Malware Analysis Report

2025-08-05 11:00

Sample ID 241031-fqn19s1dkj
Target OptiFine_1.19.4_HD_U_I4.jar
SHA256 2c010bcae341cf1003c194a4b566a0cb0c8dff2443d2f9fbd9e7a2d9abc8af6a
Tags
asyncrat default discovery execution rat spyware stealer
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

2c010bcae341cf1003c194a4b566a0cb0c8dff2443d2f9fbd9e7a2d9abc8af6a

Threat Level: Known bad

The file OptiFine_1.19.4_HD_U_I4.jar was found to be: Known bad.

Malicious Activity Summary

asyncrat default discovery execution rat spyware stealer

Asyncrat family

AsyncRat

Async RAT payload

Checks computer location settings

Executes dropped EXE

Reads user/profile data of web browsers

Legitimate hosting services abused for malware hosting/C2

Drops file in System32 directory

Probable phishing domain

Command and Scripting Interpreter: PowerShell

Drops file in Windows directory

Enumerates physical storage devices

Browser Information Discovery

System Location Discovery: System Language Discovery

Enumerates system info in registry

Checks processor information in registry

Suspicious use of AdjustPrivilegeToken

Gathers network information

Delays execution with timeout.exe

Suspicious use of SetWindowsHookEx

Suspicious use of WriteProcessMemory

Suspicious behavior: EnumeratesProcesses

Suspicious use of FindShellTrayWindow

Modifies data under HKEY_USERS

Uses Volume Shadow Copy WMI provider

Suspicious behavior: GetForegroundWindowSpam

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Uses Task Scheduler COM API

Uses Volume Shadow Copy service COM API

Modifies registry class

Suspicious use of SendNotifyMessage

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-10-31 05:04

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-10-31 05:04

Reported

2024-10-31 05:23

Platform

win10ltsc2021-20241023-en

Max time kernel

1095s

Max time network

1095s

Command Line

java -jar C:\Users\Admin\AppData\Local\Temp\OptiFine_1.19.4_HD_U_I4.jar

Signatures

AsyncRat

rat asyncrat

Asyncrat family

asyncrat

Async RAT payload

rat
Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A

Checks computer location settings

Description Indicator Process Target
Key value queried \REGISTRY\USER\S-1-5-21-3785588363-1079601362-4184885025-1000\Control Panel\International\Geo\Nation C:\Users\Admin\Desktop\AsyncClient.exe N/A

Executes dropped EXE

Description Indicator Process Target
N/A N/A C:\Users\Admin\Desktop\AsyncRAT\AsyncRAT.exe N/A
N/A N/A C:\Users\Admin\Desktop\AsyncClient.exe N/A
N/A N/A C:\Users\Admin\Desktop\AsyncClient.exe N/A

Reads user/profile data of web browsers

spyware stealer

Legitimate hosting services abused for malware hosting/C2

Description Indicator Process Target
N/A camo.githubusercontent.com N/A N/A

Command and Scripting Interpreter: PowerShell

execution
Description Indicator Process Target
N/A N/A C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe N/A

Drops file in System32 directory

Description Indicator Process Target
File opened for modification C:\Windows\system32\WF.msc C:\Windows\system32\mmc.exe N/A

Probable phishing domain

Description Indicator Process Target
HTTP URL https://hackforums.net/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8db126848b3d48ca N/A N/A

Drops file in Windows directory

Description Indicator Process Target
File opened for modification C:\Windows\SystemTemp C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File opened for modification C:\Windows\SystemTemp C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File opened for modification C:\Windows\Debug\WIA\wiatrace.log C:\Windows\system32\mspaint.exe N/A

Browser Information Discovery

discovery

Enumerates physical storage devices

System Location Discovery: System Language Discovery

discovery
Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\cmd.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\timeout.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\rundll32.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Desktop\AsyncClient.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Desktop\AsyncClient.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\cmd.exe N/A

Checks processor information in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A

Delays execution with timeout.exe

evasion
Description Indicator Process Target
N/A N/A C:\Windows\SysWOW64\timeout.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Gathers network information

Description Indicator Process Target
N/A N/A C:\Windows\system32\ipconfig.exe N/A
N/A N/A C:\Windows\system32\NETSTAT.EXE N/A
N/A N/A C:\Windows\system32\ipconfig.exe N/A
N/A N/A C:\Windows\system32\NETSTAT.EXE N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133748247093407936" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies registry class

Description Indicator Process Target
Set value (int) \REGISTRY\USER\S-1-5-21-3785588363-1079601362-4184885025-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1" C:\Users\Admin\Desktop\AsyncRAT\AsyncRAT.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3785588363-1079601362-4184885025-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\1 = 3a002e803accbfb42cdb4c42b0297fe99a87c641260001002600efbe1100000097c157265625db017cfee57f522bdb017cfee57f522bdb0114000000 C:\Users\Admin\Desktop\AsyncRAT\AsyncRAT.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3785588363-1079601362-4184885025-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a0000001001000030f125b7ef471a10a5f102608c9eebac0e0000009000000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3785588363-1079601362-4184885025-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\Shell\SniffedFolderType = "Generic" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3785588363-1079601362-4184885025-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\IconSize = "16" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3785588363-1079601362-4184885025-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\Shell\SniffedFolderType = "Generic" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3785588363-1079601362-4184885025-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\Version = "1" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3785588363-1079601362-4184885025-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a0000001001000030f125b7ef471a10a5f102608c9eebac0e0000009000000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3785588363-1079601362-4184885025-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3785588363-1079601362-4184885025-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0a00000001000000 C:\Users\Admin\Desktop\AsyncRAT\AsyncRAT.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3785588363-1079601362-4184885025-1000_Classes\Local Settings C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3785588363-1079601362-4184885025-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 0202020202 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3785588363-1079601362-4184885025-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3785588363-1079601362-4184885025-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1092616257" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3785588363-1079601362-4184885025-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupView = "4294967295" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3785588363-1079601362-4184885025-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\MRUListEx = 010000000000000002000000ffffffff C:\Users\Admin\Desktop\AsyncRAT\AsyncRAT.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3785588363-1079601362-4184885025-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\1\MRUListEx = ffffffff C:\Users\Admin\Desktop\AsyncRAT\AsyncRAT.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3785588363-1079601362-4184885025-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\8 C:\Users\Admin\Desktop\AsyncRAT\AsyncRAT.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3785588363-1079601362-4184885025-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 0202020202020202 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3785588363-1079601362-4184885025-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3785588363-1079601362-4184885025-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4 C:\Users\Admin\Desktop\AsyncRAT\AsyncRAT.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3785588363-1079601362-4184885025-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\GroupByKey:PID = "0" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3785588363-1079601362-4184885025-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\1\0\MRUListEx = ffffffff C:\Users\Admin\Desktop\AsyncRAT\AsyncRAT.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3785588363-1079601362-4184885025-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\MRUListEx = 010000000000000002000000ffffffff C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3785588363-1079601362-4184885025-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a0000001001000030f125b7ef471a10a5f102608c9eebac0e0000009000000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3785588363-1079601362-4184885025-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\MRUListEx = 010000000000000002000000ffffffff C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3785588363-1079601362-4184885025-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:FMTID = "{00000000-0000-0000-0000-000000000000}" C:\Users\Admin\Desktop\AsyncRAT\AsyncRAT.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3785588363-1079601362-4184885025-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1092616257" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3785588363-1079601362-4184885025-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3785588363-1079601362-4184885025-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:PID = "0" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3785588363-1079601362-4184885025-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 01000000030000000200000000000000ffffffff C:\Users\Admin\Desktop\AsyncRAT\AsyncRAT.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3785588363-1079601362-4184885025-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3785588363-1079601362-4184885025-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0a00000001000000 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3785588363-1079601362-4184885025-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7} C:\Users\Admin\Desktop\AsyncRAT\AsyncRAT.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3785588363-1079601362-4184885025-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\2\MRUListEx = ffffffff C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3785588363-1079601362-4184885025-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\2 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3785588363-1079601362-4184885025-1000_Classes\Local Settings C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3785588363-1079601362-4184885025-1000_Classes\Local Settings C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3785588363-1079601362-4184885025-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:PID = "0" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3785588363-1079601362-4184885025-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0a00000001000000 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3785588363-1079601362-4184885025-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell C:\Users\Admin\Desktop\AsyncRAT\AsyncRAT.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3785588363-1079601362-4184885025-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\1 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3785588363-1079601362-4184885025-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7} C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3785588363-1079601362-4184885025-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\IconSize = "16" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3785588363-1079601362-4184885025-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:FMTID = "{00000000-0000-0000-0000-000000000000}" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3785588363-1079601362-4184885025-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 0202020202020202 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3785588363-1079601362-4184885025-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3785588363-1079601362-4184885025-1000_Classes\Local Settings C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3785588363-1079601362-4184885025-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\IconSize = "16" C:\Users\Admin\Desktop\AsyncRAT\AsyncRAT.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3785588363-1079601362-4184885025-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:PID = "0" C:\Users\Admin\Desktop\AsyncRAT\AsyncRAT.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3785588363-1079601362-4184885025-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\LogicalViewMode = "3" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3785588363-1079601362-4184885025-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a0000001001000030f125b7ef471a10a5f102608c9eebac0e0000009000000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3785588363-1079601362-4184885025-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3785588363-1079601362-4184885025-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupByKey:FMTID = "{B725F130-47EF-101A-A5F1-02608C9EEBAC}" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3785588363-1079601362-4184885025-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\Shell C:\Users\Admin\Desktop\AsyncRAT\AsyncRAT.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3785588363-1079601362-4184885025-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3785588363-1079601362-4184885025-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3785588363-1079601362-4184885025-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259} C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3785588363-1079601362-4184885025-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\8\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\IconSize = "16" C:\Users\Admin\Desktop\AsyncRAT\AsyncRAT.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3785588363-1079601362-4184885025-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Mode = "4" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3785588363-1079601362-4184885025-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\0\0\0\1 = 7e003100000000005f59b02811004465736b746f7000680009000400efbe57590e725f59b0282e000000040904000000020000000000000000003e00000000007225b7004400650073006b0074006f007000000040007300680065006c006c00330032002e0064006c006c002c002d0032003100370036003900000016000000 C:\Users\Admin\Desktop\AsyncRAT\AsyncRAT.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4336a54d-038b-4685-ab02-99bb52d3fb8b}\Instance\ C:\Users\Admin\Desktop\AsyncRAT\AsyncRAT.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3785588363-1079601362-4184885025-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Mode = "4" C:\Users\Admin\Desktop\AsyncRAT\AsyncRAT.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3785588363-1079601362-4184885025-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a000000a000000030f125b7ef471a10a5f102608c9eebac0e0000009000000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000 C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\Desktop\AsyncRAT\AsyncRAT.exe N/A
N/A N/A C:\Users\Admin\Desktop\AsyncRAT\AsyncRAT.exe N/A
N/A N/A C:\Users\Admin\Desktop\AsyncRAT\AsyncRAT.exe N/A
N/A N/A C:\Users\Admin\Desktop\AsyncRAT\AsyncRAT.exe N/A
N/A N/A C:\Users\Admin\Desktop\AsyncRAT\AsyncRAT.exe N/A
N/A N/A C:\Users\Admin\Desktop\AsyncRAT\AsyncRAT.exe N/A
N/A N/A C:\Users\Admin\Desktop\AsyncRAT\AsyncRAT.exe N/A
N/A N/A C:\Users\Admin\Desktop\AsyncRAT\AsyncRAT.exe N/A
N/A N/A C:\Users\Admin\Desktop\AsyncRAT\AsyncRAT.exe N/A
N/A N/A C:\Users\Admin\Desktop\AsyncRAT\AsyncRAT.exe N/A
N/A N/A C:\Users\Admin\Desktop\AsyncRAT\AsyncRAT.exe N/A
N/A N/A C:\Users\Admin\Desktop\AsyncRAT\AsyncRAT.exe N/A
N/A N/A C:\Users\Admin\Desktop\AsyncRAT\AsyncRAT.exe N/A
N/A N/A C:\Users\Admin\Desktop\AsyncRAT\AsyncRAT.exe N/A
N/A N/A C:\Users\Admin\Desktop\AsyncRAT\AsyncRAT.exe N/A
N/A N/A C:\Users\Admin\Desktop\AsyncRAT\AsyncRAT.exe N/A
N/A N/A C:\Users\Admin\Desktop\AsyncRAT\AsyncRAT.exe N/A
N/A N/A C:\Users\Admin\Desktop\AsyncRAT\AsyncRAT.exe N/A
N/A N/A C:\Users\Admin\Desktop\AsyncRAT\AsyncRAT.exe N/A
N/A N/A C:\Users\Admin\Desktop\AsyncRAT\AsyncRAT.exe N/A
N/A N/A C:\Users\Admin\Desktop\AsyncRAT\AsyncRAT.exe N/A
N/A N/A C:\Users\Admin\Desktop\AsyncRAT\AsyncRAT.exe N/A
N/A N/A C:\Users\Admin\Desktop\AsyncRAT\AsyncRAT.exe N/A
N/A N/A C:\Users\Admin\Desktop\AsyncRAT\AsyncRAT.exe N/A
N/A N/A C:\Users\Admin\Desktop\AsyncRAT\AsyncRAT.exe N/A
N/A N/A C:\Users\Admin\Desktop\AsyncRAT\AsyncRAT.exe N/A
N/A N/A C:\Users\Admin\Desktop\AsyncRAT\AsyncRAT.exe N/A
N/A N/A C:\Users\Admin\Desktop\AsyncRAT\AsyncRAT.exe N/A
N/A N/A C:\Users\Admin\Desktop\AsyncRAT\AsyncRAT.exe N/A
N/A N/A C:\Users\Admin\Desktop\AsyncRAT\AsyncRAT.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe N/A
N/A N/A C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe N/A
N/A N/A C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Windows\system32\mspaint.exe N/A
N/A N/A C:\Windows\system32\mspaint.exe N/A

Suspicious behavior: GetForegroundWindowSpam

Description Indicator Process Target
N/A N/A C:\Users\Admin\Desktop\AsyncRAT\AsyncRAT.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeRestorePrivilege N/A C:\Program Files\7-Zip\7zG.exe N/A
Token: 35 N/A C:\Program Files\7-Zip\7zG.exe N/A
Token: SeSecurityPrivilege N/A C:\Program Files\7-Zip\7zG.exe N/A
Token: SeSecurityPrivilege N/A C:\Program Files\7-Zip\7zG.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\7-Zip\7zG.exe N/A
N/A N/A C:\Users\Admin\Desktop\AsyncRAT\AsyncRAT.exe N/A
N/A N/A C:\Users\Admin\Desktop\AsyncRAT\AsyncRAT.exe N/A
N/A N/A C:\Users\Admin\Desktop\AsyncRAT\AsyncRAT.exe N/A
N/A N/A C:\Users\Admin\Desktop\AsyncRAT\AsyncRAT.exe N/A
N/A N/A C:\Users\Admin\Desktop\AsyncRAT\AsyncRAT.exe N/A
N/A N/A C:\Users\Admin\Desktop\AsyncRAT\AsyncRAT.exe N/A
N/A N/A C:\Users\Admin\Desktop\AsyncRAT\AsyncRAT.exe N/A
N/A N/A C:\Users\Admin\Desktop\AsyncRAT\AsyncRAT.exe N/A
N/A N/A C:\Users\Admin\Desktop\AsyncRAT\AsyncRAT.exe N/A
N/A N/A C:\Users\Admin\Desktop\AsyncRAT\AsyncRAT.exe N/A
N/A N/A C:\Users\Admin\Desktop\AsyncRAT\AsyncRAT.exe N/A
N/A N/A C:\Users\Admin\Desktop\AsyncRAT\AsyncRAT.exe N/A
N/A N/A C:\Users\Admin\Desktop\AsyncRAT\AsyncRAT.exe N/A
N/A N/A C:\Users\Admin\Desktop\AsyncRAT\AsyncRAT.exe N/A
N/A N/A C:\Users\Admin\Desktop\AsyncRAT\AsyncRAT.exe N/A
N/A N/A C:\Users\Admin\Desktop\AsyncRAT\AsyncRAT.exe N/A
N/A N/A C:\Users\Admin\Desktop\AsyncRAT\AsyncRAT.exe N/A
N/A N/A C:\Users\Admin\Desktop\AsyncRAT\AsyncRAT.exe N/A
N/A N/A C:\Users\Admin\Desktop\AsyncRAT\AsyncRAT.exe N/A
N/A N/A C:\Users\Admin\Desktop\AsyncRAT\AsyncRAT.exe N/A
N/A N/A C:\Users\Admin\Desktop\AsyncRAT\AsyncRAT.exe N/A
N/A N/A C:\Users\Admin\Desktop\AsyncRAT\AsyncRAT.exe N/A
N/A N/A C:\Users\Admin\Desktop\AsyncRAT\AsyncRAT.exe N/A
N/A N/A C:\Users\Admin\Desktop\AsyncRAT\AsyncRAT.exe N/A
N/A N/A C:\Users\Admin\Desktop\AsyncRAT\AsyncRAT.exe N/A
N/A N/A C:\Users\Admin\Desktop\AsyncRAT\AsyncRAT.exe N/A
N/A N/A C:\Users\Admin\Desktop\AsyncRAT\AsyncRAT.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\Desktop\AsyncRAT\AsyncRAT.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\Desktop\AsyncRAT\AsyncRAT.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Common Files\Oracle\Java\javapath\java.exe N/A
N/A N/A C:\Program Files (x86)\Common Files\Oracle\Java\javapath\java.exe N/A
N/A N/A C:\Users\Admin\Desktop\AsyncRAT\AsyncRAT.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Windows\System32\CredentialUIBroker.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\Desktop\AsyncRAT\AsyncRAT.exe N/A
N/A N/A C:\Users\Admin\Desktop\AsyncRAT\AsyncRAT.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\Desktop\AsyncRAT\AsyncRAT.exe N/A
N/A N/A C:\Users\Admin\Desktop\AsyncRAT\AsyncRAT.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\Desktop\AsyncRAT\AsyncRAT.exe N/A
N/A N/A C:\Users\Admin\Desktop\AsyncRAT\AsyncRAT.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Windows\system32\mspaint.exe N/A
N/A N/A C:\Windows\system32\mspaint.exe N/A
N/A N/A C:\Windows\system32\mspaint.exe N/A
N/A N/A C:\Windows\system32\mspaint.exe N/A
N/A N/A C:\Users\Admin\Desktop\AsyncRAT\AsyncRAT.exe N/A
N/A N/A C:\Users\Admin\Desktop\AsyncRAT\AsyncRAT.exe N/A
N/A N/A C:\Users\Admin\Desktop\AsyncRAT\AsyncRAT.exe N/A
N/A N/A C:\Users\Admin\Desktop\AsyncRAT\AsyncRAT.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Windows\system32\mmc.exe N/A
N/A N/A C:\Windows\system32\mmc.exe N/A
N/A N/A C:\Windows\system32\mmc.exe N/A
N/A N/A C:\Windows\system32\mmc.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 1916 wrote to memory of 1848 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1916 wrote to memory of 1848 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1916 wrote to memory of 2312 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1916 wrote to memory of 2312 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1916 wrote to memory of 2312 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1916 wrote to memory of 2312 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1916 wrote to memory of 2312 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1916 wrote to memory of 2312 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1916 wrote to memory of 2312 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1916 wrote to memory of 2312 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1916 wrote to memory of 2312 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1916 wrote to memory of 2312 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1916 wrote to memory of 2312 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1916 wrote to memory of 2312 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1916 wrote to memory of 2312 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1916 wrote to memory of 2312 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1916 wrote to memory of 2312 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1916 wrote to memory of 2312 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1916 wrote to memory of 2312 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1916 wrote to memory of 2312 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1916 wrote to memory of 2312 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1916 wrote to memory of 2312 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1916 wrote to memory of 2312 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1916 wrote to memory of 2312 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1916 wrote to memory of 2312 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1916 wrote to memory of 2312 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1916 wrote to memory of 2312 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1916 wrote to memory of 2312 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1916 wrote to memory of 2312 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1916 wrote to memory of 2312 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1916 wrote to memory of 2312 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1916 wrote to memory of 2312 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1916 wrote to memory of 3300 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1916 wrote to memory of 3300 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1916 wrote to memory of 908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1916 wrote to memory of 908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1916 wrote to memory of 908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1916 wrote to memory of 908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1916 wrote to memory of 908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1916 wrote to memory of 908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1916 wrote to memory of 908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1916 wrote to memory of 908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1916 wrote to memory of 908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1916 wrote to memory of 908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1916 wrote to memory of 908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1916 wrote to memory of 908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1916 wrote to memory of 908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1916 wrote to memory of 908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1916 wrote to memory of 908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1916 wrote to memory of 908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1916 wrote to memory of 908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1916 wrote to memory of 908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1916 wrote to memory of 908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1916 wrote to memory of 908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1916 wrote to memory of 908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1916 wrote to memory of 908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1916 wrote to memory of 908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1916 wrote to memory of 908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1916 wrote to memory of 908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1916 wrote to memory of 908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1916 wrote to memory of 908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1916 wrote to memory of 908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1916 wrote to memory of 908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1916 wrote to memory of 908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Uses Task Scheduler COM API

persistence

Uses Volume Shadow Copy WMI provider

ransomware

Uses Volume Shadow Copy service COM API

ransomware

Processes

C:\Program Files (x86)\Common Files\Oracle\Java\javapath\java.exe

java -jar C:\Users\Admin\AppData\Local\Temp\OptiFine_1.19.4_HD_U_I4.jar

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x220,0x224,0x228,0x1fc,0x22c,0x7ffb65cbcc40,0x7ffb65cbcc4c,0x7ffb65cbcc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1988,i,10829863202822558713,5142901406760823603,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=1968 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=640,i,10829863202822558713,5142901406760823603,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=1672 /prefetch:3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2272,i,10829863202822558713,5142901406760823603,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=2288 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3160,i,10829863202822558713,5142901406760823603,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=3196 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3168,i,10829863202822558713,5142901406760823603,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=3460 /prefetch:1

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4616,i,10829863202822558713,5142901406760823603,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=3712 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4756,i,10829863202822558713,5142901406760823603,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=4736 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4784,i,10829863202822558713,5142901406760823603,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=4860 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4996,i,10829863202822558713,5142901406760823603,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=4848 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5096,i,10829863202822558713,5142901406760823603,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=4640 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=3732,i,10829863202822558713,5142901406760823603,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=4828 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=3232,i,10829863202822558713,5142901406760823603,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=5420 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4076,i,10829863202822558713,5142901406760823603,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=5284 /prefetch:8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=5556,i,10829863202822558713,5142901406760823603,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=5428 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4400,i,10829863202822558713,5142901406760823603,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=5640 /prefetch:8

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

C:\Program Files\7-Zip\7zG.exe

"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Desktop\" -an -ai#7zMap29400:74:7zEvent338

C:\Users\Admin\Desktop\AsyncRAT\AsyncRAT.exe

"C:\Users\Admin\Desktop\AsyncRAT\AsyncRAT.exe"

C:\Windows\system32\wbem\WmiApSrv.exe

C:\Windows\system32\wbem\WmiApSrv.exe

C:\Windows\system32\cmd.exe

"C:\Windows\system32\cmd.exe"

C:\Windows\system32\ipconfig.exe

ipconfig

C:\Windows\system32\NETSTAT.EXE

netstat

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=3896,i,10829863202822558713,5142901406760823603,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=4884 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=904,i,10829863202822558713,5142901406760823603,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=5204 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.4355 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4532,i,10829863202822558713,5142901406760823603,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=4520 /prefetch:8

C:\Windows\system32\cmd.exe

"C:\Windows\system32\cmd.exe"

C:\Windows\system32\ipconfig.exe

ipconfig

C:\Users\Admin\Desktop\AsyncClient.exe

"C:\Users\Admin\Desktop\AsyncClient.exe"

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe"

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe"

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2004 -parentBuildID 20240401114208 -prefsHandle 1920 -prefMapHandle 1912 -prefsLen 23681 -prefMapSize 244658 -appDir "C:\Program Files\Mozilla Firefox\browser" - {cba8b761-157b-4b28-9539-f93ab6efdbbb} 3744 "\\.\pipe\gecko-crash-server-pipe.3744" gpu

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2412 -parentBuildID 20240401114208 -prefsHandle 2404 -prefMapHandle 2400 -prefsLen 23717 -prefMapSize 244658 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {c496b917-7962-490d-86cd-37eb0ade2871} 3744 "\\.\pipe\gecko-crash-server-pipe.3744" socket

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2860 -childID 1 -isForBrowser -prefsHandle 3216 -prefMapHandle 2612 -prefsLen 23858 -prefMapSize 244658 -jsInitHandle 1292 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {9246c2c6-0812-444c-b42d-9ce3334f7777} 3744 "\\.\pipe\gecko-crash-server-pipe.3744" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4296 -childID 2 -isForBrowser -prefsHandle 4288 -prefMapHandle 4280 -prefsLen 29091 -prefMapSize 244658 -jsInitHandle 1292 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {cc3ce9d5-8e74-4b03-8ae9-b98366311035} 3744 "\\.\pipe\gecko-crash-server-pipe.3744" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4972 -parentBuildID 20240401114208 -sandboxingKind 0 -prefsHandle 4976 -prefMapHandle 4964 -prefsLen 29091 -prefMapSize 244658 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {996b9f7e-09fe-4801-a746-20cfe2a2e335} 3744 "\\.\pipe\gecko-crash-server-pipe.3744" utility

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5404 -childID 3 -isForBrowser -prefsHandle 5428 -prefMapHandle 5420 -prefsLen 27051 -prefMapSize 244658 -jsInitHandle 1292 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {45cd70a9-dfc4-4af6-991f-474f471f482c} 3744 "\\.\pipe\gecko-crash-server-pipe.3744" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5556 -childID 4 -isForBrowser -prefsHandle 5564 -prefMapHandle 5568 -prefsLen 27051 -prefMapSize 244658 -jsInitHandle 1292 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {541ce49f-f164-403f-b50a-6b46d8c04b3e} 3744 "\\.\pipe\gecko-crash-server-pipe.3744" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5760 -childID 5 -isForBrowser -prefsHandle 5840 -prefMapHandle 5836 -prefsLen 27051 -prefMapSize 244658 -jsInitHandle 1292 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {f01a809f-0b49-45aa-a123-df136613bb4c} 3744 "\\.\pipe\gecko-crash-server-pipe.3744" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2328 -childID 6 -isForBrowser -prefsHandle 5272 -prefMapHandle 5324 -prefsLen 27132 -prefMapSize 244658 -jsInitHandle 1292 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {547244de-8b9c-4c7f-a399-2e4ffcdc9ed9} 3744 "\\.\pipe\gecko-crash-server-pipe.3744" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5456 -childID 7 -isForBrowser -prefsHandle 3216 -prefMapHandle 3008 -prefsLen 27132 -prefMapSize 244658 -jsInitHandle 1292 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {84b9eec4-0716-43f6-888f-da387ed55758} 3744 "\\.\pipe\gecko-crash-server-pipe.3744" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=6148 -childID 8 -isForBrowser -prefsHandle 6156 -prefMapHandle 6160 -prefsLen 27132 -prefMapSize 244658 -jsInitHandle 1292 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {24bbc1f8-b03b-4530-9cd6-fd4f74eb5a19} 3744 "\\.\pipe\gecko-crash-server-pipe.3744" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=6340 -childID 9 -isForBrowser -prefsHandle 6348 -prefMapHandle 6352 -prefsLen 27132 -prefMapSize 244658 -jsInitHandle 1292 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {005821e7-2be1-4265-a1a6-65ed8117550f} 3744 "\\.\pipe\gecko-crash-server-pipe.3744" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=6540 -childID 10 -isForBrowser -prefsHandle 6548 -prefMapHandle 6552 -prefsLen 27132 -prefMapSize 244658 -jsInitHandle 1292 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {fb0c83f7-896a-48c7-a0ee-b95ccbb7304e} 3744 "\\.\pipe\gecko-crash-server-pipe.3744" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=6820 -childID 11 -isForBrowser -prefsHandle 6740 -prefMapHandle 6748 -prefsLen 27132 -prefMapSize 244658 -jsInitHandle 1292 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {d899e439-a6c2-4d8f-aa92-9e34e83c9b45} 3744 "\\.\pipe\gecko-crash-server-pipe.3744" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=6948 -childID 12 -isForBrowser -prefsHandle 6960 -prefMapHandle 6904 -prefsLen 27132 -prefMapSize 244658 -jsInitHandle 1292 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {2c04e2de-c688-4a9a-98c4-0e50dc5c6d94} 3744 "\\.\pipe\gecko-crash-server-pipe.3744" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5132 -childID 13 -isForBrowser -prefsHandle 4496 -prefMapHandle 4500 -prefsLen 27132 -prefMapSize 244658 -jsInitHandle 1292 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {181af622-8c30-4afe-97a5-c9065caa3787} 3744 "\\.\pipe\gecko-crash-server-pipe.3744" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=7384 -childID 14 -isForBrowser -prefsHandle 7380 -prefMapHandle 7244 -prefsLen 27132 -prefMapSize 244658 -jsInitHandle 1292 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {04a2921e-f44a-47e4-821d-5201ba44db1e} 3744 "\\.\pipe\gecko-crash-server-pipe.3744" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4412 -childID 15 -isForBrowser -prefsHandle 4448 -prefMapHandle 4300 -prefsLen 27132 -prefMapSize 244658 -jsInitHandle 1292 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {84721aef-92fa-4efe-aaeb-0c5ac016b0fe} 3744 "\\.\pipe\gecko-crash-server-pipe.3744" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=7696 -childID 16 -isForBrowser -prefsHandle 7688 -prefMapHandle 7616 -prefsLen 27132 -prefMapSize 244658 -jsInitHandle 1292 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {ca9567a9-a2db-485f-b883-f0ee09c70dc6} 3744 "\\.\pipe\gecko-crash-server-pipe.3744" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=6960 -childID 17 -isForBrowser -prefsHandle 7820 -prefMapHandle 7816 -prefsLen 27132 -prefMapSize 244658 -jsInitHandle 1292 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {ccb3124a-c95f-4e70-92b4-07b01f5fc847} 3744 "\\.\pipe\gecko-crash-server-pipe.3744" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=7864 -childID 18 -isForBrowser -prefsHandle 7944 -prefMapHandle 7940 -prefsLen 27132 -prefMapSize 244658 -jsInitHandle 1292 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {739c42d7-5c71-400f-ba7f-5a9b2abe5759} 3744 "\\.\pipe\gecko-crash-server-pipe.3744" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=6212 -childID 19 -isForBrowser -prefsHandle 6220 -prefMapHandle 6224 -prefsLen 27132 -prefMapSize 244658 -jsInitHandle 1292 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {b2439518-acbc-4fd1-a6ce-0984ffe689cb} 3744 "\\.\pipe\gecko-crash-server-pipe.3744" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=8188 -childID 20 -isForBrowser -prefsHandle 5444 -prefMapHandle 3216 -prefsLen 27132 -prefMapSize 244658 -jsInitHandle 1292 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {00b3c6e7-adab-4012-a0b6-292d406c516e} 3744 "\\.\pipe\gecko-crash-server-pipe.3744" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=8296 -childID 21 -isForBrowser -prefsHandle 8304 -prefMapHandle 8308 -prefsLen 27132 -prefMapSize 244658 -jsInitHandle 1292 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {987781a8-065a-4250-99d2-8c49e858b17c} 3744 "\\.\pipe\gecko-crash-server-pipe.3744" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=8568 -childID 22 -isForBrowser -prefsHandle 8488 -prefMapHandle 8492 -prefsLen 27132 -prefMapSize 244658 -jsInitHandle 1292 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {ddcd786f-def0-4573-ada5-cf626039fb1f} 3744 "\\.\pipe\gecko-crash-server-pipe.3744" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=8576 -childID 23 -isForBrowser -prefsHandle 8588 -prefMapHandle 6192 -prefsLen 27132 -prefMapSize 244658 -jsInitHandle 1292 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {69e8b272-bd38-4bfb-811c-237d6209b02a} 3744 "\\.\pipe\gecko-crash-server-pipe.3744" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=8760 -childID 24 -isForBrowser -prefsHandle 8836 -prefMapHandle 8832 -prefsLen 27132 -prefMapSize 244658 -jsInitHandle 1292 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {de6ccb77-d7e9-4af3-8fa5-c1f68802eb12} 3744 "\\.\pipe\gecko-crash-server-pipe.3744" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=8988 -childID 25 -isForBrowser -prefsHandle 8732 -prefMapHandle 8736 -prefsLen 27132 -prefMapSize 244658 -jsInitHandle 1292 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {54f768dc-a67a-47cc-ab2b-70c14454abce} 3744 "\\.\pipe\gecko-crash-server-pipe.3744" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=9120 -childID 26 -isForBrowser -prefsHandle 9128 -prefMapHandle 9132 -prefsLen 27132 -prefMapSize 244658 -jsInitHandle 1292 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {28a74fc2-46bc-470c-8f4c-661bd6389014} 3744 "\\.\pipe\gecko-crash-server-pipe.3744" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=9536 -childID 27 -isForBrowser -prefsHandle 9332 -prefMapHandle 9340 -prefsLen 27132 -prefMapSize 244658 -jsInitHandle 1292 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {98b15982-31fb-45ab-baf9-40709400adac} 3744 "\\.\pipe\gecko-crash-server-pipe.3744" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=9696 -childID 28 -isForBrowser -prefsHandle 9704 -prefMapHandle 9708 -prefsLen 27132 -prefMapSize 244658 -jsInitHandle 1292 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {4a768480-f46e-472b-9879-12d6504b7b56} 3744 "\\.\pipe\gecko-crash-server-pipe.3744" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=9552 -childID 29 -isForBrowser -prefsHandle 9912 -prefMapHandle 9916 -prefsLen 27132 -prefMapSize 244658 -jsInitHandle 1292 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {69dbd68c-f3ea-4b16-a8f2-1ff138a783c8} 3744 "\\.\pipe\gecko-crash-server-pipe.3744" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=9856 -childID 30 -isForBrowser -prefsHandle 10104 -prefMapHandle 10108 -prefsLen 27132 -prefMapSize 244658 -jsInitHandle 1292 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {eee71b1e-a96a-43e2-9be2-8fc8f0d3cab5} 3744 "\\.\pipe\gecko-crash-server-pipe.3744" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=10276 -childID 31 -isForBrowser -prefsHandle 10284 -prefMapHandle 10288 -prefsLen 27132 -prefMapSize 244658 -jsInitHandle 1292 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {f2872974-7c0e-4184-a6f3-bbc3ec1d09ee} 3744 "\\.\pipe\gecko-crash-server-pipe.3744" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=10560 -childID 32 -isForBrowser -prefsHandle 10480 -prefMapHandle 10484 -prefsLen 27132 -prefMapSize 244658 -jsInitHandle 1292 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {eaa42685-4bd5-4661-8cbe-666e9f63d591} 3744 "\\.\pipe\gecko-crash-server-pipe.3744" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=10596 -childID 33 -isForBrowser -prefsHandle 10696 -prefMapHandle 10700 -prefsLen 27132 -prefMapSize 244658 -jsInitHandle 1292 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {3f813fe3-d372-4f7d-affc-bb971d50f24b} 3744 "\\.\pipe\gecko-crash-server-pipe.3744" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=10472 -childID 34 -isForBrowser -prefsHandle 10932 -prefMapHandle 10940 -prefsLen 27132 -prefMapSize 244658 -jsInitHandle 1292 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {14679044-7ade-4855-b75a-39ed67ec0c60} 3744 "\\.\pipe\gecko-crash-server-pipe.3744" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=11092 -childID 35 -isForBrowser -prefsHandle 11100 -prefMapHandle 11104 -prefsLen 27132 -prefMapSize 244658 -jsInitHandle 1292 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {39cee9db-2b96-48cf-9254-02e27b706c30} 3744 "\\.\pipe\gecko-crash-server-pipe.3744" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=11288 -childID 36 -isForBrowser -prefsHandle 11296 -prefMapHandle 11300 -prefsLen 27132 -prefMapSize 244658 -jsInitHandle 1292 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {a2168650-389b-4ad5-bb66-7ea53499e192} 3744 "\\.\pipe\gecko-crash-server-pipe.3744" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=11500 -childID 37 -isForBrowser -prefsHandle 11508 -prefMapHandle 11512 -prefsLen 27132 -prefMapSize 244658 -jsInitHandle 1292 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {7e3d0010-075b-471c-b1fc-45fd89e719dc} 3744 "\\.\pipe\gecko-crash-server-pipe.3744" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=11716 -childID 38 -isForBrowser -prefsHandle 11792 -prefMapHandle 11788 -prefsLen 27132 -prefMapSize 244658 -jsInitHandle 1292 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {1b6957be-e092-4350-884e-5b65f7b9c25b} 3744 "\\.\pipe\gecko-crash-server-pipe.3744" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=11676 -childID 39 -isForBrowser -prefsHandle 11688 -prefMapHandle 11692 -prefsLen 27132 -prefMapSize 244658 -jsInitHandle 1292 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {e88d8bbb-5192-4d39-8647-9a768673a92e} 3744 "\\.\pipe\gecko-crash-server-pipe.3744" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=7808 -childID 40 -isForBrowser -prefsHandle 12108 -prefMapHandle 12112 -prefsLen 27132 -prefMapSize 244658 -jsInitHandle 1292 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {874ac1d1-32e4-425c-8a45-9dda341e7d88} 3744 "\\.\pipe\gecko-crash-server-pipe.3744" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=12248 -childID 41 -isForBrowser -prefsHandle 12256 -prefMapHandle 12260 -prefsLen 27132 -prefMapSize 244658 -jsInitHandle 1292 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {ddabcd54-f241-4b95-b4c4-399d762ffafd} 3744 "\\.\pipe\gecko-crash-server-pipe.3744" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=9704 -childID 42 -isForBrowser -prefsHandle 9924 -prefMapHandle 8732 -prefsLen 27132 -prefMapSize 244658 -jsInitHandle 1292 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {eb78c33e-9b09-42ad-921c-d44e3feb54fc} 3744 "\\.\pipe\gecko-crash-server-pipe.3744" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=9964 -childID 43 -isForBrowser -prefsHandle 9972 -prefMapHandle 9976 -prefsLen 27132 -prefMapSize 244658 -jsInitHandle 1292 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {99d561d0-c263-4b14-ae24-98f00cf6b303} 3744 "\\.\pipe\gecko-crash-server-pipe.3744" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=8000 -childID 44 -isForBrowser -prefsHandle 9336 -prefMapHandle 9340 -prefsLen 27132 -prefMapSize 244658 -jsInitHandle 1292 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {261c0142-0ead-4200-9c87-3889ed8339ef} 3744 "\\.\pipe\gecko-crash-server-pipe.3744" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=8628 -childID 45 -isForBrowser -prefsHandle 9388 -prefMapHandle 9392 -prefsLen 27132 -prefMapSize 244658 -jsInitHandle 1292 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {286cdd87-98d9-4caf-85cd-f6b5593b143e} 3744 "\\.\pipe\gecko-crash-server-pipe.3744" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=8596 -childID 46 -isForBrowser -prefsHandle 4408 -prefMapHandle 8516 -prefsLen 27132 -prefMapSize 244658 -jsInitHandle 1292 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {e4720f86-8b65-43bb-81d4-acc1ff5b8a8e} 3744 "\\.\pipe\gecko-crash-server-pipe.3744" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4368 -childID 47 -isForBrowser -prefsHandle 4356 -prefMapHandle 4432 -prefsLen 27132 -prefMapSize 244658 -jsInitHandle 1292 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {01107653-eeef-4392-bbb3-f54a936ed882} 3744 "\\.\pipe\gecko-crash-server-pipe.3744" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=12876 -childID 48 -isForBrowser -prefsHandle 12960 -prefMapHandle 12956 -prefsLen 27132 -prefMapSize 244658 -jsInitHandle 1292 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {e3471183-f4e9-4b7b-a963-d4915cf9b3f9} 3744 "\\.\pipe\gecko-crash-server-pipe.3744" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=12776 -childID 49 -isForBrowser -prefsHandle 12972 -prefMapHandle 12968 -prefsLen 27132 -prefMapSize 244658 -jsInitHandle 1292 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {df7679db-6b27-419e-a789-88ce7d38dc4e} 3744 "\\.\pipe\gecko-crash-server-pipe.3744" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=13168 -childID 50 -isForBrowser -prefsHandle 13212 -prefMapHandle 13220 -prefsLen 27132 -prefMapSize 244658 -jsInitHandle 1292 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {955ca9ff-c56f-42eb-95c5-05028ddc68d2} 3744 "\\.\pipe\gecko-crash-server-pipe.3744" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=13184 -childID 51 -isForBrowser -prefsHandle 13172 -prefMapHandle 13280 -prefsLen 27132 -prefMapSize 244658 -jsInitHandle 1292 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {1d8b773f-2c03-47bb-afd0-97ba8a9d1ae6} 3744 "\\.\pipe\gecko-crash-server-pipe.3744" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=13580 -childID 52 -isForBrowser -prefsHandle 13700 -prefMapHandle 13708 -prefsLen 27132 -prefMapSize 244658 -jsInitHandle 1292 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {a0b24a5d-e2f7-44bb-ad4b-f4ceeb26bec8} 3744 "\\.\pipe\gecko-crash-server-pipe.3744" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=13572 -childID 53 -isForBrowser -prefsHandle 13688 -prefMapHandle 13692 -prefsLen 27132 -prefMapSize 244658 -jsInitHandle 1292 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {878dfeb6-c480-4021-bf7b-44d8deca8b2d} 3744 "\\.\pipe\gecko-crash-server-pipe.3744" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=14040 -childID 54 -isForBrowser -prefsHandle 13868 -prefMapHandle 13768 -prefsLen 27132 -prefMapSize 244658 -jsInitHandle 1292 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {32d66c04-20aa-4baf-8869-7d4c3af54ed8} 3744 "\\.\pipe\gecko-crash-server-pipe.3744" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=14048 -childID 55 -isForBrowser -prefsHandle 13888 -prefMapHandle 13884 -prefsLen 27132 -prefMapSize 244658 -jsInitHandle 1292 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {81690db3-aea5-40e5-a78d-cf24c68be479} 3744 "\\.\pipe\gecko-crash-server-pipe.3744" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=14364 -childID 56 -isForBrowser -prefsHandle 14440 -prefMapHandle 14436 -prefsLen 27132 -prefMapSize 244658 -jsInitHandle 1292 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {8579f4d2-b572-451a-85e4-aab80659ef04} 3744 "\\.\pipe\gecko-crash-server-pipe.3744" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=14048 -childID 57 -isForBrowser -prefsHandle 14452 -prefMapHandle 14448 -prefsLen 27132 -prefMapSize 244658 -jsInitHandle 1292 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {89aef48a-7824-47fc-9a11-3e36914669c1} 3744 "\\.\pipe\gecko-crash-server-pipe.3744" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=12132 -childID 58 -isForBrowser -prefsHandle 11556 -prefMapHandle 11560 -prefsLen 27132 -prefMapSize 244658 -jsInitHandle 1292 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {067f52bd-2763-4b44-8321-c2ebe239bd74} 3744 "\\.\pipe\gecko-crash-server-pipe.3744" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=11388 -childID 59 -isForBrowser -prefsHandle 11544 -prefMapHandle 11548 -prefsLen 27132 -prefMapSize 244658 -jsInitHandle 1292 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {0897d8d7-f889-4f74-9873-180ccbef8c0d} 3744 "\\.\pipe\gecko-crash-server-pipe.3744" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=11344 -childID 60 -isForBrowser -prefsHandle 10744 -prefMapHandle 10736 -prefsLen 27132 -prefMapSize 244658 -jsInitHandle 1292 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {6ee4f72d-d8d1-4276-9616-0263995a132f} 3744 "\\.\pipe\gecko-crash-server-pipe.3744" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=11352 -childID 61 -isForBrowser -prefsHandle 10756 -prefMapHandle 10752 -prefsLen 27132 -prefMapSize 244658 -jsInitHandle 1292 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {ddade1f0-eedc-43a1-b4ce-3268713b1dd2} 3744 "\\.\pipe\gecko-crash-server-pipe.3744" tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x21c,0x220,0x224,0x1f8,0x228,0x7ffb65cbcc40,0x7ffb65cbcc4c,0x7ffb65cbcc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1928,i,17116070188855778122,17628412360959568339,262144 --variations-seed-version=20241030-180129.383000 --mojo-platform-channel-handle=1924 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2168,i,17116070188855778122,17628412360959568339,262144 --variations-seed-version=20241030-180129.383000 --mojo-platform-channel-handle=2188 /prefetch:3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2264,i,17116070188855778122,17628412360959568339,262144 --variations-seed-version=20241030-180129.383000 --mojo-platform-channel-handle=2240 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3132,i,17116070188855778122,17628412360959568339,262144 --variations-seed-version=20241030-180129.383000 --mojo-platform-channel-handle=3188 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3136,i,17116070188855778122,17628412360959568339,262144 --variations-seed-version=20241030-180129.383000 --mojo-platform-channel-handle=3220 /prefetch:1

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4568,i,17116070188855778122,17628412360959568339,262144 --variations-seed-version=20241030-180129.383000 --mojo-platform-channel-handle=4564 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=4656,i,17116070188855778122,17628412360959568339,262144 --variations-seed-version=20241030-180129.383000 --mojo-platform-channel-handle=4676 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4552,i,17116070188855778122,17628412360959568339,262144 --variations-seed-version=20241030-180129.383000 --mojo-platform-channel-handle=4844 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=3692,i,17116070188855778122,17628412360959568339,262144 --variations-seed-version=20241030-180129.383000 --mojo-platform-channel-handle=4988 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4832,i,17116070188855778122,17628412360959568339,262144 --variations-seed-version=20241030-180129.383000 --mojo-platform-channel-handle=4556 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4896,i,17116070188855778122,17628412360959568339,262144 --variations-seed-version=20241030-180129.383000 --mojo-platform-channel-handle=5156 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=4420,i,17116070188855778122,17628412360959568339,262144 --variations-seed-version=20241030-180129.383000 --mojo-platform-channel-handle=5272 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=4848,i,17116070188855778122,17628412360959568339,262144 --variations-seed-version=20241030-180129.383000 --mojo-platform-channel-handle=4456 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=5168,i,17116070188855778122,17628412360959568339,262144 --variations-seed-version=20241030-180129.383000 --mojo-platform-channel-handle=4836 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=5296,i,17116070188855778122,17628412360959568339,262144 --variations-seed-version=20241030-180129.383000 --mojo-platform-channel-handle=5308 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=5128,i,17116070188855778122,17628412360959568339,262144 --variations-seed-version=20241030-180129.383000 --mojo-platform-channel-handle=3332 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5260,i,17116070188855778122,17628412360959568339,262144 --variations-seed-version=20241030-180129.383000 --mojo-platform-channel-handle=3128 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4820,i,17116070188855778122,17628412360959568339,262144 --variations-seed-version=20241030-180129.383000 --mojo-platform-channel-handle=3372 /prefetch:8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --field-trial-handle=5180,i,17116070188855778122,17628412360959568339,262144 --variations-seed-version=20241030-180129.383000 --mojo-platform-channel-handle=4360 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --field-trial-handle=5024,i,17116070188855778122,17628412360959568339,262144 --variations-seed-version=20241030-180129.383000 --mojo-platform-channel-handle=4864 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --field-trial-handle=4384,i,17116070188855778122,17628412360959568339,262144 --variations-seed-version=20241030-180129.383000 --mojo-platform-channel-handle=4836 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --field-trial-handle=4928,i,17116070188855778122,17628412360959568339,262144 --variations-seed-version=20241030-180129.383000 --mojo-platform-channel-handle=5020 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --field-trial-handle=5412,i,17116070188855778122,17628412360959568339,262144 --variations-seed-version=20241030-180129.383000 --mojo-platform-channel-handle=3256 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --field-trial-handle=5576,i,17116070188855778122,17628412360959568339,262144 --variations-seed-version=20241030-180129.383000 --mojo-platform-channel-handle=3344 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-appcompat-clear --field-trial-handle=5756,i,17116070188855778122,17628412360959568339,262144 --variations-seed-version=20241030-180129.383000 --mojo-platform-channel-handle=5764 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5772,i,17116070188855778122,17628412360959568339,262144 --variations-seed-version=20241030-180129.383000 --mojo-platform-channel-handle=5404 /prefetch:8

C:\Windows\System32\CredentialUIBroker.exe

"C:\Windows\System32\CredentialUIBroker.exe" NonAppContainer -Embedding

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --field-trial-handle=6140,i,17116070188855778122,17628412360959568339,262144 --variations-seed-version=20241030-180129.383000 --mojo-platform-channel-handle=5972 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --field-trial-handle=4640,i,17116070188855778122,17628412360959568339,262144 --variations-seed-version=20241030-180129.383000 --mojo-platform-channel-handle=5968 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4804,i,17116070188855778122,17628412360959568339,262144 --variations-seed-version=20241030-180129.383000 --mojo-platform-channel-handle=3256 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.4355 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4880,i,17116070188855778122,17628412360959568339,262144 --variations-seed-version=20241030-180129.383000 --mojo-platform-channel-handle=3312 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --field-trial-handle=4460,i,17116070188855778122,17628412360959568339,262144 --variations-seed-version=20241030-180129.383000 --mojo-platform-channel-handle=4576 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=3452,i,17116070188855778122,17628412360959568339,262144 --variations-seed-version=20241030-180129.383000 --mojo-platform-channel-handle=4580 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --field-trial-handle=5144,i,17116070188855778122,17628412360959568339,262144 --variations-seed-version=20241030-180129.383000 --mojo-platform-channel-handle=4360 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4724,i,17116070188855778122,17628412360959568339,262144 --variations-seed-version=20241030-180129.383000 --mojo-platform-channel-handle=5728 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4936,i,17116070188855778122,17628412360959568339,262144 --variations-seed-version=20241030-180129.383000 --mojo-platform-channel-handle=4840 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --field-trial-handle=5700,i,17116070188855778122,17628412360959568339,262144 --variations-seed-version=20241030-180129.383000 --mojo-platform-channel-handle=5624 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5652,i,17116070188855778122,17628412360959568339,262144 --variations-seed-version=20241030-180129.383000 --mojo-platform-channel-handle=6136 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --field-trial-handle=4992,i,17116070188855778122,17628412360959568339,262144 --variations-seed-version=20241030-180129.383000 --mojo-platform-channel-handle=3304 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --field-trial-handle=4864,i,17116070188855778122,17628412360959568339,262144 --variations-seed-version=20241030-180129.383000 --mojo-platform-channel-handle=5056 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --field-trial-handle=5488,i,17116070188855778122,17628412360959568339,262144 --variations-seed-version=20241030-180129.383000 --mojo-platform-channel-handle=3364 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --field-trial-handle=4792,i,17116070188855778122,17628412360959568339,262144 --variations-seed-version=20241030-180129.383000 --mojo-platform-channel-handle=6156 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --field-trial-handle=5112,i,17116070188855778122,17628412360959568339,262144 --variations-seed-version=20241030-180129.383000 --mojo-platform-channel-handle=4616 /prefetch:1

C:\Windows\SysWOW64\cmd.exe

"C:\Windows\System32\cmd.exe" /c start /b powershell –ExecutionPolicy Bypass Start-Process -FilePath '"C:\Users\Admin\AppData\Local\Temp\lzepmz.p12"' & exit

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\AppData\Local\Temp\tmp79A.tmp.bat""

C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe

powershell –ExecutionPolicy Bypass Start-Process -FilePath '"C:\Users\Admin\AppData\Local\Temp\lzepmz.p12"'

C:\Windows\SysWOW64\timeout.exe

timeout 2

C:\Windows\SysWOW64\rundll32.exe

"C:\Windows\system32\rundll32.exe" cryptext.dll,CryptExtAddPFX C:\Users\Admin\AppData\Local\Temp\lzepmz.p12

C:\Users\Admin\Desktop\AsyncClient.exe

"C:\Users\Admin\Desktop\AsyncClient.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --field-trial-handle=4608,i,17116070188855778122,17628412360959568339,262144 --variations-seed-version=20241030-180129.383000 --mojo-platform-channel-handle=4624 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=6296,i,17116070188855778122,17628412360959568339,262144 --variations-seed-version=20241030-180129.383000 --mojo-platform-channel-handle=6496 /prefetch:8

C:\Windows\system32\NETSTAT.EXE

netstat

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --field-trial-handle=6360,i,17116070188855778122,17628412360959568339,262144 --variations-seed-version=20241030-180129.383000 --mojo-platform-channel-handle=4692 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5436,i,17116070188855778122,17628412360959568339,262144 --variations-seed-version=20241030-180129.383000 --mojo-platform-channel-handle=6124 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5612,i,17116070188855778122,17628412360959568339,262144 --variations-seed-version=20241030-180129.383000 --mojo-platform-channel-handle=6048 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=3272,i,17116070188855778122,17628412360959568339,262144 --variations-seed-version=20241030-180129.383000 --mojo-platform-channel-handle=4664 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --field-trial-handle=5532,i,17116070188855778122,17628412360959568339,262144 --variations-seed-version=20241030-180129.383000 --mojo-platform-channel-handle=2424 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=6324,i,17116070188855778122,17628412360959568339,262144 --variations-seed-version=20241030-180129.383000 --mojo-platform-channel-handle=6656 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.google.com/

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x140,0x144,0x148,0x11c,0x14c,0x7ffb640346f8,0x7ffb64034708,0x7ffb64034718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2128,2155301593674245472,66504565894180547,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2172 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2128,2155301593674245472,66504565894180547,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2240 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2128,2155301593674245472,66504565894180547,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2852 /prefetch:8

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,2155301593674245472,66504565894180547,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3724 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,2155301593674245472,66504565894180547,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3736 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,2155301593674245472,66504565894180547,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5252 /prefetch:1

C:\Windows\system32\mspaint.exe

"C:\Windows\system32\mspaint.exe" "C:\Users\Admin\Desktop\AsyncRAT\ClientsFolder\B526AE9EF9EC75E07DF7\RemoteDesktop\IMG_10-31-2024 05;20;01.jpeg"

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DeviceAssociationService

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --field-trial-handle=5664,i,17116070188855778122,17628412360959568339,262144 --variations-seed-version=20241030-180129.383000 --mojo-platform-channel-handle=5640 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5704,i,17116070188855778122,17628412360959568339,262144 --variations-seed-version=20241030-180129.383000 --mojo-platform-channel-handle=4664 /prefetch:8

C:\Windows\system32\mmc.exe

"C:\Windows\system32\mmc.exe" "C:\Windows\system32\WF.msc"

Network

Country Destination Domain Proto
US 8.8.8.8:53 8.8.8.8.in-addr.arpa udp
US 8.8.8.8:53 104.219.191.52.in-addr.arpa udp
US 8.8.8.8:53 172.214.232.199.in-addr.arpa udp
US 8.8.8.8:53 140.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
US 8.8.8.8:53 checkappexec.microsoft.com udp
GB 13.87.96.169:443 checkappexec.microsoft.com tcp
US 8.8.8.8:53 www.google.com udp
GB 172.217.169.36:443 www.google.com tcp
GB 172.217.169.36:443 www.google.com udp
US 8.8.8.8:53 169.96.87.13.in-addr.arpa udp
US 8.8.8.8:53 3.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 10.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 ogads-pa.googleapis.com udp
GB 142.250.178.10:443 ogads-pa.googleapis.com udp
US 8.8.8.8:53 36.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 3.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 10.178.250.142.in-addr.arpa udp
GB 142.250.178.10:443 ogads-pa.googleapis.com tcp
US 8.8.8.8:53 play.google.com udp
GB 142.250.187.206:443 play.google.com udp
GB 142.250.187.206:443 play.google.com tcp
US 8.8.8.8:53 227.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 dns-tunnel-check.googlezip.net udp
US 8.8.8.8:53 tunnel.googlezip.net udp
US 216.239.34.157:443 tunnel.googlezip.net tcp
GB 142.250.178.10:443 ogads-pa.googleapis.com tcp
GB 142.250.178.10:443 ogads-pa.googleapis.com udp
US 8.8.8.8:53 226.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 157.34.239.216.in-addr.arpa udp
US 216.239.34.157:443 tunnel.googlezip.net tcp
GB 142.250.187.206:443 play.google.com tcp
US 8.8.8.8:53 clients2.google.com udp
GB 142.250.178.14:443 clients2.google.com udp
N/A 224.0.0.251:5353 udp
GB 142.250.178.14:443 clients2.google.com tcp
US 8.8.8.8:53 consent.google.com udp
US 8.8.8.8:53 14.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 github.com udp
GB 20.26.156.215:443 github.com tcp
GB 20.26.156.215:443 github.com tcp
US 8.8.8.8:53 github.githubassets.com udp
US 8.8.8.8:53 avatars.githubusercontent.com udp
US 185.199.109.133:443 avatars.githubusercontent.com tcp
US 185.199.109.154:443 github.githubassets.com tcp
US 185.199.109.154:443 github.githubassets.com tcp
US 185.199.109.154:443 github.githubassets.com tcp
US 185.199.109.154:443 github.githubassets.com tcp
US 185.199.109.154:443 github.githubassets.com tcp
US 185.199.109.154:443 github.githubassets.com tcp
US 8.8.8.8:53 user-images.githubusercontent.com udp
US 8.8.8.8:53 github-cloud.s3.amazonaws.com udp
US 185.199.109.133:443 user-images.githubusercontent.com tcp
US 185.199.109.133:443 user-images.githubusercontent.com tcp
US 8.8.8.8:53 camo.githubusercontent.com udp
US 8.8.8.8:53 215.156.26.20.in-addr.arpa udp
US 8.8.8.8:53 154.239.44.20.in-addr.arpa udp
US 8.8.8.8:53 133.109.199.185.in-addr.arpa udp
US 8.8.8.8:53 154.109.199.185.in-addr.arpa udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 142.250.187.202:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 collector.github.com udp
US 185.199.109.154:443 github.githubassets.com tcp
US 8.8.8.8:53 api.github.com udp
US 140.82.112.21:443 collector.github.com tcp
US 140.82.112.21:443 collector.github.com tcp
GB 20.26.156.210:443 api.github.com tcp
GB 142.250.187.202:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 202.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 21.112.82.140.in-addr.arpa udp
US 8.8.8.8:53 210.156.26.20.in-addr.arpa udp
US 8.8.8.8:53 objects.githubusercontent.com udp
US 185.199.108.133:443 objects.githubusercontent.com tcp
US 8.8.8.8:53 133.108.199.185.in-addr.arpa udp
US 8.8.8.8:53 50.23.12.20.in-addr.arpa udp
US 8.8.8.8:53 15.164.165.52.in-addr.arpa udp
US 8.8.8.8:53 1.0.127.10.in-addr.arpa udp
US 8.8.8.8:53 1.0.127.10.in-addr.arpa udp
US 8.8.8.8:53 1.0.127.10.in-addr.arpa udp
US 8.8.8.8:53 104.219.191.52.in-addr.arpa udp
US 8.8.8.8:53 172.214.232.199.in-addr.arpa udp
US 8.8.8.8:53 140.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
US 8.8.8.8:53 169.96.87.13.in-addr.arpa udp
US 8.8.8.8:53 1.0.127.10.in-addr.arpa udp
US 8.8.8.8:53 206.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 157.34.239.216.in-addr.arpa udp
US 8.8.8.8:53 154.239.44.20.in-addr.arpa udp
US 8.8.8.8:53 50.23.12.20.in-addr.arpa udp
US 8.8.8.8:53 172.214.232.199.in-addr.arpa udp
GB 172.217.169.36:443 www.google.com udp
US 8.8.8.8:53 api.github.com udp
GB 20.26.156.210:443 api.github.com tcp
US 8.8.8.8:53 id.google.com udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 2.180.250.142.in-addr.arpa udp
FI 74.125.205.94:443 id.google.com tcp
NL 142.250.179.163:443 beacons.gcp.gvt2.com tcp
US 8.8.8.8:53 ogads-pa.googleapis.com udp
US 216.239.34.157:443 tunnel.googlezip.net tcp
GB 172.217.16.234:443 ogads-pa.googleapis.com udp
US 8.8.8.8:53 94.205.125.74.in-addr.arpa udp
US 8.8.8.8:53 163.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 234.16.217.172.in-addr.arpa udp
US 216.239.34.157:443 tunnel.googlezip.net tcp
GB 142.250.187.206:443 consent.google.com udp
US 8.8.8.8:53 19.229.111.52.in-addr.arpa udp
US 8.8.8.8:53 chatgpt.com udp
US 104.18.32.47:443 chatgpt.com tcp
US 104.18.32.47:443 chatgpt.com tcp
US 8.8.8.8:53 cdn.oaistatic.com udp
US 172.64.146.98:443 cdn.oaistatic.com tcp
US 172.64.146.98:443 cdn.oaistatic.com tcp
US 172.64.146.98:443 cdn.oaistatic.com tcp
US 172.64.146.98:443 cdn.oaistatic.com tcp
US 172.64.146.98:443 cdn.oaistatic.com tcp
US 172.64.146.98:443 cdn.oaistatic.com tcp
US 172.64.146.98:443 cdn.oaistatic.com tcp
US 172.64.146.98:443 cdn.oaistatic.com tcp
GB 142.250.187.202:443 ogads-pa.googleapis.com tcp
US 8.8.8.8:53 47.32.18.104.in-addr.arpa udp
US 8.8.8.8:53 98.146.64.172.in-addr.arpa udp
US 172.64.146.98:443 cdn.oaistatic.com udp
US 172.64.146.98:443 cdn.oaistatic.com udp
US 8.8.8.8:53 ab.chatgpt.com udp
US 172.64.155.209:443 ab.chatgpt.com tcp
US 172.64.155.209:443 ab.chatgpt.com tcp
US 172.64.155.209:443 ab.chatgpt.com tcp
US 8.8.8.8:53 209.155.64.172.in-addr.arpa udp
US 8.8.8.8:53 browser-intake-datadoghq.com udp
US 3.233.158.25:443 browser-intake-datadoghq.com tcp
US 8.8.8.8:53 25.158.233.3.in-addr.arpa udp
US 3.233.158.25:443 browser-intake-datadoghq.com tcp
N/A 127.0.0.1:7707 tcp
N/A 127.0.0.1:7707 tcp
N/A 127.0.0.1:7707 tcp
N/A 127.0.0.1:50717 tcp
US 8.8.8.8:53 spocs.getpocket.com udp
US 8.8.8.8:53 firefox-api-proxy.cdn.mozilla.net udp
US 8.8.8.8:53 prod.ads.prod.webservices.mozgcp.net udp
US 34.149.97.1:443 firefox-api-proxy.cdn.mozilla.net udp
US 8.8.8.8:53 firefox-api-proxy-prod.pocket.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 prod.ads.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 firefox-api-proxy-prod.pocket.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 138.191.11.52.in-addr.arpa udp
US 8.8.8.8:53 firefox-settings-attachments.cdn.mozilla.net udp
US 34.117.121.53:443 firefox-settings-attachments.cdn.mozilla.net tcp
US 8.8.8.8:53 attachments.prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 attachments.prod.remote-settings.prod.webservices.mozgcp.net udp
N/A 127.0.0.1:50725 tcp
US 8.8.8.8:53 53.121.117.34.in-addr.arpa udp
US 8.8.8.8:53 www.google.com udp
GB 172.217.169.36:443 www.google.com tcp
GB 172.217.169.36:443 www.google.com tcp
GB 172.217.169.36:443 www.google.com tcp
GB 172.217.169.36:443 www.google.com tcp
GB 172.217.169.36:443 www.google.com udp
US 8.8.8.8:53 ajax.googleapis.com udp
GB 172.217.16.234:443 ogads-pa.googleapis.com udp
GB 142.250.187.234:443 ajax.googleapis.com tcp
GB 172.217.16.234:443 ogads-pa.googleapis.com tcp
US 8.8.8.8:53 tira.ge udp
US 8.8.8.8:53 google.com udp
US 8.8.8.8:53 google.com udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.187.206:443 play.google.com udp
GB 142.250.187.206:443 play.google.com tcp
US 8.8.8.8:53 234.187.250.142.in-addr.arpa udp
US 8.8.4.4:53 google.com udp
GB 142.250.178.14:443 clients2.google.com udp
GB 142.250.178.14:443 clients2.google.com tcp
US 8.8.8.8:53 4.4.8.8.in-addr.arpa udp
US 8.8.8.8:53 tria.ge udp
US 104.18.40.144:443 tria.ge tcp
US 104.18.40.144:443 tria.ge tcp
US 8.8.8.8:53 hatching.io udp
GB 172.217.169.36:443 www.google.com tcp
NL 154.61.71.12:443 hatching.io tcp
NL 154.61.71.12:443 hatching.io tcp
NL 154.61.71.12:443 hatching.io tcp
NL 154.61.71.12:443 hatching.io tcp
NL 154.61.71.12:443 hatching.io tcp
US 8.8.8.8:53 content-autofill.googleapis.com udp
US 8.8.8.8:53 144.40.18.104.in-addr.arpa udp
GB 216.58.201.106:443 content-autofill.googleapis.com tcp
GB 172.217.169.36:443 www.google.com tcp
GB 216.58.201.106:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 12.71.61.154.in-addr.arpa udp
US 8.8.8.8:53 106.201.58.216.in-addr.arpa udp
GB 172.217.169.36:443 www.google.com udp
US 8.8.8.8:53 accounts.google.com udp
GB 74.125.71.84:443 accounts.google.com udp
US 8.8.8.8:53 84.71.125.74.in-addr.arpa udp
GB 216.58.201.106:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 accounts.youtube.com udp
GB 142.250.178.14:443 accounts.youtube.com tcp
GB 142.250.187.206:443 play.google.com udp
GB 142.250.187.206:443 play.google.com tcp
GB 142.250.187.206:443 play.google.com udp
GB 142.250.187.206:443 play.google.com tcp
US 8.8.8.8:53 208.143.182.52.in-addr.arpa udp
GB 216.58.201.106:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 signaler-pa.googleapis.com udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
NL 172.217.168.227:443 beacons.gcp.gvt2.com udp
NL 172.217.168.227:443 beacons.gcp.gvt2.com tcp
US 8.8.8.8:53 227.168.217.172.in-addr.arpa udp
GB 74.125.71.84:443 accounts.google.com udp
GB 142.250.178.14:443 accounts.youtube.com tcp
US 8.8.8.8:53 accounts.google.co.uk udp
BE 64.233.184.94:443 accounts.google.co.uk tcp
US 8.8.8.8:53 accounts.google.com.gt udp
US 8.8.8.8:53 94.184.233.64.in-addr.arpa udp
BE 64.233.184.94:443 accounts.google.com.gt tcp
GB 216.58.201.106:443 signaler-pa.googleapis.com udp
US 104.18.40.144:443 tria.ge tcp
US 104.18.40.144:443 tria.ge tcp
US 104.18.40.144:443 tria.ge tcp
US 104.18.40.144:443 tria.ge tcp
GB 74.125.71.84:443 accounts.google.com udp
NL 172.217.168.227:443 beacons.gcp.gvt2.com udp
NL 172.217.168.227:443 beacons.gcp.gvt2.com tcp
US 8.8.8.8:53 google.co.uk udp
US 8.8.8.8:53 google.com.gt udp
GB 142.250.187.195:443 google.com.gt tcp
GB 172.217.16.227:443 google.co.uk tcp
US 8.8.8.8:53 195.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 227.16.217.172.in-addr.arpa udp
GB 172.217.169.36:443 www.google.com udp
GB 172.217.169.36:443 www.google.com udp
US 8.8.8.8:53 lh3.google.com udp
GB 216.58.204.78:443 lh3.google.com tcp
US 8.8.8.8:53 lh3.googleusercontent.com udp
US 8.8.8.8:53 ogads-pa.clients6.google.com udp
GB 142.250.200.1:443 lh3.googleusercontent.com tcp
US 8.8.8.8:53 78.204.58.216.in-addr.arpa udp
GB 142.250.179.234:443 ogads-pa.clients6.google.com tcp
GB 142.250.179.234:443 ogads-pa.clients6.google.com udp
US 8.8.8.8:53 play.google.com udp
GB 172.217.16.238:443 play.google.com udp
US 8.8.8.8:53 1.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 238.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 234.179.250.142.in-addr.arpa udp
GB 172.217.16.238:443 play.google.com udp
US 8.8.8.8:53 ogs.google.com udp
GB 142.250.178.14:443 ogs.google.com tcp
US 8.8.8.8:53 ssl.gstatic.com udp
GB 142.250.200.1:443 lh3.googleusercontent.com udp
GB 142.250.187.195:443 ssl.gstatic.com tcp
GB 216.58.204.78:443 lh3.google.com tcp
GB 142.250.200.1:443 lh3.googleusercontent.com tcp
US 8.8.8.8:53 id.google.com udp
US 142.250.9.94:443 id.google.com udp
US 216.239.34.157:443 tunnel.googlezip.net tcp
GB 142.250.179.234:443 ogads-pa.clients6.google.com tcp
GB 142.250.179.234:443 ogads-pa.clients6.google.com udp
US 8.8.8.8:53 94.9.250.142.in-addr.arpa udp
GB 74.125.71.84:443 accounts.google.com udp
US 8.8.8.8:53 dns-tunnel-check.googlezip.net udp
US 216.239.34.157:443 tunnel.googlezip.net tcp
US 8.8.8.8:53 play.google.com udp
GB 142.250.178.14:443 play.google.com udp
GB 142.250.178.14:443 play.google.com udp
US 8.8.8.8:53 hackforums.net udp
US 104.23.128.79:443 hackforums.net tcp
US 104.23.128.79:443 hackforums.net tcp
GB 142.250.178.14:443 play.google.com tcp
US 8.8.8.8:53 challenges.cloudflare.com udp
GB 142.250.187.195:443 ssl.gstatic.com tcp
GB 142.250.200.1:443 lh3.googleusercontent.com udp
US 8.8.8.8:53 79.128.23.104.in-addr.arpa udp
US 104.18.95.41:443 challenges.cloudflare.com tcp
US 104.18.95.41:443 challenges.cloudflare.com tcp
US 104.18.95.41:443 challenges.cloudflare.com udp
US 8.8.8.8:53 41.95.18.104.in-addr.arpa udp
NL 172.217.168.227:443 beacons.gcp.gvt2.com udp
N/A 127.0.0.1:7707 tcp
GB 142.250.187.195:443 ssl.gstatic.com udp
GB 172.217.16.227:443 google.co.uk udp
NL 172.217.168.227:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 e2c8.gcp.gvt2.com udp
SG 34.87.124.238:443 e2c8.gcp.gvt2.com tcp
US 8.8.8.8:53 238.124.87.34.in-addr.arpa udp
US 8.8.8.8:53 beacons.gvt2.com udp
NL 216.58.208.99:443 beacons.gvt2.com tcp
US 8.8.8.8:53 99.208.58.216.in-addr.arpa udp
NL 172.217.168.227:443 beacons.gcp.gvt2.com udp
N/A 127.0.0.1:7707 tcp
NL 172.217.168.227:443 beacons.gcp.gvt2.com udp
US 104.18.40.144:443 tria.ge tcp
US 104.18.40.144:443 tria.ge tcp
US 104.18.40.144:443 tria.ge tcp
US 104.18.40.144:443 tria.ge tcp
US 104.18.40.144:443 tria.ge tcp
US 104.18.40.144:443 tria.ge tcp
NL 172.217.168.227:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 1.0.127.10.in-addr.arpa udp
US 8.8.8.8:53 1.0.127.10.in-addr.arpa udp
US 8.8.8.8:53 144.40.18.104.in-addr.arpa udp
US 8.8.8.8:53 79.128.23.104.in-addr.arpa udp
US 8.8.8.8:53 41.95.18.104.in-addr.arpa udp
US 8.8.8.8:53 tria.ge udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
NL 172.217.168.227:443 beacons.gcp.gvt2.com udp
US 104.18.40.144:443 tria.ge tcp
US 104.18.40.144:443 tria.ge tcp
US 104.18.40.144:443 tria.ge tcp
US 104.18.40.144:443 tria.ge tcp
US 104.18.40.144:443 tria.ge tcp
US 104.18.40.144:443 tria.ge tcp
US 104.18.40.144:443 tria.ge tcp
US 104.18.40.144:443 tria.ge tcp
US 104.18.40.144:443 tria.ge tcp
US 104.18.40.144:443 tria.ge tcp
US 104.18.40.144:443 tria.ge tcp
US 104.18.40.144:443 tria.ge tcp
US 104.18.40.144:443 tria.ge tcp
US 104.18.40.144:443 tria.ge tcp
US 104.18.40.144:443 tria.ge tcp
US 104.18.40.144:443 tria.ge tcp
N/A 127.0.0.1:7707 tcp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 nav.smartscreen.microsoft.com udp
GB 172.165.61.93:443 nav.smartscreen.microsoft.com tcp
GB 172.217.169.36:443 www.google.com tcp
US 8.8.8.8:53 data-edge.smartscreen.microsoft.com udp
GB 13.87.96.169:443 data-edge.smartscreen.microsoft.com tcp
GB 13.87.96.169:443 data-edge.smartscreen.microsoft.com tcp
GB 13.87.96.169:443 data-edge.smartscreen.microsoft.com tcp
GB 172.217.169.36:443 www.google.com udp
US 8.8.8.8:53 csp.withgoogle.com udp
GB 142.250.200.17:443 csp.withgoogle.com tcp
US 8.8.8.8:53 93.61.165.172.in-addr.arpa udp
US 8.8.8.8:53 17.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 ajax.googleapis.com udp
GB 142.250.200.42:443 ajax.googleapis.com tcp
US 8.8.8.8:53 apis.google.com udp
US 8.8.8.8:53 ogads-pa.googleapis.com udp
GB 142.250.178.10:443 ogads-pa.googleapis.com tcp
GB 142.250.200.46:443 apis.google.com tcp
GB 142.250.178.10:443 ogads-pa.googleapis.com udp
US 8.8.8.8:53 42.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 46.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.187.206:443 play.google.com tcp
US 104.18.40.144:443 tria.ge tcp
N/A 127.0.0.1:7707 tcp
US 8.8.8.8:53 checkappexec.microsoft.com udp
GB 172.165.61.93:443 checkappexec.microsoft.com tcp
US 8.8.8.8:53 3.22.192.23.in-addr.arpa udp
N/A 127.0.0.1:7707 tcp
US 8.8.8.8:53 tria.ge udp
US 172.64.147.112:443 tria.ge tcp
US 8.8.8.8:53 112.147.64.172.in-addr.arpa udp
US 172.64.147.112:443 tria.ge tcp
US 172.64.147.112:443 tria.ge tcp
US 172.64.147.112:443 tria.ge tcp
N/A 127.0.0.1:7707 tcp
US 8.8.8.8:53 www.google.com udp
GB 172.217.169.36:80 www.google.com tcp
GB 172.217.169.36:80 www.google.com tcp
GB 172.217.169.36:80 www.google.com tcp
GB 172.217.169.36:80 www.google.com tcp
GB 172.217.169.36:80 www.google.com tcp
GB 172.217.169.36:80 www.google.com tcp
GB 172.217.169.36:80 www.google.com tcp
GB 172.217.169.36:80 www.google.com tcp
GB 172.217.169.36:80 www.google.com tcp
GB 172.217.169.36:80 www.google.com tcp
GB 172.217.169.36:80 www.google.com tcp
GB 172.217.169.36:80 www.google.com tcp
GB 172.217.169.36:80 www.google.com tcp
GB 172.217.169.36:80 www.google.com tcp
GB 172.217.169.36:80 www.google.com tcp
GB 172.217.169.36:80 www.google.com tcp
GB 172.217.169.36:80 www.google.com tcp
GB 172.217.169.36:80 www.google.com tcp
GB 172.217.169.36:80 www.google.com tcp
GB 172.217.169.36:80 www.google.com tcp
GB 172.217.169.36:80 www.google.com tcp
GB 172.217.169.36:80 www.google.com tcp
GB 172.217.169.36:80 www.google.com tcp
GB 172.217.169.36:80 www.google.com tcp
GB 172.217.169.36:80 www.google.com tcp
GB 172.217.169.36:80 www.google.com tcp
GB 172.217.169.36:80 www.google.com tcp
GB 172.217.169.36:80 www.google.com tcp
GB 172.217.169.36:80 www.google.com tcp
GB 172.217.169.36:80 www.google.com tcp
GB 172.217.169.36:80 www.google.com tcp
GB 172.217.169.36:80 www.google.com tcp
GB 172.217.169.36:80 www.google.com tcp
GB 172.217.169.36:80 www.google.com tcp
GB 172.217.169.36:80 www.google.com tcp
GB 172.217.169.36:80 www.google.com tcp
GB 172.217.169.36:80 www.google.com tcp
GB 172.217.169.36:80 www.google.com tcp
GB 172.217.169.36:80 www.google.com tcp
GB 172.217.169.36:80 www.google.com tcp

Files

memory/2344-2-0x000002201A8B0000-0x000002201AB20000-memory.dmp

memory/2344-18-0x0000022018FE0000-0x0000022018FE1000-memory.dmp

memory/2344-25-0x0000022018FE0000-0x0000022018FE1000-memory.dmp

memory/2344-26-0x000002201A8B0000-0x000002201AB20000-memory.dmp

\??\pipe\crashpad_1916_GIVJXGEUUXNZKDWO

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

MD5 b490a8ce2e29cc32744d72a3c12bb8e6
SHA1 88cb7281c8e6023c5f7069067c6d775bd5433e1a
SHA256 7367a10bb660e80ec1f07169c11d4a9d48b12ec37e40d17aecde0c51e4b991e7
SHA512 3f9c1b3a0e7f7937f820a5a5825256d3ac5dd1cef42a4a1ea06e39515d1e0f7b34ddc82be5b5941665464189c4d40168d82e9307c747b32cded2929b956e0f42

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 b0a26cb94f4b291b406186a41590d14a
SHA1 73cc1c789515fb4452e35a0a1e7b667e11f59a4a
SHA256 1d49aaa08e7853f0ef94bb90c766bfedee60103f83de24e54f80b79ebb286179
SHA512 681eb75d97c629504444f40e60e626b97009fd7c8780940eb7b6f961e26330e77b8ec2f907366410cc139d06b229dc0657dfa3295f92d51698dc5bd635653d92

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7b42bda6d72cc9c0a27135f064159d8a
SHA1 f84aacee9b16c9aadf2f6872a0f8864b5d48330c
SHA256 d51d32de5f1e7531c97fdda49f7aca40a96951935dd2b1385276bd65b09561ed
SHA512 ac70ea05575dcc1d578435722e50b6907326465f566468e03a44919b4ab555986bacdd8004882b4992040d939243013ea2be2c2a95e80e347bc6c73572a99640

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 76a79768f26e0f17d21b86a3ba6baf0c
SHA1 97e031171f549cca6f3937a72d738d675a800ea9
SHA256 7baeeda54dba41b6e41397b27cfa5d2c30d157eb24da99a4bc603477c08ddf19
SHA512 30ff23a60f8a0d066b2bac2e6c78fd9a55327c942e37636f530642899e90f94a87065f8f3a75ba8fd9c78f41b7052458e0d4e7ec7933d5409bf3964d05fdbdbb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 f31fa2fbdd0cad8772c2f4ca4b7884b8
SHA1 0b3c4484234d68c651f194c1e8d6a12986f41eed
SHA256 3c1d128b0dbb0f3ad71dc88016c9136035d668bfa807be4477bb89b37194919c
SHA512 2758f86b3af4deada6d01ccd6fd011e3e633e78abb3c6f5eda2c4176fc8d9477778b70f4fe843883fb6785612185ef7fbcae3b0c26a0446df4e474ef69c1b40c

C:\Users\Admin\Downloads\COMPILED.zip.crdownload

MD5 30b1961a9b56972841a3806e716531d7
SHA1 63c6880d936a60fefc43a51715036c93265a4ae5
SHA256 0b29711ec115c27f4cd6963b9ea1e4febf15624f1c17d1c018611ee3df8c333c
SHA512 9449065743226bd15699e710b2bab2a5bb44866f2d9a8bd1b3529b7c53d68e5ecba935e36406d1b69e1fb050f50e3321ef91bc61faac9790f6209fec6f930ed0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

MD5 5b634c2eda2427e6e02b184c52b71678
SHA1 a08202e47288376a4ca1c392dd189f297b1a34ed
SHA256 414dfb9a7b3a0f636f1ae01a2597a770a44144e58ad312de398b9a5f3db84c58
SHA512 3486c8d79bb403004383e4ecb93966888337146ad0bf000feaf12b5285445883711b5567223cced3190a08e12c85393fa7a59f3ea9815faeff30cea18d4b3773

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 ed11416c408d72237f00bd7042f901a8
SHA1 5c9819b72ac21037b24c0a630fa042d05714e80e
SHA256 799259e7553a2ba4e188f8df3a68fff41a4ddc133783e258ffa7e8be5bae4f90
SHA512 6ba3eae27c35b6ab5cdde1f627c8d0ee6a6f788c4dc94f72804405934fb845cac0c2eb893a29b4c2e98b955bd8281bd3b5c36f25b7574f198daaaa9f376e3367

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1379be7e3de4f05db1bcd1d006372855
SHA1 a6eec23926f5795e03fe497928800c402f6b5135
SHA256 f21fe68c04ef91aa695f5432498899d3b6043e23f7208f1ae35592998ef5c55c
SHA512 d7707dba9cb187f5916b1ee718f1be545bb54d1f004fc55839cd7fb59207555ee988260cfb50954e1a073f6167d83430d40f07499c48d4739161ff2e2beab68a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 68df6705a83a7401b20f903b10f88a2e
SHA1 34a1fb50a0269549fa5a7c199a8a2346c3635846
SHA256 a97249ef4ac1423d0db9eb28b5d894b27dc1d006a6af03759116669a31595f7d
SHA512 7f8e934a87c58c15df8fa394069e8bee96ed4f9ff46315005e8ab4d2ce9f0e410d26e8f3705189805d1e1cd148161d1c6d206b016bbe38b3f4892412cb3b9db9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 cff19eaa23f3f0789badfb98fccea3fd
SHA1 80aed4c72e9654a54db4540104d728718b6f4036
SHA256 d4286a911260c1c7685eb485c88f0f223b6f691bc4bfd01a0eb44931adcab460
SHA512 8bced50a9e6577295163d9c02eb2a6784051cfdcde33ef2f53fd7e925126e23d46a289d123096838f998dff7e91582858ff1e559b123c91aa46e3df565994669

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 cc87d117fe00d4f08d93f19e991f5cfb
SHA1 2ca31796269fdbe8f7d2be244528dcafaf7b5460
SHA256 91b203d9907235f34911919c4540935285db7fc0ee41bb26c6991ace97d0bd8b
SHA512 72f64fc6dfe7dbd1bdeff84eff0e8b8b3619a03761ca8cc26912179c673f87d80b3020d9e2be82742869f971b583c2127c349c9d88928f4a11adac8c7ea04e7b

C:\Users\Admin\Desktop\AsyncRAT\AsyncRAT.exe

MD5 97a429c4b6a2cb95ece0ddb24c3c2152
SHA1 6fcc26793dd474c0c7113b3360ff29240d9a9020
SHA256 06899071233d61009a64c726a4523aa13d81c2517a0486cc99ac5931837008e5
SHA512 524a63f39e472bd052a258a313ff4f2005041b31f11da4774d3d97f72773f3edb40df316fa9cc2a0f51ea5d8ac404cfdd486bab6718bae60f0d860e98e533f89

C:\Users\Admin\Desktop\AsyncRAT\AsyncRAT.exe.config

MD5 cb1f2dcfeb5cbb5af8efa7ea40b8e908
SHA1 ceb040761554040cac2fc7ca18623498d3bfc7ce
SHA256 58f956abe9d717683f4a1cfa6f70e256c80461315a8d47b6456116b3d3075372
SHA512 f0d805bb7983a111b7083e08d5e53c30dd78a0a5fa2baa2af6c5d3395475a3399fd085d151cc8cce312c7eb3e11ac7c2cc78c49ff8a9bfba4b6ad6585caeaeea

memory/3700-341-0x000001247F6F0000-0x000001247FD5A000-memory.dmp

memory/3700-343-0x000001241A5A0000-0x000001241A7F2000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 550a09c512789ce70da662d923726691
SHA1 149aeec0e275692f53f4a35b84e83630c502edc1
SHA256 0d5314a0d6b7042d5cbfc2d514fec83eea1e2ca1a65d44ff8394f0247163daef
SHA512 750d9ac819c7c0db3df09e5018cfc228536da2c8237f2c3c3693a8414d38cc3ca3bd49fc8f651c184f5a6a519eef06b31368c9cf1ff1bb14f416ef7c6976efe9

memory/3700-353-0x000001247FD70000-0x000001247FD7A000-memory.dmp

memory/3700-354-0x000001247FDF0000-0x000001247FE02000-memory.dmp

memory/3700-355-0x000001241E9A0000-0x000001241EC20000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4a3ea98e4f0376aed94e41936cbdf017
SHA1 778bb4d45d83baf5d8b2d082396ce507054e81a9
SHA256 6128e79cc7e2fb9c53210b6ad7e50d643c4495772db37eefbe401208f6eb8004
SHA512 7a3c0ba3fbf7f3c8d4e05fb458090f852000501870ec34f43d0e3bea3d9fddff39398262210bf01532570ca2896afbef31c47cbbf13186be5b8cae5185878e2a

memory/3700-372-0x000001241A920000-0x000001241A944000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f378feb3ee7953ae709cb9f218c89bc4
SHA1 6422cfe119f42e3be0488f27102772004d06c0d4
SHA256 0aeb960050ee662431eb5cb2b750a77f3d47ea461b7cac575b62a7a671c3bf33
SHA512 9c95e0c9985e2b82ddddc4fabcc330ea6a64e217afe44acec05fdb7d40baef0f67d8be1415c49bfcd2e2437b000dcb099901049e0e519d9bf9b6bf47b8fe19bc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 e8fe636cdf9609179e53b20bc4bebd23
SHA1 f39822f4c22723b0169804fbf312faca56f38a88
SHA256 2e060e2fc935646b845d2097edef46dcc5bfbc033fa16f09422035bb38755b7a
SHA512 c2d26a5d9c4854ec595e63bd2cf5273735e5afd2b9ec7c1871089e56f17530838db8aa126c98618e8461a128cef4685c5bc9387cb007f2fe2263455179f0ebd8

memory/3700-393-0x000001241A920000-0x000001241A944000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b18700190ec4701f0f5ac3ef13e1475c
SHA1 f27c7a2dffc714924d94d77d5811116e50ba3d1a
SHA256 e823dd39b4820c7f92c01284bf22753a3a6e0cfe04f47757fc5525596bb5cb72
SHA512 4b9c1b50eeac3a0b2d0e997e6c9e107dca9801293b39404958bfbb47e7bd37b9596542c6c65983119bb0c97acb52097f7c5805f076b131215d865e3c9506bc9b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2b3b1fee84423ae32a55cfdc7340e7fd
SHA1 5e0d1091851e6efbed1c499c460dcdd11cea30fe
SHA256 c7a2a79286a0f296f0aaab1366bfb7c500a209ddfe2bffe575907ff1ae683f94
SHA512 75e7e807d96aed227e2bf24156e138094afefbb6c895aa4e2675d83d764000c74c3f7b29f97cb17f6923c23ce72d92da5ea539fbbebb62b9994312ad105f1f91

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 0c236fc62025b20af10663c45b84ccd7
SHA1 c2608d4b88bb9f7b6594203d062f0aa0298d16f7
SHA256 bb00940e5fe10384b5463e5b575f2bd809f63d5c8aabbc310413cab06ff9e6c4
SHA512 f9c5f550614c284cf8ea53675ef2761aa0688f4009b76aa7b038113d5ae1e6337bcb7992e7fa0b447adaa3a48253f6afed6b5a88fee9deb4afa2dfc895dc62e3

C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

MD5 f3b25701fe362ec84616a93a45ce9998
SHA1 d62636d8caec13f04e28442a0a6fa1afeb024bbb
SHA256 b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209
SHA512 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

memory/3700-570-0x000001241A920000-0x000001241A944000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 c1ac3853b2dff6912aa63b50cc3ccff1
SHA1 ccb6cfe876cea5af6d80709f7400eef994e06184
SHA256 54b6fe3a8ecb4019fb1916381662371ac4b6841f7cae338a08f7be3554e8128e
SHA512 45a1079a8aad643c42cf4f9e7d715b2e9b21e2611cd5ec411d6985c95f6134673fabf1ba8ce3be19612b01ac614eb3203baf71db0e5160af3c569a437d50a8f8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3e6c6a002b3cf135290779975291b538
SHA1 51d6e7ff4f8324635914b572a0d4aa397d6dc6b7
SHA256 7d1637a82eafc5718351a31031a920fcb3b5d6c8d75b233756fa68703f7e74dc
SHA512 bf634280a43886c61431e3b3c6684d61c2d831d81de2f2bedc2be6ff1075d76454f0b0d0f5297cd6c754b90178c0ec48dee909067a758bbc172df51855965fc4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 f2db701c003c0b4343cc12113af088f7
SHA1 9a06cc78f029987a295f92bf9e367e2c31ead892
SHA256 45d5291fdec60d6687b98442afaa370a14e04f2a3ba12b46bc42d594a95636c7
SHA512 90baf04f144b0e20c0bc3eb772505b5e999723a088bec2b6f3d36c631432047d4857ea03f22b337023498eb06ce00d47a6351733c95bd31d06dd0dad94fe65ba

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 29fe020602ee59657cf3465638064d24
SHA1 a0270336d2cdd9889ec81deb5eb6498270f4ece3
SHA256 b057b5e2c8879651b8ff7cf435bf9509c0ae230ca39094d91a1a5643fb102f63
SHA512 2635b2943eeb20e25cb0ef427275a21b456887bd44f27952dc07a10824c1c212d6acf0a5ac3ef489d9f35f896c7e29de38d2ada1966d730f8bd33756e7daacf3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0feebe557cfa924e7ceaab5cf7ddb2dc
SHA1 3b1ace5af9761db80de9b6741479f5ef166cd27a
SHA256 db9e8615d2c9416b5c8a5649816eb2b79065ab52b99e81affeeef087e50c2779
SHA512 6c831c3b846cd8e511e11c39b385ef11987159cb83e2f088269232379cb7360ea141dcc3735f7d5d1e0c7fc01033878ee45a71b14fc8ae817fc66e80d70e8a07

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 951971d5b3d0b7670734f7856ff6e7b8
SHA1 e77b71b8fa969ecba3f5915aa1bd4bb2edb6cece
SHA256 f98a7098c5c1ad3873761fd50c19204c7ed8f534177879539ef67e0cacd81028
SHA512 d6ddadc5b7928b1f2df7c2d7fcc388efe131144bcd231f18dafee23f4121993ed7ed9adb17893d70d0bf87a22505561d3d90f445b5478d41628bfae7736532d1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 643072cf549a6efe1f017fd1c685ed37
SHA1 5a0651e8d4b3b53c1f712423ca240747e9f80f92
SHA256 ed911bf61c0444db5f6bc853c0bed6e040c77bdb71657b82cf4dac29b49d662b
SHA512 fe826e3f5372e6bb9840809db1070325974d4043b2d348e98c251df9256f36bf13859414f36400703cd5b5c73586f0432db13f63316e6c8f8e0dab8b573ade04

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5862522a4e8aeb828aec6b3e6407deae
SHA1 fdd166f1c857547434381f73419b82e9cbede3f3
SHA256 b869a8983082c1f785dfc47d2ea5573ff906e73c87fa492e551aef8d55978261
SHA512 2a194c87f94b0b3fe3e8af2eb316f43cc98ef79c740f95c74c919193b6a7ba2c170ee116dac2916ae485b0643ef8a30f712ad30fdac3c1cf4769ca46b00dfeca

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 44fae56cca99a63775860f150f705cba
SHA1 0e122b47b0a6e5b88edb9160a2d8f2ea094ed41a
SHA256 268d0457e0fb917b0fa24066ff8f60be8abca190e790f27b2283b140de1c8cc2
SHA512 4393b81adacaed2e0a5f0c2264e06b33c8d263ac9c6add1d49113e555969b91fd0f83e9f1c0c4bafc55835fa0550932f4763b36138fcf265cf9fab4a6fbfd96a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 2ab9927f2a60b71c87a3bc14449551f4
SHA1 054025c81fde186229269b4e65884e66ac0ff74f
SHA256 2831d4524ea05605bbbcb5bb244c415bdec8a4a87c59225be9bac087819356a5
SHA512 ca4a6c2ca415c5bc6e82f2c0a40321ebc3fc885c4c8b364b771d6b7f308ad8e385dbeeebbb24d3fa17a0b02a5143b69b94b443fb399edb2dd549907d1bea1837

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\DawnCache\data_1

MD5 1e495a1ccc87c6a7b20f0fa0c9362791
SHA1 508bd9b9d43029a7b8bb47f26b3f39e9a1e4fffe
SHA256 db4881c490325183df04dc77f5288e9aa7da9e4e48c0e87a8799b8b1fd627945
SHA512 2a6a9bdfdb54305dd6b11bef3d89e3f3276ee4f11b3d4606d4eec6554cfb2be5a8150b88fdfab24fdc18c6a121dab4b7c5d286f3922b7403d13d01b480ae8c63

memory/3700-772-0x000001241A920000-0x000001241A944000-memory.dmp

memory/3700-774-0x000001241A920000-0x000001241A944000-memory.dmp

memory/3700-778-0x000001241D8F0000-0x000001241DA16000-memory.dmp

C:\Users\Admin\Desktop\AsyncRAT\Stub\Stub.exe

MD5 f76702fa423ce2b2b4b0fdcf547b0789
SHA1 ea408a4419e8a3139ef14df987608964c12d3190
SHA256 0e19cefba973323c234322452dfd04e318f14809375090b4f6ab39282f6ba07e
SHA512 03c7d8814687bb4f11ac41a555f368d89d5be749c92624073b77da0e57d872df201f2657b180ad0c9d5bc9ffa0a85989bf31374c7e5deefa06cf36bce3697971

memory/3700-780-0x000001241A920000-0x000001241A944000-memory.dmp

C:\Users\Admin\Desktop\AsyncRAT\ServerCertificate.p12

MD5 1917f9c4cfd99a7142e66ca56406f32b
SHA1 237f6390eefeed2f562bbbd5de5a7f973b7b687c
SHA256 07524b31f007aa3c213a57d0dde41ed88e74432a03077f8f127f89968cf4f478
SHA512 3ac23a737a132435e7a30426c950525228a2b29b1fc80b0c8991f1076e9020036ec149578c84b4ee69a64c8ea13f86f37ef6e7dc4d8d6c75b3df43a2827a093f

C:\Users\Admin\Desktop\AsyncClient.exe

MD5 6a1e7e8a4657570761163e6de79565c7
SHA1 125a781c03d6e2893d451a682c88b87fcf9aa866
SHA256 649bf5471c340ffec7574c47217a3a5556ab2a1fac102014cc359b0109c2fd03
SHA512 f5c806f1ab8116314ace3d11194cfd669b158b5e57519e7b5b95956bfc6278086a6040a2696294933ea01b8fe283c7e1b95e90f858c2194d18f01dd6232e728a

memory/4720-801-0x0000000000A40000-0x0000000000A52000-memory.dmp

memory/4720-804-0x00000000053E0000-0x0000000005446000-memory.dmp

memory/4720-805-0x0000000005880000-0x000000000591C000-memory.dmp

memory/4720-806-0x0000000006390000-0x0000000006936000-memory.dmp

memory/3700-807-0x000001241A920000-0x000001241A944000-memory.dmp

C:\Users\Admin\AppData\Local\Server\AsyncRAT.exe_Url_id0rl34oxreuuoxkuh1icsh0qae0uc4o\0.5.8.0\nt31b2il.newcfg

MD5 e01841a70c217af0f85f939dc5ce6dbe
SHA1 108810301b2b477827f21a1947814e602fcec79e
SHA256 df9b9da504cae2ab41eb75409d3e5189cb533a1fdd7b3dc64b224030ce25e86d
SHA512 e8fc4713eed2cccc34ed32d0d1d96764a4d83015b72373c7632691c443056a250a76841c06b9fa83b62a049b310551f2faffaed31460dd303ae21328b10e0224

C:\Users\Admin\AppData\Local\Server\AsyncRAT.exe_Url_id0rl34oxreuuoxkuh1icsh0qae0uc4o\0.5.8.0\user.config

MD5 f71f55112253acc1ef2ecd0a61935970
SHA1 faa9d50656e386e460278d31b1d9247fdd947bb7
SHA256 d1ad588a08c8c0799d7a14509f1e0a7ae04c519102ed9d328a83fe65999e6179
SHA512 761b5c13e39bd4ae21d298084bbe747ae71c383fedf9a51fd5e9723a8b3b4547de459d82bac7f3f8f3bfc11cfb0528a4f1057b51996d7d046583109a53317b44

C:\Users\Admin\Desktop\AsyncRAT\Plugins\RemoteDesktop.dll

MD5 cd4a9e669264419eca4de564e6272fe0
SHA1 bb69bb1542ea06395df74dbedc98866d6c8a36cb
SHA256 56fd699258a7186f709068c283cd725797bab392e3a6f1cd28f35bbdb3e98e38
SHA512 5addb4f97c7e1cb69e5167e670bd2c3a817e0415f1fd8a5158af7e03e4340a8b1a6d803e85c9ea56415b9e7d3dcb4c352775a6a6b4770443d72114396ffaa1e5

C:\Users\Admin\Desktop\AsyncRAT\Plugins\Chat.dll

MD5 b230da150aa974d2a0801cef654cbe05
SHA1 ab28e63c165ebd7d43d6d0eed4de2750743b9b27
SHA256 37d41c7042210845593ddd7e5a5e37a37f6605305264d50a30aa2be1686000f6
SHA512 2d81546548b6ed2e799eaaf4766ac9a811344d9f57726bed7270e289234f7b917df07deff9d1f6e93b9f4d186daefcbfd2d0181b12406a0b5b81e3bdffa65aaf

C:\Users\Admin\Desktop\AsyncRAT\Plugins\Options.dll

MD5 a1b5048e3f10f7105bd47244b2930137
SHA1 a12cbae3ec815ce704fafb0e2eadb9f31ccbb6f3
SHA256 8dc80b8bf9b3123289e132270e74a31176deec4f74e6ac20d7b6a9fcdb89e8a1
SHA512 fcae7c456f71e03afe2e67954fc3c9491978a54825436c51b351c47adb6cd8a1ef15e0e6f6d99094b986ff910e21a287a7de9e4ca2818221aa858152a8c6dfe9

C:\Users\Admin\Desktop\AsyncRAT\Plugins\Miscellaneous.dll

MD5 07ba8685ca3faff186f0d9f5400c1117
SHA1 a673a7b55e4cf168856a7d3564a5521f0f8fc4e5
SHA256 783d9d5334aa40f35acf8ff941a6b5bed908fd94dc14a05712b8a9eb9220cd5b
SHA512 358c85a586d8b590497ea180eae76608ef38a4de09b95e907632bbad8f2c522bec4ea5568017ea1120a1553abb2be730006613872fe053b1fc00a36d005ab096

C:\Users\Admin\Desktop\AsyncRAT\Plugins\LimeLogger.dll

MD5 732839c93b7e0ab6796cb1c4544eda66
SHA1 2dc3d39d74a5b72e6320596f92bcfc15edda3915
SHA256 cd5cdf0eade067fb0d97881258e4e29d88386cc9ec7a6ea315d159d284858857
SHA512 faa264925d636fa743d0448ce97c0b26ed7974b48c2fbf66000993119749d721bc27cf2626c3eaac3b1374abc0d16cca9e8222c4da054d1aeb56b34505fbeec6

C:\Users\Admin\Desktop\AsyncRAT\Plugins\FileSearcher.dll

MD5 4e1922ee8333847507a34823ed695131
SHA1 5df1f96b0a0a43eadeb101c54864a85cf51e9521
SHA256 a6bdd625fa1d9a7ee66e4ca09ced0b3dca8afd2ad92ecaf44fd9a879b57cb198
SHA512 e4f2bc24f7d44e19580d561599b563ef2d011cffbd64851c867b03aab22e650da55150b6bc9c02389acffe546efdcc17da72204fef4e6e49a53e27be1a290f0a

C:\Users\Admin\Desktop\AsyncRAT\Plugins\FileManager.dll

MD5 9caa1fa3b3b7824167610d309446223d
SHA1 093fa014488ea1ddacf083c398fb8b2d07b8a0e0
SHA256 9d1b94035f381b5183e82a317f001725674c8ea1c5cd82ab5af408f7f53ca19d
SHA512 feba121ed3ccdef26b0c78874c5247cbb223b2992649fed6bbc088bfe952cf86de1145d84666048ad37b0f2c6a9dcd4da95cf972ec790b43deeb1c22322d17e1

C:\Users\Admin\Desktop\AsyncRAT\Plugins\Extra.dll

MD5 3bbcb7c7967c714f767d751db17ed1d0
SHA1 ea15b176c5c7073bfa3bb58ebe9280b032414fbc
SHA256 7dd3978e7721f4460d639d17c47fe1307917dbacfb858d0d12e403105cd47089
SHA512 c20bf3b9b4051b050b6efebbe3c6ea54e520d68172f4ef7bbab961169c4479e9c77b39719e0139edd6ff4c4366b355579226f49aa979331ac8ab8c69bf3a165f

C:\Users\Admin\Desktop\AsyncRAT\Plugins\ProcessManager.dll

MD5 fced22a0c1edad786a59703842fd3b14
SHA1 dceabc613c694f7f2f6439ea176988fb373d6a29
SHA256 3ad861ad9bc3edfdd486c060879f4f2450a51757c67f3b514f71381057580218
SHA512 8904c36c364d29244c598895e877d7897547ce2a187adb197ba281a0512ca3ff52464c478fc42a2ec7f614dd0f91dea2dbb31f4af81c6c0f08cd23f79a71f57c

C:\Users\Admin\Desktop\AsyncRAT\Plugins\Recovery.dll

MD5 d8793438a77750cea1b0d7eaad3d0d0d
SHA1 36bb36d6dabaa1285dbe7ba26581322630984c71
SHA256 7fd48ac68f182e0ced2ace00b223fa1d35bd8a20d75600b5400267cd5db5cc84
SHA512 68e00d97edf0ab768d40672d3b39dfcd09d8ff81b3e6abfdcfa8db88d66ae6070c8b6ad2c540538dd6f47da0174f9ab2d48cd7bef95d6021ffb844c71289822d

C:\Users\Admin\Desktop\AsyncRAT\Plugins\RemoteCamera.dll

MD5 1b2c9164e625b600e699151de11d9e98
SHA1 2ce0aa3161c641623afd1acfa922fce5f10a709c
SHA256 87938027a63a867b831c86611dc6a2c1fc6af61526dc2269328af4b59e15b1e1
SHA512 aa0785b079059463a1df409380451c2be7c3bd627a199661627815f364689ed3816dc9cb78725fab510d687d6866186f3fbdb62b633554b9a0aa324730487729

memory/4720-833-0x0000000006CC0000-0x0000000006D36000-memory.dmp

memory/4720-834-0x0000000006C40000-0x0000000006CA8000-memory.dmp

memory/4720-835-0x0000000006D80000-0x0000000006D9E000-memory.dmp

memory/4720-836-0x0000000006EA0000-0x0000000006F32000-memory.dmp

memory/3700-837-0x000001241A920000-0x000001241A944000-memory.dmp

memory/4720-840-0x00000000074B0000-0x0000000007542000-memory.dmp

memory/3700-842-0x000001241A920000-0x000001241A944000-memory.dmp

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\hohja4eo.default-release\datareporting\glean\pending_pings\514d76cd-a0f3-4166-910b-55854fd2b81e

MD5 13af915009ae8fd9b215f053a493dfa3
SHA1 d5924b37368b71a3987800c41786115da3b6156b
SHA256 8d2af4ddb10bfb679fdba889120a98c4a7a3f23db4bb2e9bcb0e550224ad1399
SHA512 973ff806f600c7f86022c8428a4d9c5c67f948cc692744bddf1d8e134d7adae9e56e152725dac4c687a6293b86c53f7e5c80fde4c4c611edecb2d526e40de6d3

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\hohja4eo.default-release\datareporting\glean\pending_pings\b29351f7-35b9-4605-bc23-ea56f846ee23

MD5 a49d830e5e00e4a3ab9e2d06b876e610
SHA1 fa82b357cd57a8fa58b5a93b1aba2a4402a28103
SHA256 2ffe80534264dd2eda27fb039c6697e0b49f2db8712645264cc317538d806348
SHA512 9fbb758e094d5f5c4cd15979279cadceff944030731088fff1175a8319b34c52afaa5f479624d7fabc056d8608879cfdbe763f8e62f77adaf8550d57b831c2ae

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\hohja4eo.default-release\datareporting\glean\pending_pings\e67e8440-5cde-41d9-801b-d6620712a143

MD5 699983076b1b45fb118d69035cfee2c3
SHA1 db70a0fe7a232e4586e876d3f779e520c76f550a
SHA256 0d132058433ed58adb9e776239cc8f2bdc869b239f3059189b020a3a9404ca59
SHA512 48fa8abc8225393d71fffb7f5c78b85989fcf4be236feedec4d2e35efaa96e8d7cc362caa19c53e997f8cedaded0667ec306ddb5f1127834a82641d4146047ef

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\hohja4eo.default-release\datareporting\glean\db\data.safe.tmp

MD5 51db6060089b74b5fc2f15fa9bad53d2
SHA1 4e60f40209d16d0c4123831a133c9c913db37e4f
SHA256 ea9825cc5661315910b6d74077e76fae0557e947acedb12feabf08b445c3bfb4
SHA512 9e2d02bec39e4f12111b5ca8ad70cb8150a2946162ed770e975d1e7c826ebedeb65da67691b6de1162f50bdb8ac1543468fa5b2b2c7e515853a075414ed9518d

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\hohja4eo.default-release\datareporting\glean\db\data.safe.tmp

MD5 849e49e931b94cbd23046b73f9d39fd5
SHA1 1a6cf8d8b3827dea51c007db6cc741bf84b4776d
SHA256 2b6255af2bbb1020d57b0f1eb415c88f95ba2bd6ff157fe7826ec29703745d84
SHA512 7d55f548f01906dd024c1fc2b2e3f11d2c11d0fe0f955c0398ab965bb2fd513608672af14e8a3a2839d0c2502aff4caa41ec949eb0aa66bda270b85a12b340bc

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\hohja4eo.default-release\settings\main\ms-language-packs\browser\newtab\asrouter.ftl

MD5 c460716b62456449360b23cf5663f275
SHA1 06573a83d88286153066bae7062cc9300e567d92
SHA256 0ec0f16f92d876a9c1140d4c11e2b346a9292984d9a854360e54e99fdcd99cc0
SHA512 476bc3a333aace4c75d9a971ef202d5889561e10d237792ca89f8d379280262ce98cf3d4728460696f8d7ff429a508237764bf4a9ccb59fd615aee07bdcadf30

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\hohja4eo.default-release\prefs.js

MD5 1fd6d3cb3337b72ad42dc62d05243ff5
SHA1 b0a8b8f317c28aa6dd281532ff1d9821c384881c
SHA256 9e9a53b2e847522b6b5b550808d9100d3e21c7400311ff6dfc640e9434331ef3
SHA512 b5e9dba20f3c2ba8461968eb52df65a272f6c5e0f6372bb4d5cbf6d206b81fd3946db8c7b2520754d095fd0e99f88c5398cc0d0d9046e207ee5d98d3ffbca026

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\hohja4eo.default-release\prefs-1.js

MD5 6824b7ad9937defe557c11694d2f7192
SHA1 c3db76f1abb07a8c15db89ea4a682f78295ce58c
SHA256 5e103064fdcaac34776b96f68eeeb710d473e2648ce6a3d2fbe8646cf7ebc49b
SHA512 fd618ded9a38e871c9ab47e7b0629ef9af8ed6c9c2e4603b5cdb348441c9767c7cde28e0bf54f5ddd9ffaed8c9617ed399283e5bce125400bc57d2ca28941019

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

MD5 e1d5e1fa7397b763373cb8b82a2816b3
SHA1 42429fe3fbe733e2b3e673758d851a20150b7d05
SHA256 65e627b03ca33d787e4b5e80fb93dd1c02a734477439a36bd157ba0ff1213d90
SHA512 7fd0b30cb86a428d9a397380dfabf1701cb25cf7a4e3f3301fc9da66872fcf0e48a685ce1d33d3111165ec3962442491d0cbd200a4db1085b1618be0a33cc46c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 961e3604f228b0d10541ebf921500c86
SHA1 6e00570d9f78d9cfebe67d4da5efe546543949a7
SHA256 f7b24f2eb3d5eb0550527490395d2f61c3d2fe74bb9cb345197dad81b58b5fed
SHA512 535f930afd2ef50282715c7e48859cc2d7b354ff4e6c156b94d5a2815f589b33189ffedfcaf4456525283e993087f9f560d84cfcf497d189ab8101510a09c472

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000f

MD5 b3963487d5ca05856e8a03adb6d8b491
SHA1 6617f0cafcc569ccd42ac2d901cb1bb1bdcbbd8a
SHA256 2fab34e766b6f3ba19ceff0b845c25a9e5a4e53fa94eb798fe74b9605450c430
SHA512 ec96eebda854b0f32b7d75d88f6a865b0fe8831e19cccb56986a3734caf339bd70273889eeba2f2f5e2fa5c03d3a15112a0f2d34902c1f1cdac02f30d9fedd0b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000e

MD5 656a6632893a0b709a977a89342582b2
SHA1 0ef070450ab37bba5c2bce4ebded059cd6c5f82a
SHA256 a971e9dadb628479fa71fe09bb9969c0132aae9d36e14c045be4cc653e992fa3
SHA512 4b3cb5fd2ea794990159d9db72d8f04e8424e39f88648f3e7745942565f0f1a4d2a70d5cf792a09abf968d228d2def11a469441477c2441b8899280d1b280ea8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000c

MD5 fe941407b6e3c0585228f153d731c944
SHA1 115723aa8b770e8c4c06ff7e881a56cc12027488
SHA256 2dfd6b702609490ec5d966549e3d4698f56a0c884b77b152f4179f19c42fff3c
SHA512 090386530df81808350d3ccaa3676be3ba80a4552014937df515c919a7b7eb900ecdcc59bda2bb0552a937bf617e963328933036bd232fb05d9508b792f8c133

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000d

MD5 2e7515051a0a3d245f16ba32810eebf8
SHA1 59ab60100af9cac019cfda2ed19db9e85a0ba770
SHA256 e467f9c2ee55c7dcc1a1007cc9369dfffa40eb019353373a665908744cd32977
SHA512 78e5ac98060025d9a41dde2dd9f45eb2fe05323443c01dfce3a89842ec6d15672e8798c9a6eb9d1c2b4feb677d7abc0eea78fc724e3c990d53a3609ccf893e39

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Favicons

MD5 2aaab654d007246cf7491d283204e1dd
SHA1 146d8260f233b3c10cc270dcf78f3f68142468bd
SHA256 2469d798ceff0d6a7accb6c293cdbe31fc732af80878ae9720004f7427ef04eb
SHA512 4413161f26ee6863b458febb23232e9444f6cbe46c410f26580f1b8be69383037a86be425ea28960a3592b4ca0e6bb1fbb77439c0f8e77b4af68b7a864dae600

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000b

MD5 7c244372e149948244157e6586cc7f95
SHA1 a1b4448883c7242a9775cdf831f87343ec739be6
SHA256 06e6095a73968f93926a0a5f1e7af9d30ecca09c94c8933821ca0e45732161ed
SHA512 4ce4d73b785acde55a99f69ea808a56dec69df3bb44ac0d049c243fc85544db4c020412634da52a069b172e2484a6f2c36799e38adbfb988bcb5703fd45b3601

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a

MD5 45b6bef07e1a90f3cac0eab52d16c618
SHA1 2323125f38adbe0e5605afa82ec5d3ce5ceb4202
SHA256 a50e71c3164eee859c0404453de3ac8abba15ee903293852b726d4bf345c8b00
SHA512 a32417758fd582ed09ef2cf60468ebf961708ae5cc731fdaa252ac7d79edb63d96c175c5796424d7b9f8291ccb494bb080494c6f1054049744044c3925d6f267

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009

MD5 87c2b09a983584b04a63f3ff44064d64
SHA1 8796d5ef1ad1196309ef582cecef3ab95db27043
SHA256 d4a4a801c412a8324a19f21511a7880815b373628e66016bc1785a5a85e0afb0
SHA512 df1f0d6f5f53306887b0b16364651bda9cdc28b8ea74b2d46b2530c6772a724422b33bbdcd7c33d724d2fd4a973e1e9dbc4b654c9c53981386c341620c337067

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000008

MD5 64a38664b95b3e28676068f1528e22f9
SHA1 646a6bf41c7d01b31ebc5d7a4ccca65d1e684c97
SHA256 179a0ef1dce1b7366fdada9457eb199e54771b06c58c2b4fff2fb36d60c7537e
SHA512 b8d9d0d7659052ffde52c41c25aaccfa6f413dc731a28a57e7b5330f38ff896fddaa21e7dc984b4d6c56b07434cad52c64a465acc1fa0aee6642cc5d4a8d3d9b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000007

MD5 e5fc91cbce096df1d36191f9eedd3c64
SHA1 1a8076bf524b6d2b8a44c18fa8afb199a60dc1c9
SHA256 0e111dba5797ec182bf4af537a2c928ebd3957b99ed291610fbf322d6c2c9e19
SHA512 c9b064fbcb2df48dcf5bfa4387c164acb2bae075af013e6c39166dddc7e91ce993caaa0fdfac3ba1c3a12ca6c21577d99776fb1445f3009c7359b926a173f668

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006

MD5 a4af6bcc890a65a8af69f8977b4803b1
SHA1 5320d2d8c981eaa77d238b12352c2f0a78368789
SHA256 faa20d5ff3423969bbbafc5a198a2e027f1a374b341fd36af212951f428abed2
SHA512 6de3029fd4621647be0ee594facc25e693238273ab9caa15b1134997e3898aa7241dc5941cf18423957ed676595623cb8a7c3fc3efacf26e2911846cf7b07e71

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000005

MD5 f33917c153feccbcbba52a2fdb63c5dd
SHA1 dfd2a6326f13ee5e37a8358effcf033ea3283fdb
SHA256 ab5bc2f5deb5371900db247edf123b576068d881ee8be36b0edce340c6133c6b
SHA512 236fd0f26a941edd90d225db10337305ef6c310451fd00a459cec8127cf03a37f58432a8eb06b8ae0b2b2d43bc9c101cb223502aca3fca35ecbc9ab70cf2d2f1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_3

MD5 2a8bab15f7109242ef7396604ec23641
SHA1 3d019da7aa97d1451dc2d5fc8e1479ce9d380a18
SHA256 e812d9bb5a56e8e1ea23179a73825254edeaf375bada16b797c197ca443920ca
SHA512 7fcd07ee283603c9698e95b81fe8fedfcae99e751bdad574026af9e970e5b7338a4f47cddb9b0ed324576aaf73f07297da16726290ffe3c0afcf6dba7692efc3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_2

MD5 a6e2a74156e7ffcdff8fba9bde7f6777
SHA1 24fbecea8c57437b6d64af9cae61068a7df96ecb
SHA256 03ac271dbc459ceccffbca41b7ab71fdd851a0ef524450707b7166e2b4307ac0
SHA512 1e696d0b9bcfc435be26f40d876319f6ef4093c1aca613cd7b6f69de7139c07e64edb4f8cca0d2d58a79cca381e44374354e307d6974176d1ce93acb374b0835

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_1

MD5 ddd852b458bd6fa700c58c5a81e7579d
SHA1 29b6d318b80dcca5251aa9f50771874e35ae59d2
SHA256 48964f98eceaad3b215ae64aa610564b7e51c24d144fabf76276a6b1a0097f30
SHA512 7463f39bdc0d0247a9fdd8e721beaeb38bf8ad2da618262997bcf4f146776187ba255773a3c16951e3c746cd85afd91df1cbee961ce1918d59ec6559245c53c3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_0

MD5 c8c7ae1f0d81638e6a77893be49dda01
SHA1 228ed8bffe1334ebeef26ad504bec44a455b0b28
SHA256 a9fc6976bf3ddf69f7a7040d658ebb40f5e7ede3713745733b60da0c73e4e0a0
SHA512 fec2b87640e298e0bc883be56f9f6746b2341a3a11af276963f0b1b362e3ec14c8d3980a24f2b78f33ce22bbc98aa5f998c10466e3bdbaffc5beb174920627ab

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\History

MD5 d2b9f5778dfee031658c6835424c071a
SHA1 482e272b5065c990c48e608ff5b731d6e89e5bb9
SHA256 93fa4012807ed1c40a9ce1d2f0007b2cb6950ce21ecae04f59b3fad318664b52
SHA512 caca299f79a758ad6292f85bb51e812940803b22a1edc3413e7bbe471236b14bc48f7efa03929f27f157c2132e98fcf3aa7e953a6a0b19f7abd12a1c15ce6295

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG

MD5 b8a029d5b2ce12e1f0ca14d55dff9397
SHA1 40001574c5bf867210447d9549cde91125c37566
SHA256 939a75b12421911e5f209f2e58bd001765afa577c7c4ff6d3a22baf52fd0b0f6
SHA512 c43ee7e15eca444fec8929bf8d9042ae932c0d671426c640d16843af4c604233aed467fba5fc910bfb36c071b7175510cda7010ce5510f256ea08ccb25c512e3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\segmentation_platform\ukm_db-journal

MD5 4165d572c2f1b875ed963a9c3aed0cf3
SHA1 c8d8d0d11855419c2fec2db158c6a08b1bd1969a
SHA256 b62bc9f69501724cf560769fa886820414dd9a1264941dff9185a43c1551f2ef
SHA512 d3c1a716f13fde66acc2b369c1cf18573fc83b237dce6db20ada1aca58b2a338639ad93f2f3be5f27e8294c36854be6e8810f607914a9e5ebd665656f69b513f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\segmentation_platform\ukm_db

MD5 8553b2344f5721f3822160668701e0fc
SHA1 f3225c0d703945ece028c842ace6914d1a2647bd
SHA256 06dd0405b0637807adba9e2ca6821de8fc515bc8ebfc2ae23941afc089686e45
SHA512 4a41f05d046604ff2437bdcc36947c10996a080b728b4feac34f487a23c1b8dfcaa131b2adcb358c241610d1a75cc7cff983d0849c9380225debfd572b8e1b84

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Version

MD5 ef48733031b712ca7027624fff3ab208
SHA1 da4f3812e6afc4b90d2185f4709dfbb6b47714fa
SHA256 c9ce8dbbe51a4131073db3d6ceef1e11eaca6308ad88a86125f221102d2cee99
SHA512 ce3a5a429e3796977a8019f47806b8c0671b597ead642fcbfbe3144e2b8112d35a9f2250896b7f215d237d0d19c5966caf3fe674165a6d50e14cb2b88c892029

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1

MD5 fdca67f0f4e989abdd0ebb3122536fbc
SHA1 2206dc58d5e6a76b2d0b567b77e6e60c396ded2b
SHA256 95957bb36b84ba4706e9a02924364f6c0faa10d27535d989d9dc968111d89944
SHA512 b4b051c257cf5bf5c20591580adae44f9c38e5f4c9fa84d7b989acb1ea1793475a5120568ab4be0b4a44c624ceab2462dcf26ae743794675d1eb8e6775cb0169

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000042

MD5 e579aca9a74ae76669750d8879e16bf3
SHA1 0b8f462b46ec2b2dbaa728bea79d611411bae752
SHA256 6e51c7866705bf0098febfaf05cf4652f96e69ac806c837bfb1199b6e21e6aaf
SHA512 df22f1dff74631bc14433499d1f61609de71e425410067fd08ec193d100b70d98672228906081c309a06bcba03c097ace885240a3ce71e0da4fdb8a022fc9640

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 68ec9be8aa656818a772c1330375481a
SHA1 8aae9544f0aec45e3a2e97b7bdd5350665dd8bfa
SHA256 ba0fb6b6e39bce85837a7d7d40fac4caa11e1789ad7bb03b076a9284f979a844
SHA512 6cc9f4d9b4e238315b40798633c8e1bf383a3fccaebac80611e5663538530eb11258054baf8e9ec7a11742ba3c17925384bd6d6242dff424fbea2a8525b1cad9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 80858e0b06fb02e363e1cd82061ce076
SHA1 d6914a1def249776a28447c78844a9c6e34415f7
SHA256 18ee6543901e587a0ee4a36d7cac98416d70ea8c353dce32dc05f079df722ec8
SHA512 dcd5eed01721fe3deeba8da44af05d240bc9674a209f5a0682f504da5aff7256e02e7c80eb795a5cea834801df3f6057fd53b5fdecd7721d3659f04b50912ed2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 19ae7ac965eaec324bd8025afe105cfe
SHA1 4e6444f6d573f4456dbe6ebb934c90b12b5380c1
SHA256 1faefe99f64dd12128b3d1c9c6a796932032e8ff5b5eb1d06d9a18e78b7be3a4
SHA512 22990a9e5958d71267b12a389e4079e18a254ea415f3a30358291742d545f2f2429a6d892c157d19dd6c1ca1d0eacf70cf961cf4fc4318d942accaba90006f14

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4b23b82e5b43d2ff79842cdbea0d0177
SHA1 1519d18977876ab1fe096067ae8b1d235161e0eb
SHA256 14b05f222bb32f9c2fb81f1d21e159c95dee66e0bce8b895594f79b367d61dc0
SHA512 badac78447c36acf47961ea5258207fc29d7be96193e748fd3bd83881d6824b1fdbaf9d6be01c9d35da6d6f7fd2584d5d49ec1b3bc10e5fc371e9a714f8c0b14

memory/3700-1515-0x000001241A920000-0x000001241A944000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 cc2968df614a0261cf16fb0846f1b7dc
SHA1 c5f7c035a394a0495b948e44459edef832ecf976
SHA256 04f66e9170d0715567fbfb475fb3a153c16a4dbb5aa7b8280aff7a86c158b9cc
SHA512 98c6e22c87925c0cf0d87ec14463482208b0d5dc8f5b9cb63aae709862fd9061f06050ee0019317c65b88f8c43804982037c5352de3e23c0092d430735e0b4e1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3704bf26251c1fce5a2e262637df227a
SHA1 164c5c8174d242ae36bce376aa8a12b394cd7508
SHA256 63f6a3f1c67490dc22d70625ee027d29ca53f60652a45cbb0736f85eadb8a2b7
SHA512 8ce626e0cacec7c8086db44d5bcbe1c8c67dacb0a050ff952df1f9e2cac7c83965517aefec94664802a1a41078527ad699d87ff105e17118c3cc841e12e2bf46

memory/3700-1541-0x000001241A920000-0x000001241A944000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 82934444d2a9138b530102278592e4af
SHA1 f6f73382720f8f4e6f90e02d388103944ca5465a
SHA256 ff113cba6f8d3847be0968ee466392c0055cc93fb1dd6c11dc6783008a681a67
SHA512 1d93024fc65c606e89c6e3748ca19ef89552e39b5397fb05e0769f5297b003e290b041c4df5ddbc3b8da543241cf1e2f365815c0f2c99289498b21aa9dd88d82

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index

MD5 23b3b1b5d201802486f1373b7ef0ffb4
SHA1 107de1d9cc5040c276ac11d8e9d771615d55185a
SHA256 4b3269f20ce88b5a8ac1e2abd6ee29c83ba9a723f13c1181a11f5ec0b9d03493
SHA512 a4f68d3a47fbcf3ba139c95a2d51b13a8348ab821bc186e66355d32356d9ea25a9e5e357c57badadf8c5e5424684d472fdefb2c1e95be3c844e4bd34476944fe

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 9c50c97048836872acf4104a6d6f3449
SHA1 75e43beb842e7694b64a189817dfea67f9704009
SHA256 0057e43ea9f5859ee67209baaa5c720a6629867d05926b9e1e4dd96c2dcd696a
SHA512 b0fa91664f97183bdc5b7f134d7f583c861431dbf6a01a10dee05f8661a17b22a1e649aaf74afc1bf953f0005eb107fca3ef5e8c0528eea10835697186e442c9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 000ba4496eaa6ab6a1af8e95d5d5537a
SHA1 bd8dfeb5cf2d2333835b141ea83b7ee44907ed63
SHA256 46706bd41ed9a9a1c428e149b0b4f4e0d036d1962d43de48095cd5f7d08b13b8
SHA512 eda77c579066b6822233a4b4a941d89050d7f26ff421fac90c3ea097e50ba4ad22d11c2a83bb72bdc778de6251a57c79973f62cc9d59391c0ba03a87a9355343

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 c410d763780bd37d6b3442e6c4935439
SHA1 2fe1cf406b87fce13bc7f1cfb69d2ee67499c6bd
SHA256 6177215a0a6227ba45820c5157806a5dd6bb0082342038471559b338a3f2a5a2
SHA512 43291d99a948ac2cdc68a4551ec677ffda6b47691233ff5042cc767324227d9bec538278cd06adbc63dd1365ceb95a2a745ca7ad9161f05ba624e65487b9ebc0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d9fab7b6a008a65362e3cc57c6b1d224
SHA1 82f2e55452650f4650a98f570287eb65a1414924
SHA256 ff0dffa993386868bf2dba7ed7a536ad82ff44400a48e68a4b4efd2eeeee9220
SHA512 5b68825b49d3de446b837fa9b593111c7b5e64fed33a01dfddce184e6adceaa5d47b29223f82a3f58576b178d8c39f4284991eb157415c2298bbe6afc545ba87

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 23bda010184265edea815d9c7523948c
SHA1 6b9bed8b3daa8b03c6459c8ef8ce339d48f80308
SHA256 9689838919f1916c86f64a0bd8d3a820627ba293a6eaa0a6dec3df25be2b56ac
SHA512 9ab579071ef0d655d6c46c8772ce9ce5ddebcfb6283efe705caa9c8d013e57f2516c10c9263e40f71dc3abadd199ff31ff1e42d00cbf378ce2c19b559191b0a9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 5e48e0e2cc7dc073d12574f788f42461
SHA1 5e5f997c68055a82929f7d7d737cbf78499e86b2
SHA256 d93075ef47c28cfc6eee8d1e62581ba436ef6c6c1e58b1f9afdf5c79328a6014
SHA512 41492385a22a07288fa84be74ad16208699bc1ddbb28c9a855ec399139a4e4f48433833d420936d9d975d4d351d80c2e914e9684b6fc5565d37ea259f0cfe9f0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 55bb4e539e833734f06d69d899b7b571
SHA1 84b16a4a3b215db976cd6d32dc6b41d4b22f4b06
SHA256 f92d1ed942e16ead769351e6ac805d870eca093328493ac9a5ad58292cb6c306
SHA512 001ce377edfd90e2009de042d28b5a7597351b209f8a417c043ec5973b47d193f6580750e8ea76a06dc20e811f9d53ab43027edfeee16a673907206de8f838fc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 67d9ffb526023b01df7694883ce9b18e
SHA1 bba6faed673a5f1095914e26a577986cc110d9b5
SHA256 cb9848f8b5d38f7e6350e23a9ab35c09c2c78b95df1e842729e8840ab4a6bb1c
SHA512 0ee39c20bccb8211d98d0f0ec0377a80b28d2bfc7ccffab9c4e9ae0e616ba97f72591b621cbc7f208e9bc4456e624c22ed5cdd33000778916852d4572a275f75

memory/3700-1665-0x000001241A920000-0x000001241A944000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6c83821af8c2f00aca19812327248532
SHA1 12fec12b89391146750c7c6598a7e8f5c8290d61
SHA256 2d5c1d4e76993c5166082cfef233e1a43232bd6b6ffa367f21ce6aee3b3e9355
SHA512 c0b9405c9013e233e8370c3c6df15506ba92194114231fe88f59612d7c7b08538645921d7eeb788a804399d8fec0ca972388f4ec05b7c82ee1e6df378a129c4b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 cb50481a67a1344adb1c2fea01bfddf6
SHA1 ab580a9fbb2e1790412210ff006b38c5df657e34
SHA256 d17008ad3e5d71cc30abae9886515a1b73b0937573313e25c668a622a250a2a5
SHA512 0fbe2346a88287022440d58b98a8a558add4a0603399452f873f05120bf631f409a25c0ffda89e0f0b66531b8b7f3802fa865d430b9b8c4d48e5f1cc94743f47

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b9a736874720fe1b5192cbd56236cd13
SHA1 092496a85ebaaf4d897b4ed5f934feb66d1a3a72
SHA256 8ac8b4f7a02cb4531283f96de17c51497fb14cb344d3096bd774b7087b6b6ec3
SHA512 5536507aa1cf949d34b7abd6376d143f55d425eafe5007c586678b78cfdbe9dda81d46c4919fa039d91d22538c7232641d1305ce80e2e99278be49f81a4cc2ff

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 9007c9fe7c09e79c5999934f626aa81f
SHA1 3bd44b4458482a4de67c12127274fe43f419ad04
SHA256 668d685f3b8b10b033309d7598e59871bca55c93397febc6f5f9ed0b81fcd242
SHA512 bd3451553eea7f374418dbe99a6346f1bc2d8c802ee1d349a830408a08bb80c552ec5702a1f8fb31e3a8733aa977c391bc559952e650a7a90f778ae2f0674e78

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock

MD5 f49655f856acb8884cc0ace29216f511
SHA1 cb0f1f87ec0455ec349aaa950c600475ac7b7b6b
SHA256 7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba
SHA512 599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8

memory/3700-1727-0x000001241A920000-0x000001241A944000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 36294cd7ba60617c4f68de79a3684b88
SHA1 087fc54b5b614b048a46860e75d529e90b29bb2e
SHA256 2c5e45e9ed7043e1f5e925eb05eb3675e9624e53af257e772291952331390544
SHA512 3e57b0500dd842395fc30ed8843341dbdea567450a85866ff9b304e9a6bb67597983866ea5313dfd3055145865ad404a767022f607cb2c56a7136016d571a7d6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 cef59f7152cd3ff647c0c6dce4cdd6cc
SHA1 eaefc85b3b0b35a5943200341699fde95263438c
SHA256 511e4eb123f5852534098757d9eebad4864d29f83d80b79e8bf82b485d5ec44f
SHA512 61bd4f62d723ce9debab561523886bcbe8dc4baed4b322e8712b95528243d22ec3b91c8c1f5db0222f61221d2487cc6748591049109154f357d35ddb1f4c34d1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3f04b1c0324c7722f641bab42188d277
SHA1 dbf7e61d79f79d964bf9631315f3fdcc93498033
SHA256 afabd213a4331b605babdc7a7a5030e54019fad531b35ade4f387fe045f0b194
SHA512 748d7c5d2e6e678d59d6526019e3413f5ee2e5fa89e95404f38f030877d6ed238855a76df67c9fcdb05e8ebe7863b395ba7b940aedba9b4cb5f39f235b087223

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 93cd000fcc3f9900c9d32b2183e6e9e0
SHA1 eabe7ca5c22e6a36238b9b9f740bdddcd4c9f2da
SHA256 f5442f25c35b55d47ed263603fd8bc0c7a52de3d5dc609bcc00b0dd9486ec03f
SHA512 e3fdb8e180c14e5ef5fb253374c77f7eeb35aafe837108e3f81d5321b5c5d8cbdec89988a9b6dc48e0622125cee09614d7d57e6c65b15eda7b247591872a3175

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 fa88c58c8f330d9652116172edc75cd6
SHA1 9ece5d9db3c6aaf6036b3fec958208b5df7b1596
SHA256 95929da4eb70598c2094008ba58ffc7af4e2090e6a62c4548d540d23f2743ec3
SHA512 3fe47cde1f9b733897ffe4c7b187cbd36d65ff292ff42e83f65238bbcfdf034b54422cf2f4fbaba14eaad7716928d638c4756eb83729c772df8ec3e16b2c3c28

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5f33cb8e338398f91ce615a118fc6201
SHA1 747535526c51d59ce393a155ed86d9d0122dfb12
SHA256 8c48271e885365fd84cb7403e2da4b723283063482159eb38184778686c5a561
SHA512 24ef6c9288469e6edbd09bb79e2676d1b2ad520cc57e3a2fdd21aa1f575c4c414873f7f8fe6299cc1eb1f7ced5777828f99f7826c13b5d5c9997681acae458eb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 8f2f19580cc22112f2de3d9f757b837d
SHA1 d3d9df152d5c54762462c2434038d96ae8324544
SHA256 d88246eae925270bafaef8b888278efdaf89ba21fd7eda7f5a298799b5cecd35
SHA512 038a5e06eacb6fc5eb58c5099a021f0629319d12856f3450cbd470f88caaf1102261caac4e07e0970c3f553e29d4d478332bc3d44d63de5809b1d585e4005abb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 55ca21294d4f572730c38d861c19a95c
SHA1 af94b19df0248e43e46e7920e05bbd528cc8fc82
SHA256 1b441d032cb56ebd819fa42922f5e71dc22c82bbf519d9205d58f23eec29d72c
SHA512 1e8da2fcef14e1ac2baff1acd70358dee3d3fa2f4f7f4a1c50d308d95e6dda0e5746993ee081a22a4ce6e4874f335ccdcf6b23f73d99c32192947fff69590436

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 1b63039568ad6b1dd6a52379b2822f90
SHA1 116c3f49dddac58bc8295cc727c5cc4e2a6d8187
SHA256 a7265e814a0f2f57aabf6860fd7100732ea87d3c06499015c76866359b83fd47
SHA512 d1643a0a4aa44a0b41cf47e241c09b3b7d17053531b9683fc1c8c4469bd35147a9e21e7917dbf9943c0451d88c5149ebc4618b274cc598a4c1da389097684f00

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000055

MD5 877686d92d0d426526ef400ffa7c0a92
SHA1 935f07d443c8391020d1144269622240cf498d90
SHA256 e20a1540237999fd8b74a9ea54d99408987c36c79571d16ed86a0eda6b58611a
SHA512 426398e74179b1cf047fcc42c0036e07ed1e2ddb042cc589e515ef88502a8b8532c0851af9cf5c1c6c5650019af237cd4fdb2c6f55fb03112ba5b440637e1e5b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 69abc76ce2d094bb53bd81726941882a
SHA1 132a4cbd926c43c5bf2fde71af29925d3c8a3b7f
SHA256 2f61fbd78c025c6580bed55a5ea9a70f9bef7f95de0bcd3f50dc9b67837b91d6
SHA512 2bb69660e3b614647db16a3f8894d495ff2ae9579535e6dfcd8b681b518c578929f684095a3ca9e6a0c0ab7c43821b64160562eca8c2c497393119890728685a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 f94299e38f96a6fc034c16549867d9fa
SHA1 13b98eb7c2c6198efe3c9292b3e2a37c874a83e3
SHA256 42ae92a491271312565f995011f2516f2b15d9d5cafef4ce24c2266d7516c86b
SHA512 a9518290ce18e5a106bc58eaf2bc492fb201ad0ccc3a65b6b721475dbbdd77b4cbb818cb70bc28fa22484851f518e994bf2aa4f10bc4f9a60eb09d81ba96ad43

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000044

MD5 f61f0d4d0f968d5bba39a84c76277e1a
SHA1 aa3693ea140eca418b4b2a30f6a68f6f43b4beb2
SHA256 57147f08949ababe7deef611435ae418475a693e3823769a25c2a39b6ead9ccc
SHA512 6c3bd90f709bcf9151c9ed9ffea55c4f6883e7fda2a4e26bf018c83fe1cfbe4f4aa0db080d6d024070d53b2257472c399c8ac44eefd38b9445640efa85d5c487

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 1099c61ef0906d8f8bf6650adc67efe4
SHA1 4cc7f9276ad0d3f823d912b1f62364ce440dbb0e
SHA256 7cd0758a92b59558e71d6c9a70a02d2dd63e6fc624e288656e53baeac1aa1ab4
SHA512 54098ad2fed3c27fac1cca8b4a98b4128b2d664850ee9f4ad6ecfea2ff708e05a238b54781b7e93d7440971e550dd542cadb3873daae62a9369585eab9e0df0d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8466a83da73d1eb211d416ee33ab281b
SHA1 dce5b9b0c497d706db519eba1d7992ae0c0d1af8
SHA256 61c811e61bea41e4fd2103969be3c27f3d506cfa1a5f375671cd1c79672fa7f6
SHA512 d8d9000e50f42090633f3cb13cfeb50943e3e67342b10f6560095558e359e21ae8f993a188d7527922b283ee484d3d30c0bd16f9434ba03f3132e8ee7cf01df8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 07cddbf90d0d2aa7d271a63b84a478bb
SHA1 51b79c56709740ded04c7bbf3b318e88807bf737
SHA256 e25c1d26edf2b24f678a84f39043b69b39fb6612d9da47cfbc6dc064ae099eb3
SHA512 f0b2e33ea63d975984b8bcc389914fc7eb4f2aa022de904a2852a8caac5989326b95d51486565712c9f421686729a62697122406fb0eddfab10f80f710258b7f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 3d578a5db7748d42d666769da73d41af
SHA1 f1e2bc71376db857e9c2f5252819521ed484b169
SHA256 de42e036a12852179c012e716208f317b3285597ac76d51972e62a09bbce732e
SHA512 0f096a2518e4bc845ef84116dacafbe08a34355ae919525999eefea7c3ae3e40621aa726c693328f217f0c3338415eb9bd87811df8a1753fdc665aa5bf589cda

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 b96a34f1858cad1695a402416c3c08da
SHA1 e69a85f48fcc0634ffc5a3feb02ad1463ab0e6c7
SHA256 dcfa5733fb96fbbe6fe0a1cad5799ec9782c8e3308249251d2b8a301741377cd
SHA512 74a5b2f78fbd6ad93475c06d0051a63154ec1b897a2be3dfd0479b179ec52f37e75ff12d777ded23c92db3317dcf6c3e99087a989c8ddd258c32c3eacdee4f1d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4ecd0c945af47ffc7d1f2e79d800be1f
SHA1 879eee5149ae41aeae177a8a86c2242444dc4584
SHA256 8838f24cce895cb7b8075e0c2d7f91f0c16069aceb8f44a7e96e05e139690d30
SHA512 cee5fa4d39cd0d9ab20ff698346da82dd294efbfc3c37292401cec4fe8691d141a55a444c410d8ce454ec6d706152887d4d16cc0abc11918983a1e2d62803708

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 0d303a71c7865ffeacf0f6427307bc9f
SHA1 f9e0ef63439ea78bcaef4e8022e7d3f82399663d
SHA256 94dbfc570f01e541cf076fb6dc1e2b20c77aac3c906498111097185a3121cb40
SHA512 90ad4c14b0541ffd30cb262b74f0b13eacafd40882eb55f5fcf1010eafe53267ba39e815b50420f6428c52233ac57a787fa43dacf8fe4c83012de30959869cc9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 832cd12e3182100815336bb1a5b645f1
SHA1 3a9ab00cf2f8e734b358378ceb0e0817ac49e960
SHA256 c6c952d9d6e5db41ebf59fb47874e8e45d94938e911505bd4326f8f9e078a13c
SHA512 c8155f13097ce0bada66fab1669d754c9640151f29e00bba84a8d80139aa6ef0d41c00d066026d04c7f3e97fb83aec7d73a1b1f0b45621a337f1e8628b52e0a9

memory/4720-2019-0x0000000006940000-0x00000000069A2000-memory.dmp

memory/3604-2024-0x0000000002D60000-0x0000000002D96000-memory.dmp

memory/3604-2025-0x0000000005A20000-0x00000000060EA000-memory.dmp

memory/3604-2026-0x00000000058B0000-0x00000000058D2000-memory.dmp

memory/3604-2032-0x0000000005950000-0x00000000059B6000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\__PSScriptPolicyTest_spphskpy.mdx.ps1

MD5 d17fe0a3f47be24a6453e9ef58c94641
SHA1 6ab83620379fc69f80c0242105ddffd7d98d5d9d
SHA256 96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7
SHA512 5b592e58f26c264604f98f6aa12860758ce606d1c63220736cf0c779e4e18e3cec8706930a16c38b20161754d1017d1657d35258e58ca22b18f5b232880dec82

memory/3604-2037-0x0000000006260000-0x00000000065B7000-memory.dmp

memory/3604-2038-0x00000000066D0000-0x00000000066EE000-memory.dmp

memory/3604-2039-0x0000000006780000-0x00000000067CC000-memory.dmp

memory/3604-2041-0x00000000077B0000-0x00000000077CA000-memory.dmp

memory/3604-2040-0x0000000007880000-0x0000000007916000-memory.dmp

memory/3604-2042-0x0000000007810000-0x0000000007832000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 fd2d98cc07fffb9bea8415feaf88dc3a
SHA1 aacba2b8d0e036ba631ad9be2bd23d4bb36aaa35
SHA256 62ad737ee5a4f59ba0629c2e9f64740b118622213aba2a2a0bc93190b5a2d7d4
SHA512 bd653ee73bb97959b224da8f2da47bed3799aa7f54804d1d06b7f52d8b6846645feb6cced449f4075bc134c929a98283250e53f639bd10c27e870dc1d2c60ffd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6be11ddc2003e7df6a4141301f90cffe
SHA1 78d3ec61860bd028d844c0cb3994117ec7a2c8e2
SHA256 a017c4de545c23c5bea593b4a1b496503685704d3799aa984abd2d5440748922
SHA512 e100880b72187cff77714642abda6e360022fa587c2ca32e3e4a41a69d7a639be2ed8ded93138a387a081488e495919907466890befbaa88090b4c7a50f943be

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 40e5c7d916133811ab296c59635849ad
SHA1 0685a4338f6f9a322e05c15cf2d8a5af96bd1143
SHA256 db0dff08c06c0430afb02f01c61cab1479ec0ce57852bb669c7486de14e9f6ad
SHA512 e7908ff905cc2a4770d2d38507cd226e08da869455838f8444dd3062c16b746bc34bf211de07400148dcf67456d773f71b3bf6659db84811b468efc9313a103f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 7effbbf5168e4a4cc78b150430d87b3d
SHA1 62c8ea77a190b0a096a2df695927caf061539609
SHA256 ec72253b46dc9a29580c4854bd669c825e6fe020eb780787cb845b0ecb8ba1c6
SHA512 a433702f20e653ab978f9353219d2335da8e9fc8cc7287963a483edac662f83c14537a3de6f99757410b13037b942cc2241deb73881f51ee60e7b368a830d451

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0ce5c611a2e1e2012b97bc59ee63b6c0
SHA1 2ce813cdb0ce0b9606851f867525e7a0b7789172
SHA256 bdc46f9536afcc35dc1c7452f1e05221a8257b0a0a52f560a75a1a7dd5941d9f
SHA512 d297164b033ce08d9b93ff8bff11c0ad897994330dfabf51d2c301c8994e2f0d015a4962f3acbc6dba246087a739916421811b1754886fd93a225c9f0fef4bf1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 7c4e2c70dade718bbe0d96a4ee0500ff
SHA1 c7565e09a00da1fd2ac3c0be2789d1413a478dfb
SHA256 52d22051aa67fdd0bda203e491ee4e60f9b475fbf1d4affae6a83076542baaaa
SHA512 a2a4b207dec3d9025cde48899544b3e30a56e20faa616950a8c746e4890570ad1a15bb828f18971a989779bf7f9feeb585114b471482e6f9c04c640ea959aa3c

memory/3700-2101-0x000001241A920000-0x000001241A944000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a35db64f1cb6bd9725e1a31001baf822
SHA1 874bfd660c937cc1a9df2749718f137865f89764
SHA256 d5f0f8464c742ef8259e56015258538a663ce82d038059f07b4d75b27eb6355b
SHA512 1f46c0693bdc7eac42a439c53c986fb357146989ea8f21219d0ff7ea4a1a81dc67b8fd98749969c5dfb532d7e3c79c1058e0af1781ff6b29370f56f182e9a23c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 d7a2d0aee16c50a3f945aea663686e39
SHA1 d2571c646a4e39361c5bf98f1a5a1915d3f87207
SHA256 3029278314ae79bb8236895355d3ba80ad8a9ed5d5e36ac937148ad5168127c2
SHA512 66d0e0ceb7f571e12ca5ad01f94182d32ac4c60bb275c0f4ff90fb57f9e8e3c27deec9a7566ab7ccdda7627617aafc0dfe9f9748e924c3ef4011e5a75c46308c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 87a3edab90effe3a9302743e0fe02962
SHA1 df33bf0e143ef851aab692536dee23f0bf45c1bb
SHA256 0edba91d862d0e1dac89716a4cce681cf876f7ab91fede31b3e906c036ec584c
SHA512 93dba666342017d79b7389800578181357c8efd02c26d2843f3dd3a871cca70df3ce050535715b1720600ff98496d7020a40476ef8642b2394b181085606fbbb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9695112c82119a1f3c81d8a4e51ab828
SHA1 71ec73acbd1fb42dfaf92e311ad234c50b20965f
SHA256 4af8371c15f562e142b03a35b60670083842969ef55b59a79aa8eea60c1fccf0
SHA512 88cf9844f61d298651825dbb3902e7a039f7aa74cd6a5f59992c9028dff90de3dd8eb969375d3b6453eaac4963f0c0a07716083179bb42e70cfa3fa6a1573833

memory/9416-2175-0x0000000000710000-0x0000000000722000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 b9f1acce35fccba9462574953562d0ac
SHA1 f767ff3d6bce2ab363b6f3a47b2a14ec18f54c4f
SHA256 f4bb35bba01d4b7c143ffe2b4046a1f3f81790c9f9671b29804a3a626dad033e
SHA512 9b4bc5052f64fde05c8f19fda562ceb737936442f2061c733b3688fcd24edbe5295ef586630a2a3cbbb3ed18dfe35181eff304da7ece7464dbd3d08a90bd83a2

memory/3700-2185-0x000001241A920000-0x000001241A944000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6d124ae4ffe84b9b58091f3497622c6f
SHA1 b27bcc3ae14f1d30b99c43db73c438deaa497764
SHA256 4983357c4790ab1c293785d061c464d6fe55d1f3d9020237a30bf54d3d83f43a
SHA512 cb7b934c527ccdd58599b08a36916f3115ec7cfad0da34c5885a1b1b9d09dce7f83e462c8f3dfca32238343cb22c1c97e16f735d5705d519e8a5adcde82c404b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00003f

MD5 25078ead20895b7583f06a0537a2e441
SHA1 4daeac4c9b6576ebd72da1f0d7b99d91f72a470d
SHA256 51bf5ea5812943ea5399448d2e600c44e0b4dfc6fd2e4026e24f749dabbe0293
SHA512 b560e8e652f46d899cd613ce9bae7fe8b4d75e884bcea73d0a2b10436c956d62e215748a044860582c3c944ca9ae8bcad506ba34d208623e314f97f302ef7295

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00003a

MD5 1c1441e4c0ffab4ed8d316ee1f772511
SHA1 9d21edc040fc31d521619e49c005b40f8a6d526a
SHA256 db65d7520a3ba1eb104590d3b33162d3142fff76f546192ca5e1ae0775f3d33e
SHA512 cdcbd0400832af06c761ebfa1648a3f3b24cf6efa74964a41f9625dad6f650183941efb6365957e22310592d144773016a70c380437a7c25bb59dc90f14d5377

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\53743455-ea53-45f9-a0c4-f99c5dd41361.tmp

MD5 32f0bee43ae4c02d7861ffd4f8d2d5b2
SHA1 cd1b5ba4e6805b434e95a3bb86b2a85ae4a32142
SHA256 4c5870880b35052be5d2cc0641d17bc66bb9ff3155f47ce352ebeaeaf57e8bfa
SHA512 906176fb9701efa9486903e2a8e4d59d43c3579322db161597f5c4730981881c89cab99ca02cad8f443da2651f7c44bc408d3f9fc2e73cc212a9ab190b63a234

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 449e802c24edeed5a58096f458e39943
SHA1 4608885912f0dda9e1fece6475ca727eac51e2d7
SHA256 c45fefc4f69d7c731c103ffac2ae12bc14703a879938a01dad61a8c8ec25baa0
SHA512 755381ed75065e510c17bfaa1d84f46302a3881aeb4b72404547581708b77b8d1ba5ee532308881c50359d78c2f52ef472632fe69772dfb35de9b0289dffe505

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 45c3d01beb14990562b52c7b6038e31f
SHA1 220f3c73a22b5f8e3741096e86efb3f358e9f540
SHA256 7a5f2b03a449ea882be5c24bcbd22fd14a577b94770097f21210535caa1119a2
SHA512 58ed66bdc7be7f44f2dc4c15e50c60c1b8fa54d488567a554643f0b9a6f27dc50a36daadbf20bbc8134c0e75ed219ac0bc569331d0fd31dddb00aebb94686068

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 fc17a2b4df6c9d2670aec36333b63477
SHA1 69388ff39a8741a96a218e2fbf1203649978d79c
SHA256 1b4cb4a8a5f3a7f03d4eda49623e80d0c22452b057ae9b26ff1d23a2bb01c9da
SHA512 f08a9c70ba679490dc28cbae6e155b4f525e4342c97ab44de67074465fd86b62b5475e14d709213f183ca6dd9aaa1be05280789b83bfc48e45242c15766e75c6

memory/3700-2283-0x000001241A920000-0x000001241A944000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 cabd14864182f92d6acffd38d0e81f19
SHA1 ffc04caa1c3813db3231449720d144c66a00893f
SHA256 8bc5cc96c319f8e08c62d008dd0ebbcc2521c33265d6e69c76a1820a89e0e80a
SHA512 d3cfe1160bcbb457662925d7706623533cb14bc288b057e712aee9d5dbc76232b2e616dc26af3d03c0ae4c2441c10d67cbf31d085fe883400ac7db8073adaa9c

memory/3700-2302-0x000001241A920000-0x000001241A944000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 deca6c003f4ea37ac3b64f995fb049a4
SHA1 a3506fc7cb016e509b24a03a64201f841cf61b6b
SHA256 6973839f0f592dbf6170e285b9b98c44b58f9f2e924b32ebdec9edd337eec173
SHA512 b26575dc640d60fb1a2fa7cd93661c0acff8b5b585224dbbf8d43a5208bb37db2ce8479f411c7ef0b008502f1e1118d6ab12c956066319358e0d529d0973320f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 6966d2448e6db128850dec18dedbaacf
SHA1 b04f9f38303466d442bca96f75820937be5a2bae
SHA256 6c2ee71dff3d6a34d92bd8bdaf1567ff65b47282f01a8853bda8c6fb9d4ac6ca
SHA512 c188249475c44fcb099731f46f021a14e641cebd4d9a3d5d9bc34fa725d55aa7555d2243c7025edbe7a02bb516a58b4dcbdf06c82e4fd055578ac8f32b98018b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 510f25eee78c475a7b67ba3f5f49a40b
SHA1 a2cd68a6ad0626139f96974e51e3d718d47643aa
SHA256 4adc06f6b6de443a8a19ba00af780bb870144eaa48caad5c6d202850934a8321
SHA512 68e647d5d170d896619562aa1f2da86de9dd9eed94b014b2898944b565875ac661dac1e447a893ccc33e56bf40e05c37c87a55cb50e7adec511b0d1595dcabfa

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 b2902cc3dd48e55d8392aac95e03c7b3
SHA1 1c0387465de319c5b37838c116e5099f0df8db0b
SHA256 bb60bf3ae2e52ac4f4dd0a0c6967b70407eb044d8a265f7a35d3ac0657fbc979
SHA512 5731855d662f41552263bcb18cc5a494345425b7b10e13389c5a31fc0f545508289f18943574edf14b0777dd167704ac2a5b344140e8864f1917e32b5573eac2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 f4db728813386c596572d3e8bc0db9f2
SHA1 49365a96ebfc6bb69b16708e8be4c373741d3295
SHA256 8e65867e0c3cc1cfaf909a67f2bd7d54d0d82d3b4a1365801dd3209723615ea7
SHA512 0e442bfcf6a06b88e2c37b5df366ea19d92bc7b1625c8a4cfc0110cf001c45e5afe7cd0d82c3ae0175ab781217831d725b8d277953391627ab64147c44bb8f4f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 576c1b1fb4371c5d5bfdd8d1f5b41776
SHA1 91cc8f7ec335db1e5af2228af4b264df3e5a7c7e
SHA256 678d09a564d04969de759247f069bc966f488b449026b01841a117e23830ab85
SHA512 a31b2827f6bded55e37a64f8478e458814b0333b16ebe7af32a9d8858524d07bf324681090a1490b08f3813bf08f881fc0ad1384054814d2f072abb3e606a0ff

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 ac04358a64216bbfecad76056c989be9
SHA1 1902cc2e105cd9cf435464afdcf32a66e4cacc2a
SHA256 7461938397332e4e1f3d5da5b3c4c011aabc86efc5fa5f54fb3f02181d65bed2
SHA512 022e41aa825e4165ac5ebf3d15d4147af09baa32dd6cddc89cd2a7e0a8395461cb1544ebfde68711ffc8eb6b9f638edf0cbe411a1f3ae0d5d2690ee0fb2b0846

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 76b6670997f63c3a2a47973f8eb81985
SHA1 57759ca26de72e5a7d1e8078d1d3c97bbf2a2b8e
SHA256 b7e39894e073919e7f94ac5c4529be832f31af58a3c791c811ea5119e9f85fe0
SHA512 1f30eee0a5e0beb412e904f959ae73ee9287fe00fd576d321fa8c978dd2128bd19ffcc6672ef3165e25a0fcda1a38ece23e533ee2c55c0a622b1ba9093b866fe

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 6ff7b12b9d60d3685a2e3aa3fa342f41
SHA1 33aff8688cad1960923901644b1359ce95a40d6f
SHA256 d949aa71f73663fc3830cc0d8fca6567d101f7d096f7d9961261bceddc090f85
SHA512 660f31c19be52323a7087d94924507f57fe94653a37b6b883269422c019a51b63e42ffb3e1f745f84a7aeedf7cd8ead7e4b3f27d24d080cb65ecca7c8be95b9f

C:\Users\Admin\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-3785588363-1079601362-4184885025-1000\48bc30a298cd12426cd032f5a1df58e5_3bca7139-9f07-46b4-92e2-f1060aec92ff

MD5 41c2a71f2c54349f43074b6a1b72066e
SHA1 579ca395d0c59df262508a16a877f2606dd05630
SHA256 35fe4abc4bc86bbf7ef83a16294fbd8c1612633b13b68e2bf5e556459aa810f6
SHA512 5e92b83cbc9b03d606d080dd918c400ac5facf51f4ff45b01c53557ffe2900dbc439c6e41471dde4da0dc249bc120e26b7e670819f96a34ac8ed9a2ce602a8a8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 7b0ca113395011238ac5ebf8aef044f6
SHA1 bbcf626459ead66845d578c19ec3913990fac048
SHA256 6bde2ec3de049596bcb50167ba25d75ee23507ebf865972797737a7df2c89cc2
SHA512 936ecccce265b3db18610312da786392a4436da789bb61c47552e3696f9888692c31e0777b5c2e7286360c0e0d6e83eed73a820c0e6187dde684a7a88654dc00

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1f202dae3b310607b5e1e2580f20c182
SHA1 17c0099235761847c5265d9709a052cb56bdd454
SHA256 922fa88941ae079278755df5f4d95dc68d58831fa0390abeba17c0404ff68553
SHA512 8a0aa12e789e9456f4a784e0761a7535201dc5a8915390ee68ed7542b3e8a49247e9fd0dca096212c208e0088f884232bd31aba6b7b291f790a2b5d4ef0c5b50

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000048

MD5 63691d9ff03808024ceb37622e1e66e4
SHA1 7c8613bf108a513554849f05f3824cd6d191e70a
SHA256 ad77f294d439f983efa1079a6f7dad23bf3647cccd241ac540a23880f491b5b7
SHA512 525ed5dbd9df03532296b9404cd9ddcc5bff93826b1134106bc1cfad26250efe18baaa2112626c3d6c0cd19ddc464842809724b400eb9d5ca28ee0fee288581f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 876f2219696f5e7a45c6becd1e1cc5cf
SHA1 512e4d48884b83700e2e96a6d06510c6bac00417
SHA256 8d3e1a62aa3d3a6951074914b1c51da81afe77b03a00d1311c390c3f26f26110
SHA512 72dece6eb2a4f32018d78a8548101b0ecdc5be8603058a68eed09ec0de6521fca88eafb7c7ab64119933f379ecf624e4b57deb45831c45d4ce78127b55e1af04

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d4fae867336f61316a5321562128c5aa
SHA1 caf96f0500727f02895df3ab34da60834d563654
SHA256 ed5900d5ca235470bb7d570c0c88739e79c7e8dd5f19dedc9d2a3dd9c6d49cea
SHA512 537f97f6d28059455216d67f76d6cbbce007481de7602f9a4babcbcaad972f08d296bcc22b18f7cd5f4a58ae21913f28c6bea446ae61f55b6aa873ff8764debe

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 552403c7da3fd03b54f51d07718dde74
SHA1 ed65ea297d0a3308a0a00f23e9c8ef148246cbc8
SHA256 32533a7b0c859d076f8f5d6f1d2dd1968673646db5e7d336b5a3dd247db53b0c
SHA512 7f0c1be32f0895d15129f5594707cbbc0587e60947ee9cf961d5b718d60dbe4e17aaa6f8d910be022cf63f009debadcff609941418543f03e1b65c5825631326

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 dded6e391d1282b248fcf375de8b1dfc
SHA1 bf1eae7f6ef46680351b6213d206032608e19e9f
SHA256 9fc4b1fdebeaf6593b39cf5d5d271fbdf3ecf891f01a17b4b147d090965a1d60
SHA512 13284b2bdca828cec5b9dbdebf95d24ab40a562ef206e9efb6777af00aace6656e2b5721fe61048b3edf91caccd343ee698d1d15ee679ef62983fc15aef7e6a7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 f9ca0eea17734c5160f8b9d2f9bd06a4
SHA1 e03708f493caed323e770fd968065fdfd70bd313
SHA256 5893ecc0577a1316bf2039d158d5ed5111038e2392af752feb509f011ec9e9b9
SHA512 9722ed5ec19a5fed9e2fccc4537df6942c3f0fc9854b95722031a96b8ae3abee699f59fa4cd6c58332a4cbe06476b62622623d19a4402d9b22fca8f8b42499cd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 208e55bef30e2ada49ef719af1c10d7d
SHA1 5ebd8acbb2b3d485aa1706f4a249a79fb1aa13a5
SHA256 f3c231c106aea8863c417820c4eee9b9c58c420b634e10f6084b5fd29ff1de88
SHA512 dda9b648217e0fbf84e5c7b85277aa5e4ddce3e67d186bfa3f3b3380a17fe71a091f7bdbd4281962cc67cf25ca838b59db75c61b9596074105f444c1d9e3fca6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 b0c6309d918be19773b4afed6c9d9512
SHA1 60f1027d007b58e0ad5c25ad5ac6dd23b4ea6d46
SHA256 52707e09bca3b12d1b8422b9b70c32f8ec50c0a73e713fd9818ca2526c23412e
SHA512 139f7db8dd1aa5d1b4c56328bf14ed59e59521316bfd0ce2a459547135d56b271c5fb0493196064482074202f045df795c0142e26f9525fd337534582d13cf94

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 bbec5cd26eed74619928776f3ab75a72
SHA1 ed291fd51f2aac7de3c663f0ccd26ead01aa556b
SHA256 23e32b0a8862491793c79013cd91e780a0d2fbcce3198ad149fc9eafc9434c3e
SHA512 4cd909c4c165f0f20fbd502bf16a71694ce66df5ab861d58bf24131fd22930e95e35961942bf2d7d8d6b4c640d852430059f962835b20c6144299c68abf46785

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00004b

MD5 5eb7466f3176cf1cb6c55808fc927ee6
SHA1 add22984058ef65a42f8be31254dc2dff56fc2a2
SHA256 91b13ebbf91391d6ae482fb9066f9aefb3c317d9a994fb0fe021aaf11c6506c4
SHA512 1d2d9aa471220e64da0242d75c161d9c4b70dea1fe3771a4de10135f498c3fd11f9936b754b7dd69fe5648385c12e5f945e392b698c7faf9e45f360229798b81

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 123d38751e735528dfcbf7ae81150833
SHA1 9776530d7896ab2497199cd086374b0eee936218
SHA256 9717c2c39149223444d769b17191880e6c7c7fb56ffb8c05c270dd75aeea4aab
SHA512 ef0803778cc1f8b13b34220d65148745d2bed55db7fe1599952273594d3b00f16dc5130e760d678ebdf4c8e2a9a9d255548e69cbcca1d088aa2680511a716fea

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e0b28fc82ce9220323e5ea3770162de1
SHA1 dad34d27c716f2af5a23d975e571b88bfbfaa20e
SHA256 14a64ddff44e45505dd0b7664f908b4f8134a708781b47f8a4495531b0e66131
SHA512 60a3b907b2f384a3fc36e3d0091a97319a793fb5da2671adbe0bd72d2547ec379a4b076f1592db41d0ca5a943c9ac838f0fe995238f13e0d4213d5f06342f240

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 9cdce7c1ca3e8500b22881ba0c856fa2
SHA1 cb0f435e2cf22b77d967e1082be4c214def5f76e
SHA256 7cb88d92901df8b5d247a44552f2c68379ab59a801619f42bd5d1a62ace07b0b
SHA512 8bfaeb7e6397f6558bf19c6b7df5ca3cf275606908cb954ede2a162b1d393201b443ee5bd911cbf1e04be8a87303cb5c55d88fe34430f3f930587ba8e2eedadd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 4e81ddfdbb71c92ac7129d72ad754031
SHA1 dcc2a7ae0cf0ddda54ae83a5ff4d36d4d8d460f8
SHA256 037bc17d415e2e53075c048f667e08798da827976fe722610a456506f5931c93
SHA512 68003d7bfc31aead3273bcc4e5562574d9cc373a61ec159414aa36cdc5786fe5dd16db53031f47bd12472ae4087e482b7a14935b2df5663b62d9cbbbea9f0e9b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ce80b9786f2ab22caf4184f4dad9a8a6
SHA1 58998d1efe9c56ce905c12c698fb7e38ed348645
SHA256 8f383783c458209cc47e22c4e67fe2c0a5f131d292a63c7713976b57343977c9
SHA512 3ebaaedc3d2de9e81321375fc8f7f467c100cbce3e2b31e8fb653737d59dd49ca2ad567de029fb36cdaf71d58b82c51e033b0a7995aaf2a5d85bfafa56a7fe77

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 021a9e1a63a4225be0714a2be90aab8e
SHA1 4f73c401a4df38e657b6474a2481d5798a32e35d
SHA256 d2d01f02cf3903b5dd8fb19832a925fd1f913ac1cb99526564399f2cbd533f79
SHA512 5777331920c0731f2988bf81f26b89a7eede1821d5a4dedba8d9de9f5b5a14f32fa2b930d6f0f37078db5d7b187a45ad934020115917101df1949838f1f02c48

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 d763f34b05f92a86ee14240c4bcfe7cc
SHA1 16832870034edca7dc97009006a43acc106cc165
SHA256 53253e7efd2b645d597af727ba824f6a5480f4f9a69c5f86f430eb5912619499
SHA512 e1566ecb79ccfe291fc683ff4b620b72936f0e04f521942321a79704143b97b2a69c20f3efbd03d82195c5581cddee171c52e327c8cfd5b44f905475f08a887a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8923a7fba89be5b1f01acfa9f02cbc62
SHA1 f4577432117c833a0f8eb5c35617d78b36d33ead
SHA256 e8d46cf672e252ee0d53b8d3eaedc4aef367205438a92e6b0948b46f944d0b3f
SHA512 428e865dd6647e51251d9c71e6c0bd0453fa959c66a543e0a59f0aef786e1e4e4d84b409221efa28cab03553c42e45de19586e8b49012fb6ba963640b1028b59

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 41ee01de7145d7e7a2648ba80a2d1bbf
SHA1 3154a00e4fa0ca2855c423eed269aa7524eefb7b
SHA256 c08bcc8f29429107b06c2efe8c118ffc7af9e5ab6f92e5eaaca7489bb4194146
SHA512 168f8b6e3388eecb353944ca80f60395f3ade38446f642001f761bebf30ce8a63380c2c67ccbef06f4bed5c0a18f5a1647f113f2efd1eab993867435a84294cb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 1e59b5692039b8d88323030bbd15ba98
SHA1 d7c39887721e85cb1505a9e5ed615161f19f7724
SHA256 ceadd2a4112c18802608ffabb80079153be9c22f5a59cf1b7d23199f82ed8f4e
SHA512 93f42668cad6103fe0c98548895e8dbaf7a5fb94b58d5656b993642822742b73c7a0455094350e5373e3d377400a8a3d7883a1f461e32c71eb56ce0df57c40bc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4cc269a8de3ce255650a75ac3b0cb21c
SHA1 6f5d528c293925a71ebc17cc9a3c198af3631fae
SHA256 8bff29f6ef9a25aa348e3311d7c24b44ba4348e8b0628202e936c9288396839c
SHA512 61c1976939639f6cd10b18f303da9eb598d86588ce5aab02b52244e49c4654ff7a2d86147c6665366b23f27fe0ad4004018bef30038af2dd0cc7d85f847be1e4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 233568701b008916c61e97aa1b30c18f
SHA1 bf843666244c7fb591e1316217f2025438aa01fa
SHA256 b36ad2a6f0b55b649381a5aa80d4ea1d415224cab967c0fa9b6db7d5ab763764
SHA512 25ac86e7f38ccd4a8a5a154abf4ee126827fdca1fc355d177cf94a318b6d0a67ce72da818c01d2359aa5c270def8ceedc20f7b34088bcff232e9bc0c7dcc3b45

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 db78ebd615f2ad2f1ed0f2cd82bd4db8
SHA1 2a492c881eb237d52dbbe6070572a0d40147e0cd
SHA256 988dad3eb1450db3651b16faf7a01d723e9d94fdd6755a9ccb690cef998c8e85
SHA512 5a47a735965d2212deb188d538178206871c0e11c879b609c97d7ae9bf8c94ef4fa87b8f45981bfd54fdce2bde93ca4224258c8a56539371fd1e36a5a4116849

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 9bac82b288c142ba187b00e15fb3cf34
SHA1 392e8fc28d8d7286517ea908ea20cc94c05f50b9
SHA256 df2beb4513b4da25b953d28a2148ca901ffc17ae3e815d2f18a4cbbcebdf5b55
SHA512 4bb71a806ff40af5e9ce672c08f99af5fb1dd9872cf07ba11cab1b0c9a7267bf16394b41f3ab8a5d7356dd26efac84333ecd5dd2c47bd5aef1838addbbe0f512

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 35dfacd983575cf6eb2e5adc0c10c3c1
SHA1 68dbface313e4187dc64c2dc04570f23aa72aa60
SHA256 7e7ed1ef9b9b667262b5e445784b39264c3a730015f3d1d388bd3ac2d5ab2911
SHA512 fe83f6ca5afda14c492b4658340571f80931a74869dcdb68374b5840b1605d9382f0883b3adfb7fce4a069a68d52892a60d0e6011dd47ff7eb442c7a7ecf9ca6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8001c9d02f9394342daf63ed5f5dbf3a
SHA1 244a36289d4b09e66173f67be11b6a1f00f430e2
SHA256 4b3406b0f940807f201566722e056a769a81de3f521ed40ff2c8cc54d1368712
SHA512 99b4beb83af063eb255ee07b5e7cfd367b36f0e38cb3ccc0807ea00ea4df447b64b2dfe9aeb96ccdb8578b8fb674bc7df9349db62d1b73ca36cf989045ee8d92

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 729c43e142d7b02efa09a3b406db5dbb
SHA1 00b7d4925a423fae41a224c8b16429409012e93c
SHA256 bd972607f6f52197704d2b203776e3c46353e31d2ed58667e2290a1f005a2d92
SHA512 554b31714c3bec57044127d1c1e4ff4d579b33f24e5c6c643989e6f1d7d6161b86776e903525549d2d9587cd5cafd852386c3743099da5172c22617a5060abdd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\b836d225a5ef9bfa_0

MD5 e104e61eab79b64e044c211724cfcf2f
SHA1 5ff5beb51bab8b934d86803c3390b35da68f46ba
SHA256 3d66f42a8f40006c99c7e8e4919b904fdf886685140eb33fb6d50cfc6686faf6
SHA512 9d7b5a93b221bdc2698a6138c152ed2543dbf775d23494357308de0410e1c2a7b6d56d8698f5e5c1d844e32bd425b27f94c06b6c1151bf81f43e625e220b66c0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\1d017908485aed8f_0

MD5 c804e9dc76cff2d617acfbd22ed45ce7
SHA1 2d1935345005f2b7fe909069b48219a788ee239c
SHA256 324a1eeb70d5857b1f5a60baa9e41194f630711f5d72d4276582888cffdb1393
SHA512 260ed55a4e5fd4d84b4e1cf1a9da25c4124470025f088eea157d2ed80bc0bd7a9575d375821f2e069e0f32fa6bf34c667c268d799f16af42a9ce5cb85ee7a26a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\ef57201dd7b1aeb5_0

MD5 8bcfd8d983ffa10ee8ef605e1e6139cc
SHA1 ea182e721761ef18a267b17e0404be8690bcc3aa
SHA256 0c81bfc4b02d5ee3f43f02b8b3e6e495d698324d2058e1dd65b49732ad71d3ea
SHA512 5ed4e2553eda8debfeca3d78dba9810b24e1e28d990a9ef638a3d4cb607b5922e97a339e71b0451c73869af80064ac9ab037a9ce88e0d99e5f07141ad1ae366d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\6bdb6fd1fbd7dcb8_0

MD5 661929eaf1936f87844979fe68ad34b3
SHA1 41ec2bf75fdbb5d01c12169747405ff6a17eed1b
SHA256 92e7d18bcb81d9430c7b776e75f44537e4fc51eeef23c441133f88c42f8666ad
SHA512 53951e7b0a4ac07a5ba61a0144fe2f9e7210e0a05b304e09a5a7b2b1609114d1d3d0db5e1f88818a83972570a615fbce2f6e944021840d71ed0d17613e2b157b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\917a2befedff15c8_0

MD5 ced56d47818ee067210c97fcc7291f33
SHA1 9f58c06f63cd0d186bade9f5ed84337f5726f628
SHA256 8489aab7e6af6d7e23b52b2179987225d5a86cb38818482cad5488c65c59c4e1
SHA512 e0bd6f48db1a52159808236146c161f3d40f995dae1a5a1bd965d377c63c548715ffe153ca0a66f2c9476d26a740e7edb414f5bc617e72acd531c6ad4ffc389e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\2ec0d08029e8f724_0

MD5 2128266a9eaf3bd95ecfc9b7496f09e9
SHA1 54c9848b398d5b2e9ad8f719204958f64291e7ef
SHA256 c13a88742d1834b6dbffd5d7356c4409bcdc7f870ab4db2334e8787f3781421b
SHA512 e0dcebad57c77ce24825a146dd50b52340c59f327091f6749abd56e3c6009827051576586409ffe5f006db8c6b65ec7b06f2f55317a6d935c0d42186362aa516

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 63f655beff482cd30bbe59d075949be8
SHA1 54784e9bd69b4295321d94566a6d9cd3b5ed6605
SHA256 16473db7522350b40367bac24a7ead64f170759934fcffd3cc274bd2c6497676
SHA512 952c8482587640d28323ad5d19b9a2a3efc21fe7d77a08ee52242958e3010aa3efb2e32a889ed8b02ff90c1ff61fc88bd5e246dc04484bdbec56f81f324a4c7a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 10cd4c3eff04db2f648cc11c59faf865
SHA1 bfcc19f41210833288ba4646525766983d09b99a
SHA256 af46faa14a287a5200f18863bef5ed20c994b8d4477ef62a0cef8d1c71cdfa78
SHA512 e33ba7e5f7a3e33b5cf2a1fba70d47d2ee8f70a11f6c045d2e931fa5fab9f139ab383a193aa0bae5209b4dc6cec5b765d7207090f5f2fbe37cbfb4b4cb24a1d4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\897ccc24cfa7a562_0

MD5 bef04ed21426709e07409a99a00ba74e
SHA1 63b9087174faf8cf9124be1c45bca02c0caeaa89
SHA256 adfc97a63f63358b9a8f4047c75d514f5a5004933a558dc9ee668e258d5c2ad5
SHA512 4aaa400a22641b39abd0231f8bace293ab9502523a67185ca32edfce578ee66920243ca2f28df3770054ba6eb98ce04072d753d16243f302c8d67265e5944677

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 112ecc4f9ad56d3b05e12fcd9b924a96
SHA1 7489af94d8ad1d1aa678c0a4b884c0b1a9d4d4c3
SHA256 fef8a1bfc2d226557f1f5059ec8c3a635cdc69146589ce332b7cf50bff22fe22
SHA512 975da4564afebee48b42668c44180064b9a330cc6c6d289817e4e2a23ca47fac77388212152c2241508a3989369fbbb55bc68c06f6d5393bbcf48546ff408dc1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 fa54b6d612286411293f9868d19fb7a8
SHA1 87b3369a9024d3530cfe0d1c3c79326644e11300
SHA256 6a97932bef2575561c7a339d2fb4738bcd4e04ee004320d660eaf84b89b4b9b2
SHA512 ca4a53a12572c9c05ddfb75b6de35c9c6fe9744a512fcad3646276cbee5912ba92df9c8d2473feb32552d67b8802ae8819b3259c087c9a95fc78cb166c8a4c95

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 93bbeac7aa508b4a93799ccffe0c3ec6
SHA1 024b148c0a65f6f84dcef15009d6ac49e4fbd503
SHA256 a384532c673d2ac3245ac523d26a1d43712f518ff530ee1b70469c8a84cd2388
SHA512 ce98777b1b408a0a56fa2ded9933758008db21b11c8d9eefd93a52cf32e29bcc8640c5d88912c479a5739964fd572f227d7a8ff338184a09d4d693b6e23438b3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 3457bb058cccffcb4a179069d9d9fd9b
SHA1 96bacf56eddc72cabe68730f8de5f8e2b0325715
SHA256 27b296df73727f6ea23d1e86a8fb99b5e440a8485f658a218f3cce397383844b
SHA512 f4fa03f3ce20a1938c4a5f2626ec6e26999eef7bfebf6b92a29bf58fdd6fbab813c4b7516ba0f2a053601dda8b27e363bd1abd9a5cdac5bb20af508e63db2401

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e9b41d7df92e39ffa286bd8b6fd9671b
SHA1 c1c4727e64e756870461639c79f4419987ad43c5
SHA256 a93f0091bb2799297c4e5679b8c51678e3e9d429f73c2d3598fad1a11d09022a
SHA512 ab8df6ffdda92cc2e3f658ebf97496df641ae6d676a0e56c0cf902c688868bb43e0583f300eff176aa42d8d251bcdeb2ec5fbd6993029c101f927b986f2d4f05

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 f33e8c9585d29c5f6765624e48077b56
SHA1 04d72f685a410e18b5d541f7bfdee83fd5b79991
SHA256 e92288ca687332211dfcd78c114b1f25b358318c512afb68f199fcfacfbdbd2b
SHA512 5dd02f94558cbc3af163d638757d24ce002cdf3123f8cf2888779d15616b0e6bae5f33ad295ed25e01aaa7989a19b30f011781f7b2c3313ad07b67918299def3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 cf0af19c22be7ae3290f2e953bf98422
SHA1 440081f505a3ccf75909d14a752a920eb595da6e
SHA256 66343b7c30aa0bb8898c3724c1fe83cfdbf428fd68caf5cede7e2c436d64f846
SHA512 7a9be18ea3bd9275240fd2f6f8f7992a561a832faf53321604028fa3d6de296fb74a3ef5affbc933d5f258fb3d5d7f8deec6120b87f5ee7a5bbdc8323ebd4334

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b826528c0fbe8270d9f78505cc7c5722
SHA1 bb5db5bcc4b2f30f98dd090c99d08c59b1fc4319
SHA256 b5d142b4a83d56b886a67ae253659b23229ee6f7af486adc7b125d68998391cb
SHA512 2579bcee566509b865ca7e8c3cf162723c07b93c9e7c499d300ca236a5c15ae44a7740d29dd7cb83b2bd68a722fb61f365ccdf76fa443c825b4f05afd55cf2bb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 56916b0ef0ae696991b9701ccd84894a
SHA1 ef97386f2ab1f61f911ef62343a1d23c1a63a51c
SHA256 4b71e1b4187d5bf5d3b1f26f75d1abe68ff47b9a446ae5df69f778ad3095f987
SHA512 02dfcbd5b75aadfcfe71efa9c74cf05b1e54b7f5ed7da72e5e1fbd98c5b79aaddc1779fba388fc130a1f4b28af9104974b2a552eba86c22dc7c6ed681122aec6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f21dcb4c80979974bbfafabd31bcc5d4
SHA1 06b9bb17572b42a4285f4f3badd98e2df15e510b
SHA256 87d2112c2e68967e81c2ced3190942669287e9366036002f837731b6b603b757
SHA512 11821abe8c6868a1aad3636bfaed3adb1f95a39484c20e87d048f7f9771e6c2e073af2e996eba6b8906156f22b151bb646378d0c993fb4e9743a92d4e9cfcce8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 9efbd7463068e5d70daefb2a01ad6a13
SHA1 5a8b51ab0ddda476bcdfcced4ac30ee04afd4bb0
SHA256 f702d9613dc4cd7803c69c6f50c5d853f00afd61ab73d490620ece80529114b6
SHA512 ceae013abc27c06507fcdbd807c4e4405fb8c1cff2f97b670269ae17294dcd802cdde5e9c70eea6d820e8f265adccb9ed904c69cfde0f094eefd9dff3111417b

memory/9416-2965-0x0000000006530000-0x0000000006594000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 557df060b24d910f788843324c70707a
SHA1 e5d15be40f23484b3d9b77c19658adcb6e1da45c
SHA256 83cb7d7b4f4a9b084202fef8723df5c5b78f2af1a60e5a4c25a8ed407b5bf53b
SHA512 78df1a48eed7d2d297aa87b41540d64a94f5aa356b9fc5c97b32ab4d58a8bc3ba02ce829aed27d693f7ab01d31d5f2052c3ebf0129f27dd164416ea65edc911c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Edge Profile.ico

MD5 e5e3377341056643b0494b6842c0b544
SHA1 d53fd8e256ec9d5cef8ef5387872e544a2df9108
SHA256 e23040951e464b53b84b11c3466bbd4707a009018819f9ad2a79d1b0b309bc25
SHA512 83f09e48d009a5cf83fa9aa8f28187f7f4202c84e2d0d6e5806c468f4a24b2478b73077381d2a21c89aa64884df3c56e8dc94eb4ad2d6a8085ac2feb1e26c2ef

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\364235ef-e88d-4798-b6dc-9073f6eaf240.tmp

MD5 5058f1af8388633f609cadb75a75dc9d
SHA1 3a52ce780950d4d969792a2559cd519d7ee8c727
SHA256 cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8
SHA512 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 843402bd30bd238629acedf42a0dcb51
SHA1 050e6aa6f2c5b862c224e5852cdfb84db9a79bbc
SHA256 692f41363d887f712ab0862a8c317e4b62ba6a0294b238ea8c1ad4ac0fbcda7a
SHA512 977ec0f2943ad3adb9cff7e964d73f3dadc53283329248994f8c6246dfafbf2af3b25818c54f94cc73cd99f01888e84254d5435e28961db40bccbbf24e966167

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 2abcf36cc5da4e4a04d887b5d74d93df
SHA1 a2efa0a59cc996e459bd4a33965136c5e2511e3f
SHA256 55f86b83e9bd1a584fba11698b350ea94da1eff85472c4a0e6f6b1e677555e37
SHA512 4db364f9986d4b29aa0c070f8c9e50ed4e96f918f4c0e9166506769f8b05fb59f9e3e66909a0cf7fd285e8d43345064c02c1990b5adaed35017d7d7e500557b3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

MD5 952a6e3cbc50f011cf2f04c9470080ff
SHA1 a0d6a2509af73e523c970f6e4351861bde63d6db
SHA256 faa79ba7dfd140106187ab50f14aa7cca13650f94f796419bc0a44d7a2b79d5f
SHA512 7955092a6086f05268e4b0f88648d9275020b6cad83f81c90eac5a7cd994cc243b8dfab579d4335db62f3577fd2d8a7fbefcad6cc615e2bcf1d014115056cde4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\MANIFEST-000001

MD5 5af87dfd673ba2115e2fcf5cfdb727ab
SHA1 d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256 f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512 de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004

MD5 ced19501a9f990530db90ae861935090
SHA1 ba953c1351e75d80a1d893794bbe1d6a2b133635
SHA256 0b22620e424715205fe8f97cc8c045cf2a71bbccfe4f11e7890629213d85ea4c
SHA512 406923d85fb1e1fcda316d1311ffad3d6c3c0296bf34c6fae2104b4e521cd691417bbe8cc1416cfd224f7e2fe8a99fd29a25838ccb1511010c00899ec1c3f37d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003

MD5 b75d4a6c7683a6221f741aff2abc797f
SHA1 4219cc6f3003c0541847b88578e37a09c206640c
SHA256 7574d78344181db62f3fcbf2753cfd6d3e8c865426654d79378834ad66db90af
SHA512 8fccf374f3d09765d9f03baac69f69d391bbbaf4b17868292bfe13b49456d5eac75350d61a9a3ef9a237c26876a34e83d9145408d3ce1dd8e007d9b7c0669558

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005

MD5 039d363bc3bc073dd72997284690f1f2
SHA1 2724e837c8164d9f7072bcd9bb5a1063de6c3ad8
SHA256 be08176b2d894400b087919b81450af753a51a268bd46fc2046eb1425802d41e
SHA512 2fbb2dff8884492c0a229fd41b57c08c8b5ba81a628cb29d5df6abedc3a5fc7ff08e27427f0fd5a6d5edf8a84a6baa906ccb712a1764ad859bc8441c803b7499

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 4ef29774ae5c95374303d952327fb980
SHA1 9a2a71a6a7a15d35408cd13ccc404d8960d1af16
SHA256 a72b1aa98abfa4a9489204680d6e8e60fb585b23892b529a1b96d507e3ef3c70
SHA512 c207ff6569a62a5f25e21b7d43019d0ca4142d7935c7605fb211e8485e9537587033b94b9b2412f6c0b1cb3ca7068ae8bba85d530e39c7155cebf9fd600c55c4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 62a4c28a5af961df30f2da7c94bfa269
SHA1 67fbc5a24464059a33228ce8fed7ae42558c42b3
SHA256 55bf4a5d5327014a7afb50d5bdf7f6c368e6b2430759ac4f93a3a5e86f0ce621
SHA512 6545d34eec62bdfaa79898a97e1924038852f02bbe0ef8234ba4f5a2216b984d6a3ac5488a8dc7a8e911133969a0fccdfb86381307547358f3f92f0a75f266b7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

MD5 7ec974d6450b1d66b1603b4d8ab6f311
SHA1 a69718ede5e64505d611081ce519c13bf1874c71
SHA256 c8f35daf396d3857417f59817d58bd0d546a726b6d8a00a8a1c2d158623a721c
SHA512 9a524e266bc6b297d510d791445a6c014684c7d583037e2e40c8ad5e886e49f843662afc3c39cc9c82ae9d165e0a9ef3345dc800eb0655ca70b0769bf207bd2b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 4dd39de7d728d09c446e4ba6586dd248
SHA1 e1bbde268bd328ec57cce0ad9e7ead0e4fcdac23
SHA256 c09f9dc6e9d54a39bd9ec8f7c647c4a051bb28563eccd6f83c059b00e9cd3441
SHA512 2047bc6ba16d601cda493efff3bfb43f512401ccb4c9294e8a3194762b8032208149f88e106099a6af1c6e237483af604ea1ddc1a77d10d5851ec3a809b0de43

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 04e102e5fb6d75cb667192ae89ed5688
SHA1 705f6762bf58c1d0acc106b7b5eceeccb77a0a46
SHA256 9185cd5fc0f98521a577a18a49800ce7cba85dca100843fce8f3e4e93cdd46ee
SHA512 89b41eb50c6a565c5617bddf588f71903999828539cd990758b2f543da5b4b41829e9e409c1e8a1ce873820319494d2f85a7f91daba85194db4e07df92f04632

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 6d41cde5e01df5ed7464cfc228a35a77
SHA1 d4f873c000492ccb023a8d1ebfa20b8706811c4f
SHA256 4a7b84b9299be33b85fe80b10f8bf6d40b82eae48c3cfe7b390901192a5faf7e
SHA512 10971ef4a93ec77240df52e7c4b8d14efa71a008a3ef06804a16435535f71e2d999abe712fd4c37521e8ca6984be86098d62e0a799cce71b3b8798da63467b89

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 5030f46446b30985e2cc87d8bfc1936d
SHA1 cad5766d5c62f87aa588325701de52e0b9b61c49
SHA256 9d0e9455845783ffe3e06ca4b976d2fbf48012f1356c1ce9f73544a350c46f8e
SHA512 71c90fd038a5f25c6d737b041465268a93a695ec765160adeaae36380a582e1ca205d34d8909be85353bb7d17fca64dc189eb8f227f105f76cb8871cde9ad66e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 ac419792f93552a48801e7ba13a53724
SHA1 b650adc3b8edc27faec5588013b0173b621df536
SHA256 1a9d42e2f79ddc168704ee47766a63f669d0016e47578357a375b79dff39b0ec
SHA512 19aebeb3ad4006bc6eb87f56a1d967f17f4fcfdfe54155cae7fb589c1d85d76623170009739a643274de7aed9616fe708fd3d1f6c85175a54b2305d18e49cdfe

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 acb3bae12179608dca5b7e3d2abcb416
SHA1 f187dd71bd17ae2c429fbbb6aeac962beda39103
SHA256 56d73bf4b4808ea2c34f1c5f934226963d3e8165f5821d7af136f171b40a3c2c
SHA512 d4bb883171193766fb64c7cca10e992eb91a5aee1303b3bf9d1a6468e25d40fac261561cc55c0216fe1c8a18a52b0ee3449b98f73fa78a92a77570df7f2ddf3f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 f49d8b1621a927d76b241dd5f5977085
SHA1 02d4281b679a2e990f653cd06987eeee5f5aa385
SHA256 8eae63969de52429c6da42b13aa833898341d0f2c3d659c73f5a563c0ac96ef7
SHA512 79911b8499684948e210bad3bedfe3f738099603bb24b01bbb783b66536a854878d919ff3991d5ca943851dc303e4bf3feed0cf577a8aad35e7637bc191f275c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 489be3fb26b4b25dca7fe0ce8caeb7dd
SHA1 00c276ab80f7f011b60698529527d5a5bcb69937
SHA256 3a46b82172ac057ad402b95fc52810e48ab5be75cab32235b4a98d24d0121f2e
SHA512 0e6c7a843d0ecba3339ef84e129de0396e3ebb701222a3a41e11c157e1903f61f8db6079af8cd28db9168e01ba3fbdca7cf793149f16b7453b0308ca02c8242c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 55a2117d61a12d94f180e3c7e23f3d95
SHA1 123ac8de3acc7ac084aef67c168e46be71fe7959
SHA256 967bd03a92d6ed9231ebfcdde52691a653ff150fd7ae7e1e60a2c9f43feec9ce
SHA512 7348fa713f70e6356152db06368b1e1ae95db61359762417a755e08525494c5adfc45a32cc07c628be957098feaa01cdd09a1930f98240a9444a86611970f541

memory/9416-3296-0x0000000006F50000-0x0000000006FEC000-memory.dmp

memory/9416-3297-0x00000000067D0000-0x00000000067D8000-memory.dmp

memory/9416-3298-0x00000000067E0000-0x00000000067E8000-memory.dmp

memory/9416-3299-0x0000000006D00000-0x0000000006D40000-memory.dmp

memory/9416-3300-0x0000000006C90000-0x0000000006C9A000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 2295af4896b001d39ef2b9a1498b3e96
SHA1 a1177de2b55b8d594d68161d2e67fccee714d589
SHA256 174f9031a6e7ab230d52394d4eb161454268a93992931c4cdc7b76caa3fde0a5
SHA512 5e249ac64ec68c613fdc32d794f5c196f998149a0f3871171f2cf3db3e5dbe7ebd87b8c67f9cfdf015e695e0b1a7acffe1b3a75b3c6de90f1285a8afc964df9c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 71a860d100d68b17e16a087020075fdd
SHA1 8ec1473eb67ead2d6c267939da2979ef36d557cc
SHA256 7b43a00686bb6fab60d995dc7c1b7c54cd531a1de4dabc4440d66a51940c549e
SHA512 1012245c1d9115a77ac77c2509734cf39f5f2045655e038a24e8ec68ab4a4bf2332c6f9729368a5ca1e2bcee7ceb942a212e6f7413ff2776369f05a4af04f660

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 5200f628579f765aed035ff11849f9bf
SHA1 be6ea47764a1a6ca87de8ebf3f0e9a682237d14c
SHA256 69897b8e820f46e49afd48a513c70fa7a7ff316e190564e84ca260e7c998ff3d
SHA512 68958a0d37c41058aebf84d4c2a4f0ff2c3993dde0e2614fb9c20b933ffb2eea6f43eaeda632e30a56d40a1690e1f9fc08986761e58b8834a7e65e4a95cfdb1f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f7f09dfc4e1036c9ddd5723ca1f372ce
SHA1 86ce220d7b01eb051bdd47179a98724ed0787f91
SHA256 64aefee229bb306cf75c2304a31d40ba43af1ac1bd4be359d80f27ac3e074d6e
SHA512 8f160109c960d2928b13db22d3a16cfa40ba1adde5dbd59e95431e7bb3c17c1a93ce45a6b410cc36b066d328593053d3e9eab7115df16fc5b11348a452f585d5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 ea07d479ab4f0efe624e1474794606ee
SHA1 df04af4a90a3b387cd0a15d1596eb0eb2d566103
SHA256 9e1cdbe5cdf38e96df12e83ffbd64d2bf2464492eca1e8494edcfce0ef179f8a
SHA512 dcfa9fbe6feaea331b289a5f876ac99bf43b5bbe2d5dedf9f4512c9bf17f5e61332a0ac223aca312156893b0ea268097ee76a597a0d56095cdb6cb60d270a80a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 4f55bf5d1f8e9e082f1f1da909626243
SHA1 c277c1999fad599f99d75745a99b8271caa1a504
SHA256 eb8a2142c47753e9472fe6aa38b32f244199eb122c839e04305ec5f46e070b85
SHA512 95d2dcbefe94084d44f362c16ccf64b9f8c35c61985853075a198b035e1aaf85ccc830c8d4fa11a1685c75168681cff295ca7ff9e66fed716d3e396f2d2b2e48

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1ee4adbb7fd9c2d4ca575caaf8226459
SHA1 0ddf87032540a76f079af6a15340ea5e0886d940
SHA256 79eb0af03de89bff3e76964c11f82f257e9259c10881383b31d7dc9b475fec6c
SHA512 0712388abebe7760158b400a55f070182f1585a4c3438bf18240e495f8ca4b55fb8c66cfe0abdc383081cb089f0b3788bcf9cbebf28e3bd296acb5ffe9e51c7f

C:\Users\Admin\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-3785588363-1079601362-4184885025-1000\d416685a15ab4beb4fb591f38b87e785_3bca7139-9f07-46b4-92e2-f1060aec92ff

MD5 46219c1fcf707aea671af71ca1192130
SHA1 81b5beffde2d3b1cc026e52d195e44f369960cc9
SHA256 1905919490282158abbfe54762d5e1bc7ab64edb03b4f75ecb541615151642dc
SHA512 ec33d8f8ba87272cb432739824f3abc360d2be969d02d4cf6c4c46f7edfc7198a7d57c077f645c40592d34e966a5e553c159e7d5e4dc891159e001592d7e1ced

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\861c88bb4c938d63_0

MD5 08154f450952a4dbecc643c99bd3f0c1
SHA1 87fc4487fac7a0afaea2edcb13b01a5dfce77ce5
SHA256 238a69cbc4f1d86d4e5822445364481b63b747434cb02d7e08a47e74110a61e2
SHA512 6cda3ffbbee061094952f49d3c1aa3d231ab5b2b3247b2323d9f01a8ee51719c9f21031ef59d5d0aa7e1b3bad9490c227d3683f1ede12f95d5eeb3931f8e2c15

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\55d52c08e7decfa1_0

MD5 f437055fefc83a8dfb715095127c1b23
SHA1 13af4350656234bd0b7dbae199ca5eaa6e57d2ab
SHA256 6e40cb943b98922a4e2b306a46668523c81fe8c8484561f43e1139438e3d3a2c
SHA512 13b97c79048fdc47f7d77ef290b37dded3faaedeae47f3cc09743587514e1255bef8b20fac6c9e061c3f5ff0f2126de27589870ac380bf9191ac3c5865d77335

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\2d4f9693316d56b3_0

MD5 51d355e15a047a97aa31c6eddb949437
SHA1 f95bf51adc624de02672a4292313344858650152
SHA256 3b3e5283963680d7f2a20f7771ab6077c65ed2c6c38261a1cbd07a9c2e262848
SHA512 e43f9bd0dc4d6d1356134f3585b146332af1677276c6ec9a88affa3db43efe3dd97a85b8b1fbee105187f7414b68cfbc04a7acac820b8355be0cdac80e374482

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 dff4aba516160bf88e68c8d2687fc46f
SHA1 90246a7029ae1ff1e717c5f45478c183ff1e4911
SHA256 66fec4831be8c1bbb9cdd9b4d37a23bda98ce278e67ac5b0cdffa288d9c8158b
SHA512 b2a2749ba4e4775ca3c1d50b46f4b51353288160d2bb710c463e06acae94d2832b488d9c52eaa499b859abc22e386f58eb19836efe35301db6cbd29e12968b04

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0f45f47efc42071632cc5b45c3e46db4
SHA1 dd1d4cec7f568299f90ec1f86957fa2986918d0b
SHA256 afd94ddcb27f5f46bd3f58724ba442a090e605040519587f1306e828c3635b06
SHA512 2f2df264fe1d9fb56a31dd8921b8cfad162804374f2f4c9911c2d0e376fe561dfc00c1e6b3fc4c6157c55040249f482ba3eda14824918233e7361267980d3659

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\bacadbafee6fd9f7_0

MD5 577c748cd42e29bc727bb33af6df2d4d
SHA1 b8bb52efe5843040839dfd1b19024cfecfeb6e6b
SHA256 8643ba3bb6a25f2502143dac6f6dd0deaec26944686f056a1a91ecc5ec451f43
SHA512 9755d3b11ab1bb4b5f36aae83fd4c1e2db846b1e12ec8bbeb1b7d0c313927715b3d3840e241132ca3a9f181612dab73e70bb2d74692adfe86a31e7d2d634e4fa

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\5416dc1b594a57f3_0

MD5 96c757414008cc83624fef62bb352b1f
SHA1 f752447dbdd74705c414bc1ad5b5efc07b28e1f8
SHA256 4408afb06218fa34600693af8217253cafc3837ef02503dbfb1e437c4dbddfc4
SHA512 f2dc62fa4aba5ac5c316de9263c1b4a1969ede70c491c7a23296d849efc7f0b335e7387ae3c341fc4b5a81fa34dcf9a1dafa2f145df2e98990f20f15397bd621

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\8a40bf3c3594ea3b_0

MD5 4edeb3b2e880c44408d889bccea6b152
SHA1 474f6799aa6883db7f73350f3ade1121611884eb
SHA256 b786a936e8b4e7bb88ebcf71f30dfaa05fb1f87d0e28ad70e7111204ea86af2e
SHA512 ab1d54d268e88aaae725f8b414d2c8bee529071848c580bc24e45e2514647d5232f81116ea3cfa8872dca367d103ce0f4773001649e830dbd689490ab182d2c4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 3ea6e1c4410bfb2bfaaf4b3fd9a04a82
SHA1 84d0d4e62847f2176092efa8044b645a999ff291
SHA256 82e26d271ab0f9a47e974c045bb65c45d7021838892b412a95917f7ce1d1bc02
SHA512 7a80bddaf9927780d8476ac458e273cbbff7287fb816672926449d9508fb0c7a038c7c43f1880fd36c6d322ace18c5f4da26870b9afbf59f50eaaf39f952a813

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9e98df29b17313c55c05ae5f57868f88
SHA1 3322eef05e991843e59602ca8934fe65d6308afe
SHA256 eb90e1bcec3986461effe61a11a9c99df9c431a4bb6f431d47c4b7924ba040f7
SHA512 2847bb47080fb457c7af47d88d960e6f981acd9fd7131eb9938250b2c8d49b81bfb83b971ed23c162221943ee27c67afcb61d7ddcb16a4b7d4de2fdcd41747b8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 d7c5ec15658cf835fa9f91ac1074b34b
SHA1 c40cdf7f4a60ba572695704abf002199c1f0a4f2
SHA256 9c852dcf12110389b9b69aaa460505a996d73df8e234a27a2712c3de697d228e
SHA512 007d127b0510bde773710e6a6bff6fa0eea6f5f3cf92edd9149fb1c38aef7bb91817537d0ca53385026a175b6abba3ff25e9b29d8d2b798a9f8769272ceab08a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 80501e51a63ae0003f98b9934d0ad062
SHA1 2330a5a4f6797f7675a43c1de204b2ed44133f19
SHA256 0642279b634a282890b9b061f71d4501e2c4b77ae1414d0c027fe12a62d9844f
SHA512 dad7b89124f27174cfbc392f1b65080d3f50f0a38b7ecfdc5a2157c126e43295f637800d8ec9ca4e7135ec3972b1da93738989cbca67e085b6a399d90e61ac1e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 eea9197e30374115de3e6f1a0a6c6ec7
SHA1 4f11a23fc1e51baa920aa273b2aabf761900eba2
SHA256 7d6290564e483239c44d655c859311c74d45cdcfefe3020c66d1d6a70d8018a8
SHA512 adb829b2f79bca4d266d47ba0fdc5d7ffbd2d7b9cb7c9d7c2d17db9ccb96cc7e2abb107070718b573b8e7505431f3b611d4a6af0fbd42af5659bab2178e35bdf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 40c3634caf1d9f403eb7ae357936c555
SHA1 0e7ad8fc43509405fb2b7b27bd3279b3753a90df
SHA256 0c3a503613a49d7f5efa58bc207d94b403f03af1f2270f5703a937205c442e77
SHA512 3d5e91647ecb69e4aee1793d1bbc61a3f3b0baeeba69f0aaa1eb127d3bb395d4178bb2143e11941fecbee4fbd885a6bde06b47b3fa6bb0e94cfeb16e88bbdfdf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 70828bba15f5dc65ca8fc8ed4aa8983f
SHA1 1115433c481ab3f1d4055f4b32c879800fffdd24
SHA256 dab748f0d5bb50a7668f42286afcb95dd632edf9290b5fb6b67df3f723ca9697
SHA512 6910fb8b2598b0bfc4f84da862bfd601e0c1cd6aab793c9961fc95cf3829a2abb7998b7bdfb91ee0aed00087eb87f7655592725e1a561aec553b3487c291ae2e

memory/8652-3522-0x000000001E670000-0x000000001EB56000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 655cf8781d840541ccff149d245c918b
SHA1 947b1afd5f33a427df30c574189c768d7148ae21
SHA256 80966405c86a866afd4056297d07794bf7420509d1b05b98f9060052c59da93a
SHA512 3c80777385efc349d5046bdfceff3c1670dcc1b1f2d72055d4c19ecad4b32bb9c6b496358d13ca340c9fa0a7f7d3886753e586ed47385c04eb6d86d76e79f556

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 ea4c0c98d92545b05576a25feedbf04a
SHA1 0772905ad0b67ff326ef6f45d36077a42fae503b
SHA256 2bf3fcab7327849c229f1fe15503bbd1248b987fb056352a94136bd84f4a1e52
SHA512 cc71d9a931a2870c2124350994ca767f063629179a6e8ccce45a4f34343f09285da5745770068fcaa810117676cbcf892017328d18595e67ebf876a306a48685

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6829eb8541d8a8a118baf940459031c4
SHA1 8047e88934f3bbbb5a7792abfb1dbe360c780b20
SHA256 6156f15e7c583e318461ea07f065ec6cab4b024e2a00b204a85332c11d2810b7
SHA512 e1dff8656db58eb7ac60199d7ab2d669c23a4b2db599f8d6a79cf65f397b297a30bf83d4fd8c62b918b68a668d55993f47373cb7c73b4e880892b7a4dba6eeba

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 dbccef6533daedcabcf887475d190a0d
SHA1 d418defe4fb6e0089a4a01bbca1102d9303d6908
SHA256 e197db7c69bbe98b58305c8fb666bb33f37f74c38a340b394e168701d5efc9c4
SHA512 d8416fe14633cbd211e237f8325e0ab41ae2d9308883e56ddbd285b5196e94b9e759fd209136d230769aae371f9ddc622b514034e4a036fdecd475458a1e74b2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 5246677669a105ab6ad5cddd622427a3
SHA1 210abb75dff291db06ada93e68375971fe9476f0
SHA256 c0d97b6d426cef72ad1da388209d0e2cee2c90ada8cc0b600da4d99288e84184
SHA512 b23d9277f4d274c9732a8fa9f453d4de52b48ce9538f732b0215de7195c7208676eef59acf237f478a9065beaba45a26074a9b33ad959489455531356c0c8ef4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b91ca8ff6f06592ab89982ca99b97bed
SHA1 bc73fa0f8030d9df9a3bf652b601e3d0ee3dab36
SHA256 f8972be0a6300efe43c387fec9828552a352599872dd95f0dd54f704f2d6e029
SHA512 8dd2306ae794a21575b47c0875d868f2d284c0cb5e9ddd3b5cd84ab67c6aee6436d60af80a1fb19d533ae08c58d3440bc4d3fc31d96e1e2cba1ae30fd18f0fac

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 3adffd13440746197bd1a13596091593
SHA1 1d8fe8dfe3869130a38c1148b16de0dbbbac5d8a
SHA256 c5e6e4e839c842ff3a5a4108e783419e172311dd0ea902a8b46c2c4a4c3804d4
SHA512 f6c666b76a856d70e802e01bd13c9c5a5a037469f78aaf52a4f58bb92c9757c2c1afdf6ab7b798836a05af22dad3b5bef363d7e94ac7d747ed78af03ec1ce810

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9f6090247546e2f3a45bde165beabcdf
SHA1 5a1a7cc9eb9fe8b2b172d717f743d0b2434aa718
SHA256 05af191869f475bf4661faef571c5a08dd5b75068067acff5e2117409e934345
SHA512 16d1b4a65d6b5ef46806be7e248b9106ed76b4b9699774459cc7fac118cdc7cac542763de730775b2160ade7513c2c60d07f6858402367391e0e3f94b30abd4f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 45254dfcc2750d41cad559e36449c5bb
SHA1 4931e04c8af869148277809220bb5e681333de22
SHA256 5fd33f29aca605001490306702d81ac31bfb76c3b531f6ea29f4d7780f679427
SHA512 2677864717971b4caaefc59f15610ed0a9c46a0ee0022247272179de9175792841a51ea21223d87e55aa9cd7fcff4580b96e89a85148d756d3fe8bf79d06c03f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 ff9e63690efa08c819522253dcc1fb89
SHA1 9eb30aca2825bf7a4dfdaa8ae5bbd33d12ce8658
SHA256 92e2e10a0cea5161ad00aa7428b8198d2c85ad319ea712712a8aad6e85c6f41d
SHA512 48667d8aa9a69aaf08c2d01c6744e33effa06f4509f2d14fc3d0c06ed820f0f0aa3fb6a6f39d04c16318e885c71529564b0b18f90410a26dd81586e59b90be93

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e93343b695ced4470a8313e5524737fc
SHA1 a66a628af22276bde983fbbab328c80257568ca7
SHA256 509b9cd2a648b995ea670221a1ad78ac8f77314acc02816a94afe3d42cb0697d
SHA512 0d503b342954637c9ea68db665f673618976a2fb7f5db42424533d0c9110f087ba12af4c565860b38d1ea75f918d7cbd2f10236b478922caee4b4804b8b40dbd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 64c2a12cce03f828412fd2905c4cee68
SHA1 7228e63206d611908818ea15cec71c0cbeea6085
SHA256 f5211c5f6d5bc76bfe8398160c5164361966b0d48a1648330080aa95eba0fcec
SHA512 6e2ae6588c16b1508a16c5a04e35e4a9c7ae26a6e850a3c92d738441076bb6de88911d052027c35b72e52653702ed9bc43c55cc5eef2469b2765e0086acb2a09