae73f3c3e3fe5e722f1b36d904b95bbfde3b7d89b091f457ed6487ed38e650870391fca00c4fc08dd0389092e508d3f759e7cfd60493c849 |
memory/3028-15-0x0000000074C8E000-0x0000000074C8F000-memory.dmp
memory/3028-16-0x0000000000090000-0x00000000000B6000-memory.dmp
memory/3028-17-0x0000000074C80000-0x0000000075431000-memory.dmp
memory/3028-18-0x0000000004A40000-0x0000000004AA6000-memory.dmp
memory/3028-19-0x0000000004EC0000-0x0000000004F5C000-memory.dmp
memory/3028-35-0x0000000074C8E000-0x0000000074C8F000-memory.dmp
memory/3028-37-0x0000000074C80000-0x0000000075431000-memory.dmp
memory/4420-41-0x000002D8D4C90000-0x000002D8D4C91000-memory.dmp
memory/4420-42-0x000002D8D4C90000-0x000002D8D4C91000-memory.dmp
memory/4420-40-0x000002D8D4C90000-0x000002D8D4C91000-memory.dmp
memory/4420-50-0x000002D8D4C90000-0x000002D8D4C91000-memory.dmp
memory/4420-52-0x000002D8D4C90000-0x000002D8D4C91000-memory.dmp
memory/4420-51-0x000002D8D4C90000-0x000002D8D4C91000-memory.dmp
memory/4420-49-0x000002D8D4C90000-0x000002D8D4C91000-memory.dmp
memory/4420-48-0x000002D8D4C90000-0x000002D8D4C91000-memory.dmp
memory/4420-47-0x000002D8D4C90000-0x000002D8D4C91000-memory.dmp
memory/4420-46-0x000002D8D4C90000-0x000002D8D4C91000-memory.dmp
C:\Users\Admin\AppData\Local\D3DSCache\e8010882af4f153f\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val
| MD5 | 6bd369f7c74a28194c991ed1404da30f |
| SHA1 | 0f8e3f8ab822c9374409fe399b6bfe5d68cbd643 |
| SHA256 | 878947d0ec814fe7c343cdebc05eebf00eb14f3023bdb3809a559e17f399fe5d |
| SHA512 | 8fc5f073dc9fa1e1ae47c60a5f06e0a48709fd6a4302dffaa721858409e7bde64bc6856d3fb28891090516d1a7afc542579de287778b5755eafe75cc67d45d93 |
C:\Users\Admin\AppData\Local\D3DSCache\e8010882af4f153f\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx
| MD5 | d2fb266b97caff2086bf0fa74eddb6b2 |
| SHA1 | 2f0061ce9c51b5b4fbab76b37fc6a540be7f805d |
| SHA256 | b09f68b61d9ff5a7c7c8b10eee9447d4813ee0e866346e629e788cd4adecb66a |
| SHA512 | c3ba95a538c1d266beb83334af755c34ce642a4178ab0f2e5f7822fd6821d3b68862a8b58f167a9294e6d913b08c1054a69b5d7aec2efdb3cf9796ed84de21a8 |
C:\Users\Admin\AppData\Local\D3DSCache\e8010882af4f153f\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock
| MD5 | f49655f856acb8884cc0ace29216f511 |
| SHA1 | cb0f1f87ec0455ec349aaa950c600475ac7b7b6b |
| SHA256 | 7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba |
| SHA512 | 599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8 |
memory/4944-81-0x000001D2C24B0000-0x000001D2C24B1000-memory.dmp
memory/4944-80-0x000001D2C24B0000-0x000001D2C24B1000-memory.dmp
memory/4944-79-0x000001D2C24B0000-0x000001D2C24B1000-memory.dmp
memory/4944-78-0x000001D2C24B0000-0x000001D2C24B1000-memory.dmp
memory/4944-77-0x000001D2C24B0000-0x000001D2C24B1000-memory.dmp
memory/4944-76-0x000001D2C24B0000-0x000001D2C24B1000-memory.dmp
memory/4944-73-0x000001D2C24B0000-0x000001D2C24B1000-memory.dmp
memory/4944-72-0x000001D2C24B0000-0x000001D2C24B1000-memory.dmp
memory/4944-71-0x000001D2C24B0000-0x000001D2C24B1000-memory.dmp
\??\pipe\crashpad_1940_IIUVOCNTIAMNJJVS
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\36e70ff2-3ad3-4e3b-9a30-9099b8069bce.tmp
| MD5 | 542d4bd9429642494ea07d8bd476551d |
| SHA1 | a307bb97d70829a0fdb50377628defe745731b8b |
| SHA256 | 1bf211377dca4085b794ee60fb4d0ad3500cb733a6ec0afb336095873c93ad19 |
| SHA512 | 01f3d95abc9a35b9674bb8703a77cb0e2b69afc9be5398ab1f8a3f7b03d5337a7e7e30cf1d9ea012a959e47abcadccef68af417020751f99d84fe120151c331c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b7b6c484be02c6295754561e706d3ec5 |
| SHA1 | f1d4765850ef73ceda097bae084b5ee14c0cb0bb |
| SHA256 | 1d5dc39360e13a6ed7b4bfcb247463cbc52c342adbf26e11b10f5ab69e2748eb |
| SHA512 | d90435e59ba254ee5efc6eb7d7e8901de4400da2856522f98a2c6ad94698cf1a5ff5ece351e1cd98f122bd7ed871a5061329117eda0e76c5c472c44daab3430c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 4fb691f6f47d1087807cecb668d3c44e |
| SHA1 | 9afc3706eac03a79736561a121575d024fab2b6c |
| SHA256 | a20337dd743456edadef61213cbfdc5eaf1c2021ca875b7bc4f3b20145805233 |
| SHA512 | dfe18ca06bb1ef27257728bbbcf88c9842a5fcd0d50e68dcb6654d9d72f15ec523701c25b4d6d738f84148df5888eed138988e720640ebb6639082ceb657e0d0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
| MD5 | df6f51590aad5e7a295136d7f9a68f1b |
| SHA1 | 0f354799e54a369a1dbb4081a705c378a07950d6 |
| SHA256 | ab84a4476249622618e6fe36d1de3afd77071959760dd6a918f4c1e194674b5d |
| SHA512 | c67cc5323078ad344c517cc2d5005cffe8d3573af704a898e66c090c65ff14c62aed9eae4f5459e169544fe37a5a423ef15a7da480d1d9f96afb7362eb5cc1b4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | afab729a0abda0b9f558ed7078598047 |
| SHA1 | 0b368c19721db7effdea36b1d9bb5467e04f169c |
| SHA256 | 8e2442c2e55f784a00188cb0e58b109821531131478443b66b1c04d3fec97bde |
| SHA512 | 8d1eba224033fd6976aff28d605d2b7e402c431f7e8aa390114bd66a7862fe71c0d7c52b99a1fccf5997b812ca239a0309c3958dbba0bdb8f4e5d35d962c0b37 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 65573326d65ca2fb83b837961a93e24a |
| SHA1 | 7386f53de3a185935add9992d97b7c92c143e6b9 |
| SHA256 | 7455ec06907337eef3ca8535380b44f906fbd0f45af87380f43e0d1a53203df7 |
| SHA512 | 944db17016ca0dc4f34d74177e3a85883004c22a1dc57227af835870fb1553b200ad506d14b6d552305aa1a09ed7fe1d4de3816eed641a5adcad782dd7a70c26 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 58ca1d40a89d312e2cf295a0634b0f01 |
| SHA1 | af0ce81e2971dec5627c2b2120bfe505969abcbd |
| SHA256 | 014641178a4bf59ed834d17d0ae6d517323803f96f0fb285fa926aa5a490b192 |
| SHA512 | ac81f3bc6bbe4ea2749af44c563978fc350456ca3de14b2422213b7f9433e8e2c32ee5ec196f16c49454e640e9d9942338e2ec0a893530933b29d94b92255e62 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e36b61173ba40dff0242553bdf604d10 |
| SHA1 | 9bde7c467beac59686e0b18d24f734668c21c430 |
| SHA256 | 0204530478f254397aa8ebec5dc9a99d9299d1b4d1145e805fc2f50a03bccd6e |
| SHA512 | 5e5103c89a1be262df2edd4763a236d36b2c15817282b483c09671ec055e2fa4a52f5e80c3c01ab820931b9b0221974a185cb84774609840f96d2783540c08ef |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 9c75ec7dfe3374fae1e7bb86ca6d2434 |
| SHA1 | aae74c68296426825fe27d2f53b51e6c274d027f |
| SHA256 | 74acdbd5df7f7413f06a7a18d22958ff05e1118803f9c3738d2f730dd59ecdde |
| SHA512 | 9f6f8c42f9e0f384c179f04268aa2b4af07235c3a888509374915c19592ab1011c981ec89a8720f27622f968d57b1a5572c88129f95643a023b48b862dd38f7a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 532af0cb4bd5b64cfdbf54b942a809bb |
| SHA1 | 0d46bf70c47f552c20c003cd1a0c7f0b8c1b74de |
| SHA256 | a93103ce399640ceff54f507cbf312b6b4184aa19fefe7a93694049acc8e07ce |
| SHA512 | be0af25e5e90221757a7f2656d96c30a8bfed0d0762fb06ad81459bb5db9ac3afaec2f64d209855693b0028aa7a5c8c61bc5fb99815d83c41924e88e572df6d2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 5e98cbaaeda21245caf399998cc50b2f |
| SHA1 | 34951d8dcdac85baf9dc21398577afca9405fd8c |
| SHA256 | 635a1236e4c131b28ac87e69afb5d97ecbc2da7d3268eb76ba05f505ddbd3023 |
| SHA512 | 08ca8923ec986de7d6f44b6a902c3c930fe53a4bb4c368e7482b71b11df09624698238d8435d7847f425368f15a627461dff7f678c32f9db9291e02672f04f58 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 81c9df44dad4a93b5e4436f555314f8e |
| SHA1 | f27163810967204317405c08c60addce39a46668 |
| SHA256 | d4b9a7a8b521ada8d9c2c0aaa60fc2575db95df46e79857771e9695df286db9f |
| SHA512 | e9e41f837cf72373597237a15c5551665633250937bcfc215c5b24ffc186823d56e899502dc1ced1f63fd07330f978574862b3f9f5a023a2bc7a8365f52a531d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 5e2183190d6264038b7e33f8a31e4249 |
| SHA1 | f0f371b9048646a601f48a05c19f16cb643e8476 |
| SHA256 | 1196b27e5bbef9383e882e63fa8448b9f90abeffe088a6c43749d25c9f4f780a |
| SHA512 | fb01f792f5f37048b785a83fa38dfcef2f18e54fcf4f3c9e16cb7ad86c4f20152e10e957ac64c3480141563c7038730b9f9c936397e58db3af85082280c40583 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 4b0be39b391c2a9427cab6b33d07b0b7 |
| SHA1 | 6b5ddad9c8b9cacd030e1c6259c03cd6574026d0 |
| SHA256 | b60d852dfbeb46de76235834c82878a706f486cbe1422903b84c150eb1b825fc |
| SHA512 | 300b469516642d83992de3b6fe46cb76a452bcd594b701fec6be9e980d37e2e35c40d6a37e5feee6569f1439a64f96a2afcd6863b618f23ffc65381371add116 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 884cac6eee18d90b98d64e6adf4c2d00 |
| SHA1 | 1447a5c8246f5ed092e54c54ba19cca495328845 |
| SHA256 | 3ff250513fd12f0dd7638071b4ef9cd587f920344ddecb9df5bb3c55ed7a1545 |
| SHA512 | f6055a14628d59bf12f174d3f290009e0d5ccfdcd6e44c63d177fbd47169022b3d30600517287664e792f6ae18cd96c0d9c7b448671c1608202d0c3b063ad480 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 447933717ef3a3e3c7dfd81348a2efdb |
| SHA1 | 3bc106a761b84a0f7a51a5ce4d2beb72a240378e |
| SHA256 | 42667af982f5ff79136e0e609527eb4260604f66baff073b369c4f3bca15640c |
| SHA512 | 45df487a18edbcfb16e23e882f664789a6de6787634a775d998b77427151cebd57debad20a5fdc6aa4c2763ccef5e3c4f28e1706a7367344a399eedd29c0b24e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d371cbcb5263a74ce76d5a369eecc8d0 |
| SHA1 | 757cc134c9aeee582279873b0eb2bfce943bea32 |
| SHA256 | 9b50fae8a87da171189c1356a64730586e4de2cc5d61cd333ac7b0e4dfa3e905 |
| SHA512 | e60b4dabb7f156924b60903a2779569f5d13ffce550fd7e7ca16bfce35f9a391dad1263fd3eb79665301b0a12a89602bfb0f3f8ffe7aeb0289482013ace84a26 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | cf109a9d2dea4bf49238690c3cd91342 |
| SHA1 | cf8c7a3504f351d66b1e343007fad90db3deabba |
| SHA256 | ec13530b293e3a4eddbd0938a7fd20a841474117132d7560fa69329a1adaf048 |
| SHA512 | 366aced0990b70f368cb63aa4f94e73094a9c9c9f4f8783002f875bac5922ab3fe834591a5d719f77fee271deccd631b30241cb25568505100595069a25a17d2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 4a559b1ea42441cb8db70304ed74bc01 |
| SHA1 | bedecd6c2aff08afce0c280a1dd33d0cae500f29 |
| SHA256 | 46bfd120f38bef150e972ec597ee1aa8267c290aa21f8d0bd173b4512480f70a |
| SHA512 | 0337f3d947a5599a26649fdcac2f98bb4ab3bb25ea806459716751553e4a6d2a7403aec22e8c62bde52a152f741533df6036c4307905f040b5173f731666ca8a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 17f385338768ab9bd107caa36f50b4f4 |
| SHA1 | 8ac2c8382f44206b5e59a3489ded2960dc5e5d0d |
| SHA256 | bab952bcfdc4cbac1e649ac5e2e144d5290aba631477dccae52f688ef5cdf6c6 |
| SHA512 | 72d90e78deaa211442e608a3fa5bc22c846098fe44acde6b91b573553bb991d292590d1bdd494347c9996264480cbc3af92bef2463a27afe93592d3d4bb2c20a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c8c9357d51a0115bd7d6c29866195276 |
| SHA1 | 526d602f845789ef20348c38b0e03372f308f3b5 |
| SHA256 | 7f9aad69a6b6ee65a84dfcf87424aac7800fe842f9623610531d1642be48097c |
| SHA512 | 8e5a1311a74fcf8fe32eca614d13c90b655d4c2caeaf0944bff3371657f2f1834124bfc821556f44df0ed9e43acdde0f65877f6903841c6c43278e0f5bfd83b5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b9d3b1919826745e15b77a645da59f7f |
| SHA1 | 21c7d70100baafc92161b436c704ec2e7be983f8 |
| SHA256 | 303e0ad523cbf6c17a2a87647e7e7827d408c4513dc61f944c07638d3f68418d |
| SHA512 | 03b6ef30fd79f6048648aeb103057cc8c62b098c7ab8b974dafe0adba0db1f266d3a734771c34d1ba78cf2d716b2f6553563000990557683775f9a7648529a11 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 600a1ad11bb97f7abb027b642b467d3a |
| SHA1 | 826e972795e39f5e2accbef49e7a7821821f5e14 |
| SHA256 | 7e211eaae4c3a3f34e636589670f2416ff95390d7198cb1917a3d15eb252d5c3 |
| SHA512 | 63a906d91b665a6e3279390654ccf73784236445dce294bc94d660e9aecf47a2f2eb920a15070ff029975a60cb6a47f91457e876b8c29864f7fb82614a757765 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | a750108d1e0c16071472ca1556143c2a |
| SHA1 | aeb1c6b11d43ebddf03905da7d00c3ceda20573e |
| SHA256 | 74450f3c5a00178de09b117ee08e3f515ed72bc42b1f2fd304bbe48249557e28 |
| SHA512 | 3ab04ca3512dbf9371854bcc7919a1a4b01ac023b095f2fd35d1e6594e97714a23e9b73fa9fd83df111dc2f578b6e62537746707eadb0f677d3f5449b4430490 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7da954c2016ad4afb60b08d3aaca5ddb |
| SHA1 | f23e0ac2d158e88b9ffb35dd039c6050b8c3ac18 |
| SHA256 | 08d043a43d3cf4ca36ba8d3f3e60e01684a1006c3331aaa35770ad5741cb51ef |
| SHA512 | 5b9e7aa7cc258119b1662dc076a7634f9063896227a5c71b3c34426494a86744677bcf807b4f20c45a47afe43a759a555c7b656956fedcf50572a5089e517f1c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ff8e98abeb058cdb09ef4c8b0531899d |
| SHA1 | 87d345a030d745e48a74058e59c070a2d9270f4a |
| SHA256 | 1444182c261c265bd657dcf4c5badf30386d03a8fbd37643917f99c79a5a330a |
| SHA512 | e2dc3f5e16468affeac05f266102668831d0a2e9020017aa81d8421db744e58ef43d64b69673cd02c9929e3e1bc9ce913d7c7b834711e8caf075d980021f0b06 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 1fc1b1eee007676b48ad3815509005f2 |
| SHA1 | 266651a6a45814bfa713a9afe4ad9ab2666b6afa |
| SHA256 | 9b46066817eefd65d5de8c08d4ba6e9b0fa2a8abcfb68ed40389367caa548447 |
| SHA512 | 4c6022006b16113814837a4d3463d5f60240a75bfbf7517e299c680f0d006bb09c0b68d2bd8c6092ad2c3471177f681839cc2cb1ef56423307bd95aedc7084a0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7ef01f679aacfbd0ce6a007cd22d3f42 |
| SHA1 | 52221e41be900cb9035fed0b33d488f0b7b4eeab |
| SHA256 | 45c8e83f83473785dd89822866f4079538cd8b5658b386f274d6b5ca353676a2 |
| SHA512 | c09eeb15820a332ed09565739c6e916e6dbfcedc313b2c6694c572dbedc60c24f48bf65bb6c5155562fe1908c1709adbbe6a7a634a30861e77d6955c308d736c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 6306e12924e49789f4fd00a1357debb0 |
| SHA1 | 3c0b2180d2e37c63daa92d25735ecd2fae3df11d |
| SHA256 | c8faaa5a1f250550b3a6a4dc623914985c40e8c24cca6e438d558a2f557457cc |
| SHA512 | f53c7ca504ab39b4aef3a7503e02cac279ad70eb29bf9df4586443d3dbefbe538d9a25ac0b4ecd84fbd709cf1787f06b185b8b940504f2f5d71bda434ed7a413 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 024a11055ef166900ad382e8fb01c717 |
| SHA1 | ed7d27810c45d47c3c5ab1e9d677ea0d3f58b5fe |
| SHA256 | 2aac5c1bfef961dd25115027bc2a2e2602cd65c316347b75f302ff7597f985b4 |
| SHA512 | 9fa9fdbe97be63145e2105eb1e6316748802220013f329067e275f7759d9d74cd45a6ced503140e70f224441859dfa2f6a63442f5839d4431d0ed05ebab46864 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e3f232cf0be579c41831880aaa9aebc5 |
| SHA1 | 90be5a6338ae6fb38c3373b3716f1882bbad46a0 |
| SHA256 | ace201d21475281ed80a847365f069889b042c3bc0b27986cf2bf4153c69598a |
| SHA512 | b2fd24541c08979397619b3c92c5de3dc91e9eb11fbc0b9a81fa2495e596326ba0d502ad6f9e504183f6457c3477a612953cdb6570ddc956dc3a55db06813e35 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b45bad6614fa1222f2986d12dc628c89 |
| SHA1 | 9a22fd8f3e359516de9c616abc8d10b57e5ca722 |
| SHA256 | d2f47ba928d02a55d778f78d92a23509940b16124837dc7bae15da733928c2b5 |
| SHA512 | 93243a66fb85b1c57cd69e25bed21ec56f75efccdc0ebc5272b3ee89964d0a3c12e0e636e691e2b693fd1636b8b9be933cbcd64e3a26d73efe351e78fb0e8281 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 35bb8c02ae072a127eef050483ddc95a |
| SHA1 | c35eff8cd62eada26f0719ba247d1494f8f95363 |
| SHA256 | a8e5d6ae78eff12e487069d9a81762992bd27f434a929d85d20551a489debc26 |
| SHA512 | 8d7e57044225980849f5e5a4efad8ad33d4482c723fbdc493d05ef7d123fbcf3a5beb163ace92ba1850a1e8d67d7e8022d91e5082cb2a27aebfe896b56be6c19 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c6b013328a0b5ab8e74034ba84d2421a |
| SHA1 | e43c91f7abc0c62acddbedd7adfdb176488b29eb |
| SHA256 | f15ea46393a8e684ba7bf94c5028fe272dd60b425042f6abfd67f41ffe5670df |
| SHA512 | 422d5affe7f93fbbf1a8b43413bd596a84df8a830e2fbe09088d9b2bd072dfc133aac6c4f492a9872cc17f401f9e25c4bbac3260de01c31d555b3d4f6300fed9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e5a41b2ed1add8a4af2d4985f3158cbc |
| SHA1 | 44a599e75d02a08281e122c88ebdc1bed5e92f12 |
| SHA256 | 78a64aa01e531fb44fb34d38bc74cfea7ccf459f4fba3f6977add9d5f906510a |
| SHA512 | 98f63c555706a0425922f8ed1ef8965c4e19b4cc60b2a188bc6e646b5598e02b048bf1dcf852557e04b71f2a48b119bd1d6d122eb3ed971a37bbfe4d8637d7b8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 95937fffa3067b47c8e199b1b53c1a5c |
| SHA1 | 67ff1b19a21e71d6a0f57f6beda52a58d619d10b |
| SHA256 | afa93ef6216defd6b9772debf7c655f2be92cf0c99e34299b370eaff8141cc9f |
| SHA512 | 829f99642cbaaefa574bfce233e2fedbf2e50794950fed90cc0f2a605d44648ad1bf3769425c6a5d3dedf1d3de848bbcf29e35f12593d807364fbd686eedf9c9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3f0b2bfdb171f08623c1c879ea7d2bec |
| SHA1 | 4e4a298f827fe83c8eae61ca232fba834f17ad3c |
| SHA256 | e1a4d8f671dfae18118c31ed5f78847a836d89d8f41002ff601aac17a9ed5bf4 |
| SHA512 | 81478b041acdab0a22fa7df37c6eeb4567e65bc815b34540faf04d757d9a87ba54f2a0c848078f034f62e7d5dfe5c26b77a924a5d91dd8f785b5a984c8610b0d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | cf8ababf8588d70a9d389299d67958fb |
| SHA1 | a31ef9909ec887c50af820c510627b2308498996 |
| SHA256 | 48eb1b4c3bcb876cb7990a79e811bd7d8be10459b418160d5cfc5d05ae2e2319 |
| SHA512 | 447e66f1a12538f39b49dd19f8933ee5cfba46dd8d33ed6167a20e5053076fef31f751c0512fa8287ed83999278f8799e58dcab12fb4f60bfedf3d5829de51a3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3bcc4168c96c936f2d251b71c536dea1 |
| SHA1 | 2d3cef295a8eab10f02f330591f230e6c79ba1f0 |
| SHA256 | 9e16365fc6fa93ac51bd1f3b2b9495e5d42e883dc519e0ff2d6de014ef7f4924 |
| SHA512 | e14c31bd9ab7d28f72319b4ac3fb549495c42888f9987e69ce19d276b7acb203f5ed2216818f2d35e0845b5dbf809ba8ae9c4ea6e6514cccc4a316b646735709 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3bd9960f295c947e187f310efbaa861e |
| SHA1 | 1e18045829097931c812841ed3a6b94209f2df80 |
| SHA256 | 9efc4c3de22e2011753e1bc3ba3ccae1da4a4e99eb48eb95fc7c0112697db22b |
| SHA512 | ec627247ee3f2d4d63fb86cffdf799d6128e5912651f6cdcb15e0a7152f560fce895e85fee8fdfbd3494624209e3f140682499109e865ee30accf8bbd1eec75e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 42dfeca1631fd6780e7d1e1c23ecf69a |
| SHA1 | 0a8ccaf8c3395ab18568f4bd2566d6f9be08d17c |
| SHA256 | e52003a87d0f2d88aa03d3c4c09152995ef4506c2fef0776a0d8427b37dba479 |
| SHA512 | bd2c133e2304f513ed001e2a9378928ee6166cff281e7602a651574d926e9d6b2ddc36bfef292e07eaeb367f7dfbdab68fcdde035473ca913d2cd6d5b1932a01 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 233a4d5d2ae933f4d1d8bc61eb3e6b53 |
| SHA1 | aa5d227339d2782704f9a6758e4eac1326ceedfb |
| SHA256 | 88135fb380835a51cd85f67d13b46914478e068a5c45b1ab8188258be0bd3a01 |
| SHA512 | 16d67c0661a9a27f2eb27e080ae95d721ce3278211bc611df2209ee8b86ee02249034a24db3b3456f9bea381efc6ee0cbf5670250f1aa65b1fada1e1bbfd498d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | a6afc79e55dfb65876164b8b9a150928 |
| SHA1 | e43288db8c0ea2c6873288e34c737d31717167f0 |
| SHA256 | 30d6fca878cc12639351931e95bdbd75067edb685dedc3d27c6f97a73ae8e021 |
| SHA512 | 1b07d0a3f0290fdff9ec1603f9160104c89e36920a30c7841b7bf77ab1368f61aa5c32a3dab5fc14d2b8619a497f7bddaddc4f6ce3d247308adbfab2e6a7ef8a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 1ba7322e0975eed2946763ff8d69b136 |
| SHA1 | fb1d7a60e4c1ec726aeafd5d43bddf12443a3d58 |
| SHA256 | 7b0d72743a051915b5f6501b8921c84792a78472732b4a1eb7048409e19250cd |
| SHA512 | 68bbab28c143542ed3e27f31c44ff6e4120c423898229b9dfd70de858744edcee581578f76639a10e0efd648773a38a98a7acea9e2047f91091a17f95ba6a8ea |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\48d6d7b5-b378-4e04-b4a9-c50c9aafeee3.tmp
| MD5 | 6be9d14ba223478daeffb43be2016c00 |
| SHA1 | 4c25739ec004f9aaaeae8b100bd937f2cae45a6d |
| SHA256 | 758235d469825f9d3d0737589783978941c2858b1d45f79cf388738af49b316a |
| SHA512 | 854d9874a4d6a5d5ec8f49c6055305142aaa8bd0d981a1e7d48982d9386cd4de8eaf56bdc85c5906674741611c9b450bb45c507a90cc3add529d498c68d3882a |
memory/4492-520-0x000002487BFD0000-0x000002487BFD1000-memory.dmp
memory/4492-521-0x000002487BFD0000-0x000002487BFD1000-memory.dmp
memory/4492-522-0x000002487BFD0000-0x000002487BFD1000-memory.dmp
memory/4492-530-0x000002487BFD0000-0x000002487BFD1000-memory.dmp
memory/4492-529-0x000002487BFD0000-0x000002487BFD1000-memory.dmp
memory/4492-528-0x000002487BFD0000-0x000002487BFD1000-memory.dmp
memory/4492-527-0x000002487BFD0000-0x000002487BFD1000-memory.dmp
memory/4492-525-0x000002487BFD0000-0x000002487BFD1000-memory.dmp
memory/4492-526-0x000002487BFD0000-0x000002487BFD1000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | db693297ea29744a0ec4345e8d8749db |
| SHA1 | d370c8525b65cf4741ed0330398373f51f2c6fdd |
| SHA256 | b683d0e55eaf0dc07378f882a02547b4c79172d345805a68c7ae57ab6b357907 |
| SHA512 | c7a38a0f0e551fa812f7c1ad48fbdb02f102e748414288a1d29690b3952e4f23ae1f2487b71079815fe26de91ed3e675365fa6b751f38eadf21b2c0f7c5e1390 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\1e37ff8f-d11f-4b16-a590-a90bb7fe3243.tmp
| MD5 | 7082e16db02e6c61b202a3b413158c86 |
| SHA1 | f7d80bc0f5a8e0c9a03922999b4a9f02d28bb30c |
| SHA256 | 861a73713b645df96530e045fef0d6e92052a6d7a46b3320c52baa151308e8a1 |
| SHA512 | ca7fefc3828e5ede088644d3ecb694c79b165eaf0ea82d0180d85529c4cdb55ac484c05e14f3b3f60518f030a15546d4b4dfaf76f2376a1bc6ad43a8856ea55d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 084f5ff8d979b34f592fbdb2644d0cb3 |
| SHA1 | d301d3be8938ef8223be01c8a2e8e92385180bf3 |
| SHA256 | 31f9a3adf56d02a5dc21bfff32d4f995b35774445170a087c2d59409c4db4768 |
| SHA512 | 0e43d9b29285045150036b6e832a92d1e16cf286d8416bf710ff231d8f204ca36b13c6c1a6a353739291f69036e571bcaabf026a4ffc03c444a94a5723c3f3ef |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d73830113ed4a66fa3c538a4bf49568f |
| SHA1 | 5e1c64f2053d746b265850a4fc13b5ec616a70da |
| SHA256 | 32a836e8438a5870762b3cd74efb75a744cf2067d1727dbb64fb2d8841e95cc9 |
| SHA512 | 436555530b3145a9a1ddc2b5f74f30d10466c5e34b4ae6c5a942d6216a93cacc23abb3ed455612f34fab32dd979d88fbb5c3e38ebc78f439049468f5c385b5da |