Malware Analysis Report

2024-11-16 15:44

Sample ID 241103-x6kr8asbqe
Target FILM.txt
SHA256 a91e53039564f970b242ca0db743e48cc8f8572425744930d7aeb9bdcf9550a2
Tags
discovery
score
4/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
4/10

SHA256

a91e53039564f970b242ca0db743e48cc8f8572425744930d7aeb9bdcf9550a2

Threat Level: Likely benign

The file FILM.txt was found to be: Likely benign.

Malicious Activity Summary

discovery

Drops file in Windows directory

Browser Information Discovery

Enumerates physical storage devices

Modifies registry class

Suspicious use of SendNotifyMessage

Suspicious use of WriteProcessMemory

Modifies data under HKEY_USERS

Enumerates system info in registry

Opens file in notepad (likely ransom note)

Suspicious behavior: EnumeratesProcesses

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of AdjustPrivilegeToken

Suspicious use of FindShellTrayWindow

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-11-03 19:27

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-11-03 19:27

Reported

2024-11-03 19:32

Platform

win11-20241007-en

Max time kernel

131s

Max time network

219s

Command Line

cmd /c C:\Users\Admin\AppData\Local\Temp\FILM.txt

Signatures

Drops file in Windows directory

Description Indicator Process Target
File opened for modification C:\Windows\SystemTemp C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Browser Information Discovery

discovery

Enumerates physical storage devices

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133751357214611435" C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000_Classes\Local Settings C:\Windows\system32\cmd.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Internet Settings\Cache\Content\CachePrefix C:\Windows\system32\BackgroundTransferHost.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Internet Settings\Cache\Cookies\CachePrefix = "Cookie:" C:\Windows\system32\BackgroundTransferHost.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2584844841-1405471295-1760131749-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Internet Settings\Cache\History\CachePrefix = "Visited:" C:\Windows\system32\BackgroundTransferHost.exe N/A

Opens file in notepad (likely ransom note)

ransomware
Description Indicator Process Target
N/A N/A C:\Windows\system32\NOTEPAD.EXE N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 4140 wrote to memory of 4956 N/A C:\Windows\system32\cmd.exe C:\Windows\system32\NOTEPAD.EXE
PID 4140 wrote to memory of 4956 N/A C:\Windows\system32\cmd.exe C:\Windows\system32\NOTEPAD.EXE
PID 2404 wrote to memory of 1636 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2404 wrote to memory of 1636 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2404 wrote to memory of 1124 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2404 wrote to memory of 1124 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2404 wrote to memory of 1124 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2404 wrote to memory of 1124 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2404 wrote to memory of 1124 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2404 wrote to memory of 1124 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2404 wrote to memory of 1124 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2404 wrote to memory of 1124 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2404 wrote to memory of 1124 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2404 wrote to memory of 1124 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2404 wrote to memory of 1124 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2404 wrote to memory of 1124 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2404 wrote to memory of 1124 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2404 wrote to memory of 1124 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2404 wrote to memory of 1124 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2404 wrote to memory of 1124 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2404 wrote to memory of 1124 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2404 wrote to memory of 1124 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2404 wrote to memory of 1124 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2404 wrote to memory of 1124 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2404 wrote to memory of 1124 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2404 wrote to memory of 1124 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2404 wrote to memory of 1124 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2404 wrote to memory of 1124 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2404 wrote to memory of 1124 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2404 wrote to memory of 1124 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2404 wrote to memory of 1124 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2404 wrote to memory of 1124 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2404 wrote to memory of 1124 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2404 wrote to memory of 1124 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2404 wrote to memory of 4796 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2404 wrote to memory of 4796 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2404 wrote to memory of 4272 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2404 wrote to memory of 4272 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2404 wrote to memory of 4272 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2404 wrote to memory of 4272 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2404 wrote to memory of 4272 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2404 wrote to memory of 4272 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2404 wrote to memory of 4272 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2404 wrote to memory of 4272 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2404 wrote to memory of 4272 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2404 wrote to memory of 4272 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2404 wrote to memory of 4272 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2404 wrote to memory of 4272 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2404 wrote to memory of 4272 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2404 wrote to memory of 4272 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2404 wrote to memory of 4272 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2404 wrote to memory of 4272 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2404 wrote to memory of 4272 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2404 wrote to memory of 4272 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2404 wrote to memory of 4272 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2404 wrote to memory of 4272 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2404 wrote to memory of 4272 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2404 wrote to memory of 4272 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2404 wrote to memory of 4272 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2404 wrote to memory of 4272 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2404 wrote to memory of 4272 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2404 wrote to memory of 4272 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2404 wrote to memory of 4272 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2404 wrote to memory of 4272 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Windows\system32\cmd.exe

cmd /c C:\Users\Admin\AppData\Local\Temp\FILM.txt

C:\Windows\system32\NOTEPAD.EXE

"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\AppData\Local\Temp\FILM.txt

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffedf3ccc40,0x7ffedf3ccc4c,0x7ffedf3ccc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1808,i,17760122948972229114,4720565373693194833,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1800 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1812,i,17760122948972229114,4720565373693194833,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1952 /prefetch:3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2180,i,17760122948972229114,4720565373693194833,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2100 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3068,i,17760122948972229114,4720565373693194833,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3112 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3120,i,17760122948972229114,4720565373693194833,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3356 /prefetch:1

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4388,i,17760122948972229114,4720565373693194833,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4368 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4548,i,17760122948972229114,4720565373693194833,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4540 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4672,i,17760122948972229114,4720565373693194833,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4664 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4700,i,17760122948972229114,4720565373693194833,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4756 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4940,i,17760122948972229114,4720565373693194833,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4948 /prefetch:8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=4664,i,17760122948972229114,4720565373693194833,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4636 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=4644,i,17760122948972229114,4720565373693194833,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4920 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4408,i,17760122948972229114,4720565373693194833,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3172 /prefetch:8

C:\Windows\system32\BackgroundTransferHost.exe

"BackgroundTransferHost.exe" -ServerName:BackgroundTransferHost.13

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=5260,i,17760122948972229114,4720565373693194833,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5296 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=5392,i,17760122948972229114,4720565373693194833,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5400 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5540,i,17760122948972229114,4720565373693194833,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3544 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5528,i,17760122948972229114,4720565373693194833,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5044 /prefetch:8

Network

Country Destination Domain Proto
GB 142.250.180.4:443 www.google.com udp
GB 142.250.180.4:443 www.google.com tcp
US 8.8.8.8:53 234.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 4.180.250.142.in-addr.arpa udp
GB 172.217.16.234:443 ogads-pa.googleapis.com udp
GB 216.58.201.110:443 apis.google.com udp
GB 172.217.16.234:443 ogads-pa.googleapis.com tcp
GB 172.217.16.238:443 play.google.com udp
GB 172.217.16.238:443 play.google.com tcp
GB 142.250.178.14:443 chrome.google.com udp
GB 142.250.178.14:443 chrome.google.com tcp
N/A 224.0.0.251:5353 udp
GB 172.217.169.78:443 ogs.google.com tcp
GB 172.217.16.227:443 ssl.gstatic.com tcp
GB 172.217.16.238:443 play.google.com udp
US 172.67.193.50:443 dovip.win tcp
US 172.67.193.50:443 dovip.win tcp
US 172.67.193.50:443 dovip.win udp
GB 142.250.180.4:443 www.google.com tcp
US 172.67.142.245:443 use.fontawesome.com tcp
US 172.67.142.245:443 use.fontawesome.com udp
US 172.67.142.245:443 use.fontawesome.com tcp
GB 104.86.110.129:443 tcp
US 20.189.173.23:443 browser.pipe.aria.microsoft.com tcp
GB 2.18.27.76:443 r.bing.com tcp
GB 2.18.27.76:443 r.bing.com tcp
GB 2.18.27.76:443 r.bing.com tcp
GB 2.18.27.76:443 r.bing.com tcp
GB 2.18.27.76:443 r.bing.com tcp
GB 2.18.27.76:443 r.bing.com tcp
GB 172.217.169.3:443 beacons.gcp.gvt2.com tcp
ES 34.175.83.78:443 e2c71.gcp.gvt2.com tcp
GB 2.18.27.82:443 r.bing.com tcp
GB 142.250.180.4:443 www.google.com udp
GB 216.58.213.3:443 beacons.gcp.gvt2.com udp
GB 172.217.16.234:443 ogads-pa.googleapis.com udp
GB 172.217.16.238:443 play.google.com udp
GB 142.250.178.14:443 chrome.google.com tcp

Files

\??\pipe\crashpad_2404_PWBLPXZFDSVYVKWA

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

MD5 8dcc53ac36e41c73c15fdee0aac83c23
SHA1 9f648887541d38a46bd1c61c4ee2db29e8d6a6ff
SHA256 ddd70e3c62d0e4f53e711cfff59657e5ea0b53e275426e0e04cb5354c95824cb
SHA512 111f87516ca3ff9315ec2051f6201b04399171f974d1bc180892e1f29dd6f0217c54a8855022859452f71e9d12a707b81331ae8ee61edd008b10bb31c4424523

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1652bb6257480dc7c853e9d98063cc94
SHA1 631ec8ffd3de8eab77ee43abce1679ceb570fe12
SHA256 81a3f445d6ec523e8f9ed88afde98853c15a8331ecc67a3d195d56425cfc0d38
SHA512 3482f21c15183c10dedd84a9da0a4d5be02b94a9cd6fce1551397c38c82f3079ca72dd10639c6f4565d37b98df5c4a7b9e6690d45fbccea8058b33911a8d67ef

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 7dbaf3141b273ab21450c14ce98b0e6e
SHA1 0fdffc6a24d33d4cc909b4753eb3a8d3108380a0
SHA256 e7139ab43b1936d160206cae31c249cfaf39fba53094e322df744ed7e9a04da1
SHA512 4cc5ac78a42f8d2d14982f5275dcc0299d1c9773112acd238f3d218ef49231b1305989901788cadca06f89d01602d3e3545c7db540d5628d362bbcd64ff1ba97

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 8fff4297d6a9ae0183108e47ebd3953b
SHA1 e880e1f4c5d187e153377233f5f98d3c3b45ae0b
SHA256 3a57a5ee50fdc4f830519cddbcae77325e5c30d76a22d9e74023a974e0a79b10
SHA512 1a0a755d1bc670acacd4e7bd11313f92404c0b2cf7352d980be3fbfbc083790f8e9f6a96b5577079735fce183256657341608a2cac5c600f45be445d326c1a02

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\4af1b5b6-523e-4a33-b2d7-8a3f693b2cfd.tmp

MD5 2c08f8878c8f235ed1c81d493c903a7e
SHA1 4df8bb705b1db7cfaf7b0b2b30a561a17dfa3f03
SHA256 0c39a7afffb398514f140c36c6f007f97171f666e4fdf124223ea636e734e0ec
SHA512 bed4cdf5c5843e7de3990ac7faf8a4f351eb907491400b43dd241167a6d201f259ef14d630d3d4b8a8b75c7aa9c917694246188dc9898aabec31469898a82e3d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 f6e7c5aacfde3d803e7e0d7f801c0686
SHA1 053b79c16456d01eb571f92a8798a5e45b8b526a
SHA256 b0454fc38a20bfe0fb389196fc69fb160e7e1e60c47ff77aab93c003addf5dc0
SHA512 47ae09820994d9a73858a9208be4e7afa61dc9957c9bcf4b702a79f1d53e92211f29683284df1067007e75bab82cb757b7fdb30fe3cdfb9f6a4a9b0293556992

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c8828c32b34c6c86274b1595927b675e
SHA1 95ae4565710dadf4564ba3e383754bae2691b1ee
SHA256 933eec167797887f26ec2d151a2d72f35b5ba7bfac11f310e5c79ff89398c39a
SHA512 232235cdfa6ac9921f88b68b6b6abe6af01784a73a2fc2d6e6bd133c913e6ce059d1b6b444cad075bea8f56ab28b4dd2617681f94bf0fa58c769f11dce888302

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 025517bea9e2d6f6a257de9809de9ecc
SHA1 344643fb443a573bad25afe313340e4eb2a5305d
SHA256 7c49d01af17dee40563aef50ed2065fc866caaac722e46e02ec6d8e699077243
SHA512 bea49f4beb74e4ec8cef97af214c72e99e693a9f5ebebaefcb863475ba5c20d218fdb941763be2ef8b7a39b229df3318f4d6810f8eb69298aacd0db1935bfb26

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b79a5f8efc921904398d3121eb33d805
SHA1 6336414f8eb78f05cb9fcaba3183d0f067680deb
SHA256 559f8f6c3844e34719eea4e5d25d414515a1d3fe56693610f36c6e57237f7a9a
SHA512 8d15e45643cd398780c41ef79300678d8071fadee6be19de0ec21cf6b4910187d3c5bdf683581947942d48c2a2f3231af96353c3dd8b8fe346ee2f8929499ecd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 cfa709a132e86c9ce8f9c324975df1fa
SHA1 37e0b6fca7ff28128f46d702c4ff24b9ec031102
SHA256 890008f922d060aa68f10976378b4876b049d83f918c02eeb39dd5422beaaa02
SHA512 886f49467c1052948af0afff8512a0485a753e92bbc170869d0f4ac37f23905ec324aba6b4c16fc6eded0b6a43176baec1ad74075039648dac10bbaf6da67a1a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6f74a56bd82936fae0c184052265f331
SHA1 14c062935852a492fc903f57a4f65e781696878d
SHA256 c24c4b66bc0623758d8702769aa424864a8d0bfebf24bd18b5a07ab247004ad7
SHA512 c6c732b663fb65f8b4b226d68c790af44fa24873d9ac701b5350fee0a0ef5e6d40f9401bcddd422e8f1de6086f0ef4dab46e12c5b8a7232b8d601eaa44430b04

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\46e2ab0e-9012-476b-965d-f9d1986a3f0a.tmp

MD5 54d7e8e7470441be776699c9d5924031
SHA1 d9544c95bc40a4e119402ac45a1d75bbe07fb25c
SHA256 8e6237bf24c6d7c60491162468c0d8cea6d9aff862b7d612710a8aec42995163
SHA512 4800e0bdb114266ca355ba79efa9a1a09c7f808ef90b16ae5932a4ad8b211222429be79be1adafa610bbd9313bc128681d552035f20834f862f3e4249394a414

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 845562d70b9c44d87374a2f31f25d103
SHA1 3d0a8c14f6022000d965b33fa8bc10b743af02c7
SHA256 e3c6bdd8a59cbfbb9838f80a5747e010f031c3547cecb4e653ca2bd04389e2ec
SHA512 382fa4b88fe9f9f8bc2a420576e758f8c5fef75fb672329437a29d5ea27ce047b79067f198c3cccf87465878402f949a28a3539c7b3a2076f275a489a563e92e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 321b06ac80f18d032f02669743ccdbc7
SHA1 569e74f467a063224d669f016253d4a3cc7cf733
SHA256 139ebb86be493ccacb1700f9843dc3f1b8ef0896a1f5681d939b094598f982fc
SHA512 625178fba6c26fd5e65e2580911b51d57ae4b555795856eccb55963379631a411f1f6958c8fb808de69081609c2a76a44e51053dfad1a4e544c5e1f663ba7dae

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1d2396e396e36448c8f98cc2a5dbe60c
SHA1 be926414249b33dfc46dfd9bb9b28c9fbc9f9136
SHA256 a324150f5863faf31b5702bcbd861a8ca8dfd1847461213518e5f28e10c9eb27
SHA512 418f4613109449611130b200cb7591999d2d838e7653b2c1b79a0f5f21054851c811a6cdf014a7040e821e725f64f934821b00fbe1a315adb6b54b7c84e65ead

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b0b086142413f5697dfa1c234b2e4073
SHA1 2d08961769e8097b82124e6b9de0718f3305b11b
SHA256 a3c02a321faf0c405c9c6428cc78a3eaaf62a4a91d02bbff51cb7189ce6a0c9f
SHA512 c846721812a4e0eb95f138d46ee7926227a4918c449037df75e7655f34a5defc711fe94305b6dd0a258fca2947df9252c743bba849765040db7502478790389b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d32dbca937de2f48cf7e756d4dae9c95
SHA1 1242d2b7bb1ed9c5ff17b850ce01ac2b5210b9fc
SHA256 57dccb883aef0421d8b9c6e7b05addfc2f5e111529e059f3a865c5789c240263
SHA512 57302ce2919e446e56511f508761c54f289d349583d51e19366950b8b85517cb98b80fb9afd41d8843efc0034441880143d7a08db9e358fb787d91413420f36c

C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\AC\BackgroundTransferApi\db304a09-e83e-4502-a39f-4946d580fe5f.down_data

MD5 5683c0028832cae4ef93ca39c8ac5029
SHA1 248755e4e1db552e0b6f8651b04ca6d1b31a86fb
SHA256 855abd360d8a8d6974eba92b70cbd09ce519bc8773439993f9ab37cb6847309e
SHA512 aba434bd29be191c823b02ea9b639beb10647bbe7759bbffdaa790dfb1ec2c58d74c525ef11aacda209e4effe322d1d3a07b115446c8914b07a3bce4d8a0e2c3

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx

MD5 b5ad5caaaee00cb8cf445427975ae66c
SHA1 dcde6527290a326e048f9c3a85280d3fa71e1e22
SHA256 b6409b9d55ce242ff022f7a2d86ae8eff873daabf3a0506031712b8baa6197b8
SHA512 92f7fbbcbbea769b1af6dd7e75577be3eb8bb4a4a6f8a9288d6da4014e1ea309ee649a7b089be09ba27866e175ab6f6a912413256d7e13eaf60f6f30e492ce7f

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock

MD5 f49655f856acb8884cc0ace29216f511
SHA1 cb0f1f87ec0455ec349aaa950c600475ac7b7b6b
SHA256 7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba
SHA512 599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val

MD5 d222b77a61527f2c177b0869e7babc24
SHA1 3f23acb984307a4aeba41ebbb70439c97ad1f268
SHA256 80dc3ffa698e4ff2e916f97983b5eae79470203e91cb684c5ccd4ff1a465d747
SHA512 d17d836ea77aeaff4cd01f9c7523345167a4a6bc62528aac74acde12679f48079d75d159e9cea2e614da50e83c2dcd92c374c899ea6c4fe8e5513d9bf06c01ff

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0a0ab4c7117fe5eed3d035c315442073
SHA1 cae136dcffbd4920a326644533e0f868c435f25e
SHA256 aa4ba614251d6a8cc20e245722391b3dc0d7e2c2ae0677a3baec2bdaf90db57d
SHA512 6a6d05120ca3ba589c32ddab53b2f4860925fd94a8b6628a5b0e8dd5c07deb78d7ba5a16e540f3a8a264d21c9c4a8caa69c7b7f78322b71c55daede6f292ff3f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 8ac47f281026147dcbf5512b5f0372bf
SHA1 10f12e13fabb83d2d23c00ccd2b2a7cf68b385bf
SHA256 538896fad0b9d54e486ea503dd5b0ed627fc00ee7f92d587dcc3082c5131759b
SHA512 1c12beb0e917c7c623c8919a765766da5afd0b443451b4d6d4f7176aa382337c10b5849f09b1b470ad60af6ae7f53c04d7635eabd33cba19b3e6cc9f237dc704

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ae22b91350c582768fd78ba28ded257e
SHA1 026464bbee31ad4ce32849c799818e7a3c39c39a
SHA256 1d39303e9bd69a8fd7807a69e7dea679d8f0e613d2bbcc34d7a5e9c8a80bfefc
SHA512 24c60da38d97d70c7872a31f97bcb816dfbc5deb9014dde63f0b675403e69880b8f0d3365ba808f3b3cdc84ac781c4095fc34e4b40d301e792391c55db7cadc1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7104e1b0395edc21b38bab357dca3e7e
SHA1 83cc1d778a072a283d1b110c586097478ee7f043
SHA256 18799188bc6226efab5321b6ea4b804b47790ac05a1a4cffaecf5d4162d96a73
SHA512 624ee00b709539d5e2e62d1c5844a878daf32baaa46c6a7d88f1998f7042da9b497bc661d56f47ce720f861c9c8a24398b9b0b2af85ffad94705ac036f01d0a1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9b77b62cc6110c63323ae9d95e744514
SHA1 878432e0da7a78d3b28952a480a3821a628b46c9
SHA256 219e61a8eb4281377c7dfe417820dc06aaee5ab5b27d83c014f11ed46b9ac449
SHA512 867bfb0675af0363763fe53bed06c88bc111a5dc23b0cc47cb7bea43e4fc6c8b7be1e03820f7fe88abf8c2ee5ae07970cc13eaba4f1b96f10bbc616641ecd67e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d45b88b5f1a87625ce39d97c8ffd32b8
SHA1 476a61f9f1cfe7b63d29d4c31e5d9355e35a3619
SHA256 54f20b815ec8d6bbe2295bc4d75bea57431f6e2833e428b522914956a3187ba3
SHA512 ae399b2a691526c58c00d8964f0bd28129c0a15382b643d1aa7afc16430194230a66a574dbb9a514bfcf4ee7a73f26df3d6874558a0f12552cc2759b0752b7b8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 6a3419f403e0a885103e15646e7b73bc
SHA1 df512f97c745df2aba62a674cc7f4feed7113259
SHA256 52ad4d9c560c6f7940fb21693e56a97bd716d146d889f5af1eab258cbb4553f5
SHA512 402988da4f5e1629db36f8036a11c0e3c90aa5466dd3155488b11f3e0c76e47dc9b0e6fe6c76ac10549491cb03ea2cb149223c1ef5a86c2e14caf30d95e06f9d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 819e17bbc2c082fecc272d7ebe3dec18
SHA1 40075099ce529e2a9887675f3b545897c8369cfe
SHA256 bdb26b018825d2bdbd39b23373e36f48655246854f30124a198f137421bc4ec1
SHA512 4c2cfe529087609a55f0182f885a5558fcd4faaefdf98d7e2cbfdaa15c22c267231c04397aa761f7ab369b1e6504e1b7afc1513d53e2b3d6bd4c38291e5c5cc1