Analysis Overview
Threat Level: Known bad
The file https://hackerone.com/roblox/thanks was found to be: Known bad.
Malicious Activity Summary
Quasar payload
Quasar family
Quasar RAT
Legitimate hosting services abused for malware hosting/C2
System Location Discovery: System Language Discovery
Event Triggered Execution: Accessibility Features
Browser Information Discovery
Modifies registry class
Gathers network information
Modifies data under HKEY_USERS
Suspicious use of SendNotifyMessage
Modifies Internet Explorer settings
Suspicious behavior: AddClipboardFormatListener
Suspicious use of FindShellTrayWindow
Suspicious use of AdjustPrivilegeToken
Enumerates system info in registry
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-10-30 16:03
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-10-30 16:03
Reported
2024-10-30 16:20
Platform
win10v2004-20241007-en
Max time kernel
989s
Max time network
995s
Command Line
Signatures
Quasar RAT
Quasar family
Quasar payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | camo.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
Browser Information Discovery
Event Triggered Execution: Accessibility Features
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\DllHost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\DllHost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\DllHost.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Gathers network information
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\ipconfig.exe | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000\Software\Microsoft\Internet Explorer\Toolbar | C:\Windows\explorer.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar\Locked = "1" | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar\ShellBrowser | C:\Windows\explorer.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar\ShellBrowser\ITBar7Layout = 13000000000000000000000020000000100000000000000001000000010700005e01000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 | C:\Windows\explorer.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133747780533912023" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1 | C:\Users\Admin\Desktop\Quasar v1.4.1\Quasar.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1" | C:\Users\Admin\Desktop\Quasar v1.4.1\Quasar.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\0\0 = 780031000000000047598e481100557365727300640009000400efbe874f77485e597d802e000000c70500000000010000000000000000003a000000000094f4210055007300650072007300000040007300680065006c006c00330032002e0064006c006c002c002d0032003100380031003300000014000000 | C:\Windows\explorer.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\0\0\0\0 = 7e003100000000005e59018111004465736b746f7000680009000400efbe47598e485e5901812e0000005ae101000000010000000000000000003e00000000005c5d6c004400650073006b0074006f007000000040007300680065006c006c00330032002e0064006c006c002c002d0032003100370036003900000016000000 | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2 | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU | C:\Users\Admin\Desktop\Quasar v1.4.1\Quasar.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 020202 | C:\Users\Admin\Desktop\Quasar v1.4.1\Quasar.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags | C:\Users\Admin\Desktop\Quasar v1.4.1\Quasar.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\0\MRUListEx = 00000000ffffffff | C:\Windows\explorer.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\0\0\0\0\0\MRUListEx = ffffffff | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\0\0\0\0 | C:\Windows\explorer.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 0202 | C:\Users\Admin\Desktop\Quasar v1.4.1\Quasar.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\MRUListEx = 0100000000000000ffffffff | C:\Users\Admin\Desktop\Quasar v1.4.1\Quasar.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4336a54d-038b-4685-ab02-99bb52d3fb8b}\Instance\ | C:\Users\Admin\Desktop\Quasar v1.4.1\Quasar.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a0000001001000030f125b7ef471a10a5f102608c9eebac0e0000009000000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000 | C:\Users\Admin\Desktop\Quasar v1.4.1\Quasar.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\0 | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\0\0\0 | C:\Windows\explorer.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\0\0\0\MRUListEx = 00000000ffffffff | C:\Windows\explorer.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\0\0\0\0\0 = 66003100000000005e59098110005155415341527e312e3100004c0009000400efbe5e5901815e590a812e0000003e3d0200000008000000000000000000000000000000b33c0a005100750061007300610072002000760031002e0034002e00310000001a000000 | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings | C:\Users\Admin\Desktop\Quasar v1.4.1\Quasar.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\1\0 = 66003100000000005e59138110005155415341527e312e3100004c0009000400efbe5e5901815e5913812e0000003e3d020000000800000000000000000000000000000080fcc8005100750061007300610072002000760031002e0034002e00310000001a000000 | C:\Users\Admin\Desktop\Quasar v1.4.1\Quasar.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\1\0\MRUListEx = ffffffff | C:\Users\Admin\Desktop\Quasar v1.4.1\Quasar.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU | C:\Windows\explorer.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\0\0\0\0\MRUListEx = 00000000ffffffff | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\1 | C:\Users\Admin\Desktop\Quasar v1.4.1\Quasar.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1 = 14001f50e04fd020ea3a6910a2d808002b30309d0000 | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1 | C:\Windows\explorer.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\MRUListEx = 00000000ffffffff | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\0\0 | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings | C:\Windows\explorer.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\0 = 19002f433a5c000000000000000000000000000000000000000000 | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\1\0 | C:\Users\Admin\Desktop\Quasar v1.4.1\Quasar.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\Shell\SniffedFolderType = "Generic" | C:\Users\Admin\Desktop\Quasar v1.4.1\Quasar.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupView = "0" | C:\Users\Admin\Desktop\Quasar v1.4.1\Quasar.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 0202 | C:\Windows\explorer.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 0100000000000000ffffffff | C:\Users\Admin\Desktop\Quasar v1.4.1\Quasar.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\1 = 14002e803accbfb42cdb4c42b0297fe99a87c6410000 | C:\Users\Admin\Desktop\Quasar v1.4.1\Quasar.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3 | C:\Users\Admin\Desktop\Quasar v1.4.1\Quasar.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\LogicalViewMode = "1" | C:\Users\Admin\Desktop\Quasar v1.4.1\Quasar.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1092616257" | C:\Users\Admin\Desktop\Quasar v1.4.1\Quasar.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\IconSize = "16" | C:\Users\Admin\Desktop\Quasar v1.4.1\Quasar.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:PID = "0" | C:\Users\Admin\Desktop\Quasar v1.4.1\Quasar.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell | C:\Users\Admin\Desktop\Quasar v1.4.1\Quasar.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 02 | C:\Windows\explorer.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\0\0\0\0\0\NodeSlot = "2" | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\Shell | C:\Windows\explorer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\Shell\SniffedFolderType = "Generic" | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\Instance\ | C:\Users\Admin\Desktop\Quasar v1.4.1\Quasar.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Mode = "4" | C:\Users\Admin\Desktop\Quasar v1.4.1\Quasar.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByDirection = "1" | C:\Users\Admin\Desktop\Quasar v1.4.1\Quasar.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 00000000ffffffff | C:\Windows\explorer.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\1\MRUListEx = 00000000ffffffff | C:\Users\Admin\Desktop\Quasar v1.4.1\Quasar.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\Shell | C:\Users\Admin\Desktop\Quasar v1.4.1\Quasar.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\Instance\ | C:\Windows\explorer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:FMTID = "{00000000-0000-0000-0000-000000000000}" | C:\Users\Admin\Desktop\Quasar v1.4.1\Quasar.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\0\0\0\0\0 | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4336a54d-038b-4685-ab02-99bb52d3fb8b}\Instance\ | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg | C:\Users\Admin\Desktop\Quasar v1.4.1\Quasar.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0a00000001000000 | C:\Users\Admin\Desktop\Quasar v1.4.1\Quasar.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 0100000000000000ffffffff | C:\Windows\explorer.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\0\0\0 = 50003100000000004759534e100041646d696e003c0009000400efbe47598e485e597d802e00000050e101000000010000000000000000000000000000006e3d5c00410064006d0069006e00000014000000 | C:\Windows\explorer.exe | N/A |
Suspicious behavior: AddClipboardFormatListener
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\explorer.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\osk.exe | N/A |
| N/A | N/A | C:\Users\Admin\Desktop\Quasar v1.4.1\Quasar.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument https://hackerone.com/roblox/thanks
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffeba1446f8,0x7ffeba144708,0x7ffeba144718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2144,1566177862608675047,3125712080311063824,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2160 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2144,1566177862608675047,3125712080311063824,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2256 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2144,1566177862608675047,3125712080311063824,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2704 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,1566177862608675047,3125712080311063824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3320 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,1566177862608675047,3125712080311063824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3336 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\system32\osk.exe
"C:\Windows\system32\osk.exe"
C:\Windows\system32\cmd.exe
"C:\Windows\system32\cmd.exe"
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x450 0x4d4
C:\Windows\system32\ipconfig.exe
ipconfig /all
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2144,1566177862608675047,3125712080311063824,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4880 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2144,1566177862608675047,3125712080311063824,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4224 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2144,1566177862608675047,3125712080311063824,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4224 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,1566177862608675047,3125712080311063824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3928 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,1566177862608675047,3125712080311063824,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1872 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,1566177862608675047,3125712080311063824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5668 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,1566177862608675047,3125712080311063824,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5680 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffea826cc40,0x7ffea826cc4c,0x7ffea826cc58
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1992,i,16862020755243883115,14557900248430591253,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1996 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1872,i,16862020755243883115,14557900248430591253,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1732 /prefetch:3
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2272,i,16862020755243883115,14557900248430591253,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2460 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3140,i,16862020755243883115,14557900248430591253,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3160 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3196,i,16862020755243883115,14557900248430591253,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3184 /prefetch:1
C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4508,i,16862020755243883115,14557900248430591253,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4608 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4760,i,16862020755243883115,14557900248430591253,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4764 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4832,i,16862020755243883115,14557900248430591253,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4848 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4984,i,16862020755243883115,14557900248430591253,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5000 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4836,i,16862020755243883115,14557900248430591253,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5152 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=4416,i,16862020755243883115,14557900248430591253,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5244 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=3228,i,16862020755243883115,14557900248430591253,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4740 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=3700,i,16862020755243883115,14557900248430591253,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4728 /prefetch:8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=3160,i,16862020755243883115,14557900248430591253,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5048 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=3188,i,16862020755243883115,14557900248430591253,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5404 /prefetch:8
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Users\Admin\Desktop\Quasar v1.4.1\Quasar.exe
"C:\Users\Admin\Desktop\Quasar v1.4.1\Quasar.exe"
C:\Windows\explorer.exe
"C:\Windows\explorer.exe" /select, "C:\Users\Admin\Desktop\Quasar v1.4.1\quasar.p12"
C:\Windows\SysWOW64\DllHost.exe
C:\Windows\SysWOW64\DllHost.exe /Processid:{60A90A2F-858D-42AF-8929-82BE9D99E8A1}
C:\Windows\explorer.exe
C:\Windows\explorer.exe /factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding
C:\Windows\SysWOW64\DllHost.exe
C:\Windows\SysWOW64\DllHost.exe /Processid:{60A90A2F-858D-42AF-8929-82BE9D99E8A1}
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=5372,i,16862020755243883115,14557900248430591253,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4828 /prefetch:8
C:\Windows\SysWOW64\DllHost.exe
C:\Windows\SysWOW64\DllHost.exe /Processid:{60A90A2F-858D-42AF-8929-82BE9D99E8A1}
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 217.106.137.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | hackerone.com | udp |
| US | 104.18.36.214:443 | hackerone.com | tcp |
| US | 8.8.8.8:53 | 214.36.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 77.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 150.171.27.10:443 | g.bing.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 209.205.72.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.27.171.150.in-addr.arpa | udp |
| US | 8.8.8.8:53 | errors.hackerone.net | udp |
| US | 104.17.168.185:443 | errors.hackerone.net | tcp |
| US | 8.8.8.8:53 | 26.35.223.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 185.168.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | rum.browser-intake-datadoghq.com | udp |
| US | 3.233.158.34:443 | rum.browser-intake-datadoghq.com | tcp |
| US | 3.233.158.34:443 | rum.browser-intake-datadoghq.com | tcp |
| US | 8.8.8.8:53 | 34.158.233.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | profile-photos.hackerone-user-content.com | udp |
| US | 8.8.8.8:53 | hackerone-us-west-2-production-attachments.s3.us-west-2.amazonaws.com | udp |
| US | 3.5.84.197:443 | hackerone-us-west-2-production-attachments.s3.us-west-2.amazonaws.com | tcp |
| NL | 18.239.18.53:443 | profile-photos.hackerone-user-content.com | tcp |
| NL | 18.239.18.53:443 | profile-photos.hackerone-user-content.com | tcp |
| US | 3.5.84.197:443 | hackerone-us-west-2-production-attachments.s3.us-west-2.amazonaws.com | tcp |
| US | 8.8.8.8:53 | 53.18.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 197.84.5.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 15.39.65.18.in-addr.arpa | udp |
| US | 3.5.84.197:443 | hackerone-us-west-2-production-attachments.s3.us-west-2.amazonaws.com | tcp |
| US | 8.8.8.8:53 | 149.220.183.52.in-addr.arpa | udp |
| US | 3.5.84.197:443 | hackerone-us-west-2-production-attachments.s3.us-west-2.amazonaws.com | tcp |
| US | 8.8.8.8:53 | 56.163.245.4.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.31.95.13.in-addr.arpa | udp |
| US | 3.233.158.34:443 | rum.browser-intake-datadoghq.com | tcp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.214.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | 55.36.223.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 172.217.169.36:443 | www.google.com | tcp |
| GB | 172.217.169.36:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 94.110.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 42.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ogads-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| GB | 142.250.200.46:443 | apis.google.com | udp |
| GB | 172.217.169.10:443 | ogads-pa.googleapis.com | udp |
| GB | 172.217.169.10:443 | ogads-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | play.google.com | udp |
| US | 8.8.8.8:53 | 46.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.169.217.172.in-addr.arpa | udp |
| GB | 142.250.187.206:443 | play.google.com | udp |
| GB | 142.250.187.206:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | dns-tunnel-check.googlezip.net | udp |
| US | 8.8.8.8:53 | tunnel.googlezip.net | udp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| GB | 172.217.169.10:443 | ogads-pa.googleapis.com | tcp |
| GB | 172.217.169.10:443 | ogads-pa.googleapis.com | udp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 8.8.8.8:53 | 227.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 157.34.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.187.250.142.in-addr.arpa | udp |
| GB | 142.250.187.206:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | consent.google.com | udp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | encrypted-tbn0.gstatic.com | udp |
| GB | 142.250.187.238:443 | encrypted-tbn0.gstatic.com | tcp |
| GB | 142.250.187.238:443 | encrypted-tbn0.gstatic.com | tcp |
| GB | 142.250.187.238:443 | encrypted-tbn0.gstatic.com | tcp |
| GB | 142.250.187.238:443 | encrypted-tbn0.gstatic.com | tcp |
| GB | 142.250.187.238:443 | encrypted-tbn0.gstatic.com | tcp |
| US | 8.8.8.8:53 | encrypted-vtbn0.gstatic.com | udp |
| GB | 142.250.187.238:443 | encrypted-tbn0.gstatic.com | udp |
| GB | 216.58.212.238:443 | encrypted-vtbn0.gstatic.com | tcp |
| US | 8.8.8.8:53 | 238.187.250.142.in-addr.arpa | udp |
| GB | 216.58.212.238:443 | encrypted-vtbn0.gstatic.com | tcp |
| GB | 172.217.169.36:443 | www.google.com | udp |
| GB | 172.217.169.36:443 | www.google.com | udp |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| GB | 142.250.180.14:443 | clients2.google.com | udp |
| GB | 142.250.180.14:443 | clients2.google.com | tcp |
| US | 8.8.8.8:53 | 238.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | lh5.googleusercontent.com | udp |
| GB | 142.250.200.1:443 | lh5.googleusercontent.com | tcp |
| GB | 142.250.200.1:443 | lh5.googleusercontent.com | tcp |
| US | 8.8.8.8:53 | 1.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | id.google.com | udp |
| GB | 216.58.212.195:443 | id.google.com | tcp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| GB | 216.58.212.195:443 | id.google.com | tcp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | github.githubassets.com | udp |
| US | 8.8.8.8:53 | avatars.githubusercontent.com | udp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | user-images.githubusercontent.com | udp |
| US | 185.199.111.133:443 | user-images.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 8.8.8.8:53 | 215.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.212.58.216.in-addr.arpa | udp |
| GB | 142.250.187.206:443 | consent.google.com | udp |
| US | 8.8.8.8:53 | camo.githubusercontent.com | udp |
| US | 8.8.8.8:53 | raw.githubusercontent.com | udp |
| US | 8.8.8.8:53 | 154.110.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.111.199.185.in-addr.arpa | udp |
| GB | 172.217.169.10:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 140.82.112.22:443 | collector.github.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| GB | 172.217.169.10:443 | content-autofill.googleapis.com | udp |
| US | 140.82.112.22:443 | collector.github.com | tcp |
| US | 8.8.8.8:53 | api.github.com | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | 22.112.82.140.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 210.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | objects.githubusercontent.com | udp |
| US | 185.199.111.133:443 | objects.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | 7.173.189.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| NL | 142.250.179.195:443 | beacons.gcp.gvt2.com | tcp |
| NL | 142.250.179.195:443 | beacons.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | 195.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | rum.browser-intake-datadoghq.com | udp |
| US | 3.233.158.30:443 | rum.browser-intake-datadoghq.com | tcp |
| US | 3.233.158.30:443 | rum.browser-intake-datadoghq.com | tcp |
| US | 8.8.8.8:53 | 30.158.233.3.in-addr.arpa | udp |
| NL | 142.250.179.195:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | rum.browser-intake-datadoghq.com | udp |
| US | 3.233.158.32:443 | rum.browser-intake-datadoghq.com | tcp |
| US | 8.8.8.8:53 | 32.158.233.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | rum.browser-intake-datadoghq.com | udp |
| US | 3.233.158.30:443 | rum.browser-intake-datadoghq.com | tcp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 36988ca14952e1848e81a959880ea217 |
| SHA1 | a0482ef725657760502c2d1a5abe0bb37aebaadb |
| SHA256 | d7e96088b37cec1bde202ae8ec2d2f3c3aafc368b6ebd91b3e2985846facf2e6 |
| SHA512 | d04b2f5afec92eb3d9f9cdc148a3eddd1b615e0dfb270566a7969576f50881d1f8572bccb8b9fd7993724bdfe36fc7633a33381d43e0b96c4e9bbd53fc010173 |
\??\pipe\LOCAL\crashpad_1156_ZOSQSHXYBLOFQLPM
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | fab8d8d865e33fe195732aa7dcb91c30 |
| SHA1 | 2637e832f38acc70af3e511f5eba80fbd7461f2c |
| SHA256 | 1b034ffe38e534e2b7a21be7c1f207ff84a1d5f3893207d0b4bb1a509b4185ea |
| SHA512 | 39a3d43ef7e28fea2cb247a5d09576a4904a43680db8c32139f22a03d80f6ede98708a2452f3f82232b868501340f79c0b3f810f597bcaf5267c3ccfb1704b43 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 3c76cde30c30a74609cb8fc206f8acd3 |
| SHA1 | 196c2b4d8ee4cc18332044297e2c6aaad503da45 |
| SHA256 | 9e4a77e0e98026cae2ac1e1d5f8f700a13dc4e3861cf0bed58798f98cabd3e1e |
| SHA512 | 61fbc61eaab48eb4f429921490022ae46509b2a410ae96bef529b505acb0debd46bddc1e5d06d2a266039a0afe4cefde367cf6f18307dde3f42dd7ab851ffa2e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 7d2eb25fce447cbc9b739469f8cf32bd |
| SHA1 | 01b73b0357f4963bea1b712e337f6a49423dbedd |
| SHA256 | f772a2754446809ac53a89c56e5bb522d6f989ab73356fc94d27084da4030c2a |
| SHA512 | ba6b00c61c5d74a2ea04d713582abe182f33435b65a335525e783f3671fdd059c0461e1cf4a0eb43bfc59a87b9aeda79170fbe682392080b6dbbaf6ba50848be |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | c1c563b7a2eb257f3d6402a243f157d0 |
| SHA1 | db45410d603fa31897d5cd9d123de216af82bb36 |
| SHA256 | 70647624cb3604df0e7b4ce3735a0b53ccf40a7a264b098af6ee834a5d4ad087 |
| SHA512 | f2415c0835054df1c01e6ff5fd3c1a3037635382211f2e23a27a964ab038b299ac4cb6db61cf91971497bbab13ef80d24ac5ca9e000e3c6ca17bb02f284750a9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 285252a2f6327d41eab203dc2f402c67 |
| SHA1 | acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6 |
| SHA256 | 5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026 |
| SHA512 | 11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57e9f2.TMP
| MD5 | cda382c5774c9180f2c3dd3867a21eb1 |
| SHA1 | a34a1c142c4d8218033e3586d58210d2e4c6f55b |
| SHA256 | 9ed7ebee29b15811c7def6c2844af6ce41acd1fb124b74f9af3bf24176cbd8be |
| SHA512 | d9728c96848104927f63c754554831323e43072967f4e8d05644db8a1598be95639cdca4ff6d21cf4bb85d55913eec3d75265a1d3892e117562cee63e6e60866 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | fe0d5fca32fa4803d9791e599eae8b45 |
| SHA1 | 1b24b1744ff080037246c38f0791318b8c3e835c |
| SHA256 | 343f7a14776cbdd995cc6affcf0519e142a9da7ad42d930eb3dee8082ec295c1 |
| SHA512 | f9b5ddf54db44700c55839187b10dccf128cc66f1afeba574660221ff3f314eeca81bed027824dbfc6065a9819244d5dfd0b3800205cc01820f3e7dac348e785 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 53a01f90e2fc2d4c80a56d0a02359701 |
| SHA1 | 70fe3ab7efd9471284c63a0860354dd0772bf2f3 |
| SHA256 | ae8c60a64cdf9cf2af3d406016a06dfd1ea7616db36a2d630c06826626effcdb |
| SHA512 | 0563994296909f007f873c1d8021bbb622486904a65d7bcaaf1ed576dc4c97f6965412e3e830e4e4f7bad91b9828f398b7f627d10d679b7e3e60d3891e913fb3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 2daaf0a6c8d7c2b3f4fc52257db33a6e |
| SHA1 | 211f208d59428ce663aeed88e1f1d037b14842de |
| SHA256 | 21bc187e2908adabe3ace17500d70981d4a9eddf4bc32140034ff00a67fe7651 |
| SHA512 | 6a387280b469dd4afa9149519ccc307654349e0f3e5b231dec7f1bb39d877d7e301e1ce0067a23fa7f364c43817a9197ccce53280937b6d4b375eccb5eaeeadd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 7358d7d4af4706b92a01d3e1786413f9 |
| SHA1 | ae0d153c654c48510dc4ba5ecb54b10f3869c942 |
| SHA256 | 4fe8c21e3c31437d0fc75ce4899149251504d5a66786a2cf724a781a008040bf |
| SHA512 | 00ee5287591eae584c2ea2fdb2f9a4639754033ded71115f784876e74450b92339e9b3609c3fbef0951a14c9637434c4e3e7b25798c95cc23a237718673b28b8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 26c7e21f8d169ebd60762f6b76130af0 |
| SHA1 | 474076253c85133fe9136d9c2c64f1d7084ed1d7 |
| SHA256 | 28bc1f1148c466c48008fe24d7b55ddd4a159f1ba4d0aadfb46909c0b21afcbe |
| SHA512 | 9329577aed09833dffa9784c982d425617b550fa4878cfdc587f934d1d148d1ac7a9c7af5f2605649fff84079762af2efc0f49c083e5362c4a57ed26b5a9f52f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | a123d4e6ea4db4cb986ff16285432c0e |
| SHA1 | 7b191bba81c10d27fdd1c81f607ae6719febfecb |
| SHA256 | b7e562a3e38a6a693f371d73a8ea5b044c819dcbc15881ef2cd0e296077339a4 |
| SHA512 | 0a8c4b87ca989189c229ca572fe687f23beac7a1b6d5c30dccc1dbde8d7331e02187b0779c45ea569c360e67e04bb3209b6d9486c62c17295b64d390cbd0699f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 95256d587134d4867943011a9e04236f |
| SHA1 | d6522c3fa8905afc809eb76484cea038644b8940 |
| SHA256 | 28938965d566bfc911d7bd694b94264869e399e6613e400e4da9c8b69d81c0d8 |
| SHA512 | 7c1000f7c21bdb3e90ff928ee0bcc287cf71ce57d9adad5e75662f788851446bcb06878a43351bffc7f9e54bf9088caa75f02d5baf81751e63868efc9f710433 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState
| MD5 | 59e101b063d3ccc65789bbc5756f4938 |
| SHA1 | de0b9ad04b870496b0799fc6a4ab8ffb42fda91c |
| SHA256 | 3084b8069b5975359bb914d9946b252aa6b07a606f2e118ab62d4920a6fa3ced |
| SHA512 | fd2cd6f276f75780993c7f7deeead34360d1321aa32acaf9218050350f06c4f64f5128a3606a7a7d0fdf0e11e66c8db525c6c4f3a53217e2573b16b756cc3e57 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 96a6eae723f44ebaa5e97dd9b7523a24 |
| SHA1 | 50daedfe77c78c6d26ba2a3179115378134eb0fa |
| SHA256 | cf0847f0428bd49974ac78fccb9e22dc498306f5994cee1cfa4ee031212c4f6a |
| SHA512 | 9d0869a2a3d7f529e522e76cb8bd1aa6d3cfcc1fce877e1c3727c89d68df0ed5c8380cd3bdf87f7b870613cee5bceedafe36b4abf55a873e42f7fd536a64eca7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
| MD5 | f69348fefe1f6ac811218db0bce40936 |
| SHA1 | d3eef9eb4ad411e56daf7ccb8ff6e24a6bc80faa |
| SHA256 | a3a64da2f93088d2d5e6b5141c8c131fae8b465985376152b9e9188016f75fc9 |
| SHA512 | 762c11db2c9c50f380ca23ec6cccca303cad7159171eebfd679ad06dbb58aefe9d4fcce82b88e27c859915b44d3c41a9f81ffa93ad56e7add26b257f00be9662 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 1da0025985a4e9a2852bee2345874517 |
| SHA1 | edb6f6bbf8ae5510d1bf549d1f788750a5490639 |
| SHA256 | 1db732851969a65991ed1c103ee4db195814d25982fbb7191ad3642b01673fe3 |
| SHA512 | e1afd52071ee462051ce002976450fc401036a5b9e358e6a99e1ba74f426a35f686a19d6287271e349462528d1e72106bf2a8d65bbd7fdd662c7b559a18b1b51 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 1a1f8edd30249b8767bbdfeda76875fe |
| SHA1 | 6e7014a4b4508e7819d936ecd482e4470b0003b8 |
| SHA256 | 85d6c696c533907f3511fabbded5f480bd61b048bc553936fe7719ffa48552c7 |
| SHA512 | a67e2dc6282ea159badeb65399534f6c3f96d52d8ba4f55a1fc911fc1fb4b1a24f95ea9e408f285161a3aae7aab9fe933f9da1e52688ab4d2be7a8c21f0bdcee |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | ced8ae2e80a3c2b46b99d41c4e05563c |
| SHA1 | 67af5ecf6f90828a8fe88c16884dbed7b8a9a432 |
| SHA256 | e60c9c5bb224294220ef828aa073f91e83f96140816de2d612d1e9209c507f56 |
| SHA512 | e4ba63ec1c96c31e0afb5ef550741c93f43e9f85795ad5ad9a36bc0889bba313ae3c1444e29c50aa13441c78f9f2fdbe1b9c279a71fc32870551a02d0a1e7372 |
C:\Users\Admin\Downloads\Quasar.v1.4.1.zip.crdownload
| MD5 | 13aa4bf4f5ed1ac503c69470b1ede5c1 |
| SHA1 | c0b7dadff8ac37f6d9fd00ae7f375e12812bfc00 |
| SHA256 | 4cdeb2eae1cec1ab07077142313c524e9cf360cdec63497538c4405c2d8ded62 |
| SHA512 | 767b03e4e0c2a97cb0282b523bcad734f0c6d226cd1e856f6861e6ae83401d0d30946ad219c8c5de3c90028a0141d3dc0111c85e0a0952156cf09e189709fa7d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 724b37d21bb59402708b503d2372f268 |
| SHA1 | 1c57c9c6f2d31d3e366a39c2e24d13b3b7903ba4 |
| SHA256 | 2559ec46e62da3e59998ec0e4e1a27de736a2335998255456bcb81eec271dcdb |
| SHA512 | 05fc0628b22219e0d9880800050edd1cbb3fb631b7ea8faf60f364ebc03fb2c61a50d0ecc5fb53d50e1e5fd9d47c27f960781cf34cf915216afd6e0cdf233e7a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 175b0c7dfc79768a92655977c2ed75a0 |
| SHA1 | c21a84b024f2ca56e2998284484c28e8ae67f724 |
| SHA256 | 1835cab836470b955fcb18d96d4ac44da9b94a81572c048ee87fe827a0859ba5 |
| SHA512 | dd7a23e597de0f7b3d2d5b45feaa0e0f01c0643ef6bfbdeda36a25399bc08b9d4fed6f56579a6a42c47c5197b111202c78df9e5d78e1556ca65b33357e1fc616 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 6891b61dbebff410f91c96b455bc970c |
| SHA1 | baacbf005a8beb51abe2516f9f4d6f34a4259ade |
| SHA256 | 3b726c91bd0b690ae26d8d5765b5cf5a8106bb74a783e12767c7bff224e960c4 |
| SHA512 | 7f7d2acc387e698c95ea48b8f4b64dbee93713ff3f9727ef81cb738ae5b0e1e5b43358499740c11f84743ffc0a5dd8905872853b558f0e5ef57b50e1b6411ace |
memory/5572-583-0x000002691EBE0000-0x000002691ED18000-memory.dmp
memory/5572-584-0x000002691F130000-0x000002691F146000-memory.dmp
memory/5572-585-0x000002693D540000-0x000002693D86E000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 3a379677f950f7dcdc9b14133074581b |
| SHA1 | 36425fd93336adcc740bb1c7a44bef5fbc958857 |
| SHA256 | 9e4eac6735ef6a06302d35d6b1564ea072ba75f87f6ed91d01fa249accff8b96 |
| SHA512 | 8e8fbbfaeef0ddf1affa3d894ef14070630142d9c0f54ce7a5c07b2d3a51a070e128ea49b76cbb8cffab5abf11f1fcf003e7133c5951a302b6e7e69312167871 |
C:\Users\Admin\Desktop\Quasar v1.4.1\quasar.p12
| MD5 | 175f9296960de5300ea60e55dfed475b |
| SHA1 | 71d4ae389c65de2a93a6bfb101ad303c6ca07396 |
| SHA256 | de0940e9e406b4a7f1ff3b2370058e64e6c3a2696f125295939cdaef2bdba2b0 |
| SHA512 | e115c197b1695ef9647b566aa6f90b3d89d8e8efd63a780a9d7c6a1ebfdddd6aa2de504f536f2bd996ec0426d9b3f76910900b397299129b38fda8ae97039198 |
memory/5572-616-0x000002693AEF0000-0x000002693AF08000-memory.dmp
memory/5572-617-0x000002693AF60000-0x000002693AFB0000-memory.dmp
memory/5572-618-0x000002693C940000-0x000002693C9F2000-memory.dmp
memory/5572-619-0x000002693AFB0000-0x000002693AFFC000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ce76d185146c3cdf037786fdfc6f716a |
| SHA1 | 01c4ca531d37784f342bc53ae20e215794523fcb |
| SHA256 | b8658ee1bf9060379d25e88c294421a22b9cfa77596248238c4d5eda6d2acac1 |
| SHA512 | 5d65652213cb6877caffac0cf57f9ecb3a00b736683acf8bf09c557b38292562bc61456d3c8a8421864d5ece5ae2a853d9e0d32452dabab584c408dbfc445339 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c69c73e6aa9a05b1f6217932a01566c6 |
| SHA1 | 2418357e155a52b70adfbf6195b04a3f9d84091d |
| SHA256 | 88d3700037d1fb2b5ade43ced467caa4642f2c19bdb217f5bd19a797c3425fee |
| SHA512 | 7ab361a5b549581d2ff820217441f66f52c3c01e277fba61d1f0d53460ab645b38c2c64c757ae0c2af02dc51e84a265300b75bce7d825154f1218333bb1b3a7f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 6abe5ada9c42189338d65459006cddc9 |
| SHA1 | a97ccbd157160d6c79fff9a63bf6121793ec9eba |
| SHA256 | 8ede8076bad163e7a65c175e6851d67cfb3a27ea363e35eb87e3eb742d750226 |
| SHA512 | 915dc193cf02d1903f3a3472610f808945eff5ee13989af174697724d8d9c111c2d2df30921427c58a0553deb74ccfe6b285c86786c1e8fa3bcb7a315ccbc91a |
C:\Users\Admin\Desktop\Quasar v1.4.1\settings.xml
| MD5 | 70b71053a65db7533de2fe6168e2ee73 |
| SHA1 | 925f9cb54d56521adcd4134a164a26b28bac3d7b |
| SHA256 | 01decc4425e8a882a12f23443a42d51d10a199a44013c8cacc84d83632f796e6 |
| SHA512 | 791e363061dc32e112993e3d20e0a9e7acaeab7857a699147e1e9c8804fafc91fcca95be847302235e831e0a280796f641b919d160ca80d64386a8109c3f2d2c |
C:\Users\Admin\Desktop\Quasar v1.4.1\settings.xml
| MD5 | b6af1da05c1a00991f04f8b898cea532 |
| SHA1 | 24c48b062d8d864eefd32f2d84a36e1a7282e911 |
| SHA256 | f2ef0d8f29904a65ce6dbe29baf9379fb4659afb6930a5af5d9fb88f73b73f41 |
| SHA512 | 2ab2de469911c3fee5b9bbfdbb373e5eb15023bf25b9e1835ebbf5890c66cfd7a06d7d5911e2fb630afadf9b30489e589634cefe52ca4c4156ae24b24c00c8aa |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | a8d417820f326c546bfd5837ce68977b |
| SHA1 | db91f375193adb05291e0ef104a4085656813a89 |
| SHA256 | 2393fb43e5e7fa3417dad4e1d161d71573f7527ae945f9bbc48ab0f54fa1b77b |
| SHA512 | a21fdc8eacc4faacbdc6ac52117ebcbd680bf28196fd52b5a8d2d9f20479a8891ea87542125e8469d0c901323305d8009c1c4382374340c755fdcfe448b7778d |
memory/5572-677-0x0000026940BA0000-0x0000026940BFE000-memory.dmp
memory/5572-678-0x00000269406D0000-0x00000269406EA000-memory.dmp
C:\Users\Admin\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-3227495264-2217614367-4027411560-1000\eeee2811e4f9af7d9f2e3d1085e0f657_423fd5c7-8559-4b8c-bf1f-c9d05c9f0fd3
| MD5 | bf5929c8a60eafeae7b42a3d1c7c5257 |
| SHA1 | bb9abca4b006deb3413d795ead86926452d6d748 |
| SHA256 | 5b19359d79f9aec436d1289432c69dcc322dadc2df74e18e51a283584a2ba8af |
| SHA512 | 250a0464c8f204ec53a7933b7d06d34c10376f3e50de0be7ec75a3684d1884f2d98241a7b78ccfaf84a14d3bb750060450721d3df7fbea4f44c4bd1f93496267 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b6e520a1add3c9044ee23faaf9379a80 |
| SHA1 | d75768c99747b64e0b155a780cb97fc19f7ae0ba |
| SHA256 | 1896f50f5aa8091cb99dbdcb2a6cb529dd4e8d47ccb0e5c96724627f22ff677d |
| SHA512 | 6b5530e7a2b1481bad9914f96e3cfae5c930b718ffcb101a5f691dfae218361f2e6d481f5136a96104439411edb9c64978d23a5403e418fd5fb17ee36c40eae1 |
C:\Users\Admin\Desktop\Quasar v1.4.1\Client-built.exe
| MD5 | c5eb36642ab3c2806040c4f00ec05dd0 |
| SHA1 | 4e189a5aad699b07ea1aa27b678b25b8ed3179f1 |
| SHA256 | 828eeb5d67bbbd9dffd9aa69bfefd9aacaa04d09374a07fe616d3c7189d2d732 |
| SHA512 | 277c8615f9d8872116f07235d0b712e19c91dd7990d8f6b902e792f08984a1f3a49ae921b2a5ac4960c11a218182f3a63bc6b10f66892e17e68330e48940f42f |
C:\Users\Admin\Desktop\Quasar v1.4.1\Profiles\Default.xml
| MD5 | a175fa66c0af7466c78b2ac2d64ea17e |
| SHA1 | 4228345490302f3deb8549b63b86a8718fe2c1e8 |
| SHA256 | 0a5d09dd5fc04501ef3ea08f595dc824608c480b7a3c6f96b5c64a198f156626 |
| SHA512 | 8c5b5ca8a4f9d1a794faed14b3058009f88fb3d7c4def0484eeb6373a68e8bf6009b9ac389e349d34cd90e418206a2335fa71133fdb5a7742f748116e71a66e8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 41d44f1376812baef94402a364e819bc |
| SHA1 | 91d995cf0ce68593b48812a83bc92727083134a9 |
| SHA256 | 7431cbcb09076d188ef4822d3f6538f0e7b606c4928890be5260a3eec076c1d7 |
| SHA512 | c0c658cc4bf165724bc89d87d58b2e00e616d1aaf9c7dcd0015dc2c56bb0ca7e232a8877ffdbbf3ff47a5540b57ae2c918f843889f17f06d3ec012f932e07c66 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 1ad12c9af33ead65c547e04a9383cd6b |
| SHA1 | b0785fad430db1878f2746d37548d860413e1a8f |
| SHA256 | 5a0b4f35a90de09baae029f7138a8c766fe0ba7c69e893e2f30058ca59b21a8e |
| SHA512 | 08e6c83e58fac66f5805e292aed033ba420a7702ea2c4eebaa15f8be5de43fa03d686c3028362ea7465710c35df3ee469edf4807135fa2274bb0f8f2828b45ab |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 630e0979a86e3688b93495ac0f0f90df |
| SHA1 | 80369b2b70d9e4b9af89de929f4d7967bc0eadd2 |
| SHA256 | 4a92660bfe01c1ea3d6566c48d72772304125532a632b3c527c1ffdcd99d7d35 |
| SHA512 | 9437a7e56d0fa43d483f57439bd8a83f2267093e01b86beb868ccc808243efd8310b10df9bfcbf6b05712173432152f8eae8cc03098aa02789c7eeb171a965a1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 880dae3c24e94fdb26a4c7ea0616e305 |
| SHA1 | 331e77dbff851d5570f07a38455376255ef847f3 |
| SHA256 | 78ea4824b2ce32c460daa31d445f9a7d17ca77828dff27eacdec9c02a1964028 |
| SHA512 | 5781f80d514f3413623e83e97535c021beaefbd0204402eb7b9f7aca979036c348a376f4774741813238ab71ede1ded7a5117332d4908c676f14200b9abd28ca |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | c9d70614a84e94d9e73bc2e583fd0ac5 |
| SHA1 | 55aeb359e67eead926709f684ac65987de96c00c |
| SHA256 | 7d024b13ea5c9147c8b663955f1c7b94a4f511cd96876bbc8f18aa83c8e91e9e |
| SHA512 | 1d21a2df92e814b57457fabdd24ec8dbc80d8df548135eb4cd7a78bb2c78ed57f9173bc9499343cbfbbd8213871622b0b501f24dd9080bf74d96a649eac9b474 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 40186e1dbc79d4b8349be2a7e64f41dd |
| SHA1 | db2d591be14cd1d280bff743bd71c4e75258f104 |
| SHA256 | 88504c5ce418fce4fe49a95d77b3dd55829ee0a9b8220e0dd69cdc60454f894f |
| SHA512 | 928c465d534d332f835c1b5842f9fd06d29b6f6b95d381fbf4ddc9addd73d4291a3e450fc6fee732ff8b8d6126d2b03a5e497300f7f12db85f4c08fe94b6df0a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 22d6d535c7022958852eb873def79782 |
| SHA1 | ccf2110712e3bb6900fb78e9d4df74dd7efdec86 |
| SHA256 | a5c7aa8d2031f20409da34c15b41583fb824af073671a106bd19fe48905e46e1 |
| SHA512 | 913d367b4f53bfc4a3b4a7c86e71ab75a09d17c13bdeffa95aa03ca1a883be90f9bffaf892c6b64adca50968a8407af775dac63c8c04409d336b7f486cae580f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 32b56331d8ee6d7a4649eb845c0a8603 |
| SHA1 | eef45d2485b53b6d7fed4735a6491d8edd0f720a |
| SHA256 | 4af33232125e15b719de6f8d8cc8bfa01478168d284614db6841086ed24234e6 |
| SHA512 | e5ace05c07fd1e2dfafa3b9ef9481463027c68b93bb153af1a90c300d40f7e3c29b1a3b14357c91068d8d179afe0888dc71def25d36b34df5aaf4420b79f7b75 |
C:\Users\Admin\Desktop\Quasar v1.4.1\Client-built.exe
| MD5 | 7734c85e35554d34fd47490316aaa2c4 |
| SHA1 | 774e458221f55ea1edcb1f115224fae2e843dc78 |
| SHA256 | 3a019e72137c43a24979ff833790d88c67e4a81d1a5d43f97457c46e04eeccf4 |
| SHA512 | 877e89f4cf4b5ed6e53820438ba611b3bac911d691116cc03d9646656c97ec776751bae64679549bc9ae9ae144188413f65326e350d867a7b728826153ab38fc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 4fbf96b27cc35fc2572ee1b65e95dac5 |
| SHA1 | c2d34d4013d91f645da5c7f4d3a007afa1adb8e4 |
| SHA256 | 090116c884d664848281cbd3c4b63e84f561171668f8bde865c962b9d5472f75 |
| SHA512 | a055a77a32fec7eb4707d99bc11b3886c11d3fafe6035ecc38b9e2e1a9bc6810a71452a9d48376b2f6091b91816dad485ed385d14ffca316c0e4e1c9582c4954 |
C:\Users\Admin\Desktop\Quasar v1.4.1\Profiles\Default.xml
| MD5 | 753fd3bee81714e308090f350ffa7e25 |
| SHA1 | b12c1adc6b1f997a4efdcb2e6cc32725329e468b |
| SHA256 | 549a28f5b7d337f1628afc2f7d86c64f7279d638bc0f4dd65a75ae4eda79d14c |
| SHA512 | bffd76455250cde3c8df2a5798d7c2043f538c0c615afdbabf99904bf545b76fd53f4699cb3c64402f9c480675bf5a4554a935ba855aeeb7e9ab1e00a1c2be6e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 0921620e578a830d5f7072d83ece1114 |
| SHA1 | 2a89245f5db82203b26e83f6643078a1675fb4bc |
| SHA256 | c0eee91ba7bbca039d62d5c646e2bcf713dbb65066a7d34656df17a2a7efafc8 |
| SHA512 | c0dec82ea0c775bed69326c64e86159009d8e0eed4b80c581760d74d93c18f9e290aa5ffa4493a4da57ca48eb40a45011d42b556817af54eb1313bd46ea948ef |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 139a80550aa720760416fbdd9a496202 |
| SHA1 | 8e17f9b6de8dbd212e17937ab8e997b67dac7b75 |
| SHA256 | 8cf1f7103816bc9b0fecc87bc2d79d52be08eb2227084911443dcd905d1e873a |
| SHA512 | f774f486f52e38293bc515efce7aeb1adfc9823b1cc9b9ee53bd06fe32eb5ef1235026ec1e4471a2f20998f78845285b29447035bebf1208904004b830645716 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | dbf37609ebbb0a04fea688a7fa4b9d86 |
| SHA1 | 81762982ffcec25b1bf895cc59f636bec0ef127f |
| SHA256 | 15ff4c72730e7431df02c42179e875c532f12a7266f82cfc7a1ca16e50f2aa96 |
| SHA512 | 19c0c9ad6880ec95ffe3d9800aaeb7daf9945b32f8ba9af50c2a220a9d8edd5b02e7bbccf55a5ee35560ddc0f2fa5a9ebfe7b7ecefde3d9094504154696ac421 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 66187ae54488c01a4137f9abb1f5c179 |
| SHA1 | 4c26e4f957be3e4cdfe905088f04027afd6b74a2 |
| SHA256 | cd8762ad0e795bbf41fa38bfa2f645f97268ff31e7c5204fee463b790eef77a9 |
| SHA512 | a557dbe782bb62469f04b1df731373c90f9111bec373a9e365d87b0ed2130f6297922967f40250615440246ee42b269c5fa22bfa41430bd77365e23335a38cc2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b21c3f0d687374603654fe90674ddc9f |
| SHA1 | ee0a56ef777e6a0ab96731c7f2d14168beb9a0d2 |
| SHA256 | 71a2e0ab6249a424d50fe329f49787c153986611cc80aad22027e1acdacda543 |
| SHA512 | 34eeb374504bd7fddaff14a8f75d45fb83b4281af4e83efe0c46812da685a81ed5b084c6f722af805d0e7ba822c9fcda0f28eb65b5002fe46fcd0262da7ce62f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | a96cf87419b99fa9d8c65da895ca40d9 |
| SHA1 | 8ba7c182b8f7c0d4dd4933d7b9bbe10991e72bdb |
| SHA256 | 0c143054279b6e857c5a52975f0ff0161010aabb65f4e5e4aec36d83736e4c0e |
| SHA512 | b5be16eb758489a0f55b329cef8a2bae2b1977aa6b965823711060e9380c1e1a0be59e07da3937e04bf8a06018bfb749f80f9e9559f4cd31bc2b122680df1be4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 254b5f00df4e4cf9a69212ff15a9e4c4 |
| SHA1 | 2e34fc45b1ebb22f2c304c99a508f4ccfa26bc9c |
| SHA256 | d82ec00f01e8e0e4f6732ba55e83b76313dca2361b257a95090a158c70a6977c |
| SHA512 | ebfde43201d51e37f5192beba82da2b02cf006065205ca2becc04e5ca80d8e4ec59c4f71240b7f57639837984f29b64f25df5da284f5c2b611212fe258d52763 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e9cccdb30ab62272fe111cdd1e546081 |
| SHA1 | 8bb9fa04205785726174d0f87bff7adfb8f63ca4 |
| SHA256 | 0ae147a8e0de0eba44c67cb5d264edb191638388471ee7538adabacd910f13d8 |
| SHA512 | 25a9bfb9ef7fabe7de81359de7255cce24f580448fe1103c5d4d296cc9b19d1a71347ca7528194e1f64657b4a39b118d2de59a63ed931efe62753fd653db537f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 876a9038a91fd0bdf64e2919619c94a3 |
| SHA1 | 77b04e7cecc36dac2c92bd727d269f776d3efb1d |
| SHA256 | cc3086cb352bdd237e3b919164cfcfae76dad1156d7cf3236ed217ef4a166508 |
| SHA512 | ea0bb9b40348535ea1480698d32c4e717128feee80b63f0cd45d3ef65b386ff7998ab0abce43bbe851dac391dd23d49f7cb21778c1b4d1cc03b6f96c9d517720 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 148ea8656c94c2f4470726c10be8a749 |
| SHA1 | fec77bc487d3aabfc6246c0440d188905ffc3d6b |
| SHA256 | 4aa1801087dd5aa13588ca68643054d3c00fee11751f45ea12f77abd2bd57005 |
| SHA512 | 2c520dbd563c2c1bcc363525ae181a1f10121942c47c9f354877dd009d7f0c9f7fc6a8c0e9de3b0b0441afa5654fc60c594e534dab5c3ff459a4dc7343353caf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 8b104eed9ea2f16910c91cef9ed63e78 |
| SHA1 | 0ab3fba77876e4b72c8a6c798b6f0db701772918 |
| SHA256 | 0fef80a6eb5237190b1c492b397460b0342d7c67dde2f30ec1d9f224557e6267 |
| SHA512 | b9c97fa6b04df138b89d35dcc8f24ef353f4c370f3a3b2c71dc23b181de7310b0f12684ddaa8fefbfb64ce181cb8496240faca60c2080c342e5910c958fa7c77 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 97487a9b910fd5a7a08e032f3156d278 |
| SHA1 | cd74623310506c35a1c28434095e64d1bebc27af |
| SHA256 | f2292c541bbf11040c81771a5eea391ae44019e7bff18a49c640869e9fe9cb58 |
| SHA512 | d8c6c0ca4b8acd029e3e32fecc89bf7caa3df14d30ae8fc1581f838a4ab2f7489b25c31909ac49c2a499c4b8e825bdeb77e0d440d4271720d02b6b8f7726c0ce |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 25b6c1b7fcc2845f58f8d82478938370 |
| SHA1 | 0fabfeb7b356102e11f772a06e7d9a19b1027daa |
| SHA256 | 2d0d08257fc6d9d57e3abd928b8489da9ebdf5b47897adc2e4b33bc41991f68a |
| SHA512 | c4cf57ea47322b1cddf2c1b3d6b6330a4df1815e6402d6d599b426ea880c4576962ce7758f926c940603868658ba9759b274f1005b72056f1cbfa513886b3076 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 1c87df7ae274903d94ea2dc4b926f942 |
| SHA1 | c3c4bf19a96224d53a5c459a892ee26955ede52b |
| SHA256 | 81dbb7a31f2cb92bac83b8a1f8c949754352af02753f8567df7e2ebdc9526d20 |
| SHA512 | 3d8c79dc210bee26075df8758dcd73306217489dcfc83dec19d5489de2a035586f707a8a30a8f35504deb345fe561b4c60dd0f6a196e7945d547099d838bf610 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 6a741d8afad77bb56ab472d71d5710a9 |
| SHA1 | dd28b90ce8ea5669dd448aaef3fc469e5d554aab |
| SHA256 | 0d0ce48d65d7bc7d754f31efe7b9c4b5b90705587f10fca30fa8de9db4b69d5e |
| SHA512 | c5d4e4a9164221ea8cbc2bbbbf64153362288658685e701ffa4af3e1e86f89ddf88e32f901f88a525bdd17d0cf939139297f1a69b4c1684244e9cbf08185c30a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | a4da754086e7c71497ff09953e07eaa9 |
| SHA1 | d0128e041d793d9b7ba4f5173739634b2f37a67e |
| SHA256 | d378e2d482c2484cee0d8aa9fd12a61c73228897a3b3853a79e42f9439f53ca7 |
| SHA512 | 56f272338b2bba0e04e334231b04a97f04e533f0a01d585c3ef34789289264f52ae067c92e35af61f43709c3e0abd0a66e3ac290853d62fc616101fd99df45bc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b321ec3e2e4e9cacfcd0c8a72d85921e |
| SHA1 | 5a7769c9c00b8b7a2f1519cc4801161d7843b813 |
| SHA256 | 7f5364e238ef57d751b1dfbc8cade2e5c8be827df9b84322788b5a8a9d3c91de |
| SHA512 | b5f12e45f9715fa0dac68888a99c3beb69f7b9d22f7e5ace248ecd8bc28483bcdb6f599aee72faa29afa5c3945fd2ca0e59e7f6e7ba485cd030cde68f81d2269 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ea675d174d4a5f80f181ecd4ca2ea78d |
| SHA1 | 639894a39488bca9abc1b1a5f5257250fcd2f76e |
| SHA256 | 3783dd5eafa1dcb829f04fe4b9a973537119d928ac1fae834bf844a45e8d0c40 |
| SHA512 | 73618b7432034fa7000b5ff36986e083440537ffe3a0b06a63b51c3c47bee6775ba1148ab4b1088adb69e2dbfb8039f5985a8691c076d277d4b489956b14426b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b3311a32b3af674aa1bcc4b7e8729740 |
| SHA1 | f623772a09298119eaf32e4c6e546d393e103871 |
| SHA256 | db390036bda89b75b31ee6d7dd33f68147ce9b4ea8d375c66ff16ae3943fc858 |
| SHA512 | a4b84e01d9f5393bf287732e14c4f979cd09f7e13379b50caa4aefee8b49627306126fc5811743abb1f61cfbd47d10c8fddaf6cf57a3b60a4b04c07c9a78f8b7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2f11b8af5c452a0d6c75b30dd543c178 |
| SHA1 | 8c8d3b0969644158da834f2dd8663a99cab46da7 |
| SHA256 | 302022710252de9c08d371385eb87f59e4a6d8d2e368eaaf867ac96e31eff6bd |
| SHA512 | da37e8eadda985e4385c5490b32b187a07639945c4eb0db600a25cdbe882930f513a264e69c97cfb0bb0b370b7fca1d1b7eae364ece0699c077070e9cbaa899b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f308b8a5ee8fb9539933857f7a6ebd21 |
| SHA1 | f2b938f2d13724ebab719d1cf22d5355bbe516d0 |
| SHA256 | a90953c2fb6d5ff4d0be4570da10ccbc58076e17043cbe20fe83b68c298a25f2 |
| SHA512 | 829ceb6c8aabf39d7008484f9f7cc1bb3ea9af3d0d570051c74edbf2956d1631b0d84e782684ca872549bf2944ccdc91a2432f6286b3f593ced067fa6112bd7a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 1430585a0301ba2a42b855519dfa73f8 |
| SHA1 | d8ad951f28d548dddab73e39dfe9151b105a769d |
| SHA256 | 7323e0bfa073ccdcbdbe4cd75da74ea455f3c4dc1aa5c44ed27d224cb87b9044 |
| SHA512 | 7a77bd3093fa22432173a9e765ecd97c4ef776a2cddf7fdb1bc124d25247dc7d3b4d5b4860340cd5ff936b74fb7b5e8a4011fa983504fde862b6ec1835fde9f7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d8d08e83934ed41291bbcf57dc32f2b3 |
| SHA1 | 33672fcf923f3189c22d6067ead0a206feb28a86 |
| SHA256 | 1c420ba788cc55a7197c6141a76922c5c017d5ab20631750b027d18b05e057c0 |
| SHA512 | d37fb9b9e9e886496e0bd13c831a80df7c45d30e737b8f2639428023a3a29e451020c3d60a57a7039e993ad8b4fe5062141277ccda19040420a7b68027a25921 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 86072691b5b69b374deaf87cd9947f9d |
| SHA1 | 0b5b50a4dd3d21692995d6dc462c2af1f88bb8a5 |
| SHA256 | 0628dbfc84a80ea4d5a456ca82da35558effd393d96b5d5b67620e4833b20809 |
| SHA512 | 4faf3b7deaea6a8c631a0a17a1dbbadb9a6a9ea8b23de41c3ae79ed94d5a09295f5c8b8ca0d8029aaaaf10ca257506b79ac0b72a95d26e44aaa015144c8868d4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 08032423b1e9958e9caec8609ea6ca4c |
| SHA1 | b4ce295a0ba38b4cac426a10bebf74104fa61b34 |
| SHA256 | 37e700b02032d9a18f8536e937b63d9f0892cd1240e6daa0d30301ad5d4612ea |
| SHA512 | 552b6c33fc59a682cd201e88b30f0d8ed74ef40ff2396daec6f337b674c4d10a3002d6078135407da5f682de216e671e93a3b984af6dd2512eeafdd6cf5d05de |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | fb316eab71029d73680e333154093a3b |
| SHA1 | ea5c5d052990ad3db8faf82ae9667f86f42c8ea7 |
| SHA256 | 8d83186bbf7a60dc342abfa8c8a04169f06828ef40193f29c79d7469ca9b312b |
| SHA512 | 2b033cbb04c19eafe0dd95900328656c02e727be6bb447d2ad1bfce47ff47387f474e43d1107ca6dde29a358713592c049207b9176b4be99fdc1c7c9e8ed385a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | dff50e58a4cc500f60fdef3559f045a5 |
| SHA1 | 8a3b5f6411b0ebaf1d77e61221aa4e7a02fcbd1b |
| SHA256 | a565b8897176729099345ece2b19a84c32d7bf7cc523319abd2454a033532038 |
| SHA512 | 3c09691145f98402bdc7b7c2cbde9f1e23a0f25cd0df5c7df26a306c7058068b0682d9952e3bb71ec099394b44f81b26ca865060fde1993f92cce41b35f83cd0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | c3512b2ff90338169e424680e66008f0 |
| SHA1 | 55e201edf5984e34dce7ef02569a1ef954129042 |
| SHA256 | 31ba315c5152436ebcaa5deaf9b68ae0b4244daeb36947a6a0aa91e1def38bf5 |
| SHA512 | 9a8c9d26d3741849d7eb8f27081cdaa01e866415486c9c56ffb128ed328bdfe7e7f0a1ee749f2332d4aa256fc5bd6263bb7f0213a76bd3ba123585af501d1af7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d7c812ea1f929fceae1ab9c6b10017a2 |
| SHA1 | 19d148f24d45d4e6a1f6442e5ef27f2d9fcf1213 |
| SHA256 | 240b747c04bccbba2f39aa645bd4db0c4d64a939bb8833c19c245c8ad0d15d6b |
| SHA512 | 04d176a0c8e3d7848f25d8562027d6baf5ed3fb304004337ed3addded987f2f17213f73819b2944e618a202b1d84a0cbafe5a4daa2a0397966318a3d3ba46a52 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 429d78780be268390d9d976160e3fed2 |
| SHA1 | e9b1ead2f2266654f6c08a6123d062f562cde505 |
| SHA256 | 5c07d92c63a928eb421406cbbd26011dbd9e8402edbef64864205399e28b78d3 |
| SHA512 | 200e0634ed992286e37c4e966e71b353a1e85b22ff90e7914a543d0aee55e3b8f7973288f1df9d1121da5ef79800d03f41ea9991873e507125d375959e77ea07 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 17652916a9fb42e0a2410df092417f77 |
| SHA1 | 8a3f01a1cf581e7c9aa2a90fbe595186166eb09f |
| SHA256 | 1d55c0fe3ece412e00c18d179826fdf4431d117810753ca8202ba55b26a9f1e6 |
| SHA512 | 0f286218d8c39f92c063dc3c50e8ec3589af861b9ef9ba38795762242098f05c71ea0aae9a5a1b30b2d8924d56d6da89148a48b1fd772134a2194392ee907019 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3b1d88f348d93ee924edee86991a74d6 |
| SHA1 | 1b4840ddc685b5a8e705cbb900c0c6211b9e6465 |
| SHA256 | 45f4dfc8147f6aa825923449778f174f7ff6541f222c2d144024386c625a0a66 |
| SHA512 | 3baeadd24aa1a616eb414d8d491336b12bfbb3cda674b9dd019b1915f8d85989d8606048eda9141737c79effc9c74754d4bd2b7c0ae02e8f7a6c977945c6acb1 |