Malware Analysis Report

2025-06-16 00:47

Sample ID 241107-1x9a1azalh
Target keloke bro.mp3
SHA256 0289147d5add9bb717d42435b044f2623090d4cf9853cdc1215110cb57db0f83
Tags
discovery execution pyinstaller
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

SHA256

0289147d5add9bb717d42435b044f2623090d4cf9853cdc1215110cb57db0f83

Threat Level: Likely malicious

The file keloke bro.mp3 was found to be: Likely malicious.

Malicious Activity Summary

discovery execution pyinstaller

Downloads MZ/PE file

Checks computer location settings

Executes dropped EXE

Modifies file permissions

Loads dropped DLL

Enumerates connected drives

Legitimate hosting services abused for malware hosting/C2

Checks installed software on the system

Network Share Discovery

Drops file in System32 directory

Drops file in Windows directory

Enumerates physical storage devices

System Location Discovery: System Language Discovery

Command and Scripting Interpreter: PowerShell

Detects Pyinstaller

Browser Information Discovery

Program crash

Suspicious use of AdjustPrivilegeToken

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Modifies system certificate store

Enumerates system info in registry

Suspicious use of FindShellTrayWindow

Suspicious use of WriteProcessMemory

Suspicious behavior: EnumeratesProcesses

Modifies registry class

Checks processor information in registry

Suspicious behavior: AddClipboardFormatListener

Suspicious use of SendNotifyMessage

Suspicious use of SetWindowsHookEx

Modifies data under HKEY_USERS

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-11-07 22:02

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-11-07 22:02

Reported

2024-11-07 22:23

Platform

win10v2004-20241007-es

Max time kernel

1200s

Max time network

1203s

Command Line

"C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:6 /Open "C:\Users\Admin\AppData\Local\Temp\keloke bro.mp3"

Signatures

Downloads MZ/PE file

Checks computer location settings

Description Indicator Process Target
Key value queried \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000\Control Panel\International\Geo\Nation C:\Users\Admin\Downloads\AnyDesk.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Temp\is-GKUF9.tmp\VSCodeUserSetup-x64-1.95.1.tmp N/A
Key value queried \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000\Control Panel\International\Geo\Nation C:\Users\Admin\Downloads\AnyDesk.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A

Executes dropped EXE

Description Indicator Process Target
N/A N/A C:\Users\Admin\Downloads\AnyTools.exe N/A
N/A N/A C:\Users\Admin\Downloads\AnyTools.exe N/A
N/A N/A C:\Users\Admin\Downloads\AnyTools.exe N/A
N/A N/A C:\Users\Admin\Downloads\AnyTools.exe N/A
N/A N/A C:\Users\Admin\Downloads\AnyTools.exe N/A
N/A N/A C:\Users\Admin\Downloads\AnyTools.exe N/A
N/A N/A C:\Users\Admin\Downloads\AnyTools.exe N/A
N/A N/A C:\Users\Admin\Downloads\AnyTools.exe N/A
N/A N/A C:\Users\Admin\Downloads\AnyTools.exe N/A
N/A N/A C:\Users\Admin\Downloads\AnyTools.exe N/A
N/A N/A C:\Users\Admin\Downloads\VSCodeUserSetup-x64-1.95.1.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-GKUF9.tmp\VSCodeUserSetup-x64-1.95.1.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A
N/A N/A C:\Users\Admin\Downloads\AnyTools.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A
N/A N/A \??\c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\bin\code-tunnel.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A
N/A N/A C:\Users\Admin\Downloads\AnyTools (1).exe N/A
N/A N/A C:\Users\Admin\Downloads\AnyTools (1).exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A
N/A N/A C:\Users\Admin\Downloads\resolver.exe N/A
N/A N/A C:\Users\Admin\Downloads\resolver.exe N/A
N/A N/A C:\Users\Admin\Downloads\AnyDesk.exe N/A
N/A N/A C:\Users\Admin\Downloads\AnyDesk.exe N/A
N/A N/A C:\Users\Admin\Downloads\AnyDesk.exe N/A
N/A N/A C:\Users\Admin\Downloads\AnyDesk.exe N/A
N/A N/A C:\Users\Admin\Downloads\resolver.exe N/A
N/A N/A C:\Users\Admin\Downloads\resolver.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A
N/A N/A \??\c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\@vscode\vsce-sign\bin\vsce-sign.exe N/A
N/A N/A \??\c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\@vscode\vsce-sign\bin\vsce-sign.exe N/A
N/A N/A \??\c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\@vscode\vsce-sign\bin\vsce-sign.exe N/A
N/A N/A C:\Users\Admin\Downloads\AnyTools.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A

Loads dropped DLL

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A
N/A N/A C:\Users\Admin\Downloads\resolver.exe N/A
N/A N/A C:\Users\Admin\Downloads\resolver.exe N/A
N/A N/A C:\Users\Admin\Downloads\resolver.exe N/A
N/A N/A C:\Users\Admin\Downloads\resolver.exe N/A
N/A N/A C:\Users\Admin\Downloads\resolver.exe N/A
N/A N/A C:\Users\Admin\Downloads\resolver.exe N/A
N/A N/A C:\Users\Admin\Downloads\resolver.exe N/A
N/A N/A C:\Users\Admin\Downloads\resolver.exe N/A
N/A N/A C:\Users\Admin\Downloads\resolver.exe N/A
N/A N/A C:\Users\Admin\Downloads\AnyDesk.exe N/A
N/A N/A C:\Users\Admin\Downloads\AnyDesk.exe N/A
N/A N/A C:\Users\Admin\Downloads\resolver.exe N/A
N/A N/A C:\Users\Admin\Downloads\resolver.exe N/A
N/A N/A C:\Users\Admin\Downloads\resolver.exe N/A
N/A N/A C:\Users\Admin\Downloads\resolver.exe N/A
N/A N/A C:\Users\Admin\Downloads\resolver.exe N/A
N/A N/A C:\Users\Admin\Downloads\resolver.exe N/A
N/A N/A C:\Users\Admin\Downloads\resolver.exe N/A
N/A N/A C:\Users\Admin\Downloads\resolver.exe N/A
N/A N/A C:\Users\Admin\Downloads\resolver.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A

Modifies file permissions

discovery
Description Indicator Process Target
N/A N/A C:\Windows\system32\icacls.exe N/A

Checks installed software on the system

discovery

Enumerates connected drives

Description Indicator Process Target
File opened (read-only) \??\J: C:\Windows\system32\unregmp2.exe N/A
File opened (read-only) \??\Q: C:\Windows\system32\unregmp2.exe N/A
File opened (read-only) \??\T: C:\Windows\system32\unregmp2.exe N/A
File opened (read-only) \??\X: C:\Windows\system32\unregmp2.exe N/A
File opened (read-only) \??\P: C:\Program Files (x86)\Windows Media Player\wmplayer.exe N/A
File opened (read-only) \??\X: C:\Program Files (x86)\Windows Media Player\wmplayer.exe N/A
File opened (read-only) \??\M: C:\Windows\system32\unregmp2.exe N/A
File opened (read-only) \??\V: C:\Windows\system32\unregmp2.exe N/A
File opened (read-only) \??\N: C:\Program Files (x86)\Windows Media Player\wmplayer.exe N/A
File opened (read-only) \??\V: C:\Program Files (x86)\Windows Media Player\wmplayer.exe N/A
File opened (read-only) \??\S: C:\Program Files (x86)\Windows Media Player\wmplayer.exe N/A
File opened (read-only) \??\B: C:\Windows\system32\unregmp2.exe N/A
File opened (read-only) \??\U: C:\Windows\system32\unregmp2.exe N/A
File opened (read-only) \??\Y: C:\Windows\system32\unregmp2.exe N/A
File opened (read-only) \??\A: C:\Program Files (x86)\Windows Media Player\wmplayer.exe N/A
File opened (read-only) \??\I: C:\Program Files (x86)\Windows Media Player\wmplayer.exe N/A
File opened (read-only) \??\O: C:\Program Files (x86)\Windows Media Player\wmplayer.exe N/A
File opened (read-only) \??\R: C:\Program Files (x86)\Windows Media Player\wmplayer.exe N/A
File opened (read-only) \??\U: C:\Program Files (x86)\Windows Media Player\wmplayer.exe N/A
File opened (read-only) \??\Z: C:\Program Files (x86)\Windows Media Player\wmplayer.exe N/A
File opened (read-only) \??\H: C:\Windows\system32\unregmp2.exe N/A
File opened (read-only) \??\L: C:\Windows\system32\unregmp2.exe N/A
File opened (read-only) \??\H: C:\Program Files (x86)\Windows Media Player\wmplayer.exe N/A
File opened (read-only) \??\M: C:\Program Files (x86)\Windows Media Player\wmplayer.exe N/A
File opened (read-only) \??\K: C:\Windows\system32\unregmp2.exe N/A
File opened (read-only) \??\N: C:\Windows\system32\unregmp2.exe N/A
File opened (read-only) \??\G: C:\Program Files (x86)\Windows Media Player\wmplayer.exe N/A
File opened (read-only) \??\A: C:\Windows\system32\unregmp2.exe N/A
File opened (read-only) \??\E: C:\Windows\system32\unregmp2.exe N/A
File opened (read-only) \??\S: C:\Windows\system32\unregmp2.exe N/A
File opened (read-only) \??\W: C:\Windows\system32\unregmp2.exe N/A
File opened (read-only) \??\Q: C:\Program Files (x86)\Windows Media Player\wmplayer.exe N/A
File opened (read-only) \??\T: C:\Program Files (x86)\Windows Media Player\wmplayer.exe N/A
File opened (read-only) \??\G: C:\Windows\system32\unregmp2.exe N/A
File opened (read-only) \??\I: C:\Windows\system32\unregmp2.exe N/A
File opened (read-only) \??\P: C:\Windows\system32\unregmp2.exe N/A
File opened (read-only) \??\R: C:\Windows\system32\unregmp2.exe N/A
File opened (read-only) \??\B: C:\Program Files (x86)\Windows Media Player\wmplayer.exe N/A
File opened (read-only) \??\J: C:\Program Files (x86)\Windows Media Player\wmplayer.exe N/A
File opened (read-only) \??\L: C:\Program Files (x86)\Windows Media Player\wmplayer.exe N/A
File opened (read-only) \??\O: C:\Windows\system32\unregmp2.exe N/A
File opened (read-only) \??\Z: C:\Windows\system32\unregmp2.exe N/A
File opened (read-only) \??\E: C:\Program Files (x86)\Windows Media Player\wmplayer.exe N/A
File opened (read-only) \??\K: C:\Program Files (x86)\Windows Media Player\wmplayer.exe N/A
File opened (read-only) \??\W: C:\Program Files (x86)\Windows Media Player\wmplayer.exe N/A
File opened (read-only) \??\Y: C:\Program Files (x86)\Windows Media Player\wmplayer.exe N/A

Legitimate hosting services abused for malware hosting/C2

Description Indicator Process Target
N/A raw.githubusercontent.com N/A N/A
N/A raw.githubusercontent.com N/A N/A
N/A raw.githubusercontent.com N/A N/A
N/A raw.githubusercontent.com N/A N/A
N/A raw.githubusercontent.com N/A N/A
N/A raw.githubusercontent.com N/A N/A
N/A raw.githubusercontent.com N/A N/A
N/A raw.githubusercontent.com N/A N/A

Network Share Discovery

discovery

Drops file in System32 directory

Description Indicator Process Target
File opened for modification C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Explorer\iconcache_256.db C:\Users\Admin\Downloads\AnyDesk.exe N/A
File opened for modification C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Explorer\iconcache_1280.db C:\Users\Admin\Downloads\AnyDesk.exe N/A
File opened for modification C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Explorer\iconcache_wide.db C:\Users\Admin\Downloads\AnyDesk.exe N/A
File opened for modification C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Explorer\iconcache_exif.db C:\Users\Admin\Downloads\AnyDesk.exe N/A
File opened for modification C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Explorer\iconcache_custom_stream.db C:\Users\Admin\Downloads\AnyDesk.exe N/A
File opened for modification C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Explorer\iconcache_2560.db C:\Users\Admin\Downloads\AnyDesk.exe N/A
File opened for modification C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Explorer\iconcache_wide_alternate.db C:\Users\Admin\Downloads\AnyDesk.exe N/A
File opened for modification C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Explorer\iconcache_idx.db C:\Users\Admin\Downloads\AnyDesk.exe N/A
File opened for modification C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Explorer\iconcache_32.db C:\Users\Admin\Downloads\AnyDesk.exe N/A
File opened for modification C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Explorer\iconcache_48.db C:\Users\Admin\Downloads\AnyDesk.exe N/A
File opened for modification C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Explorer\iconcache_768.db C:\Users\Admin\Downloads\AnyDesk.exe N/A
File opened for modification C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Explorer\iconcache_1920.db C:\Users\Admin\Downloads\AnyDesk.exe N/A
File opened for modification C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Explorer\iconcache_16.db C:\Users\Admin\Downloads\AnyDesk.exe N/A
File opened for modification C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Explorer\iconcache_sr.db C:\Users\Admin\Downloads\AnyDesk.exe N/A
File opened for modification C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Explorer\iconcache_96.db C:\Users\Admin\Downloads\AnyDesk.exe N/A

Drops file in Windows directory

Description Indicator Process Target
File opened for modification C:\Windows\INF\display.PNF C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\UPnP Device Host\upnphost\udhisapi.dll C:\Windows\system32\svchost.exe N/A
File opened for modification C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\UPnP Device Host\upnphost\udhisapi.dll C:\Windows\system32\svchost.exe N/A

Browser Information Discovery

discovery

Command and Scripting Interpreter: PowerShell

execution
Description Indicator Process Target
N/A N/A C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe N/A

Detects Pyinstaller

pyinstaller
Description Indicator Process Target
N/A N/A N/A N/A

Enumerates physical storage devices

System Location Discovery: System Language Discovery

discovery
Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\AnyDesk.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Windows Media Player\wmplayer.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\AnyTools.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\AnyTools.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\VSCodeUserSetup-x64-1.95.1.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\AnyTools (1).exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\AnyTools.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\AnyDesk.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\AnyDesk.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\AnyDesk.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\unregmp2.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\AnyTools.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\AnyTools.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\AnyTools.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\AnyTools.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\AnyTools (1).exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\AnyTools.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\AnyTools.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\AnyTools.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\AnyTools.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\AnyTools.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\is-GKUF9.tmp\VSCodeUserSetup-x64-1.95.1.tmp N/A

Checks processor information in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1\~MHz C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1\ProcessorNameString C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Users\Admin\Downloads\AnyDesk.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1 C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\2 C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Users\Admin\Downloads\AnyDesk.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133754906280649695" C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies registry class

Description Indicator Process Target
Set value (str) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\VSCode.cs\DefaultIcon\ = "C:\\Users\\Admin\\AppData\\Local\\Programs\\Microsoft VS Code\\resources\\app\\resources\\win32\\csharp.ico" C:\Users\Admin\AppData\Local\Temp\is-GKUF9.tmp\VSCodeUserSetup-x64-1.95.1.tmp N/A
Key created \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\.cshtml C:\Users\Admin\AppData\Local\Temp\is-GKUF9.tmp\VSCodeUserSetup-x64-1.95.1.tmp N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\VSCode.md\shell\open\command\ = "\"C:\\Users\\Admin\\AppData\\Local\\Programs\\Microsoft VS Code\\Code.exe\" \"%1\"" C:\Users\Admin\AppData\Local\Temp\is-GKUF9.tmp\VSCodeUserSetup-x64-1.95.1.tmp N/A
Key created \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\VSCode.mdown\shell\open C:\Users\Admin\AppData\Local\Temp\is-GKUF9.tmp\VSCodeUserSetup-x64-1.95.1.tmp N/A
Key created \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\.psd1 C:\Users\Admin\AppData\Local\Temp\is-GKUF9.tmp\VSCodeUserSetup-x64-1.95.1.tmp N/A
Key created \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\VSCode.ascx\shell C:\Users\Admin\AppData\Local\Temp\is-GKUF9.tmp\VSCodeUserSetup-x64-1.95.1.tmp N/A
Key created \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\VSCode.mjs C:\Users\Admin\AppData\Local\Temp\is-GKUF9.tmp\VSCodeUserSetup-x64-1.95.1.tmp N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\VSCode.wxl\DefaultIcon\ = "C:\\Users\\Admin\\AppData\\Local\\Programs\\Microsoft VS Code\\resources\\app\\resources\\win32\\default.ico" C:\Users\Admin\AppData\Local\Temp\is-GKUF9.tmp\VSCodeUserSetup-x64-1.95.1.tmp N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Applications\Code.exe\shell\open\Icon = "\"C:\\Users\\Admin\\AppData\\Local\\Programs\\Microsoft VS Code\\Code.exe\"" C:\Users\Admin\AppData\Local\Temp\is-GKUF9.tmp\VSCodeUserSetup-x64-1.95.1.tmp N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\VSCode.csx\ = "Archivo de origen C# Script" C:\Users\Admin\AppData\Local\Temp\is-GKUF9.tmp\VSCodeUserSetup-x64-1.95.1.tmp N/A
Key created \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\.rhistory C:\Users\Admin\AppData\Local\Temp\is-GKUF9.tmp\VSCodeUserSetup-x64-1.95.1.tmp N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\VSCode.clojure\shell\open\command\ = "\"C:\\Users\\Admin\\AppData\\Local\\Programs\\Microsoft VS Code\\Code.exe\" \"%1\"" C:\Users\Admin\AppData\Local\Temp\is-GKUF9.tmp\VSCodeUserSetup-x64-1.95.1.tmp N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\VSCode.cls\ = "Archivo de origen LaTeX" C:\Users\Admin\AppData\Local\Temp\is-GKUF9.tmp\VSCodeUserSetup-x64-1.95.1.tmp N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\VSCode.hxx\DefaultIcon\ = "C:\\Users\\Admin\\AppData\\Local\\Programs\\Microsoft VS Code\\resources\\app\\resources\\win32\\cpp.ico" C:\Users\Admin\AppData\Local\Temp\is-GKUF9.tmp\VSCodeUserSetup-x64-1.95.1.tmp N/A
Key created \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\VSCode.rt C:\Users\Admin\AppData\Local\Temp\is-GKUF9.tmp\VSCodeUserSetup-x64-1.95.1.tmp N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\VSCode.scss\shell\open\command\ = "\"C:\\Users\\Admin\\AppData\\Local\\Programs\\Microsoft VS Code\\Code.exe\" \"%1\"" C:\Users\Admin\AppData\Local\Temp\is-GKUF9.tmp\VSCodeUserSetup-x64-1.95.1.tmp N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\VSCode.svg\AppUserModelID = "Microsoft.VisualStudioCode" C:\Users\Admin\AppData\Local\Temp\is-GKUF9.tmp\VSCodeUserSetup-x64-1.95.1.tmp N/A
Key created \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\VSCode.c\shell\open\command C:\Users\Admin\AppData\Local\Temp\is-GKUF9.tmp\VSCodeUserSetup-x64-1.95.1.tmp N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\VSCode.cshtml\ = "Archivo de origen CSHTML" C:\Users\Admin\AppData\Local\Temp\is-GKUF9.tmp\VSCodeUserSetup-x64-1.95.1.tmp N/A
Key created \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\VSCode.eyml\shell\open C:\Users\Admin\AppData\Local\Temp\is-GKUF9.tmp\VSCodeUserSetup-x64-1.95.1.tmp N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\VSCode.fsx\AppUserModelID = "Microsoft.VisualStudioCode" C:\Users\Admin\AppData\Local\Temp\is-GKUF9.tmp\VSCodeUserSetup-x64-1.95.1.tmp N/A
Key created \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\VSCode.java\shell\open\command C:\Users\Admin\AppData\Local\Temp\is-GKUF9.tmp\VSCodeUserSetup-x64-1.95.1.tmp N/A
Key created \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\VSCode.profile\DefaultIcon C:\Users\Admin\AppData\Local\Temp\is-GKUF9.tmp\VSCodeUserSetup-x64-1.95.1.tmp N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\VSCode.psgi\AppUserModelID = "Microsoft.VisualStudioCode" C:\Users\Admin\AppData\Local\Temp\is-GKUF9.tmp\VSCodeUserSetup-x64-1.95.1.tmp N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\VSCode.csv\shell\open\Icon = "\"C:\\Users\\Admin\\AppData\\Local\\Programs\\Microsoft VS Code\\Code.exe\"" C:\Users\Admin\AppData\Local\Temp\is-GKUF9.tmp\VSCodeUserSetup-x64-1.95.1.tmp N/A
Key created \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\VSCode.hbs\shell\open C:\Users\Admin\AppData\Local\Temp\is-GKUF9.tmp\VSCodeUserSetup-x64-1.95.1.tmp N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\.json\OpenWithProgids\VSCode.json C:\Users\Admin\AppData\Local\Temp\is-GKUF9.tmp\VSCodeUserSetup-x64-1.95.1.tmp N/A
Key created \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\.mdwn C:\Users\Admin\AppData\Local\Temp\is-GKUF9.tmp\VSCodeUserSetup-x64-1.95.1.tmp N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\.php\OpenWithProgids\VSCode.php C:\Users\Admin\AppData\Local\Temp\is-GKUF9.tmp\VSCodeUserSetup-x64-1.95.1.tmp N/A
Key created \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\VSCode.editorconfig\shell\open\command C:\Users\Admin\AppData\Local\Temp\is-GKUF9.tmp\VSCodeUserSetup-x64-1.95.1.tmp N/A
Key created \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\VSCode.groovy C:\Users\Admin\AppData\Local\Temp\is-GKUF9.tmp\VSCodeUserSetup-x64-1.95.1.tmp N/A
Key created \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\.handlebars\OpenWithProgids C:\Users\Admin\AppData\Local\Temp\is-GKUF9.tmp\VSCodeUserSetup-x64-1.95.1.tmp N/A
Key created \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\VSCode.toml\shell\open\command C:\Users\Admin\AppData\Local\Temp\is-GKUF9.tmp\VSCodeUserSetup-x64-1.95.1.tmp N/A
Key created \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\VSCode.dockerfile C:\Users\Admin\AppData\Local\Temp\is-GKUF9.tmp\VSCodeUserSetup-x64-1.95.1.tmp N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\VSCode.sass\ = "Archivo de origen Sass" C:\Users\Admin\AppData\Local\Temp\is-GKUF9.tmp\VSCodeUserSetup-x64-1.95.1.tmp N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\VSCode.tex\shell\open\command\ = "\"C:\\Users\\Admin\\AppData\\Local\\Programs\\Microsoft VS Code\\Code.exe\" \"%1\"" C:\Users\Admin\AppData\Local\Temp\is-GKUF9.tmp\VSCodeUserSetup-x64-1.95.1.tmp N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\VSCode.csproj\ = "Archivo de origen C# Project" C:\Users\Admin\AppData\Local\Temp\is-GKUF9.tmp\VSCodeUserSetup-x64-1.95.1.tmp N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\VSCode.edn\DefaultIcon\ = "C:\\Users\\Admin\\AppData\\Local\\Programs\\Microsoft VS Code\\resources\\app\\resources\\win32\\default.ico" C:\Users\Admin\AppData\Local\Temp\is-GKUF9.tmp\VSCodeUserSetup-x64-1.95.1.tmp N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\VSCode.mdown\ = "Archivo de origen Markdown" C:\Users\Admin\AppData\Local\Temp\is-GKUF9.tmp\VSCodeUserSetup-x64-1.95.1.tmp N/A
Key created \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\VSCode.properties\DefaultIcon C:\Users\Admin\AppData\Local\Temp\is-GKUF9.tmp\VSCodeUserSetup-x64-1.95.1.tmp N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\VSCode.svgz\shell\open\command\ = "\"C:\\Users\\Admin\\AppData\\Local\\Programs\\Microsoft VS Code\\Code.exe\" \"%1\"" C:\Users\Admin\AppData\Local\Temp\is-GKUF9.tmp\VSCodeUserSetup-x64-1.95.1.tmp N/A
Key created \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\VSCode.wxl C:\Users\Admin\AppData\Local\Temp\is-GKUF9.tmp\VSCodeUserSetup-x64-1.95.1.tmp N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\.xaml\OpenWithProgids\VSCode.xaml C:\Users\Admin\AppData\Local\Temp\is-GKUF9.tmp\VSCodeUserSetup-x64-1.95.1.tmp N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\VSCode.jade\ = "Archivo de origen Jade" C:\Users\Admin\AppData\Local\Temp\is-GKUF9.tmp\VSCodeUserSetup-x64-1.95.1.tmp N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\.rs\OpenWithProgids\VSCode.rs C:\Users\Admin\AppData\Local\Temp\is-GKUF9.tmp\VSCodeUserSetup-x64-1.95.1.tmp N/A
Key created \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\VSCode.bib C:\Users\Admin\AppData\Local\Temp\is-GKUF9.tmp\VSCodeUserSetup-x64-1.95.1.tmp N/A
Key created \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\VSCode.coffee\DefaultIcon C:\Users\Admin\AppData\Local\Temp\is-GKUF9.tmp\VSCodeUserSetup-x64-1.95.1.tmp N/A
Key created \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\VSCode.fsx C:\Users\Admin\AppData\Local\Temp\is-GKUF9.tmp\VSCodeUserSetup-x64-1.95.1.tmp N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\VSCode.shtml\ = "Archivo de origen SHTML" C:\Users\Admin\AppData\Local\Temp\is-GKUF9.tmp\VSCodeUserSetup-x64-1.95.1.tmp N/A
Key created \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\.xml C:\Users\Admin\AppData\Local\Temp\is-GKUF9.tmp\VSCodeUserSetup-x64-1.95.1.tmp N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\.bash\OpenWithProgids\VSCode.bash C:\Users\Admin\AppData\Local\Temp\is-GKUF9.tmp\VSCodeUserSetup-x64-1.95.1.tmp N/A
Key created \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\VSCode.editorconfig\DefaultIcon C:\Users\Admin\AppData\Local\Temp\is-GKUF9.tmp\VSCodeUserSetup-x64-1.95.1.tmp N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\VSCode.handlebars\ = "Archivo de origen Handlebars" C:\Users\Admin\AppData\Local\Temp\is-GKUF9.tmp\VSCodeUserSetup-x64-1.95.1.tmp N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\.js\OpenWithProgids\VSCode.js C:\Users\Admin\AppData\Local\Temp\is-GKUF9.tmp\VSCodeUserSetup-x64-1.95.1.tmp N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\VSCode.lua\DefaultIcon\ = "C:\\Users\\Admin\\AppData\\Local\\Programs\\Microsoft VS Code\\resources\\app\\resources\\win32\\default.ico" C:\Users\Admin\AppData\Local\Temp\is-GKUF9.tmp\VSCodeUserSetup-x64-1.95.1.tmp N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\.rt\OpenWithProgids\VSCode.rt C:\Users\Admin\AppData\Local\Temp\is-GKUF9.tmp\VSCodeUserSetup-x64-1.95.1.tmp N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\VSCode.wxi\ = "Archivo de origen WiX Include" C:\Users\Admin\AppData\Local\Temp\is-GKUF9.tmp\VSCodeUserSetup-x64-1.95.1.tmp N/A
Key created \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\VSCode.makefile\shell\open C:\Users\Admin\AppData\Local\Temp\is-GKUF9.tmp\VSCodeUserSetup-x64-1.95.1.tmp N/A
Key created \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\.psm1 C:\Users\Admin\AppData\Local\Temp\is-GKUF9.tmp\VSCodeUserSetup-x64-1.95.1.tmp N/A
Key created \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\VSCode.shtml\DefaultIcon C:\Users\Admin\AppData\Local\Temp\is-GKUF9.tmp\VSCodeUserSetup-x64-1.95.1.tmp N/A
Key created \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\VSCode.aspx\DefaultIcon C:\Users\Admin\AppData\Local\Temp\is-GKUF9.tmp\VSCodeUserSetup-x64-1.95.1.tmp N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\VSCode.ctp\shell\open\Icon = "\"C:\\Users\\Admin\\AppData\\Local\\Programs\\Microsoft VS Code\\Code.exe\"" C:\Users\Admin\AppData\Local\Temp\is-GKUF9.tmp\VSCodeUserSetup-x64-1.95.1.tmp N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\VSCode.erb\shell\open\Icon = "\"C:\\Users\\Admin\\AppData\\Local\\Programs\\Microsoft VS Code\\Code.exe\"" C:\Users\Admin\AppData\Local\Temp\is-GKUF9.tmp\VSCodeUserSetup-x64-1.95.1.tmp N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\VSCode.html\shell\open\Icon = "\"C:\\Users\\Admin\\AppData\\Local\\Programs\\Microsoft VS Code\\Code.exe\"" C:\Users\Admin\AppData\Local\Temp\is-GKUF9.tmp\VSCodeUserSetup-x64-1.95.1.tmp N/A

Modifies system certificate store

evasion spyware trojan
Description Indicator Process Target
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DDFB16CD4931C973A2037D3FC83A4D7D775D05E4\Blob = 5c00000001000000040000000010000004000000010000001000000078f2fcaa601f2fb4ebc937ba532e7549030000000100000014000000ddfb16cd4931c973a2037d3fc83a4d7d775d05e41d0000000100000010000000a86dc6a233eb339610f3ed414927c559140000000100000014000000ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f620000000100000020000000552f7bdcf1a7af9e6ce672017f4f12abf77240c78e761ac203d1d9d20ac899880b00000001000000320000004400690067006900430065007200740020005400720075007300740065006400200052006f006f0074002000470034000000090000000100000034000000303206082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030106082b06010505070308530000000100000040000000303e301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c00f00000001000000300000004ea1b34b10b982a96a38915843507820ad632c6aad8343e337b34d660cd8366fa154544ae80668ae1fdf3931d57e1996190000000100000010000000ffac207997bb2cfe865570179ee037b92000000001000000940500003082059030820378a0030201020210059b1b579e8e2132e23907bda777755c300d06092a864886f70d01010c05003062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f74204734301e170d3133303830313132303030305a170d3338303131353132303030305a3062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f7420473430820222300d06092a864886f70d01010105000382020f003082020a0282020100bfe6907368debbe45d4a3c3022306933ecc2a7252ec9213df28ad859c2e129a73d58ab769acdae7b1b840dc4301ff31ba43816eb56c6976d1dabb279f2ca11d2e45fd6053c520f521fc69e15a57ebe9fa95716595572af689370c2b2ba75996a733294d11044102edf82f30784e6743b6d71e22d0c1bee20d5c9201d63292dceec5e4ec893f821619b34eb05c65eec5b1abcebc9cfcdac34405fb17a66ee77c848a86657579f54588e0c2bb74fa730d956eeca7b5de3adc94f5ee535e731cbda935edc8e8f80dab69198409079c378c7b6b1c4b56a183803108dd8d437a42e057d88f5823e109170ab55824132d7db04732a6e91017c214cd4bcae1b03755d7866d93a31449a3340bf08d75a49a4c2e6a9a067dda427bca14f39b5115817f7245c468f64f7c169887698763d595d4276878997697a48f0e0a2121b669a74cade4b1ee70e63aee6d4ef92923a9e3ddc00e4452589b69a44192b7ec094b4d2616deb33d9c5df4b0400cc7d1c95c38ff721b2b211b7bb7ff2d58c702c4160aab1631844951a76627ef680b0fbe864a633d18907e1bdb7e643a418b8a67701e10f940c211db2542925896ce50e52514774be26acb64175de7aac5f8d3fc9bcd34111125be51050eb31c5ca72162209df7c4c753f63ec215fc420516b6fb1ab868b4fc2d6455f9d20fca11ec5c08fa2b17e0a2699f5e4692f981d2df5d9a9b21de51b0203010001a3423040300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020186301d0603551d0e04160414ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f300d06092a864886f70d01010c05000382020100bb61d97da96cbe17c4911bc3a1a2008de364680f56cf77ae70f9fd9a4a99b9c9785c0c0c5fe4e61429560b36495d4463e0ad9c9618661b230d3d79e96d6bd654f8d23cc14340ae1d50f552fc903bbb9899696bc7c1a7a868a427dc9df927ae3085b9f6674d3a3e8f5939225344ebc85d03caed507a7d62210a80c87366d1a005605fe8a5b4a7afa8f76d359c7c5a8ad6a23899f3788bf44dd2200bde04ee8c9b4781720dc01432ef30592eaee071f256e46a976f92506d968d687a9ab236147a06f224b9091150d708b1b8897a8423614229e5a3cda22041d7d19c64d9ea26a18b14d74c19b25041713d3f4d7023860c4adc81d2cc3294840d0809971c4fc0ee6b207430d2e03934108521150108e85532de7149d92817504de6be4dd175acd0cafb41b843a5aad3c305444f2c369be2fae245b823536c066f67557f46b54c3f6e285a7926d2a4a86297d21ee2ed4a8bbc1bfd474a0ddf67667eb25b41d03be4f43bf40463e9efc2540051a08a2ac9ce78ccd5ea870418b3ceaf4988aff39299b6b3e6610fd28500e7501ae41b959d19a1b99cb19bb1001eefd00f4f426cc90abcee43fa3a71a5c84d26a535fd895dbc85621d32d2a02b54ed9a57c1dbfa10cf19b78b4a1b8f01b6279553e8b6896d5bbc68d423e88b51a256f9f0a680a0d61eb3bc0f0f537529aaea1377e4de8c8121ad07104711ad873d07d175bccff3667e \??\c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\@vscode\vsce-sign\bin\vsce-sign.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DDFB16CD4931C973A2037D3FC83A4D7D775D05E4 \??\c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\@vscode\vsce-sign\bin\vsce-sign.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DDFB16CD4931C973A2037D3FC83A4D7D775D05E4\Blob = 0f00000001000000300000004ea1b34b10b982a96a38915843507820ad632c6aad8343e337b34d660cd8366fa154544ae80668ae1fdf3931d57e1996530000000100000040000000303e301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000034000000303206082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030106082b060105050703080b00000001000000320000004400690067006900430065007200740020005400720075007300740065006400200052006f006f0074002000470034000000620000000100000020000000552f7bdcf1a7af9e6ce672017f4f12abf77240c78e761ac203d1d9d20ac89988140000000100000014000000ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f1d0000000100000010000000a86dc6a233eb339610f3ed414927c559030000000100000014000000ddfb16cd4931c973a2037d3fc83a4d7d775d05e42000000001000000940500003082059030820378a0030201020210059b1b579e8e2132e23907bda777755c300d06092a864886f70d01010c05003062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f74204734301e170d3133303830313132303030305a170d3338303131353132303030305a3062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f7420473430820222300d06092a864886f70d01010105000382020f003082020a0282020100bfe6907368debbe45d4a3c3022306933ecc2a7252ec9213df28ad859c2e129a73d58ab769acdae7b1b840dc4301ff31ba43816eb56c6976d1dabb279f2ca11d2e45fd6053c520f521fc69e15a57ebe9fa95716595572af689370c2b2ba75996a733294d11044102edf82f30784e6743b6d71e22d0c1bee20d5c9201d63292dceec5e4ec893f821619b34eb05c65eec5b1abcebc9cfcdac34405fb17a66ee77c848a86657579f54588e0c2bb74fa730d956eeca7b5de3adc94f5ee535e731cbda935edc8e8f80dab69198409079c378c7b6b1c4b56a183803108dd8d437a42e057d88f5823e109170ab55824132d7db04732a6e91017c214cd4bcae1b03755d7866d93a31449a3340bf08d75a49a4c2e6a9a067dda427bca14f39b5115817f7245c468f64f7c169887698763d595d4276878997697a48f0e0a2121b669a74cade4b1ee70e63aee6d4ef92923a9e3ddc00e4452589b69a44192b7ec094b4d2616deb33d9c5df4b0400cc7d1c95c38ff721b2b211b7bb7ff2d58c702c4160aab1631844951a76627ef680b0fbe864a633d18907e1bdb7e643a418b8a67701e10f940c211db2542925896ce50e52514774be26acb64175de7aac5f8d3fc9bcd34111125be51050eb31c5ca72162209df7c4c753f63ec215fc420516b6fb1ab868b4fc2d6455f9d20fca11ec5c08fa2b17e0a2699f5e4692f981d2df5d9a9b21de51b0203010001a3423040300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020186301d0603551d0e04160414ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f300d06092a864886f70d01010c05000382020100bb61d97da96cbe17c4911bc3a1a2008de364680f56cf77ae70f9fd9a4a99b9c9785c0c0c5fe4e61429560b36495d4463e0ad9c9618661b230d3d79e96d6bd654f8d23cc14340ae1d50f552fc903bbb9899696bc7c1a7a868a427dc9df927ae3085b9f6674d3a3e8f5939225344ebc85d03caed507a7d62210a80c87366d1a005605fe8a5b4a7afa8f76d359c7c5a8ad6a23899f3788bf44dd2200bde04ee8c9b4781720dc01432ef30592eaee071f256e46a976f92506d968d687a9ab236147a06f224b9091150d708b1b8897a8423614229e5a3cda22041d7d19c64d9ea26a18b14d74c19b25041713d3f4d7023860c4adc81d2cc3294840d0809971c4fc0ee6b207430d2e03934108521150108e85532de7149d92817504de6be4dd175acd0cafb41b843a5aad3c305444f2c369be2fae245b823536c066f67557f46b54c3f6e285a7926d2a4a86297d21ee2ed4a8bbc1bfd474a0ddf67667eb25b41d03be4f43bf40463e9efc2540051a08a2ac9ce78ccd5ea870418b3ceaf4988aff39299b6b3e6610fd28500e7501ae41b959d19a1b99cb19bb1001eefd00f4f426cc90abcee43fa3a71a5c84d26a535fd895dbc85621d32d2a02b54ed9a57c1dbfa10cf19b78b4a1b8f01b6279553e8b6896d5bbc68d423e88b51a256f9f0a680a0d61eb3bc0f0f537529aaea1377e4de8c8121ad07104711ad873d07d175bccff3667e \??\c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\@vscode\vsce-sign\bin\vsce-sign.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DDFB16CD4931C973A2037D3FC83A4D7D775D05E4\Blob = 04000000010000001000000078f2fcaa601f2fb4ebc937ba532e7549030000000100000014000000ddfb16cd4931c973a2037d3fc83a4d7d775d05e41d0000000100000010000000a86dc6a233eb339610f3ed414927c559140000000100000014000000ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f620000000100000020000000552f7bdcf1a7af9e6ce672017f4f12abf77240c78e761ac203d1d9d20ac899880b00000001000000320000004400690067006900430065007200740020005400720075007300740065006400200052006f006f0074002000470034000000090000000100000034000000303206082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030106082b06010505070308530000000100000040000000303e301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c00f00000001000000300000004ea1b34b10b982a96a38915843507820ad632c6aad8343e337b34d660cd8366fa154544ae80668ae1fdf3931d57e19962000000001000000940500003082059030820378a0030201020210059b1b579e8e2132e23907bda777755c300d06092a864886f70d01010c05003062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f74204734301e170d3133303830313132303030305a170d3338303131353132303030305a3062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f7420473430820222300d06092a864886f70d01010105000382020f003082020a0282020100bfe6907368debbe45d4a3c3022306933ecc2a7252ec9213df28ad859c2e129a73d58ab769acdae7b1b840dc4301ff31ba43816eb56c6976d1dabb279f2ca11d2e45fd6053c520f521fc69e15a57ebe9fa95716595572af689370c2b2ba75996a733294d11044102edf82f30784e6743b6d71e22d0c1bee20d5c9201d63292dceec5e4ec893f821619b34eb05c65eec5b1abcebc9cfcdac34405fb17a66ee77c848a86657579f54588e0c2bb74fa730d956eeca7b5de3adc94f5ee535e731cbda935edc8e8f80dab69198409079c378c7b6b1c4b56a183803108dd8d437a42e057d88f5823e109170ab55824132d7db04732a6e91017c214cd4bcae1b03755d7866d93a31449a3340bf08d75a49a4c2e6a9a067dda427bca14f39b5115817f7245c468f64f7c169887698763d595d4276878997697a48f0e0a2121b669a74cade4b1ee70e63aee6d4ef92923a9e3ddc00e4452589b69a44192b7ec094b4d2616deb33d9c5df4b0400cc7d1c95c38ff721b2b211b7bb7ff2d58c702c4160aab1631844951a76627ef680b0fbe864a633d18907e1bdb7e643a418b8a67701e10f940c211db2542925896ce50e52514774be26acb64175de7aac5f8d3fc9bcd34111125be51050eb31c5ca72162209df7c4c753f63ec215fc420516b6fb1ab868b4fc2d6455f9d20fca11ec5c08fa2b17e0a2699f5e4692f981d2df5d9a9b21de51b0203010001a3423040300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020186301d0603551d0e04160414ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f300d06092a864886f70d01010c05000382020100bb61d97da96cbe17c4911bc3a1a2008de364680f56cf77ae70f9fd9a4a99b9c9785c0c0c5fe4e61429560b36495d4463e0ad9c9618661b230d3d79e96d6bd654f8d23cc14340ae1d50f552fc903bbb9899696bc7c1a7a868a427dc9df927ae3085b9f6674d3a3e8f5939225344ebc85d03caed507a7d62210a80c87366d1a005605fe8a5b4a7afa8f76d359c7c5a8ad6a23899f3788bf44dd2200bde04ee8c9b4781720dc01432ef30592eaee071f256e46a976f92506d968d687a9ab236147a06f224b9091150d708b1b8897a8423614229e5a3cda22041d7d19c64d9ea26a18b14d74c19b25041713d3f4d7023860c4adc81d2cc3294840d0809971c4fc0ee6b207430d2e03934108521150108e85532de7149d92817504de6be4dd175acd0cafb41b843a5aad3c305444f2c369be2fae245b823536c066f67557f46b54c3f6e285a7926d2a4a86297d21ee2ed4a8bbc1bfd474a0ddf67667eb25b41d03be4f43bf40463e9efc2540051a08a2ac9ce78ccd5ea870418b3ceaf4988aff39299b6b3e6610fd28500e7501ae41b959d19a1b99cb19bb1001eefd00f4f426cc90abcee43fa3a71a5c84d26a535fd895dbc85621d32d2a02b54ed9a57c1dbfa10cf19b78b4a1b8f01b6279553e8b6896d5bbc68d423e88b51a256f9f0a680a0d61eb3bc0f0f537529aaea1377e4de8c8121ad07104711ad873d07d175bccff3667e \??\c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\@vscode\vsce-sign\bin\vsce-sign.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DDFB16CD4931C973A2037D3FC83A4D7D775D05E4\Blob = 190000000100000010000000ffac207997bb2cfe865570179ee037b90f00000001000000300000004ea1b34b10b982a96a38915843507820ad632c6aad8343e337b34d660cd8366fa154544ae80668ae1fdf3931d57e1996530000000100000040000000303e301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000034000000303206082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030106082b060105050703080b00000001000000320000004400690067006900430065007200740020005400720075007300740065006400200052006f006f0074002000470034000000620000000100000020000000552f7bdcf1a7af9e6ce672017f4f12abf77240c78e761ac203d1d9d20ac89988140000000100000014000000ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f1d0000000100000010000000a86dc6a233eb339610f3ed414927c559030000000100000014000000ddfb16cd4931c973a2037d3fc83a4d7d775d05e404000000010000001000000078f2fcaa601f2fb4ebc937ba532e75492000000001000000940500003082059030820378a0030201020210059b1b579e8e2132e23907bda777755c300d06092a864886f70d01010c05003062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f74204734301e170d3133303830313132303030305a170d3338303131353132303030305a3062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f7420473430820222300d06092a864886f70d01010105000382020f003082020a0282020100bfe6907368debbe45d4a3c3022306933ecc2a7252ec9213df28ad859c2e129a73d58ab769acdae7b1b840dc4301ff31ba43816eb56c6976d1dabb279f2ca11d2e45fd6053c520f521fc69e15a57ebe9fa95716595572af689370c2b2ba75996a733294d11044102edf82f30784e6743b6d71e22d0c1bee20d5c9201d63292dceec5e4ec893f821619b34eb05c65eec5b1abcebc9cfcdac34405fb17a66ee77c848a86657579f54588e0c2bb74fa730d956eeca7b5de3adc94f5ee535e731cbda935edc8e8f80dab69198409079c378c7b6b1c4b56a183803108dd8d437a42e057d88f5823e109170ab55824132d7db04732a6e91017c214cd4bcae1b03755d7866d93a31449a3340bf08d75a49a4c2e6a9a067dda427bca14f39b5115817f7245c468f64f7c169887698763d595d4276878997697a48f0e0a2121b669a74cade4b1ee70e63aee6d4ef92923a9e3ddc00e4452589b69a44192b7ec094b4d2616deb33d9c5df4b0400cc7d1c95c38ff721b2b211b7bb7ff2d58c702c4160aab1631844951a76627ef680b0fbe864a633d18907e1bdb7e643a418b8a67701e10f940c211db2542925896ce50e52514774be26acb64175de7aac5f8d3fc9bcd34111125be51050eb31c5ca72162209df7c4c753f63ec215fc420516b6fb1ab868b4fc2d6455f9d20fca11ec5c08fa2b17e0a2699f5e4692f981d2df5d9a9b21de51b0203010001a3423040300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020186301d0603551d0e04160414ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f300d06092a864886f70d01010c05000382020100bb61d97da96cbe17c4911bc3a1a2008de364680f56cf77ae70f9fd9a4a99b9c9785c0c0c5fe4e61429560b36495d4463e0ad9c9618661b230d3d79e96d6bd654f8d23cc14340ae1d50f552fc903bbb9899696bc7c1a7a868a427dc9df927ae3085b9f6674d3a3e8f5939225344ebc85d03caed507a7d62210a80c87366d1a005605fe8a5b4a7afa8f76d359c7c5a8ad6a23899f3788bf44dd2200bde04ee8c9b4781720dc01432ef30592eaee071f256e46a976f92506d968d687a9ab236147a06f224b9091150d708b1b8897a8423614229e5a3cda22041d7d19c64d9ea26a18b14d74c19b25041713d3f4d7023860c4adc81d2cc3294840d0809971c4fc0ee6b207430d2e03934108521150108e85532de7149d92817504de6be4dd175acd0cafb41b843a5aad3c305444f2c369be2fae245b823536c066f67557f46b54c3f6e285a7926d2a4a86297d21ee2ed4a8bbc1bfd474a0ddf67667eb25b41d03be4f43bf40463e9efc2540051a08a2ac9ce78ccd5ea870418b3ceaf4988aff39299b6b3e6610fd28500e7501ae41b959d19a1b99cb19bb1001eefd00f4f426cc90abcee43fa3a71a5c84d26a535fd895dbc85621d32d2a02b54ed9a57c1dbfa10cf19b78b4a1b8f01b6279553e8b6896d5bbc68d423e88b51a256f9f0a680a0d61eb3bc0f0f537529aaea1377e4de8c8121ad07104711ad873d07d175bccff3667e \??\c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\@vscode\vsce-sign\bin\vsce-sign.exe N/A

Suspicious behavior: AddClipboardFormatListener

Description Indicator Process Target
N/A N/A C:\Users\Admin\Downloads\AnyDesk.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Windows\System32\sdiagnhost.exe N/A
N/A N/A C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe N/A
N/A N/A C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe N/A
N/A N/A C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-GKUF9.tmp\VSCodeUserSetup-x64-1.95.1.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-GKUF9.tmp\VSCodeUserSetup-x64-1.95.1.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A
N/A N/A C:\Users\Admin\Downloads\resolver.exe N/A
N/A N/A C:\Users\Admin\Downloads\resolver.exe N/A
N/A N/A C:\Users\Admin\Downloads\resolver.exe N/A
N/A N/A C:\Users\Admin\Downloads\resolver.exe N/A
N/A N/A C:\Users\Admin\Downloads\AnyDesk.exe N/A
N/A N/A C:\Users\Admin\Downloads\AnyDesk.exe N/A
N/A N/A C:\Users\Admin\Downloads\AnyDesk.exe N/A
N/A N/A C:\Users\Admin\Downloads\AnyDesk.exe N/A
N/A N/A C:\Users\Admin\Downloads\resolver.exe N/A
N/A N/A C:\Users\Admin\Downloads\resolver.exe N/A
N/A N/A C:\Users\Admin\Downloads\resolver.exe N/A
N/A N/A C:\Users\Admin\Downloads\resolver.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Windows\system32\unregmp2.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Windows\system32\unregmp2.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\Windows Media Player\wmplayer.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files (x86)\Windows Media Player\wmplayer.exe N/A
Token: 33 N/A C:\Windows\system32\AUDIODG.EXE N/A
Token: SeIncBasePriorityPrivilege N/A C:\Windows\system32\AUDIODG.EXE N/A
Token: SeShutdownPrivilege N/A C:\Program Files (x86)\Windows Media Player\wmplayer.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files (x86)\Windows Media Player\wmplayer.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Windows Media Player\wmplayer.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Windows\System32\msdt.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A
N/A N/A C:\Users\Admin\Downloads\AnyDesk.exe N/A
N/A N/A C:\Users\Admin\Downloads\AnyDesk.exe N/A
N/A N/A C:\Users\Admin\Downloads\AnyDesk.exe N/A
N/A N/A C:\Users\Admin\Downloads\AnyDesk.exe N/A
N/A N/A C:\Users\Admin\Downloads\AnyDesk.exe N/A
N/A N/A C:\Users\Admin\Downloads\AnyDesk.exe N/A
N/A N/A C:\Users\Admin\Downloads\AnyDesk.exe N/A
N/A N/A C:\Users\Admin\Downloads\AnyDesk.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Users\Admin\Downloads\AnyDesk.exe N/A
N/A N/A C:\Users\Admin\Downloads\AnyDesk.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 2536 wrote to memory of 2772 N/A C:\Program Files (x86)\Windows Media Player\wmplayer.exe C:\Windows\SysWOW64\unregmp2.exe
PID 2536 wrote to memory of 2772 N/A C:\Program Files (x86)\Windows Media Player\wmplayer.exe C:\Windows\SysWOW64\unregmp2.exe
PID 2536 wrote to memory of 2772 N/A C:\Program Files (x86)\Windows Media Player\wmplayer.exe C:\Windows\SysWOW64\unregmp2.exe
PID 2772 wrote to memory of 708 N/A C:\Windows\SysWOW64\unregmp2.exe C:\Windows\system32\unregmp2.exe
PID 2772 wrote to memory of 708 N/A C:\Windows\SysWOW64\unregmp2.exe C:\Windows\system32\unregmp2.exe
PID 1384 wrote to memory of 1968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1384 wrote to memory of 1968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1384 wrote to memory of 1308 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1384 wrote to memory of 1308 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1384 wrote to memory of 1308 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1384 wrote to memory of 1308 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1384 wrote to memory of 1308 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1384 wrote to memory of 1308 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1384 wrote to memory of 1308 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1384 wrote to memory of 1308 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1384 wrote to memory of 1308 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1384 wrote to memory of 1308 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1384 wrote to memory of 1308 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1384 wrote to memory of 1308 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1384 wrote to memory of 1308 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1384 wrote to memory of 1308 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1384 wrote to memory of 1308 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1384 wrote to memory of 1308 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1384 wrote to memory of 1308 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1384 wrote to memory of 1308 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1384 wrote to memory of 1308 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1384 wrote to memory of 1308 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1384 wrote to memory of 1308 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1384 wrote to memory of 1308 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1384 wrote to memory of 1308 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1384 wrote to memory of 1308 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1384 wrote to memory of 1308 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1384 wrote to memory of 1308 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1384 wrote to memory of 1308 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1384 wrote to memory of 1308 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1384 wrote to memory of 1308 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1384 wrote to memory of 1308 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1384 wrote to memory of 5008 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1384 wrote to memory of 5008 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1384 wrote to memory of 4308 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1384 wrote to memory of 4308 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1384 wrote to memory of 4308 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1384 wrote to memory of 4308 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1384 wrote to memory of 4308 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1384 wrote to memory of 4308 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1384 wrote to memory of 4308 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1384 wrote to memory of 4308 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1384 wrote to memory of 4308 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1384 wrote to memory of 4308 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1384 wrote to memory of 4308 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1384 wrote to memory of 4308 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1384 wrote to memory of 4308 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1384 wrote to memory of 4308 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1384 wrote to memory of 4308 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1384 wrote to memory of 4308 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1384 wrote to memory of 4308 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1384 wrote to memory of 4308 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1384 wrote to memory of 4308 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1384 wrote to memory of 4308 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1384 wrote to memory of 4308 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1384 wrote to memory of 4308 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1384 wrote to memory of 4308 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1384 wrote to memory of 4308 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1384 wrote to memory of 4308 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Program Files (x86)\Windows Media Player\wmplayer.exe

"C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:6 /Open "C:\Users\Admin\AppData\Local\Temp\keloke bro.mp3"

C:\Windows\SysWOW64\unregmp2.exe

"C:\Windows\System32\unregmp2.exe" /AsyncFirstLogon

C:\Windows\system32\unregmp2.exe

"C:\Windows\SysNative\unregmp2.exe" /AsyncFirstLogon /REENTRANT

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s upnphost

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x2ec 0x4b0

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 2536 -ip 2536

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -u -p 2536 -s 2276

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffbf910cc40,0x7ffbf910cc4c,0x7ffbf910cc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1836,i,10688210906280870340,13109883657833276941,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1832 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2060,i,10688210906280870340,13109883657833276941,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2040 /prefetch:3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2276,i,10688210906280870340,13109883657833276941,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2472 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3172,i,10688210906280870340,13109883657833276941,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3204 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3352,i,10688210906280870340,13109883657833276941,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3336 /prefetch:1

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4628,i,10688210906280870340,13109883657833276941,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4648 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4612,i,10688210906280870340,13109883657833276941,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4556 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4852,i,10688210906280870340,13109883657833276941,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4864 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4816,i,10688210906280870340,13109883657833276941,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4972 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4920,i,10688210906280870340,13109883657833276941,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4996 /prefetch:8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4792,i,10688210906280870340,13109883657833276941,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4832 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4584,i,10688210906280870340,13109883657833276941,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4900 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4836,i,10688210906280870340,13109883657833276941,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4988 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5296,i,10688210906280870340,13109883657833276941,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4832 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=4788,i,10688210906280870340,13109883657833276941,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4888 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=240,i,10688210906280870340,13109883657833276941,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5196 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=3484,i,10688210906280870340,13109883657833276941,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3540 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=4912,i,10688210906280870340,13109883657833276941,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5456 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=4888,i,10688210906280870340,13109883657833276941,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5624 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5744,i,10688210906280870340,13109883657833276941,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5648 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5908,i,10688210906280870340,13109883657833276941,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5068 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4520,i,10688210906280870340,13109883657833276941,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1268 /prefetch:8

C:\Users\Admin\Downloads\AnyTools.exe

"C:\Users\Admin\Downloads\AnyTools.exe"

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -pss -s 420 -p 5188 -ip 5188

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -u -p 5188 -s 1424

C:\Users\Admin\Downloads\AnyTools.exe

"C:\Users\Admin\Downloads\AnyTools.exe"

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -pss -s 464 -p 6032 -ip 6032

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -u -p 6032 -s 1420

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

C:\Users\Admin\Downloads\AnyTools.exe

"C:\Users\Admin\Downloads\AnyTools.exe"

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -pss -s 512 -p 4900 -ip 4900

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -u -p 4900 -s 1420

C:\Users\Admin\Downloads\AnyTools.exe

"C:\Users\Admin\Downloads\AnyTools.exe"

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -pss -s 416 -p 2356 -ip 2356

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -u -p 2356 -s 1420

C:\Windows\system32\cmd.exe

"C:\Windows\system32\cmd.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=5320,i,10688210906280870340,13109883657833276941,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4416 /prefetch:8

C:\Users\Admin\Downloads\AnyTools.exe

"C:\Users\Admin\Downloads\AnyTools.exe"

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 5792 -ip 5792

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -u -p 5792 -s 1416

C:\Users\Admin\Downloads\AnyTools.exe

"C:\Users\Admin\Downloads\AnyTools.exe" C:\Users\Admin\Downloads\AnyTools.exe

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -pss -s 520 -p 4812 -ip 4812

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -u -p 4812 -s 1416

C:\Windows\system32\pcwrun.exe

C:\Windows\system32\pcwrun.exe "C:\Users\Admin\Downloads\AnyTools.exe" ContextMenu

C:\Windows\System32\msdt.exe

C:\Windows\System32\msdt.exe -path C:\Windows\diagnostics\index\PCWDiagnostic.xml -af C:\Users\Admin\AppData\Local\Temp\PCW7B3D.xml /skip TRUE

C:\Windows\System32\sdiagnhost.exe

C:\Windows\System32\sdiagnhost.exe -Embedding

C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe

"C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe" /noconfig /fullpaths @"C:\Users\Admin\AppData\Local\Temp\pu1pyi3q\pu1pyi3q.cmdline"

C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe

C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe /NOLOGO /READONLY /MACHINE:IX86 "/OUT:C:\Users\Admin\AppData\Local\Temp\RES7F45.tmp" "c:\Users\Admin\AppData\Local\Temp\pu1pyi3q\CSC5A464EC3D4E446B5B36D49E2DE86F222.TMP"

C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe

"C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe" /noconfig /fullpaths @"C:\Users\Admin\AppData\Local\Temp\53uosdit\53uosdit.cmdline"

C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe

C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe /NOLOGO /READONLY /MACHINE:IX86 "/OUT:C:\Users\Admin\AppData\Local\Temp\RES7FF1.tmp" "c:\Users\Admin\AppData\Local\Temp\53uosdit\CSC1848BE1E5804B019B91CB23D2F4E0E5.TMP"

C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe

"C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe" /noconfig /fullpaths @"C:\Users\Admin\AppData\Local\Temp\cserel1v\cserel1v.cmdline"

C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe

C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe /NOLOGO /READONLY /MACHINE:IX86 "/OUT:C:\Users\Admin\AppData\Local\Temp\RES839A.tmp" "c:\Users\Admin\AppData\Local\Temp\cserel1v\CSC209B65A4902544C6B77E209DDA94A5E.TMP"

C:\Users\Admin\Downloads\AnyTools.exe

"C:\Users\Admin\Downloads\AnyTools.exe"

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -pss -s 504 -p 720 -ip 720

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -u -p 720 -s 1416

C:\Users\Admin\Downloads\AnyTools.exe

"C:\Users\Admin\Downloads\AnyTools.exe"

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -pss -s 524 -p 4372 -ip 4372

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -u -p 4372 -s 1416

C:\Users\Admin\Downloads\AnyTools.exe

"C:\Users\Admin\Downloads\AnyTools.exe"

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -pss -s 524 -p 5208 -ip 5208

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -u -p 5208 -s 1416

C:\Users\Admin\Downloads\AnyTools.exe

"C:\Users\Admin\Downloads\AnyTools.exe"

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -pss -s 520 -p 1436 -ip 1436

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -u -p 1436 -s 1416

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --field-trial-handle=5128,i,10688210906280870340,13109883657833276941,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2776 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --field-trial-handle=5328,i,10688210906280870340,13109883657833276941,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5368 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=1524,i,10688210906280870340,13109883657833276941,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5640 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5636,i,10688210906280870340,13109883657833276941,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5720 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --field-trial-handle=5280,i,10688210906280870340,13109883657833276941,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5244 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-appcompat-clear --field-trial-handle=5872,i,10688210906280870340,13109883657833276941,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6092 /prefetch:8

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x2ec 0x4b0

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --field-trial-handle=5588,i,10688210906280870340,13109883657833276941,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4936 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --field-trial-handle=6140,i,10688210906280870340,13109883657833276941,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5360 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=2776,i,10688210906280870340,13109883657833276941,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5820 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=6176,i,10688210906280870340,13109883657833276941,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6276 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=6456,i,10688210906280870340,13109883657833276941,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5236 /prefetch:8

C:\Users\Admin\Downloads\VSCodeUserSetup-x64-1.95.1.exe

"C:\Users\Admin\Downloads\VSCodeUserSetup-x64-1.95.1.exe"

C:\Users\Admin\AppData\Local\Temp\is-GKUF9.tmp\VSCodeUserSetup-x64-1.95.1.tmp

"C:\Users\Admin\AppData\Local\Temp\is-GKUF9.tmp\VSCodeUserSetup-x64-1.95.1.tmp" /SL5="$2B02A2,102294767,828416,C:\Users\Admin\Downloads\VSCodeUserSetup-x64-1.95.1.exe"

C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe

"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -Command "Get-WmiObject Win32_Process | Where-Object { $_.ExecutablePath -eq 'C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\bin\code-tunnel.exe' } | Select @{Name='Id'; Expression={$_.ProcessId}} | Stop-Process -Force"

C:\Windows\system32\icacls.exe

"C:\Windows\system32\icacls.exe" "C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code" /inheritancelevel:r /grant:r "*S-1-5-18:(OI)(CI)F" /grant:r "*S-1-5-32-544:(OI)(CI)F" /grant:r "*S-1-5-11:(OI)(CI)RX" /grant:r "*S-1-5-32-545:(OI)(CI)RX" /grant:r "*S-1-3-0:(OI)(CI)F" /grant:r "Admin:(OI)(CI)F"

C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe

"C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe"

C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe

"C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe" --type=gpu-process --user-data-dir="C:\Users\Admin\AppData\Roaming\Code" --gpu-preferences=UAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --field-trial-handle=1932,i,14337513804853103066,15096170447192362554,262144 --disable-features=CalculateNativeWinOcclusion,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=1924 /prefetch:2

C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe

"C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-data-dir="C:\Users\Admin\AppData\Roaming\Code" --standard-schemes=vscode-webview,vscode-file --enable-sandbox --secure-schemes=vscode-webview,vscode-file --cors-schemes=vscode-webview,vscode-file --fetch-schemes=vscode-webview,vscode-file --service-worker-schemes=vscode-webview --code-cache-schemes=vscode-webview,vscode-file --field-trial-handle=2396,i,14337513804853103066,15096170447192362554,262144 --disable-features=CalculateNativeWinOcclusion,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=2276 /prefetch:3

C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe

"C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\Code" --standard-schemes=vscode-webview,vscode-file --enable-sandbox --secure-schemes=vscode-webview,vscode-file --cors-schemes=vscode-webview,vscode-file --fetch-schemes=vscode-webview,vscode-file --service-worker-schemes=vscode-webview --code-cache-schemes=vscode-webview,vscode-file --app-user-model-id=Microsoft.VisualStudioCode --app-path="C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app" --enable-sandbox --enable-blink-features=HighlightAPI --disable-blink-features=FontMatchingCTMigration, --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=4 --field-trial-handle=3200,i,14337513804853103066,15096170447192362554,262144 --disable-features=CalculateNativeWinOcclusion,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=3268 --vscode-window-config=vscode:a287d188-d2e3-45d6-936e-040e2d6f4489 /prefetch:1

C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe

"C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe" --type=utility --utility-sub-type=node.mojom.NodeService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --user-data-dir="C:\Users\Admin\AppData\Roaming\Code" --standard-schemes=vscode-webview,vscode-file --enable-sandbox --secure-schemes=vscode-webview,vscode-file --cors-schemes=vscode-webview,vscode-file --fetch-schemes=vscode-webview,vscode-file --service-worker-schemes=vscode-webview --code-cache-schemes=vscode-webview,vscode-file --field-trial-handle=3792,i,14337513804853103066,15096170447192362554,262144 --disable-features=CalculateNativeWinOcclusion,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=3788 /prefetch:8

C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe

"C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe" --type=utility --utility-sub-type=node.mojom.NodeService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --user-data-dir="C:\Users\Admin\AppData\Roaming\Code" --standard-schemes=vscode-webview,vscode-file --enable-sandbox --secure-schemes=vscode-webview,vscode-file --cors-schemes=vscode-webview,vscode-file --fetch-schemes=vscode-webview,vscode-file --service-worker-schemes=vscode-webview --code-cache-schemes=vscode-webview,vscode-file --field-trial-handle=3828,i,14337513804853103066,15096170447192362554,262144 --disable-features=CalculateNativeWinOcclusion,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=3824 /prefetch:8

C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe

"C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe" --type=utility --utility-sub-type=node.mojom.NodeService --lang=en-US --service-sandbox-type=none --dns-result-order=ipv4first --inspect-port=0 --video-capture-use-gpu-memory-buffer --user-data-dir="C:\Users\Admin\AppData\Roaming\Code" --standard-schemes=vscode-webview,vscode-file --enable-sandbox --secure-schemes=vscode-webview,vscode-file --cors-schemes=vscode-webview,vscode-file --fetch-schemes=vscode-webview,vscode-file --service-worker-schemes=vscode-webview --code-cache-schemes=vscode-webview,vscode-file --field-trial-handle=3644,i,14337513804853103066,15096170447192362554,262144 --disable-features=CalculateNativeWinOcclusion,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=3672 /prefetch:8

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "wsl.exe -l -q"

C:\Users\Admin\Downloads\AnyTools.exe

"C:\Users\Admin\Downloads\AnyTools.exe"

C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe

"C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\Code" --standard-schemes=vscode-webview,vscode-file --enable-sandbox --secure-schemes=vscode-webview,vscode-file --cors-schemes=vscode-webview,vscode-file --fetch-schemes=vscode-webview,vscode-file --service-worker-schemes=vscode-webview --code-cache-schemes=vscode-webview,vscode-file --app-user-model-id=Microsoft.VisualStudioCode --app-path="C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app" --enable-sandbox --enable-blink-features=HighlightAPI --disable-blink-features=FontMatchingCTMigration, --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=4212,i,14337513804853103066,15096170447192362554,262144 --disable-features=CalculateNativeWinOcclusion,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=4484 --vscode-window-config=vscode:a287d188-d2e3-45d6-936e-040e2d6f4489 /prefetch:1

\??\c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\bin\code-tunnel.exe

"c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\bin\code-tunnel.exe" tunnel status

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -pss -s 532 -p 4060 -ip 4060

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -u -p 4060 -s 1416

C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe

"C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\Code" --standard-schemes=vscode-webview,vscode-file --enable-sandbox --secure-schemes=vscode-webview,vscode-file --cors-schemes=vscode-webview,vscode-file --fetch-schemes=vscode-webview,vscode-file --service-worker-schemes=vscode-webview --code-cache-schemes=vscode-webview,vscode-file --app-user-model-id=Microsoft.VisualStudioCode --app-path="C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app" --enable-sandbox --enable-blink-features=HighlightAPI --disable-blink-features=FontMatchingCTMigration, --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=4588,i,14337513804853103066,15096170447192362554,262144 --disable-features=CalculateNativeWinOcclusion,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=4584 --vscode-window-config=vscode:a287d188-d2e3-45d6-936e-040e2d6f4489 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --field-trial-handle=1316,i,10688210906280870340,13109883657833276941,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6204 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --field-trial-handle=6212,i,10688210906280870340,13109883657833276941,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6236 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4636,i,10688210906280870340,13109883657833276941,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6356 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=6508,i,10688210906280870340,13109883657833276941,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6516 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --field-trial-handle=3708,i,10688210906280870340,13109883657833276941,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6516 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5856,i,10688210906280870340,13109883657833276941,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5476 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=4624,i,10688210906280870340,13109883657833276941,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1532 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=6224,i,10688210906280870340,13109883657833276941,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6180 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5568,i,10688210906280870340,13109883657833276941,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6348 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=6780,i,10688210906280870340,13109883657833276941,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6768 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4672,i,10688210906280870340,13109883657833276941,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6808 /prefetch:8

C:\Users\Admin\Downloads\AnyTools (1).exe

"C:\Users\Admin\Downloads\AnyTools (1).exe"

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -pss -s 188 -p 4752 -ip 4752

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -u -p 4752 -s 1420

C:\Users\Admin\Downloads\AnyTools (1).exe

"C:\Users\Admin\Downloads\AnyTools (1).exe"

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -pss -s 188 -p 1364 -ip 1364

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -u -p 1364 -s 1420

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --field-trial-handle=6900,i,10688210906280870340,13109883657833276941,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6892 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --field-trial-handle=6896,i,10688210906280870340,13109883657833276941,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3176 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=6668,i,10688210906280870340,13109883657833276941,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6296 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=6908,i,10688210906280870340,13109883657833276941,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6708 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --field-trial-handle=4376,i,10688210906280870340,13109883657833276941,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6336 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --field-trial-handle=4372,i,10688210906280870340,13109883657833276941,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6516 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --field-trial-handle=4904,i,10688210906280870340,13109883657833276941,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5476 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5824,i,10688210906280870340,13109883657833276941,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7016 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=6944,i,10688210906280870340,13109883657833276941,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5816 /prefetch:8

C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe

"C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --user-data-dir="C:\Users\Admin\AppData\Roaming\Code" --gpu-preferences=UAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAhAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --field-trial-handle=1208,i,14337513804853103066,15096170447192362554,262144 --disable-features=CalculateNativeWinOcclusion,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=1124 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=7048,i,10688210906280870340,13109883657833276941,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7044 /prefetch:8

C:\Users\Admin\Downloads\resolver.exe

"C:\Users\Admin\Downloads\resolver.exe"

C:\Users\Admin\Downloads\resolver.exe

"C:\Users\Admin\Downloads\resolver.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c title AnyDesk IP resolver

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c color a

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c mode 40,20

C:\Windows\system32\mode.com

mode 40,20

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c pause>nul

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --field-trial-handle=6320,i,10688210906280870340,13109883657833276941,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7164 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --field-trial-handle=6748,i,10688210906280870340,13109883657833276941,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4944 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=7128,i,10688210906280870340,13109883657833276941,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6724 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=7068,i,10688210906280870340,13109883657833276941,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7084 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --field-trial-handle=6644,i,10688210906280870340,13109883657833276941,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7304 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --field-trial-handle=7100,i,10688210906280870340,13109883657833276941,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7172 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --field-trial-handle=6564,i,10688210906280870340,13109883657833276941,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6788 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --field-trial-handle=6568,i,10688210906280870340,13109883657833276941,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6940 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --field-trial-handle=7192,i,10688210906280870340,13109883657833276941,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6292 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --field-trial-handle=7496,i,10688210906280870340,13109883657833276941,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6368 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --field-trial-handle=7592,i,10688210906280870340,13109883657833276941,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4712 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --field-trial-handle=7604,i,10688210906280870340,13109883657833276941,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7784 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --field-trial-handle=7548,i,10688210906280870340,13109883657833276941,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3932 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=8040,i,10688210906280870340,13109883657833276941,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7984 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=8076,i,10688210906280870340,13109883657833276941,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8204 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=8368,i,10688210906280870340,13109883657833276941,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8372 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=7024,i,10688210906280870340,13109883657833276941,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6804 /prefetch:8

C:\Users\Admin\Downloads\AnyDesk.exe

"C:\Users\Admin\Downloads\AnyDesk.exe"

C:\Users\Admin\Downloads\AnyDesk.exe

"C:\Users\Admin\Downloads\AnyDesk.exe" --local-service

C:\Users\Admin\Downloads\AnyDesk.exe

"C:\Users\Admin\Downloads\AnyDesk.exe" --local-control

C:\Users\Admin\Downloads\AnyDesk.exe

"C:\Users\Admin\Downloads\AnyDesk.exe" --backend

C:\Users\Admin\Downloads\resolver.exe

"C:\Users\Admin\Downloads\resolver.exe"

C:\Users\Admin\Downloads\resolver.exe

"C:\Users\Admin\Downloads\resolver.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c title AnyDesk IP resolver

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c color a

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c mode 40,20

C:\Windows\system32\mode.com

mode 40,20

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --field-trial-handle=6700,i,10688210906280870340,13109883657833276941,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1528 /prefetch:1

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=8568,i,10688210906280870340,13109883657833276941,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7788 /prefetch:8

C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe

"C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe" "C:\Users\Admin\Downloads\MyDesk.py"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe

"C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe" --type=crashpad-handler --user-data-dir=C:\Users\Admin\AppData\Roaming\Code /prefetch:4 --no-rate-limit --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\Admin\AppData\Roaming\Code\Crashpad --url=appcenter://code?aid=a4e3233c-699c-46ec-b4f4-9c2a77254662&uid=f60aefc7-09de-4ec9-b3c2-1afe2b29c3b1&iid=f60aefc7-09de-4ec9-b3c2-1afe2b29c3b1&sid=f60aefc7-09de-4ec9-b3c2-1afe2b29c3b1 --annotation=_companyName=Microsoft --annotation=_productName=VSCode --annotation=_version=1.95.1 --annotation=plat=Win64 --annotation=prod=Electron --annotation=ver=32.2.1 --initial-client-data=0x478,0x47c,0x480,0x474,0x484,0x7ff76d3e90b8,0x7ff76d3e90c4,0x7ff76d3e90d0

C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe

"C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe" --type=gpu-process --user-data-dir="C:\Users\Admin\AppData\Roaming\Code" --gpu-preferences=UAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --field-trial-handle=1824,i,10174518477608353684,12719853200694284313,262144 --disable-features=CalculateNativeWinOcclusion,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=1812 /prefetch:2

C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe

"C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-data-dir="C:\Users\Admin\AppData\Roaming\Code" --standard-schemes=vscode-webview,vscode-file --enable-sandbox --secure-schemes=vscode-webview,vscode-file --cors-schemes=vscode-webview,vscode-file --fetch-schemes=vscode-webview,vscode-file --service-worker-schemes=vscode-webview --code-cache-schemes=vscode-webview,vscode-file --field-trial-handle=2360,i,10174518477608353684,12719853200694284313,262144 --disable-features=CalculateNativeWinOcclusion,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=2016 /prefetch:3

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe

"C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\Code" --standard-schemes=vscode-webview,vscode-file --enable-sandbox --secure-schemes=vscode-webview,vscode-file --cors-schemes=vscode-webview,vscode-file --fetch-schemes=vscode-webview,vscode-file --service-worker-schemes=vscode-webview --code-cache-schemes=vscode-webview,vscode-file --app-user-model-id=Microsoft.VisualStudioCode --app-path="C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app" --enable-sandbox --enable-blink-features=HighlightAPI --disable-blink-features=FontMatchingCTMigration, --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=4048,i,14337513804853103066,15096170447192362554,262144 --disable-features=CalculateNativeWinOcclusion,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=4060 --vscode-window-config=vscode:a287d188-d2e3-45d6-936e-040e2d6f4489 /prefetch:1

C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe

"C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\Code" --standard-schemes=vscode-webview,vscode-file --enable-sandbox --secure-schemes=vscode-webview,vscode-file --cors-schemes=vscode-webview,vscode-file --fetch-schemes=vscode-webview,vscode-file --service-worker-schemes=vscode-webview --code-cache-schemes=vscode-webview,vscode-file --app-user-model-id=Microsoft.VisualStudioCode --app-path="C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app" --enable-sandbox --enable-blink-features=HighlightAPI --disable-blink-features=FontMatchingCTMigration, --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=4860,i,14337513804853103066,15096170447192362554,262144 --disable-features=CalculateNativeWinOcclusion,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=4848 --vscode-window-config=vscode:a287d188-d2e3-45d6-936e-040e2d6f4489 /prefetch:1

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

\??\c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\@vscode\vsce-sign\bin\vsce-sign.exe

"c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\@vscode\vsce-sign\bin\vsce-sign.exe" verify --package c:\Users\Admin\AppData\Roaming\Code\CachedExtensionVSIXs\ms-python.debugpy-2024.12.0-win32-x64 --signaturearchive c:\Users\Admin\AppData\Roaming\Code\CachedExtensionVSIXs\.8c5baadf-1377-4df0-8cd6-a92d92b89ab7

\??\c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\@vscode\vsce-sign\bin\vsce-sign.exe

"c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\@vscode\vsce-sign\bin\vsce-sign.exe" verify --package c:\Users\Admin\AppData\Roaming\Code\CachedExtensionVSIXs\ms-python.python-2024.18.0-win32-x64 --signaturearchive c:\Users\Admin\AppData\Roaming\Code\CachedExtensionVSIXs\.5d9d6e9c-dac3-4c76-a1fb-0036b383cdf2

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

\??\c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\@vscode\vsce-sign\bin\vsce-sign.exe

"c:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\@vscode\vsce-sign\bin\vsce-sign.exe" verify --package c:\Users\Admin\AppData\Roaming\Code\CachedExtensionVSIXs\ms-python.vscode-pylance-2024.11.1 --signaturearchive c:\Users\Admin\AppData\Roaming\Code\CachedExtensionVSIXs\.7fac7d64-137f-40f7-a311-16cf1acf7b30

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Users\Admin\Downloads\AnyTools.exe

"C:\Users\Admin\Downloads\AnyTools.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -pss -s 416 -p 6388 -ip 6388

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -u -p 6388 -s 1416

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe

"C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe" "C:\Users\Admin\Downloads\MyDesk.py"

C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe

"C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe" --type=crashpad-handler --user-data-dir=C:\Users\Admin\AppData\Roaming\Code /prefetch:4 --no-rate-limit --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\Admin\AppData\Roaming\Code\Crashpad --url=appcenter://code?aid=a4e3233c-699c-46ec-b4f4-9c2a77254662&uid=f60aefc7-09de-4ec9-b3c2-1afe2b29c3b1&iid=f60aefc7-09de-4ec9-b3c2-1afe2b29c3b1&sid=f60aefc7-09de-4ec9-b3c2-1afe2b29c3b1 --annotation=_companyName=Microsoft --annotation=_productName=VSCode --annotation=_version=1.95.1 --annotation=plat=Win64 --annotation=prod=Electron --annotation=ver=32.2.1 --initial-client-data=0x478,0x47c,0x480,0x474,0x484,0x7ff76d3e90b8,0x7ff76d3e90c4,0x7ff76d3e90d0

C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe

"C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe" --type=gpu-process --user-data-dir="C:\Users\Admin\AppData\Roaming\Code" --gpu-preferences=UAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --field-trial-handle=1900,i,7491285371131550570,4925265096014731930,262144 --disable-features=CalculateNativeWinOcclusion,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=1892 /prefetch:2

C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe

"C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-data-dir="C:\Users\Admin\AppData\Roaming\Code" --standard-schemes=vscode-webview,vscode-file --enable-sandbox --secure-schemes=vscode-webview,vscode-file --cors-schemes=vscode-webview,vscode-file --fetch-schemes=vscode-webview,vscode-file --service-worker-schemes=vscode-webview --code-cache-schemes=vscode-webview,vscode-file --field-trial-handle=2188,i,7491285371131550570,4925265096014731930,262144 --disable-features=CalculateNativeWinOcclusion,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=2024 /prefetch:3

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe

"C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\Code" --standard-schemes=vscode-webview,vscode-file --enable-sandbox --secure-schemes=vscode-webview,vscode-file --cors-schemes=vscode-webview,vscode-file --fetch-schemes=vscode-webview,vscode-file --service-worker-schemes=vscode-webview --code-cache-schemes=vscode-webview,vscode-file --app-user-model-id=Microsoft.VisualStudioCode --app-path="C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app" --enable-sandbox --enable-blink-features=HighlightAPI --disable-blink-features=FontMatchingCTMigration, --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=4908,i,14337513804853103066,15096170447192362554,262144 --disable-features=CalculateNativeWinOcclusion,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=4904 --vscode-window-config=vscode:a287d188-d2e3-45d6-936e-040e2d6f4489 /prefetch:1

C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe

"C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\Code" --standard-schemes=vscode-webview,vscode-file --enable-sandbox --secure-schemes=vscode-webview,vscode-file --cors-schemes=vscode-webview,vscode-file --fetch-schemes=vscode-webview,vscode-file --service-worker-schemes=vscode-webview --code-cache-schemes=vscode-webview,vscode-file --app-user-model-id=Microsoft.VisualStudioCode --app-path="C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app" --enable-sandbox --enable-blink-features=HighlightAPI --disable-blink-features=FontMatchingCTMigration, --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=4816,i,14337513804853103066,15096170447192362554,262144 --disable-features=CalculateNativeWinOcclusion,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=4808 --vscode-window-config=vscode:a287d188-d2e3-45d6-936e-040e2d6f4489 /prefetch:1

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe

"C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\Code.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\Code" --standard-schemes=vscode-webview,vscode-file --enable-sandbox --secure-schemes=vscode-webview,vscode-file --cors-schemes=vscode-webview,vscode-file --fetch-schemes=vscode-webview,vscode-file --service-worker-schemes=vscode-webview --code-cache-schemes=vscode-webview,vscode-file --app-user-model-id=Microsoft.VisualStudioCode --app-path="C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app" --enable-sandbox --enable-blink-features=HighlightAPI --disable-blink-features=FontMatchingCTMigration, --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=4792,i,14337513804853103066,15096170447192362554,262144 --disable-features=CalculateNativeWinOcclusion,SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=4976 --vscode-window-config=vscode:a287d188-d2e3-45d6-936e-040e2d6f4489 /prefetch:1

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

Network

Country Destination Domain Proto
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
US 8.8.8.8:53 232.168.11.51.in-addr.arpa udp
US 8.8.8.8:53 0.205.248.87.in-addr.arpa udp
US 8.8.8.8:53 4.159.190.20.in-addr.arpa udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.179.228:443 www.google.com tcp
US 8.8.8.8:53 3.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 42.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 228.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 ogads-pa.googleapis.com udp
US 8.8.8.8:53 apis.google.com udp
GB 216.58.201.110:443 apis.google.com tcp
GB 142.250.200.10:443 ogads-pa.googleapis.com tcp
GB 142.250.200.10:443 ogads-pa.googleapis.com udp
US 8.8.8.8:53 67.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 110.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 10.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 play.google.com udp
GB 172.217.16.238:443 play.google.com tcp
US 8.8.8.8:53 238.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 clients2.google.com udp
GB 142.250.178.14:443 clients2.google.com tcp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 clients2.googleusercontent.com udp
GB 216.58.213.1:443 clients2.googleusercontent.com tcp
US 8.8.8.8:53 14.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 1.213.58.216.in-addr.arpa udp
US 8.8.8.8:53 217.106.137.52.in-addr.arpa udp
US 8.8.8.8:53 171.39.242.20.in-addr.arpa udp
US 8.8.8.8:53 212.20.149.52.in-addr.arpa udp
US 8.8.8.8:53 69.190.18.2.in-addr.arpa udp
US 8.8.8.8:53 github.com udp
GB 20.26.156.215:443 github.com tcp
GB 20.26.156.215:443 github.com tcp
US 8.8.8.8:53 github.githubassets.com udp
US 8.8.8.8:53 avatars.githubusercontent.com udp
US 185.199.109.154:443 github.githubassets.com tcp
US 185.199.109.154:443 github.githubassets.com tcp
US 185.199.109.154:443 github.githubassets.com tcp
US 185.199.109.154:443 github.githubassets.com tcp
US 185.199.109.154:443 github.githubassets.com tcp
US 185.199.109.154:443 github.githubassets.com tcp
US 8.8.8.8:53 user-images.githubusercontent.com udp
US 185.199.110.133:443 user-images.githubusercontent.com tcp
US 8.8.8.8:53 github-cloud.s3.amazonaws.com udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 142.250.180.10:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 collector.github.com udp
US 185.199.109.154:443 github.githubassets.com tcp
US 8.8.8.8:53 api.github.com udp
US 140.82.112.21:443 collector.github.com tcp
US 140.82.112.21:443 collector.github.com tcp
GB 20.26.156.210:443 api.github.com tcp
GB 142.250.180.10:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 154.109.199.185.in-addr.arpa udp
US 8.8.8.8:53 215.156.26.20.in-addr.arpa udp
US 8.8.8.8:53 133.110.199.185.in-addr.arpa udp
US 8.8.8.8:53 210.156.26.20.in-addr.arpa udp
US 8.8.8.8:53 21.112.82.140.in-addr.arpa udp
US 8.8.8.8:53 objects.githubusercontent.com udp
US 185.199.110.133:443 objects.githubusercontent.com tcp
US 8.8.8.8:53 30.243.111.52.in-addr.arpa udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
GB 216.58.213.3:443 beacons.gcp.gvt2.com tcp
US 8.8.8.8:53 3.213.58.216.in-addr.arpa udp
US 8.8.8.8:53 95.16.208.104.in-addr.arpa udp
GB 216.58.213.3:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 133.211.185.52.in-addr.arpa udp
US 8.8.8.8:53 api.github.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 collector.github.com udp
GB 142.250.180.4:443 www.google.com udp
US 140.82.114.21:443 collector.github.com tcp
GB 20.26.156.210:443 api.github.com tcp
US 8.8.8.8:53 ogads-pa.googleapis.com udp
GB 172.217.169.74:443 ogads-pa.googleapis.com udp
US 8.8.8.8:53 4.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 21.114.82.140.in-addr.arpa udp
US 8.8.8.8:53 74.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.187.206:443 play.google.com udp
US 8.8.8.8:53 206.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 ssl.gstatic.com udp
GB 216.58.204.67:443 ssl.gstatic.com tcp
US 8.8.8.8:53 dns-tunnel-check.googlezip.net udp
US 8.8.8.8:53 tunnel.googlezip.net udp
US 8.8.8.8:53 35.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 226.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 67.204.58.216.in-addr.arpa udp
US 216.239.34.157:443 tunnel.googlezip.net tcp
GB 172.217.169.74:443 ogads-pa.googleapis.com tcp
GB 172.217.169.74:443 ogads-pa.googleapis.com udp
US 216.239.34.157:443 tunnel.googlezip.net tcp
US 8.8.8.8:53 227.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 157.34.239.216.in-addr.arpa udp
GB 142.250.187.206:443 play.google.com tcp
US 8.8.8.8:53 consent.google.com udp
GB 172.217.16.238:443 consent.google.com tcp
US 8.8.8.8:53 encrypted-tbn0.gstatic.com udp
US 8.8.8.8:53 encrypted-tbn1.gstatic.com udp
US 8.8.8.8:53 encrypted-tbn3.gstatic.com udp
US 8.8.8.8:53 encrypted-tbn2.gstatic.com udp
GB 142.250.187.238:443 encrypted-tbn1.gstatic.com tcp
GB 142.250.187.238:443 encrypted-tbn1.gstatic.com tcp
GB 142.250.200.46:443 encrypted-tbn2.gstatic.com tcp
GB 142.250.180.14:443 encrypted-tbn3.gstatic.com tcp
GB 142.250.180.14:443 encrypted-tbn3.gstatic.com tcp
GB 142.250.200.46:443 encrypted-tbn2.gstatic.com tcp
US 8.8.8.8:53 238.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 46.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 code.visualstudio.com udp
US 8.8.8.8:53 consentdeliveryfd.azurefd.net udp
US 8.8.8.8:53 js.monitor.azure.com udp
US 13.107.246.65:443 js.monitor.azure.com tcp
US 13.107.246.65:443 js.monitor.azure.com tcp
US 13.107.246.65:443 js.monitor.azure.com tcp
US 13.107.246.65:443 js.monitor.azure.com tcp
US 13.107.246.65:443 js.monitor.azure.com tcp
US 13.107.246.65:443 js.monitor.azure.com tcp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 142.250.200.42:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 65.246.107.13.in-addr.arpa udp
US 8.8.8.8:53 browser.events.data.microsoft.com udp
IE 13.69.239.78:443 browser.events.data.microsoft.com tcp
IE 13.69.239.78:443 browser.events.data.microsoft.com tcp
US 8.8.8.8:53 42.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 marketplace.visualstudio.com udp
US 23.192.22.93:443 www.microsoft.com tcp
US 13.107.42.18:443 marketplace.visualstudio.com tcp
US 8.8.8.8:53 web.vortex.data.microsoft.com udp
US 8.8.8.8:53 assets.onestore.ms udp
US 8.8.8.8:53 mem.gfx.ms udp
US 8.8.8.8:53 microsoftwindows.112.2o7.net udp
US 13.107.246.65:443 mem.gfx.ms tcp
GB 184.87.176.59:443 assets.onestore.ms tcp
IE 66.235.152.225:443 microsoftwindows.112.2o7.net tcp
US 8.8.8.8:53 vscode.download.prss.microsoft.com udp
US 152.199.21.175:443 vscode.download.prss.microsoft.com tcp
US 8.8.8.8:53 ms-python.gallerycdn.vsassets.io udp
US 8.8.8.8:53 ms-vscode.gallerycdn.vsassets.io udp
US 8.8.8.8:53 github.gallerycdn.vsassets.io udp
US 8.8.8.8:53 vscjava.gallerycdn.vsassets.io udp
FR 68.232.34.200:443 vscjava.gallerycdn.vsassets.io tcp
FR 68.232.34.200:443 vscjava.gallerycdn.vsassets.io tcp
US 8.8.8.8:53 78.239.69.13.in-addr.arpa udp
US 8.8.8.8:53 93.22.192.23.in-addr.arpa udp
US 8.8.8.8:53 18.42.107.13.in-addr.arpa udp
FR 68.232.34.200:443 vscjava.gallerycdn.vsassets.io tcp
US 8.8.8.8:53 59.176.87.184.in-addr.arpa udp
US 8.8.8.8:53 163.117.19.2.in-addr.arpa udp
US 8.8.8.8:53 225.152.235.66.in-addr.arpa udp
FR 68.232.34.200:443 vscjava.gallerycdn.vsassets.io tcp
US 8.8.8.8:53 175.21.199.152.in-addr.arpa udp
US 8.8.8.8:53 200.34.232.68.in-addr.arpa udp
US 8.8.8.8:53 default.exp-tas.com udp
US 8.8.8.8:53 default.exp-tas.com udp
US 13.107.5.93:443 default.exp-tas.com tcp
US 8.8.8.8:53 93.5.107.13.in-addr.arpa udp
US 8.8.8.8:53 az764295.vo.msecnd.net udp
US 8.8.8.8:53 az764295.vo.msecnd.net udp
US 152.199.19.160:443 az764295.vo.msecnd.net tcp
US 8.8.8.8:53 160.19.199.152.in-addr.arpa udp
US 8.8.8.8:53 az764295.vo.msecnd.net udp
US 8.8.8.8:53 az764295.vo.msecnd.net udp
US 152.199.19.160:443 az764295.vo.msecnd.net tcp
US 8.8.8.8:53 mobile.events.data.microsoft.com udp
US 20.189.173.8:443 mobile.events.data.microsoft.com tcp
US 8.8.8.8:53 mobile.events.data.microsoft.com udp
US 8.8.8.8:53 mobile.events.data.microsoft.com udp
US 20.189.173.8:443 mobile.events.data.microsoft.com tcp
US 8.8.8.8:53 8.173.189.20.in-addr.arpa udp
US 8.8.8.8:53 github-cloud.s3.amazonaws.com udp
US 8.8.8.8:53 user-images.githubusercontent.com udp
US 8.8.8.8:53 github.com udp
GB 20.26.156.215:443 github.com tcp
US 8.8.8.8:53 api.github.com udp
GB 20.26.156.210:443 api.github.com tcp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
GB 216.58.213.3:443 beacons.gcp.gvt2.com tcp
US 8.8.8.8:53 www.google.com udp
GB 142.250.179.228:443 www.google.com udp
GB 172.217.169.74:443 ogads-pa.googleapis.com udp
GB 142.250.187.206:443 www.youtube.com udp
US 8.8.8.8:53 collector.github.com udp
US 140.82.114.21:443 collector.github.com tcp
US 8.8.8.8:53 lens.google.com udp
GB 142.250.200.14:443 lens.google.com tcp
US 8.8.8.8:53 14.200.250.142.in-addr.arpa udp
GB 142.250.200.42:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 objects.githubusercontent.com udp
GB 142.250.179.228:443 www.google.com udp
GB 172.217.169.74:443 ogads-pa.googleapis.com udp
GB 142.250.187.206:443 www.youtube.com udp
US 8.8.8.8:53 id.google.com udp
JP 172.217.161.35:443 id.google.com tcp
US 216.239.34.157:443 tunnel.googlezip.net tcp
GB 172.217.169.74:443 ogads-pa.googleapis.com udp
US 8.8.8.8:53 i.ytimg.com udp
GB 142.250.187.214:443 i.ytimg.com tcp
GB 142.250.187.214:443 i.ytimg.com tcp
JP 172.217.161.35:443 id.google.com tcp
US 8.8.8.8:53 214.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 35.161.217.172.in-addr.arpa udp
US 8.8.8.8:53 www.youtube.com udp
GB 216.58.212.238:443 www.youtube.com udp
GB 216.58.212.238:443 www.youtube.com tcp
GB 216.58.212.238:443 www.youtube.com udp
GB 142.250.187.214:443 i.ytimg.com tcp
US 216.239.34.157:443 tunnel.googlezip.net tcp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
US 8.8.8.8:53 static.doubleclick.net udp
GB 172.217.169.2:443 googleads.g.doubleclick.net tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 142.250.179.230:443 static.doubleclick.net tcp
GB 172.217.16.234:443 jnn-pa.googleapis.com tcp
GB 172.217.169.2:443 googleads.g.doubleclick.net udp
GB 172.217.16.234:443 jnn-pa.googleapis.com udp
GB 142.250.187.206:443 www.youtube.com udp
GB 142.250.187.206:443 www.youtube.com tcp
GB 142.250.187.206:443 www.youtube.com tcp
GB 142.250.187.206:443 www.youtube.com udp
US 8.8.8.8:53 238.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 2.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 230.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 234.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 github.com udp
GB 20.26.156.215:443 github.com tcp
GB 216.58.213.3:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 github-cloud.s3.amazonaws.com udp
GB 142.250.200.42:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 collector.github.com udp
US 8.8.8.8:53 api.github.com udp
GB 20.26.156.210:443 api.github.com tcp
US 8.8.8.8:53 www.google.com udp
GB 142.250.179.228:443 www.google.com udp
US 8.8.8.8:53 google.com udp
GB 216.58.213.3:443 beacons.gcp.gvt2.com tcp
GB 142.250.200.14:443 google.com tcp
GB 172.217.169.74:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.187.206:443 play.google.com udp
GB 216.58.213.3:443 beacons.gcp.gvt2.com udp
JP 172.217.161.35:443 id.google.com udp
US 8.8.8.8:53 e2c7.gcp.gvt2.com udp
IN 34.131.78.121:443 e2c7.gcp.gvt2.com tcp
US 216.239.34.157:443 tunnel.googlezip.net tcp
GB 172.217.169.74:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 216.58.213.10:443 content-autofill.googleapis.com tcp
US 216.239.34.157:443 tunnel.googlezip.net tcp
US 8.8.8.8:53 10.213.58.216.in-addr.arpa udp
US 8.8.8.8:53 121.78.131.34.in-addr.arpa udp
GB 142.250.187.206:443 play.google.com udp
US 8.8.8.8:53 beacons.gvt2.com udp
US 8.8.8.8:53 anydesk.com udp
US 8.8.8.8:53 js.hs-scripts.com udp
US 8.8.8.8:53 www.recaptcha.net udp
US 8.8.8.8:53 ad-wa.anydesk.com udp
FR 18.244.28.63:443 anydesk.com tcp
FR 18.244.28.63:443 anydesk.com tcp
FR 18.244.28.63:443 anydesk.com tcp
FR 18.244.28.63:443 anydesk.com tcp
FR 18.244.28.63:443 anydesk.com tcp
FR 18.244.28.63:443 anydesk.com tcp
US 104.16.140.209:443 js.hs-scripts.com tcp
GB 142.250.187.195:443 www.recaptcha.net tcp
DE 167.235.224.171:443 ad-wa.anydesk.com tcp
DE 167.235.224.171:443 ad-wa.anydesk.com tcp
US 8.8.8.8:53 8.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 63.28.244.18.in-addr.arpa udp
US 8.8.8.8:53 209.140.16.104.in-addr.arpa udp
US 8.8.8.8:53 195.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 js.hubspot.com udp
US 8.8.8.8:53 js.usemessages.com udp
US 8.8.8.8:53 js.hs-banner.com udp
US 8.8.8.8:53 js.hs-analytics.net udp
US 172.64.147.16:443 js.hs-banner.com tcp
US 104.17.175.201:443 js.hs-analytics.net tcp
US 104.16.76.142:443 js.usemessages.com tcp
US 104.16.118.116:443 js.hubspot.com tcp
US 8.8.8.8:53 tracking.g2crowd.com udp
US 8.8.8.8:53 www.anydesk.com udp
US 104.18.31.176:443 tracking.g2crowd.com tcp
US 172.64.147.16:443 js.hs-banner.com tcp
US 8.8.8.8:53 cdn.cookielaw.org udp
GB 216.58.213.10:443 content-autofill.googleapis.com tcp
GB 216.58.213.10:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 cta-service-cms2.hubspot.com udp
US 8.8.8.8:53 171.224.235.167.in-addr.arpa udp
US 8.8.8.8:53 16.147.64.172.in-addr.arpa udp
US 8.8.8.8:53 201.175.17.104.in-addr.arpa udp
US 8.8.8.8:53 116.118.16.104.in-addr.arpa udp
US 8.8.8.8:53 142.76.16.104.in-addr.arpa udp
US 8.8.8.8:53 176.31.18.104.in-addr.arpa udp
US 8.8.8.8:53 api.hubspot.com udp
US 104.18.86.42:443 cdn.cookielaw.org tcp
US 104.18.86.42:443 cdn.cookielaw.org tcp
GB 216.58.213.10:443 content-autofill.googleapis.com udp
GB 142.250.187.195:443 www.recaptcha.net tcp
US 8.8.8.8:53 perf-na1.hsforms.com udp
US 104.18.80.204:443 perf-na1.hsforms.com tcp
US 104.18.86.42:443 cdn.cookielaw.org tcp
US 8.8.8.8:53 geolocation.onetrust.com udp
US 172.64.155.119:443 geolocation.onetrust.com tcp
GB 142.250.179.228:443 www.google.com tcp
GB 142.250.187.195:443 www.recaptcha.net udp
FR 18.244.28.63:443 www.anydesk.com tcp
US 8.8.8.8:53 track.hubspot.com udp
GB 142.250.179.228:443 www.google.com tcp
US 8.8.8.8:53 www.dwin1.com udp
US 8.8.8.8:53 serve.albacross.com udp
US 104.16.118.116:443 track.hubspot.com tcp
US 8.8.8.8:53 scripts.iconnode.com udp
US 8.8.8.8:53 app.hubspot.com udp
GB 142.250.187.195:443 www.recaptcha.net udp
US 8.8.8.8:53 connect.facebook.net udp
US 8.8.8.8:53 42.86.18.104.in-addr.arpa udp
US 8.8.8.8:53 204.80.18.104.in-addr.arpa udp
US 8.8.8.8:53 119.155.64.172.in-addr.arpa udp
GB 163.70.151.21:443 connect.facebook.net tcp
US 104.18.80.204:443 perf-na1.hsforms.com udp
GB 142.250.179.228:443 www.google.com udp
FR 99.86.91.24:443 www.dwin1.com tcp
FR 99.86.91.90:443 serve.albacross.com tcp
FR 18.164.52.33:443 scripts.iconnode.com tcp
FR 99.86.91.24:443 www.dwin1.com tcp
FR 99.86.91.90:443 serve.albacross.com tcp
US 8.8.8.8:53 21.151.70.163.in-addr.arpa udp
US 8.8.8.8:53 download.anydesk.com udp
US 104.16.117.116:443 app.hubspot.com tcp
US 8.8.8.8:53 12375076.fls.doubleclick.net udp
DE 159.69.19.197:443 download.anydesk.com tcp
GB 142.250.200.6:443 12375076.fls.doubleclick.net tcp
GB 142.250.200.6:443 12375076.fls.doubleclick.net tcp
US 8.8.8.8:53 snap.licdn.com udp
DE 159.69.19.197:443 download.anydesk.com tcp
GB 2.19.117.161:443 snap.licdn.com tcp
GB 163.70.151.21:443 connect.facebook.net udp
US 8.8.8.8:53 stats.g.doubleclick.net udp
US 8.8.8.8:53 lantern.roeyecdn.com udp
GB 142.250.200.6:443 12375076.fls.doubleclick.net udp
US 8.8.8.8:53 px.ads.linkedin.com udp
BE 142.251.173.155:443 stats.g.doubleclick.net tcp
US 8.8.8.8:53 www.facebook.com udp
FR 3.165.113.102:443 lantern.roeyecdn.com tcp
US 13.107.42.14:443 px.ads.linkedin.com tcp
BE 142.251.173.155:443 stats.g.doubleclick.net tcp
GB 163.70.151.35:443 www.facebook.com tcp
GB 163.70.151.35:443 www.facebook.com tcp
US 8.8.8.8:53 static.hsappstatic.net udp
US 8.8.8.8:53 24.91.86.99.in-addr.arpa udp
US 8.8.8.8:53 90.91.86.99.in-addr.arpa udp
US 8.8.8.8:53 78.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 33.52.164.18.in-addr.arpa udp
US 8.8.8.8:53 116.117.16.104.in-addr.arpa udp
US 8.8.8.8:53 197.19.69.159.in-addr.arpa udp
US 8.8.8.8:53 6.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 161.117.19.2.in-addr.arpa udp
US 8.8.8.8:53 102.113.165.3.in-addr.arpa udp
US 8.8.8.8:53 14.42.107.13.in-addr.arpa udp
US 104.17.173.91:443 static.hsappstatic.net tcp
US 104.17.173.91:443 static.hsappstatic.net tcp
US 104.17.173.91:443 static.hsappstatic.net tcp
US 104.17.173.91:443 static.hsappstatic.net tcp
US 8.8.8.8:53 exceptions.hubspot.com udp
US 104.16.117.116:443 exceptions.hubspot.com tcp
US 8.8.8.8:53 155.173.251.142.in-addr.arpa udp
US 8.8.8.8:53 35.151.70.163.in-addr.arpa udp
US 8.8.8.8:53 34.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 91.173.17.104.in-addr.arpa udp
US 8.8.8.8:53 new-collect.albacross.com udp
IE 18.200.1.158:443 new-collect.albacross.com tcp
US 8.8.8.8:53 158.1.200.18.in-addr.arpa udp
US 8.8.8.8:53 boot.net.anydesk.com udp
SG 15.235.218.150:443 boot.net.anydesk.com tcp
US 8.8.8.8:53 150.218.235.15.in-addr.arpa udp
US 8.8.8.8:53 relay-98c428ee.net.anydesk.com udp
GB 195.181.165.154:443 relay-98c428ee.net.anydesk.com tcp
US 8.8.8.8:53 154.165.181.195.in-addr.arpa udp
US 8.8.8.8:53 api.playanext.com udp
FR 3.162.38.60:80 api.playanext.com tcp
US 8.8.8.8:53 7940397.fs1.hubspotusercontent-na1.net udp
US 172.64.146.132:443 7940397.fs1.hubspotusercontent-na1.net tcp
US 8.8.8.8:53 metrics-fe-na1.hubspot.com udp
US 8.8.8.8:53 60.38.162.3.in-addr.arpa udp
US 8.8.8.8:53 132.146.64.172.in-addr.arpa udp
US 8.8.8.8:53 a.nel.cloudflare.com udp
US 35.190.80.1:443 a.nel.cloudflare.com tcp
US 35.190.80.1:443 a.nel.cloudflare.com tcp
US 35.190.80.1:443 a.nel.cloudflare.com udp
US 35.190.80.1:443 a.nel.cloudflare.com udp
GB 216.58.213.3:443 beacons.gcp.gvt2.com udp
GB 142.250.200.14:443 google.com udp
US 8.8.8.8:53 1.80.190.35.in-addr.arpa udp
NL 109.236.81.168:7070 tcp
N/A 10.2.0.2:7070 tcp
US 26.245.227.159:7070 tcp
NL 109.236.81.168:19316 tcp
N/A 192.168.1.137:7070 tcp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
GB 216.58.213.3:443 beacons.gcp.gvt2.com udp
GB 216.58.213.3:443 beacons.gcp.gvt2.com tcp
GB 216.58.213.3:443 beacons.gcp.gvt2.com tcp
GB 216.58.213.3:443 beacons.gcp.gvt2.com tcp
US 8.8.8.8:53 new-collect.albacross.com udp
IE 54.76.185.157:443 new-collect.albacross.com tcp
US 8.8.8.8:53 157.185.76.54.in-addr.arpa udp
GB 142.250.187.195:443 www.recaptcha.net udp
GB 216.58.213.3:443 beacons.gcp.gvt2.com udp
US 152.199.19.160:443 az764295.vo.msecnd.net tcp
GB 216.58.213.3:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 new-collect.albacross.com udp
US 8.8.8.8:53 github-cloud.s3.amazonaws.com udp
US 8.8.8.8:53 github.com udp
GB 20.26.156.215:443 github.com tcp
US 8.8.8.8:53 api.github.com udp
GB 20.26.156.210:443 api.github.com tcp
GB 142.250.179.228:443 www.google.com udp
US 8.8.8.8:53 play.google.com udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
GB 172.217.16.238:443 play.google.com udp
GB 216.58.204.66:443 googleads.g.doubleclick.net udp
US 8.8.8.8:53 66.204.58.216.in-addr.arpa udp
US 185.199.109.154:443 github.githubassets.com tcp
US 8.8.8.8:53 collector.github.com udp
US 140.82.114.21:443 collector.github.com tcp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 216.58.204.74:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 74.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 raw.githubusercontent.com udp
US 185.199.108.133:443 raw.githubusercontent.com tcp
US 8.8.8.8:53 133.108.199.185.in-addr.arpa udp
US 8.8.8.8:53 marketplace.visualstudio.com udp
US 8.8.8.8:53 marketplace.visualstudio.com udp
US 13.107.42.18:443 marketplace.visualstudio.com tcp
US 8.8.8.8:53 mobile.events.data.microsoft.com udp
US 8.8.8.8:53 mobile.events.data.microsoft.com udp
US 20.42.65.89:443 mobile.events.data.microsoft.com tcp
US 8.8.8.8:53 89.65.42.20.in-addr.arpa udp
US 8.8.8.8:53 ms-python.gallerycdn.vsassets.io udp
US 8.8.8.8:53 ms-python.gallerycdn.vsassets.io udp
FR 68.232.34.200:443 ms-python.gallerycdn.vsassets.io tcp
FR 68.232.34.200:443 ms-python.gallerycdn.vsassets.io tcp
FR 68.232.34.200:443 ms-python.gallerycdn.vsassets.io tcp
US 8.8.8.8:53 ms-python.gallerycdn.vsassets.io udp
US 8.8.8.8:53 ms-python.gallerycdn.vsassets.io udp
FR 68.232.34.200:443 ms-python.gallerycdn.vsassets.io tcp
US 8.8.8.8:53 marketplace.visualstudio.com udp
US 8.8.8.8:53 marketplace.visualstudio.com udp
US 13.107.42.18:443 marketplace.visualstudio.com tcp
US 8.8.8.8:53 raw.githubusercontent.com udp
US 8.8.8.8:53 raw.githubusercontent.com udp
US 185.199.108.133:443 raw.githubusercontent.com tcp
US 185.199.108.133:443 raw.githubusercontent.com tcp
US 185.199.108.133:443 raw.githubusercontent.com tcp
US 185.199.108.133:443 raw.githubusercontent.com tcp
US 8.8.8.8:53 ms-python.gallery.vsassets.io udp
US 8.8.8.8:53 ms-python.gallery.vsassets.io udp
US 13.107.6.175:443 ms-python.gallery.vsassets.io tcp
US 13.107.6.175:443 ms-python.gallery.vsassets.io tcp
US 13.107.6.175:443 ms-python.gallery.vsassets.io tcp
US 8.8.8.8:53 175.6.107.13.in-addr.arpa udp
GB 20.26.156.215:443 github.com tcp
GB 20.26.156.210:443 api.github.com tcp
GB 216.58.204.74:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 api.github.com udp
US 8.8.8.8:53 collector.github.com udp
GB 216.58.213.3:443 beacons.gcp.gvt2.com udp
GB 216.58.213.3:443 beacons.gcp.gvt2.com udp
GB 216.58.213.3:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 beacons5.gvt3.com udp
GB 172.217.169.35:443 beacons5.gvt3.com tcp
US 8.8.8.8:53 35.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 marketplace.visualstudio.com udp
US 8.8.8.8:53 marketplace.visualstudio.com udp
US 8.8.8.8:53 benjamin-simmonds.gallerycdn.vsassets.io udp
US 8.8.8.8:53 benjamin-simmonds.gallerycdn.vsassets.io udp
US 8.8.8.8:53 kaih2o.gallerycdn.vsassets.io udp
US 8.8.8.8:53 kaih2o.gallerycdn.vsassets.io udp
US 8.8.8.8:53 xirider.gallerycdn.vsassets.io udp
US 8.8.8.8:53 xirider.gallerycdn.vsassets.io udp
US 8.8.8.8:53 076923.gallerycdn.vsassets.io udp
US 8.8.8.8:53 076923.gallerycdn.vsassets.io udp
US 8.8.8.8:53 almenon.gallerycdn.vsassets.io udp
US 8.8.8.8:53 almenon.gallerycdn.vsassets.io udp
US 8.8.8.8:53 dongli.gallerycdn.vsassets.io udp
US 8.8.8.8:53 dongli.gallerycdn.vsassets.io udp
US 8.8.8.8:53 mobile.events.data.microsoft.com udp
US 8.8.8.8:53 mobile.events.data.microsoft.com udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
GB 216.58.213.3:443 beacons.gcp.gvt2.com udp
GB 216.58.213.3:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 mobile.events.data.microsoft.com udp
US 8.8.8.8:53 mobile.events.data.microsoft.com udp
US 8.8.8.8:53 az764295.vo.msecnd.net udp
US 8.8.8.8:53 az764295.vo.msecnd.net udp
US 152.199.19.160:443 az764295.vo.msecnd.net tcp

Files

C:\Users\Admin\AppData\Local\Microsoft\Windows Media\12.0\WMSDKNS.XML

MD5 5433eab10c6b5c6d55b7cbd302426a39
SHA1 c5b1604b3350dab290d081eecd5389a895c58de5
SHA256 23dbf7014e99e93af5f2760f18ee1370274f06a453145c8d539b66d798dad131
SHA512 207b40d6bec65ab147f963a5f42263ae5bf39857987b439a4fa1647bf9b40e99cdc43ff68b7e2463aa9a948284126ac3c9c7af8350c91134b36d8b1a9c61fd34

C:\Users\Admin\AppData\Local\Microsoft\Windows Media\12.0\WMSDKNS.DTD

MD5 90be2701c8112bebc6bd58a7de19846e
SHA1 a95be407036982392e2e684fb9ff6602ecad6f1e
SHA256 644fbcdc20086e16d57f31c5bad98be68d02b1c061938d2f5f91cbe88c871fbf
SHA512 d618b473b68b48d746c912ac5fc06c73b047bd35a44a6efc7a859fe1162d68015cf69da41a5db504dcbc4928e360c095b32a3b7792fcc6a38072e1ebd12e7cbe

C:\Users\Admin\AppData\Local\Microsoft\Windows Media\12.0\WMSDKNS.XML.bak

MD5 7050d5ae8acfbe560fa11073fef8185d
SHA1 5bc38e77ff06785fe0aec5a345c4ccd15752560e
SHA256 cb87767c4a384c24e4a0f88455f59101b1ae7b4fb8de8a5adb4136c5f7ee545b
SHA512 a7a295ac8921bb3dde58d4bcde9372ed59def61d4b7699057274960fa8c1d1a1daff834a93f7a0698e9e5c16db43af05e9fd2d6d7c9232f7d26ffcff5fc5900b

C:\Users\Admin\AppData\Local\Microsoft\Media Player\CurrentDatabase_400.wmdb

MD5 abd6e30d10d84d9ee71512830abaa2b6
SHA1 1362922afaaa2bf8f3a75dd90c898d33dabb2362
SHA256 20a1a5e8791942ddf91d803be70ed316cdfb94dd980e340603eedb6c5fa2bbb5
SHA512 7ed0998ac50c772727d36311e5c99912f53403ed64a17848032569aaa9029dc5e3b5f5709936cda7d1417179aa61f207217359a6b43dab321a0323f524091bc1

C:\Users\Admin\AppData\Local\Temp\wmsetup.log

MD5 ffe138e3a9c34ebd81a1be6e609c5333
SHA1 2fa2e67050360ce8eebde911c0d1ea08952bfd58
SHA256 c6974a5b5d41c8d3d6baddf5f5e81141d26f67e7227d83db9c4cee0a8708aede
SHA512 aaed8c002a59880f4ebf26b42059850ad284cab9ff23baf570004f2c0fe270910c6b9af4377b34f7d76ace7cd461c5a0420f6aea684648889ac6ec855c041a28

memory/2536-32-0x00000000043F0000-0x0000000004400000-memory.dmp

memory/2536-30-0x00000000043F0000-0x0000000004400000-memory.dmp

memory/2536-29-0x00000000043F0000-0x0000000004400000-memory.dmp

memory/2536-31-0x00000000043F0000-0x0000000004400000-memory.dmp

memory/2536-34-0x00000000043F0000-0x0000000004400000-memory.dmp

memory/2536-33-0x00000000043F0000-0x0000000004400000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Media Player\CurrentDatabase_400.wmdb

MD5 05a7e730c247a1be251981a1503243d0
SHA1 6c9d4fcf9546a95150e39da4973baa130eb8ad20
SHA256 648231dbc7d666fc1e0f317cba6a6f51c6da4f38dccd14f64970317a5cd86512
SHA512 7e58ad433f092d33eae158a4aad35c53650322a6af7066ef071eaadfc43511006f36c1ce13973d450ed4f1d4f41911f33a094e60516c7c0f6631198cc125e630

memory/2536-37-0x00000000043F0000-0x0000000004400000-memory.dmp

\??\pipe\crashpad_1384_CQSDPDAZHFPYOPFH

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Temp\scoped_dir1384_39655163\7ada65bf-bbe4-4aad-8f52-c54361905827.tmp

MD5 da75bb05d10acc967eecaac040d3d733
SHA1 95c08e067df713af8992db113f7e9aec84f17181
SHA256 33ae9b8f06dc777bb1a65a6ba6c3f2a01b25cd1afc291426b46d1df27ea6e7e2
SHA512 56533de53872f023809a20d1ea8532cdc2260d40b05c5a7012c8e61576ff092f006a197f759c92c6b8c429eeec4bb542073b491ddcfd5b22cd4ecbe1a8a7c6ef

C:\Users\Admin\AppData\Local\Temp\scoped_dir1384_39655163\CRX_INSTALL\_locales\en_CA\messages.json

MD5 558659936250e03cc14b60ebf648aa09
SHA1 32f1ce0361bbfdff11e2ffd53d3ae88a8b81a825
SHA256 2445cad863be47bb1c15b57a4960b7b0d01864e63cdfde6395f3b2689dc1444b
SHA512 1632f5a3cd71887774bf3cb8a4d8b787ea6278271657b0f1d113dbe1a7fd42c4daa717cc449f157ce8972037572b882dc946a7dc2c0e549d71982dcdee89f727

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.83.1_0\dasherSettingSchema.json

MD5 4ec1df2da46182103d2ffc3b92d20ca5
SHA1 fb9d1ba3710cf31a87165317c6edc110e98994ce
SHA256 6c69ce0fe6fab14f1990a320d704fee362c175c00eb6c9224aa6f41108918ca6
SHA512 939d81e6a82b10ff73a35c931052d8d53d42d915e526665079eeb4820df4d70f1c6aebab70b59519a0014a48514833fefd687d5a3ed1b06482223a168292105d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.83.1_0\_locales\en_CA\messages.json

MD5 07ffbe5f24ca348723ff8c6c488abfb8
SHA1 6dc2851e39b2ee38f88cf5c35a90171dbea5b690
SHA256 6895648577286002f1dc9c3366f558484eb7020d52bbf64a296406e61d09599c
SHA512 7ed2c8db851a84f614d5daf1d5fe633bd70301fd7ff8a6723430f05f642ceb3b1ad0a40de65b224661c782ffcec69d996ebe3e5bb6b2f478181e9a07d8cd41f6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

MD5 627db2e802e8efd8cc76b29364d03769
SHA1 b6277d734dc7d0bc2a327f74fb33659575cefd14
SHA256 3c9349ade3528190304e03ccded4cf9afe8d855fa007a18103fce179aaa7cfb1
SHA512 c46856a59523153f76f8a66b6dc5f3db1f987488ff4483eadfc63ff2b0efc1819ef9b1d6328cf01e811764b4868d2425bf78e78572d464bf34a17d0942f9cca8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 2b59730388b496fae1e05de59945f44f
SHA1 df4d73afc7c83df4a39eb3fd9d9f746882977dd6
SHA256 6d9d012212c074ccea06e1d7c6e96ae363109a607984310a7f8ac820cbdba32c
SHA512 fa7e01c69ee84e219f154dd3c0b0a4da0716d4b8cf2981672d0e2c48f5dcf347dbe87bb50e0f8e016621fd72a25839b163275d21c1831a553e66121d04957880

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 70c44d5003ba888fa6be3c9947fb52a2
SHA1 b5bb0abb1ee1a46b814a75122c01100d5ff90d08
SHA256 957c00672cd3f8edde00ff2eb44896b4d25e1d2e5cd1251eb975ed4e28822107
SHA512 ddbe6474f21e6b62914c4311920e8431782f1787077df140923f7e4855e69770686a05f828d39c920d2a78532e274592f8841920ea54af370f795f5bfecdaa20

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 7b5cf1a33ebfb40c46063524dcef23a8
SHA1 eb8b7a7b4f51ff9c3f8f5b31b25c0d3a4269c584
SHA256 dead66ea1e49e727cfa29a7f5b18a58f3a5246dc9e5bed9fe3f4bca45dd28d3b
SHA512 ffb098f023188d8c32208a75b2d6afc76434094ac4e80dbb8535a47b84737a5e3b45ffb89105d744717be6b52d7716f951993430762c05832ee43ca6cf5d7fdf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

MD5 171a9d9e649021689bebb1658cf31d5f
SHA1 9d27ba060a2002178e1de7972821793672e05a6e
SHA256 9e935bae92e907cefa87b2006a10f60b1c54569e53495653abfae8ff39618884
SHA512 1d468ecc363863ac3fcd2205b35fb97318c9bbd8e20cd63e2d26234c333e73ea54a4ea52bc67f4d82f31f2a16c65458145cde25f523a682619d71a173d778e4f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 682f62eb039b6878d9ef3538d41ee9b1
SHA1 854b0a893651d4d064ecc60ae3fdcd3249996f41
SHA256 3846d0f568a755c31174d137d2b0431ffbccdca66c41dd15ec4c2238e5edf5ce
SHA512 21141875069bfe8cfc40859a6dc0df35505f4ca423ad2c80f3a3f3cacdfeda647164bf395bbaef4da4750ba9608f215429a9a7b53a09920c01b501320e82ebce

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1d39df5494d7a0df00c2b4165639f73c
SHA1 dd047a1f736d966f7cbb9cac99bd561ce77a0429
SHA256 2d4306f3a220464bcdbf612a24465623da93636aabe1d80c9b06b4d4f153f638
SHA512 d7f6df82181a3891f71a8661cdbdee8f485db393c9a42262f417a5c1f3a43c72771efd4a48a9ab08b911762e21a8fb1179bd1547b2d72093ce62e4ff60542982

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8861ccdf9bf6ef00cdf5afc39b070d57
SHA1 c1715fd6b84aa67bae107cf5df48128502088056
SHA256 bb0cc6fe9ec9c6fad5aa8f84aa7fa507b229be91d8b8d4a20ff1a43f68bf528b
SHA512 3ca725ec84d07647f3c177b55d8dd69377ad851c90ed4029c18b217432527a458affc0bf9d074e9a8dd6a4afeed083469a2bf794d48a76512cbe9d169223e5fa

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 23850447d32063802c532acc31d081da
SHA1 2afd7d95293dba04e2db1215d7bf1a528407d7c6
SHA256 10277d934894dc760068c2bb00e44a318481cda55877a2628a398792b9e3486a
SHA512 1d68216afe82cd68568fc6484db73659171a062f647a3ddd91bb269eb70c1d943bd9c248c6d78382994eaf681d1125b54cc20808d3ade8f650091be4f9440cd1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7cec103e894a35683a7b4074be1195f5
SHA1 3b97d8c0ac5128b4400b7768c66d851e4e939f9d
SHA256 310c0feee6bd3ecdf074bc32d89d68972c9ecd14b284a11c0c342f02373bc9f9
SHA512 65886ab5f44e4350556f8a949c30fcb36b8a0ee12a113d6d80e59ebfe0b07d25209a644b22634214ba61fc5d150a69bf90abe989f7d1313a60eb59515a99bbb7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 fd5a92aa28c6cd7cc92c22318ca39281
SHA1 fa927b1fe51dffa02391e592df22723f1eeceac2
SHA256 c8566929d3c0dcaf1dc5bad1335186db39fdc832e667cd0f7e03961a9e4ad3f0
SHA512 1165bd928bd0406c4929dad6dcf3aa9a8ebbeaeaec0e0f215d9d0c9201312289931f881ee3057d02fb6af7fadeebb41fc78432444132db43eb6856f29ed9a8c9

C:\Users\Admin\Downloads\Unconfirmed 187952.crdownload

MD5 447433e7edc41bbf92bdbce6e65d774b
SHA1 e31ba1f23cfe9c5751d2b6c5e13ea5f836001d29
SHA256 ef31a408606eb1ada590b13505257583df5e4e1f646a5d3b1ab4b98705631e8a
SHA512 0e84eabb9ac1cd717b1fbee6b36941ada416bbb8e84f80412ea4d78027bc67d875369685a3cb46b9e86afed5d99472b0e9fc17316232ecc1b98b674ec5299e8b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b316514299d7229514e012f0ea42c653
SHA1 467bacc703207c1f368ad5598c6dafb8e8d5099b
SHA256 b20b5d108b28ddd216688a32e105943e59d1e0e31028a0808beee81007770df2
SHA512 a2aaf7f888a4ffd6680576e5cc0af8fbe4cf65114c7cd47663decea5201d75a80fa3701e28b2ea22b6aabb9c36258c1039c3a3d4bb368c34798f97fac22d4e98

memory/5188-707-0x00000000001D0000-0x00000000002A4000-memory.dmp

memory/5188-708-0x00000000051C0000-0x0000000005764000-memory.dmp

memory/5188-709-0x0000000004CB0000-0x0000000004D42000-memory.dmp

memory/5188-710-0x0000000004E70000-0x0000000004E7A000-memory.dmp

memory/5188-711-0x00000000082B0000-0x00000000083B2000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 126df771358d06eebce36ca35d01f8be
SHA1 2bb1992c19bafa7b82af189e5409a3ea52208bb6
SHA256 3d3c8dfa31878ae4b5e1ee3fd6e0b7e0b7e33256ecdb32cd918ba63a6abbaf25
SHA512 b4b527de3a84bf920fbd84c37c9e38156bac3bcb36081b0f00a53a799e8980ffde0dc22e49c9b1186b759e7ddaa44e6622fb127ea7efc6fd14d232da6423e55e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 f25ae33c3f468354f38097e221cf8d97
SHA1 c39c058ccb6b3938a733aed67c2135e083dae5b4
SHA256 3d18cc7c1de40e5c937f939e9763847ab6a0f548b1223301df11b669d59a1ec4
SHA512 8cdbcc11b0bb7dcd1f5f210b4d05ba897198d53d6a3a51b1ca240fbc0fff0a7262dc9f6e57314181c188814da90a94df74811fa5166e49233454b3b254d0ff6e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 7c4057ab28c58ab308bb4795a92d4fc2
SHA1 869ac9b3689d7ceeb99181b044cf7f0596a33b98
SHA256 3fcb92eddbb870b6a2574780cda2d5eccd6e801bdde266e19fc2de6ca300b498
SHA512 2e68044346bed5f41e46f9f400ab9e4faf9bbb498ece67a3827782df180aeb4f97c9de68f6979003cccc2a16bf9108811a687bd13377061bd3a61c164bf6b64e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 625cd1851931aaeab31daeac2c3af276
SHA1 971d631aca75afdfbf5591ccf930690418633194
SHA256 3eb0e24bebea15391f85d852902bcf4d70bf75447a6664ec54bf0dcbb8168263
SHA512 c3fb83bb3d4d57ca904e8075b761c493f6f2f7d1e8025aeed62c7d0797bf11267bb31142d9d4eb2de482639b67b5a7347a49d773fc49f1c14fe3a74f18b165a9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\f60ad8ea-6b7b-4e3a-b1fd-8236f6756472.tmp

MD5 010840100ccfe727e1182eda256b52a9
SHA1 6823d95a4a42338dafa3d0b153755a6fea771de4
SHA256 204351de461c95cd28709e0dd793d3b2220d162ea7f2f74fa0050ebb9b8ed981
SHA512 9684b2c60aa8f7b52f304ab25b28a846a9134bff32f28976fedd58dd208b3551f53e016e9b92b99757dbbdd784e7c80abd553fcf22872d2108e5f33f272b01b8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 30cf9576bacdd42fd690db789968e744
SHA1 95850e6f8cc74b341a761442f312abffee426c77
SHA256 2cc16fb82bab265deeb50a05d8775864ace2afcb2c112cc1b410d39b42379096
SHA512 7add660b36d55864537ffc4c07ada1dbf27e625a78c2550d3fa20fc32036365aacd531a8e42c4e19b87b437d3a17379aff1f526e219475bf54d310b1a3a0d609

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 580499bbc0f06b0b0c33814b12efeedd
SHA1 d43705d1ea7d890d8958a7cfa1c22d56cc4e15ed
SHA256 017810332086a632ea49de39440e6dfd427d45482c791559e164ec6b089e9c22
SHA512 04ff28eb4c1a538e1afaf1c8e9c738c87dd818a9ccb103905fa66e20a43a0a0d720f4ff356be8b1458f7a0fc08052bd8e34461c257dd5d8f2d6c105cf3539cb0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2f1e626c128333394edf2800c7d73ee1
SHA1 7a837ae4341724636e3c1b0ba39c60ae02c3499c
SHA256 22f8f4f4dcdb7c21fc2acdf806a26cd6ecc90b75862e9740f0a4a9345772c2fd
SHA512 0ce82d9329fe32f5ec52ca5844789122098b80607526840a6b8b540dd2f34916ec522d1bb44f2161cdfae7f11314fa3cb6cfc13173dd203e9219938d47acf999

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 301411535e387707360ddd1dd6f91527
SHA1 9b61d030749921e168b2e255210c2d880b04aef6
SHA256 2a465daf73ac7170b470167a7d13510a8adb0fc302734b17c4132d4ee4108599
SHA512 3d60f5901370256bd2b5774121359861f90e026e7aca9ebb3b3674f457206e75c312dee3ab982b2befb4723a9b7789c26526a4d5bb8fdf5d0d9ff7ba71595919

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e31977391ed1b454b2f86ee3a5850801
SHA1 907e346b42a9b0a43480200cba8cec771eec62ec
SHA256 3dca93be024fd7922d8937adcc64974ddc87ae2b15a26ab7acfa72091e4072af
SHA512 49d69a2e8a6f64f24344e148bf47676bf00ef4a5c9f7624ebf19c2a9a6843ca39aeb736aff4f7690787821d81eafb6a4cce2f29e4297ef5c96659d175e978c23

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7a295b143d698d7040b8bd5b3af2e060
SHA1 004eaa8a0ac749960448da99e3aab6ea1bd4fe07
SHA256 efa92f3069e291bc0f4e98c48e0cc2534f9f636220867c43f03ef1f110e7a000
SHA512 d82582332607554e6580e80cf64c1b0dd8db1c24a11c739efd38ebcfa5c5b7788b772782b3c4455ba89e9fd81726217bb9a1f691b1feee3c11001ee3952fde6b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f66d71acd63cd5f6e83ea4e08cc11935
SHA1 83f6acaaa8486dff0ced00b4ab7b97468164c189
SHA256 399905f2f1ddb81bb80c55b2f38135fc2caaa6975157e2d2dfd9fd580e4486cd
SHA512 470243039734df7f2ff43755dba8fc2963ee7951fa4956790a4cd5c3d7c37d5536d746b948965e66e8cc72805cf1728098eb9564cfa5f7223087609374b87484

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e00b4ab5ff06e2ee2c36b313d726006b
SHA1 ae32ef1c099cb9ad661e94e76f9c5fb45bd4f787
SHA256 d97b6fc9a4ba60938ca619442ff61e7ab253328484de7d93ff62ffe9a9ff27c3
SHA512 b0559518aabf4f63dab432576b9be8a0d9758f32358ac98eb8e0b9f25dd15052a8515e53f23a0531caa5f70e2663016706ec213bae80b2f9210f98b92a4ad6b7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1ef678ca7a85caf186469caaabbcd8c1
SHA1 632780d3c5b0fcdb50011c4567d680407ba237fa
SHA256 22df1da092d77e51a976aac1809ead70be5d5348d009ad28c42a61f094e96359
SHA512 9e8c0c2f82bd130b1e6c5461dbe42471d26b6e0ccdbd3d7e613edf78f5f48ea77212a26ca3a8ce0491e1150b6971f0927bf65909dd247f64fee5f84d1ad8458a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1c016397260b9564e28ed1d5d9b00a00
SHA1 4afcb5a9b95c6b79981eac584ae3f47ead7373bf
SHA256 093192c40fa6dfb13145666133f948339c34b39b61e3ef8dd9f91155c2ba4735
SHA512 0fd2a1869ab43894cd726aca9ea08193b9edbb8c11bda4c566cf1b7c04685f1442b2f3e377d61890c77577304e7571ca437e5382e8f74e35ecec532850b7ff9a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 96ba08aa9417a7fe3dfa866ae43fb71a
SHA1 6b4713c1dd68e2c6da9dfa2a20ceb0a0e0674ea5
SHA256 cd2cdbdbd9028ff7288165055d2cddb1b9439ffe496c3a6dbd1a1f0e4903990e
SHA512 3a1a0f35d3739d6b1abcd66710a0dc24d492e6fa6fe36f45ddf1cc99e8627a47f77f45df59f9713f202fa95780c75b873ae7237f2d6d445094c6a0b0b692d745

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 72a4ff741bbc28cd135f8278991f0ff4
SHA1 5e40d5fe8471a1506007cbd877be9994a9af1bf5
SHA256 97629306c74f60303b0ad7dd547087f84c04e52bbac89e80132c8da5e0233e46
SHA512 cc4fe1f877b8c29e5a82c825790e7b761961ca8cfcc61866f57d23dc02ed10a41b53982277ca762106d63a1c8c92c5eae96125295e4966a257a526be8f5923cf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2f048851f5ed1c060918726d5357644e
SHA1 89fb59f06e2d7fefffe7bffb085041157a085003
SHA256 082c99f90d617a19373d8b9d81f4d55ddafb4cce7a23ca3ce80f073291087772
SHA512 362fb2ad39771ee96f5eedf2de0af19f3fadfbb25d1c75329bbc5e5ad1032b8eac645776b8d6586f8cbf216ae9ba123561f44c5074ce671cadd93104cd187b81

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 73974a7483917587eb07e4b544d37a11
SHA1 fa920cb782681a719ae10ef6ff135afc3b435b94
SHA256 b1bef9d712729444b18fe223af652b471fa3bba22f4caa17184f419fa8aea66a
SHA512 11419cf7510667a994ae5337f80b26d556ba6529192455644783104e0ca8f313332ec863f2352abc5a8ff740bc2cd736829aeed305d3c9aeea5afba24ad4f708

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b26d90c0ceb399eef6fd7dbebb16ff63
SHA1 ff20accdc7820d45969f0ddb781f7cd8a59d9fa0
SHA256 ce788720c316859d71b312c2b0906b3d042e0be797194b72265380f8b032ea4a
SHA512 5fa0d915173591c68f995752b6c166651d676b13c7833284ed7a422d2bfdb627d65a3145a65e790b35a60ee54a6fde925a8a8d1d13df7367d95d5d34ac55213d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\3bc14b47-ed4b-4ee6-a449-c12ab8567f0e.tmp

MD5 02cc5a5c2dbbf6054ce6c6fa51166c4a
SHA1 874c15c7917831c963b198fd687d963402ad0cd5
SHA256 cf94ad6bb2e637371ac16029b8870d51df0c1bc789adf3ca612125c277763644
SHA512 7fe47552cc460a7a228fe7e4149a713b9b317edfbf9cf73cde21e42d0dc6e0cbf8be91e467d37e6591d0c906ea18d0491ab89a76f781ead83e74f6728cc50eb5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c1a7b3d30289a24e2a4089086433e506
SHA1 e40e0b1f3c484e846fd62064b5ac2c2a6ebf11a1
SHA256 02916fb26a431d6da2f205667868de5a9acfbb9e050c25f7f6f525dca3b809e0
SHA512 5d8c29b9052722510b3f0e0a05cc9a01fe7750b6ecff4a21bfa16aadbac71731e888a526cc08a25b180a11386c028033c74cf0a8c0ecaf22ed8f728adfffa9ee

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 332228fbc48fa600285018f305112564
SHA1 27e972bee3db726886e256c4fdab04dcee65b3f1
SHA256 013a691aa4e0cf319898454607f88c17e551b8871245385dec4a78b25d13a25a
SHA512 e4b287f55252a6e73d2088d596da128b5bf5a1df8e651490f362e41c88c9ae4fba6e3d1da61912133c5160645952bff4a4f93b7ba50c1d5ff4aadb2dc5d6eb66

C:\Users\Admin\AppData\Local\Temp\PCW7B3D.xml

MD5 f93853c645cf11ee20ba666e1a76d45a
SHA1 0060a851dbc03e384ca083f59c94b288d0a008dd
SHA256 6bf43632e33d844e30df2895868ded63def123529f0ee83d6df59e79e799dd05
SHA512 7c5203daf9b74bea2825fbda4ad489845bd1fa9d29c93c81e5cdb9bd4e2679be637f9c5abe37d7392ae3f6f0c6c6f90774bfede4c5fa1e5cfc318e6d9e4726b8

C:\Windows\Temp\SDIAG_ee3699a0-7db9-498d-9dfb-f302648e53c3\es-ES\DiagPackage.dll.mui

MD5 8f934d7b57fd5b3b53fa1ea7846e022c
SHA1 d8b326037699730ba9edaf22555d8ef6e6e52263
SHA256 da1a83b1dd466b4173d9e25a7ae9e28f27b8b1f4016efcc86db39cb5a9b561c5
SHA512 ce3b2e6b877af3790cddfaf6afef469b642708004ecb7fbda1166c11ef4aba8cb51cb1ae23e7dc802a95e4469cf6be56f1f562aa4d5a14d76d4720e2d6259d1f

C:\Windows\Temp\SDIAG_ee3699a0-7db9-498d-9dfb-f302648e53c3\DiagPackage.dll

MD5 79134a74dd0f019af67d9498192f5652
SHA1 90235b521e92e600d189d75f7f733c4bda02c027
SHA256 9d6e3ed51893661dfe5a98557f5e7e255bbe223e3403a42aa44ea563098c947e
SHA512 1627d3abe3a54478c131f664f43c8e91dc5d2f2f7ddc049bc30dfa065eee329ed93edd73c9b93cf07bed997f43d58842333b3678e61aceac391fbe171d8461a3

C:\Users\Admin\AppData\Local\Temp\__PSScriptPolicyTest_lolduwxw.3xy.ps1

MD5 d17fe0a3f47be24a6453e9ef58c94641
SHA1 6ab83620379fc69f80c0242105ddffd7d98d5d9d
SHA256 96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7
SHA512 5b592e58f26c264604f98f6aa12860758ce606d1c63220736cf0c779e4e18e3cec8706930a16c38b20161754d1017d1657d35258e58ca22b18f5b232880dec82

memory/2312-1060-0x000001F5FF550000-0x000001F5FF5D2000-memory.dmp

memory/2312-1070-0x000001F5FF7F0000-0x000001F5FF8F2000-memory.dmp

memory/2312-1071-0x000001F5FF4C0000-0x000001F5FF4E2000-memory.dmp

memory/2312-1072-0x000001F5FEFE0000-0x000001F5FEFEA000-memory.dmp

memory/2312-1073-0x000001F5FEFF0000-0x000001F5FEFFA000-memory.dmp

C:\Windows\TEMP\SDIAG_ee3699a0-7db9-498d-9dfb-f302648e53c3\TS_ProgramCompatibilityWizard.ps1

MD5 925f0b68b4de450cabe825365a43a05b
SHA1 b6c57383a9bd732db7234d1bb34fd75d06e1fb72
SHA256 5b1be3f6c280acfe041735c2e7c9a245e806fd7f1bf6029489698b0376e85025
SHA512 012aadec4ed60b311f2b5374db3a2e409a0708272e6217049643bf33353ab49e4e144d60260b04e3ae29def8a4e1b8ada853a93972f703ca11b827febe7725af

C:\Windows\TEMP\SDIAG_ee3699a0-7db9-498d-9dfb-f302648e53c3\es-ES\CL_LocalizationData.psd1

MD5 5331e7102faeff864db060bd4d7c0c93
SHA1 3fef29f4c4830b88f5709619f660695fd95209fc
SHA256 b9135c8ae6fae495f44ff4fef1e56953d9eccfcb244e193d9db106628b3c03b6
SHA512 4852df08e51cd171f9f503e1e7fe5d19c3b5ad64b86265d1120fd1b24399c2ae19edc1e404b7a90df281a10c8a2e27abd4cc6bc63891488c9c3039b7d5e40627

\??\c:\Users\Admin\AppData\Local\Temp\pu1pyi3q\pu1pyi3q.0.cs

MD5 fc2e5c90a6cb21475ea3d4254457d366
SHA1 68f9e628a26eb033f1ee5b7e38d440cfd598c85d
SHA256 58fcc3cfb1e17e21401e2a4b2452a6e5b8a47163008b54fdcdcc8cadff7e5c77
SHA512 c54b9ce28fa71d7e3629cdd74ac9f23cba873506f1b5825acc2aa407414ed603af4c846dcf388c579f8324e3538e63b26f90421ea9d7fcdd3b277c21bad1a5b6

\??\c:\Users\Admin\AppData\Local\Temp\pu1pyi3q\pu1pyi3q.cmdline

MD5 1ead0f0619d079ad670b45bb4d0fd4dc
SHA1 a26759ab54fe5497cb897a156cf2ae91a9b8d114
SHA256 fb9c994bcc0302b56c3f87b0641553567497ed41f4dc63cc556fdb4638e2cb3b
SHA512 d97c00db4b7b516835123fdbb3bf400a1e7b2d171f80f56894cff21f15836c4a1c9cf34e8bd5e36fdbf9b1021d7dcde2524b80e2f3d80cf1c564e55d93bae390

\??\c:\Users\Admin\AppData\Local\Temp\pu1pyi3q\CSC5A464EC3D4E446B5B36D49E2DE86F222.TMP

MD5 418fca88331638d20d2df2798651431a
SHA1 dfe7edbca35912d8cd27da68edb78e3ff76e55e0
SHA256 4740791433d47dcbb6e174a910c776d58e0b8238b825f2f5bca97a8969992210
SHA512 0a38f22053a2d8d3e59f7a18d2fdd6ffdacdf441d8d2847c48603acb94e6b7761407a6fdb41c3729f5153b1750c2b27b364d533c64e2fcdb4d396002a1e81486

C:\Users\Admin\AppData\Local\Temp\RES7F45.tmp

MD5 cc26b27f24487702c8c0de934bf8de96
SHA1 9b46e5a10fce545fbebd45dd0ee902f2b3d03065
SHA256 9ef37e8cd7703802aa3e775325f32ceef87d211170b8f737b6f2c8122d2322d5
SHA512 dd6b217a9d94fbd821d0114a5414f056023d2443e665b22dd5f8824af8a5cf0ca859d33b17e4795952b4af208bac52a67df7508bfa62e0ebf207272bf9e25a99

C:\Users\Admin\AppData\Local\Temp\pu1pyi3q\pu1pyi3q.dll

MD5 9dca48487ff0906a191aa7aeb5c3938d
SHA1 5e4e126767995eb8424970d5de4f2cfe00a03481
SHA256 4887da5fd5374af746baf87f3c3156995d6cdd36828e43497355f353747f59fd
SHA512 59e498c64d1c19d24396d4484a8c9e1c63d2a93753b0a897de556c6cda9e2623631f60e66565aa1d49ea5b991258e7aa69383b72215d1b44bff5eb4a7fb1f73e

memory/2312-1088-0x000001F5FF4F0000-0x000001F5FF4F8000-memory.dmp

\??\c:\Users\Admin\AppData\Local\Temp\53uosdit\53uosdit.cmdline

MD5 04215ab6412209d7b34fccf74efe5fc5
SHA1 b93a21e07bf5cc1ad0eba46d5e39bd82f1e8a995
SHA256 3f8fb501ddf2c30e2fef52b8c8e9096e985798ac341e4c9191821fc73b56db26
SHA512 e00230bc647734c9eb8c52334c71d033c1199e6b01797fe171a0316e68d2f22e2c9e2e43ee31ffe4d4a34f2807a19285449eb88dfc1510d92680da314006300f

\??\c:\Users\Admin\AppData\Local\Temp\53uosdit\53uosdit.0.cs

MD5 3880de647b10555a534f34d5071fe461
SHA1 38b108ee6ea0f177b5dd52343e2ed74ca6134ca1
SHA256 f73390c091cd7e45dac07c22b26bf667054eacda31119513505390529744e15e
SHA512 2bf0a33982ade10ad49b368d313866677bca13074cd988e193b54ab0e1f507116d8218603b62b4e0561f481e8e7e72bdcda31259894552f1e3677627c12a9969

\??\c:\Users\Admin\AppData\Local\Temp\53uosdit\CSC1848BE1E5804B019B91CB23D2F4E0E5.TMP

MD5 6058f93a818550e1d894419638649292
SHA1 3931ac75c8dc0b54681c95cf70de705646921901
SHA256 858d2ca74a3110229061dd83e73e86440cd3c5fd369f38bd075f55c0526bf630
SHA512 4aed4d4ce5e5903dd2e61d13a11986f5a43e261452b089be3cab666a336586398fc9a6eae48a15391600ad6a8f6b0947d15da3f5bc3879548e8cb536c94479bc

memory/2312-1102-0x000001F5FF500000-0x000001F5FF508000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\53uosdit\53uosdit.dll

MD5 b22177619ad90808e512af848b847e13
SHA1 5942ba69e45bf2bcb6f3976b7d3804677782080a
SHA256 6777e004ab62b8faf203b5510402e1dbe23c52c992a1920cb57a515e9c0f8039
SHA512 19dc90440aa25f88c48b02445e28fb055a67c15cc6afa4d2ccd3305d37845c18549c31e24fc7d4b63a8fa646f39cc0d2270d09058f17376578d7804fd6b7537c

C:\Users\Admin\AppData\Local\Temp\RES7FF1.tmp

MD5 2d18559d666490c064ac54d943477622
SHA1 df7a607bcfb02cc3deaaf2137e169308d4501ecf
SHA256 9378361f753b0aaa6738921d64cadcaed603e185d44cd95adc2eb9a843c8615b
SHA512 162a917f6cd9c61424d8cb4101cb3740f2cb957d61cbb1a4a34d8764d18c9f960080896301136755dca461c62d0e3fdb8551c176566479cac49ee2006acfc7d5

memory/2312-1104-0x000001F5FF530000-0x000001F5FF544000-memory.dmp

C:\Windows\TEMP\SDIAG_ee3699a0-7db9-498d-9dfb-f302648e53c3\RS_ProgramCompatibilityWizard.ps1

MD5 edf1259cd24332f49b86454ba6f01eab
SHA1 7f5aa05727b89955b692014c2000ed516f65d81e
SHA256 ab41c00808adad9cb3d76405a9e0aee99fb6e654a8bf38df5abd0d161716dc27
SHA512 a6762849fedd98f274ca32eb14ec918fdbe278a332fda170ed6d63d4c86161f2208612eb180105f238893a2d2b107228a3e7b12e75e55fde96609c69c896eba0

\??\c:\Users\Admin\AppData\Local\Temp\cserel1v\cserel1v.cmdline

MD5 d5cda29739977bb4476e2eb94a67ede2
SHA1 18decc0d35fd6a06eb2a1cc2930005884d9b1144
SHA256 83f3f81faf9ffa27b289c03080fd55158ef4be5ecd63ed79a0f2dc87b6558d91
SHA512 b86d106eca631934bb838abf36addcf8137ac55e8990d5587094da09718cc0996075401a263231daca9e57987dc13ba5fe5fb9eb40631ba5c2492d419ac6d73c

\??\c:\Users\Admin\AppData\Local\Temp\cserel1v\cserel1v.0.cs

MD5 acf1a7b8aab4c6efda423d4842a10a85
SHA1 ac55b84b81527ad1224a85640c5a2555b19b685d
SHA256 af0a7036a5f650570990f2d562a7c7636b6eaa54f53b6ce3f43aaa070188dafa
SHA512 22e5a8b633a0189e836adb0c34c84b5029e8069e2f0a77803da91ce2b0da14b8fa231ddd1f1b164992d534b8a4ccc51c270e8ff2ff3f2f34536432b4abfc04e5

\??\c:\Users\Admin\AppData\Local\Temp\cserel1v\CSC209B65A4902544C6B77E209DDA94A5E.TMP

MD5 3a213c61fe4fa56559706206ef5d7ce2
SHA1 d84de13e4ca597bb11197ec95b16f1a520b36a15
SHA256 0a8c05e8fcac5a10c69d84302b7e6c95da8bcd80014c592337132907bf0be6cd
SHA512 e676440c567f5314cd26df5ab661c38bc3cf0bd75ac5ae6dfb355140f9c804d4ab9da98bf95f94abf6d84ca87d60fb03807d5c1669ab2c3b5403c0cbc31194ff

C:\Users\Admin\AppData\Local\Temp\RES839A.tmp

MD5 705d9ccafb2c33256c438fef8946e1a5
SHA1 7979fae52b0e707302d22a599ccf8b70185ff909
SHA256 7ca95a3c70781deac5dcb30d26df461179573e34684486735b9eec42e5ce5f0f
SHA512 b8979813b4668d3147c163761cd28bef5d4fea021818502462402f4d8656c830d62037ab8f029914139039109e7d4993d5f14b9095f2d3a4067c81fd0a87ba0d

C:\Users\Admin\AppData\Local\Temp\cserel1v\cserel1v.dll

MD5 16b341c57307cdf0ab81ffad12ad22c3
SHA1 eea98996461082c7717bc2c64a4f71ef031612e1
SHA256 ccd792b16e024cd2d4df882625ac736cecd896ba2aee1ac21dedb685e7808dbb
SHA512 79e7b62e00552a3b3be2bef69d6e4913387f76c365dc4195b8d1c0f6f62fe1a4bcb3d105560572de5bffb022fcf028f5e382f55d87df35a6ac0e4b4826cf5bb2

memory/2312-1118-0x000001F5FF710000-0x000001F5FF718000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0a2db8bbb8364056696fbba3c4f6184d
SHA1 2570af08251bb4375d7bde9a92ec833b9e3e808a
SHA256 82b473249cd82f6ce9fb5f398ab9e926b8f5d1148fab756a3a6cd77535ffe515
SHA512 298a2d24bf11557d67096eec8b6bc50c2e31fef2adb0d27ee854ac7582f5c1dbf96231a555062e0757eb21bafa4ac83b55695508de8dd49eba61621f79c8ad6e

C:\Users\Admin\AppData\Local\ElevatedDiagnostics\733862231\2024110722.000\PCW.debugreport.xml

MD5 73492436af4eb6d74864161d59d5a6dc
SHA1 e34c1cdc719c700c8d3c50f08ff70adb572e48f5
SHA256 fafe0db6b077791f3a057a0319da9caeab7225ce4771b4f81a21ebaf4b051db6
SHA512 518a167b406aaceb4e17c44570a8b1ef2d1859a20ca0d7f22da39f8fd2b71f2eb3497214a7b5485e356900926311b8b286ed37dc34a1b8e88ba14cdb9516a1b2

C:\Users\Admin\AppData\Local\ElevatedDiagnostics\733862231\2024110722.000\results.xsl

MD5 0f391db2d621c2e9ed8ea3119a3faeed
SHA1 ebe43c3a86c4c9437f38ca5274e7df21d371a3d7
SHA256 172e4422f0f3c7b2ba936dd5c5015d293943881ab3741ede7681c7cfe68adf80
SHA512 0e63edc48f1213f5586f3c972274ef4e7bc07b48e651cfb6e5fb9b62b7d2ce81e6088686a30f9382d852f7864e8bd451670122681a419aab82209b469d7dd36c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8bb07c38cdd5a3367dd1914a24c4d3e8
SHA1 1d15c300e95e1e5efe6f8da9439a2f4088d4a825
SHA256 8b929ab27886a433d470bd9fde53fbc6a41abd980d79531923236fd8e0c4c212
SHA512 5fe91dd656e9a91fc1ad67ce4ba99f2b8d05fd5eedd10b83baa6613da82cb1c2956f2a5bbdeffbfd6786246f641c15870c367501d33dcd1ef347dd6191be0f72

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7e0ae618bcdabb866ba9ea0f0c794770
SHA1 11e41d6fa47c3053aaa59c531d3c265fa7b037b4
SHA256 bd7180f591d5f487e71ac37a852f517b5486ee9aaa6d5ccefdb5088a80d13940
SHA512 ad695a8da08a38fc523ea74ee58e36aa91ef92eed014caed21f4b906298ae4b7a57e75250d216f88ee09c6e615e27fd40a5d05579e0cac24cd399f2ab2424b2b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 6dbc0eab0cc761d96e30fbac7a2177dd
SHA1 394836658d6d81d7c85709a3bb3a0b5c4124b50a
SHA256 c6e7c6f776c2764d7719607e1cae8b4f15c8997a58fd6f05f37c62218a623e99
SHA512 7f60f937bfa27307d05ab75cdea8f94ef5963afd038ac4c694aa6c7c3ad198863541a65fef0123ecafec02a639b3ae999208cc16ec7a81275851ded2c24c9c9a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 615d30ee202a82b1098781d8d63c1956
SHA1 a489d381f27ef1e1fb485216bf910ae883707307
SHA256 d7a31304359c07d824abaeb9e05515633e93ed351a85aef1469d8dd72893bec1
SHA512 6dddef40a37eb1d8829aa0cd6de81e5ab9e3a8a7a0ce8c66afbe22c72f04ec77f0cfde24c210a6a63043848afb6f05a83a047826b9e9df8b5e86252b5a1befdd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2ce643fe6d6703e3cf3f2b1938bfeacb
SHA1 107095089a9df77c4dff630ce9a34a2d5fbe3957
SHA256 d12273dd06fd947669996d5f4835504ed24e93df567c7237dd23a6ef49c253d3
SHA512 001ee58c612550fb542c176b2456e96810549889c41ad656e389afa48aba9088f07f6e8672b48efd9f278a660d1f8fbf13ff176d4db8b52945778ef185d2760b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 9202d1df2448d0e601e297ffb3e0aa8b
SHA1 69b781735e132815d7264de4c0bf2bac94641c2e
SHA256 bb85de2422473d3662610e9e2e88719f7a78b41a9c2c55c5a88c574de244eec0
SHA512 95b4b3de459faa8e291615f4b1161648b020a3041a4373457f5f787637f1c42d774efc6d3696149c98c11b2e4ebc2631bb8c72356fd0a4257c459ab04d069d5e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 248e4e870b1c1df1c77a49fe1ebfbf0a
SHA1 782fe21ba4ac22f88f23bff25f29746710263209
SHA256 fb31ecf5edf460d09e1dc749999dd79a9e8ee0672fdf89025c91006041adfaf1
SHA512 32ee6f0102675919881c86945c3f886d38e357da53b3f2a96dcf9ec544260ea7839c65ccb6d823d727f434170f4a3d1fbe180e511526e3dbe329b9f71282da84

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5bbe3c8b9263cef20bb4d003279a3096
SHA1 05217f12653bde76b99f6c582af2df3a59d0dd76
SHA256 2b3b5d310c4c63f1a4078e2cb25a046af92a0f6a9b3086cadfc0449fb44b8567
SHA512 f3b0eb09d606b0e4cc35ce869a0034e1de014b4d660e074aa5f112e9a451fa2e7daa2032b0cd3f48fb25188968e2935b3111c79bb540756cb5530e75994cdbd9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 9047dce1dd30b35b9500bfcc2d208113
SHA1 d010d2c84318839429431f8afbb548f2bbc0aaf3
SHA256 24de1ed037cb6c0690066dd981d1ca60eecde023350956c02013265d2aa8fc77
SHA512 dac4ed363dfebf42a618ea7a62304c20e224d61c07bced91845216113a9c3f9b49b5591ced67ee245a5c2747a0ddb54027b7da3196e05885ce78ef8a93a68f58

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 33d0336d1e809119a1d066f7d3370336
SHA1 927c2a606916431360417518de831059aab98e6a
SHA256 9cca66b9da1774e3e443eb85d0cff9c5397d1d1fea9bddada021cad08f9dd7cc
SHA512 41857e46253182a2f9b26dde68538eef03e3f50302c95a58ee5bf8ec90b840c72307d604ecb2fdefd9785ef443098d204a6000439e7f60aecb0659025a5d6901

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7870e92f5f7aa280b25dfdeaec65725a
SHA1 edf24df8b57ed47c6c7803839273c3e02a44526e
SHA256 29fe93d1f9437e180d4e4d9b0410f7ae563090de07cb3fda4200ae92b9507988
SHA512 0b656d2b97dd84f77cedae707900b35e329d36a4164d2c6417809818de283d2df62e6b527f2b795d3cef00bb636310b9c774807a87e7a0a27e49a9489f1ac1de

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 30909e6e05a45708c51f5cfdee1c1b16
SHA1 c183d011a1da26bcf52417b8b6495084cb970740
SHA256 3eb9ad815462584dc60a0d5cc74e076bb131f57548acde0800732049c6f16267
SHA512 477e07cdf499101d8a2fd9c1b661a5759c23d9e27b75e69e050437bac885db5db7dfd6e652330e5b20c02fe43c5d0192724917dfeded9ada04cf39187c71505a

memory/2204-1421-0x0000000000400000-0x00000000004D8000-memory.dmp

memory/2204-1426-0x0000000000400000-0x00000000004D8000-memory.dmp

memory/1068-1427-0x0000000000400000-0x000000000068E000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3cebc5155eead0480afe25659bb06ff5
SHA1 a95fadf700f11e8610abe0484a0685395b931bc2
SHA256 2d0d4a54e97faea31cd2c9d1a01d62130ac6e35d7563a17e73554277f5c77abd
SHA512 1c73ac3f455f0f930c7f9e0dfeae91bbe3a14047d4d1a9532519cda08263b5d44b4e18c6e9577942ac47d630990068b6dfb0c030335b5c879444fedf895e9850

memory/5552-1437-0x0000000003180000-0x00000000031B6000-memory.dmp

memory/5552-1438-0x0000000005A60000-0x0000000006088000-memory.dmp

memory/5552-1439-0x0000000005810000-0x0000000005892000-memory.dmp

memory/5552-1440-0x0000000006090000-0x00000000060B2000-memory.dmp

memory/5552-1441-0x0000000006130000-0x0000000006196000-memory.dmp

memory/5552-1442-0x0000000006210000-0x0000000006276000-memory.dmp

memory/5552-1452-0x0000000006380000-0x00000000066D4000-memory.dmp

memory/5552-1453-0x0000000006120000-0x0000000006130000-memory.dmp

memory/5552-1454-0x0000000006940000-0x000000000695E000-memory.dmp

memory/5552-1455-0x0000000006A10000-0x0000000006A5C000-memory.dmp

memory/5552-1456-0x0000000007BC0000-0x0000000007C56000-memory.dmp

memory/5552-1457-0x0000000006E10000-0x0000000006E2A000-memory.dmp

memory/5552-1458-0x0000000006EA0000-0x0000000006EC2000-memory.dmp

memory/5552-1459-0x0000000008E40000-0x00000000094BA000-memory.dmp

memory/1068-1469-0x0000000000400000-0x000000000068E000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d3316d5421f25ad3a665240b4c99bdb5
SHA1 63e2736fbab7e7921a277af7a9751db8d24c0ce2
SHA256 4da1bdd2160fc4c2f21a5d1d0d4ce93dcf0b0bfd13d38fc79bff06cbc479ef96
SHA512 caf5165bae776881c12e6a05a685cb1f44090395edddd643031fc9a349805849783f7740564774cd4e1eb04952699873f499d4eeb3a8a3b2df85de1e600ce168

C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\extensions\json-language-features\server\is-GH98T.tmp

MD5 13fd4bf74cf2be8e582df89172fd5c43
SHA1 d14bb4302c9f89913859d245ad2f16feb5c9431a
SHA256 d9b82212418bc1f48866ef2ecfe4217d54745af57694ba5df0b01e6ad3e98933
SHA512 fe6f8972a161ff1eaa4eb748f1de523f47f6c7f5bafef607152bb7301c3bec435ec79dd81875e29c99f092368dae58cbf559bd08a8c8517634f8e7334f173c02

C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\licenses\is-326DO.tmp

MD5 575506a8774d119bc036fc34a0a3b08a
SHA1 87864ccab15ab97a8698c1bdaa7db88d7a8dbcdf
SHA256 a8e9fd8d817925e0457587f9252dfd977bf17a4155a7ea67bf230d3283036a79
SHA512 39f515f5f7da39fd6e026cc3f7bbb269a60c635a51338073cf752352635936834280a68c1deb46fdfb263293716bafdc31ef569663175b0bea6385acbc36e24c

C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\@microsoft\applicationinsights-core-js\is-B7TTJ.tmp

MD5 d6bd36f686fd435d25f2fc093c70d2ba
SHA1 9cd1dfde85276609358cf9b08865b801647d1bc5
SHA256 88c7bfe272ff8a305c79644131fceb45e09faa1b9cdabd196b4f50b477f0dd20
SHA512 eb758b22aaab89c125074251f1320a4a6a0404d45f8ad64d68aed354a03ca7c073b04b4d45c23fa8d01d90d627d422e74ad60c106f03f0e4a510fb7b60c2377a

C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\@microsoft\applicationinsights-core-js\is-QQ89P.tmp

MD5 5d483bc2a4edb9b663c253e975b0c404
SHA1 18c5a5d1fe7e1190f527e8a0cab5a6bbeea92b5d
SHA256 667450844c99658ea65acb29a73f60504a599cfa40138471e943ed3e5e5bdf41
SHA512 61d86762e9dca8e330e9a05bfef364a013d45878a353247a0fe656b132e74ee86cd1d562a541e5a7859418a48009565d12b8245a8cb336c01317005c23cc511a

C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\@microsoft\dynamicproto-js\is-KP391.tmp

MD5 7f571235285d97bbfd3df146c554c260
SHA1 aede5ad1228cf790788df06dd052f91e0d1b8391
SHA256 904dc4d8749877f1dba1cda48200d2462dccbeb7c134d5e4ef6fa75e0198c8fe
SHA512 f32e03ca8847c2f16226377644cfd561bed53fe608484a755dd39909265834918c25f8b600b735617fd15caeab41781176c5b17d0fedfa906a3df5b15eb3a922

C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\@microsoft\dynamicproto-js\is-6VDS4.tmp

MD5 558a3afce83d0e53014d19717f654349
SHA1 0e8972dc842e81d5f3cf73a5d7c7bfda53fa5ab5
SHA256 dd0376320839eaab4124f03d94447b20e324d9eb19a7ec400dfbd01bc24bab47
SHA512 7a34a2edcf3a44525a304611ac0230b0b2ce0bfa19dd85d47c74a46e879f2ef21bcab647285c656164292f161454eed9d8239cb63fb16ca2348f11db5d3034ac

C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\@vscode\iconv-lite-umd\is-GCMDT.tmp

MD5 d4a904ca135bb7bc912156fee12726f0
SHA1 689ec0681815ecc32bee639c68e7740add7bd301
SHA256 c2cfccb812fe482101a8f04597dfc5a9991a6b2748266c47ac91b6a5aae15383
SHA512 1d0688424f69c0e7322aeb720e4e28d9af3b5a7a2dc18b8b198156e377a61a6e05bc824528fca0f8e61ac39b137a028029ff82e5229ad400a3cc22e2bdb687ad

C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\@vscode\node-addon-api\is-8ET56.tmp

MD5 a4dcdbe197a6a3be69d7599c59e64458
SHA1 965ecc349b636e97697222acde08052b52e7f169
SHA256 4fdc94bad2981f680269f302e7ec6dcb76e33fede92e97a908faf205bacc6271
SHA512 0af3e0e1f70d0247ed654c79720d41f69e3a567f2c6880b649eca8aec57e9cec56d5467966f4baf6ab879a730a013feaf0ba64ae204de4b1f1615db4deddf5ee

C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\fs-minipass\node_modules\yallist\is-T15BP.tmp

MD5 82703a69f6d7411dde679954c2fd9dca
SHA1 bb408e929caeb1731945b2ba54bc337edb87cc66
SHA256 4ec3d4c66cd87f5c8d8ad911b10f99bf27cb00cdfcff82621956e379186b016b
SHA512 3fa748e59fb3af0c5293530844faa9606d9271836489d2c8013417779d10cc180187f5e670477f9ec77d341e0ef64eab7dcfb876c6390f027bc6f869a12d0f46

C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\is-docker\is-PINSM.tmp

MD5 d5f2a6dd0192dcc7c833e50bb9017337
SHA1 80674912e3033be358331910ba27d5812369c2fc
SHA256 5c932d88256b4ab958f64a856fa48e8bd1f55bc1d96b8149c65689e0c61789d3
SHA512 d1f336ff272bc6b96dc9a04a7d0ef8f02936dd594f514060340478ee575fe01d55fc7a174df5814a4faf72c8462b012998eca7bb898e3f9a3e87205fb9135af2

C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\is-number\is-F6RRJ.tmp

MD5 0f64900f8f30e53054962c9f1fc3205b
SHA1 6210a5e4e9224b4fc8ef250fe227311daa2bc5ac
SHA256 35bdd8a44339719441900fb50fbefc5e2dca1ca662cbaed7a687de842c8b70f2
SHA512 72392bccd8964c88ec8aa3d815746a2b6a4466d9c7ca8f428d7d0f3e2bb11674ef494ca335c8b255eee5825c087a77bb45a5d60025f318b78a64e19beccd23c7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 b2b38444e535b7d5a003ec7e3791aabc
SHA1 4964833eaedebb458857cf3b802b2f145f1a38a5
SHA256 8272c71deca9017c87674e10eadc6e9d62f97b749755b2c25d2c5e975e0a31f2
SHA512 97d496642f47563f5c3e2206e497f8e06f9015a368023a6059f2137b3efa18fbbcf73c529416579acbfd44ff63658c2559ad97630ee6c6c521cbb9abcbad2d01

memory/1068-4377-0x0000000000400000-0x000000000068E000-memory.dmp

C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\socks-proxy-agent\is-U7VC3.tmp

MD5 e0788eaca177f42808ee36bc32bb522f
SHA1 06000e5076e6e4b51294a87d836817a74c8af65c
SHA256 8d8c55319c7729d57be811c747452636688d54f19701ee0752b6b15ad3771d9a
SHA512 dc037410a930a54ee25a8fdaaa9bcd3c310b9abd81ffd2dc8a75205da44dbe7a1ad1d058d85271e73b7ec5ccf07ccd7109fc6ebbbfc2e2499695515f34392dea

C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\tar\node_modules\yallist\is-S68SA.tmp

MD5 b15d27bf2cf04083fef9389ce68aa620
SHA1 d6a16b480cbd582f969b3d0ed89a157316268d10
SHA256 c56b604bce814520105739e9559142ea9d4417454ebb933fd5687ca1d8d89bd5
SHA512 bc85712c39269457748b985b9956a6a4c0742976e8e57da32e12f9e3b05c1fc3a916f56d83194376cecaa2b41e0e27cad3725a68e0793e891a0022710f51ced4

C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\tar\node_modules\yallist\is-I0D5T.tmp

MD5 815f2c408219f81bfc71cf9e216480e0
SHA1 357867d11a5f3f9a52d44300e107ef4b8ceb9830
SHA256 d02451fa396de7f9ec93cc6fb3b07aaa7be637acb3409a9ddebd1c2de9279c1a
SHA512 81d1017d8a57daaf0be2d1d9c28295dfd1a1436aa79a96f0beef8afbccbc7e9ee554685d5cfa5a710b651a7d97a3f928a06a884d12d8ebd780db6c2ee8d7835b

C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\tar\node_modules\yallist\is-6MPHE.tmp

MD5 f0730c76a34cefcb8ac8b20fdd3d1044
SHA1 2b9d967d60fadfc9f15b946dfea21e05b41eb6d3
SHA256 69a10f726d26f8d804a3deaeac89f0106ddfa03d576d13971002fffc8f0e8a56
SHA512 314e2e5eea8678119100acdab251fdb723040d562b34ff373debfdbdad7107399d33c61545d03190207e5c32e5bd85897d526c7582fb2ce4363ec49abf71bb36

C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\tas-client-umd\is-KB5JD.tmp

MD5 b98fddd052bb2f5ddbcdbd417ffb26a8
SHA1 03e1fe6fd0bc6d73c3cd3370d5f0a73c4fcb60d6
SHA256 27ebda9d51f0a56b7e281ccd8230a27236dcb51c05f64b07869ecf6e965d68b0
SHA512 7d79aae4c9beb85811a3e122a2b12aad231f519dd12a461ac49d52864a735a6b05a263d433c11ede1406d2e49b6dc62dd38487eb7bd8c079d7198a20cf85fc4d

C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\vscode-oniguruma\is-2QA92.tmp

MD5 5061208d6c3443a6e0d7d587a04b4fc3
SHA1 e1e38d82e592ca62732bc6d6fbdbea3e9cf25d28
SHA256 81ed58e26769508df9a2f761dad55b52c6c9de62fff06195b2702fcb7a97e883
SHA512 a27a1bd86fbbcf0d2baba12ff8857abfe08a73563a36493845f45c83d5ab3997a2d28ff61cc6f1a2a289cec90884e4cbbaf9e8405d060971531441acb7d77740

C:\Users\Admin\AppData\Local\Programs\Microsoft VS Code\resources\app\node_modules\yazl\is-LQM6P.tmp

MD5 e62df7ee79458f947161db54ea09ad4d
SHA1 05f44660099e9e996cc01c6b1c276dd4e9a10f5f
SHA256 b303783d5eb7ca50b853ffa5f145e4e7998fab339831d848f507ca6cd970577a
SHA512 8fe80ba23a121b3374d93e164bb80ed47759b39d5a863aa6df32ee294aa95d3d22a4a365636c7603375919e449ef8a1587e354a9d2c2fbf33dd01a33a6ae53bf

C:\Users\Admin\AppData\Roaming\Code\Local Storage\leveldb\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

MD5 f3b25701fe362ec84616a93a45ce9998
SHA1 d62636d8caec13f04e28442a0a6fa1afeb024bbb
SHA256 b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209
SHA512 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

C:\Users\Admin\AppData\Roaming\Code\Shared Dictionary\cache\index

MD5 54cb446f628b2ea4a5bce5769910512e
SHA1 c27ca848427fe87f5cf4d0e0e3cd57151b0d820d
SHA256 fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d
SHA512 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

memory/1068-5603-0x0000000000400000-0x000000000068E000-memory.dmp

memory/924-5622-0x00007FFC15E00000-0x00007FFC15E01000-memory.dmp

C:\Users\Admin\.vscode\argv.json

MD5 c75911cc4b5748a49622a0ef17c6e5ab
SHA1 a99d8bda44afb7950c24e8c383852bddb093e5b6
SHA256 79d321f7f73afb3c62eb636780b81b6cc50a628f718c08238eca03c8cc5e210d
SHA512 9ec8588e7bb1571b153a7f135d62d6e1533d10aa79b5be95db044a40fec77ce07aa9f3272e440e18ae10b0959a66daefa8ac51c145072d36f46780d5a077ff03

memory/924-5621-0x00007FFC162E0000-0x00007FFC162E1000-memory.dmp

memory/2204-5638-0x0000000000400000-0x00000000004D8000-memory.dmp

C:\Users\Admin\AppData\Roaming\Code\User\globalStorage\storage.json

MD5 a2110dfddc75cd90dcde0f896decd96c
SHA1 96d12b54b554e0047cae1ab4a10fb896e7138d77
SHA256 357c7b090153989b1cde21011eb3563150dc80a57bfbba0e83b95030d424bdc8
SHA512 cea99d917215941aecbbee130bfbff6306d190ecc543fa01052c2569a10043e90484f2b76c212320a19032b0fdd1a8c1f4233dbc97284fba0a3a3e3f5fd5f97b

C:\Users\Admin\AppData\Roaming\Code\Service Worker\Database\MANIFEST-000001

MD5 5af87dfd673ba2115e2fcf5cfdb727ab
SHA1 d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256 f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512 de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

C:\Users\Admin\AppData\Roaming\Code\User\globalStorage\storage.json.vsctmp

MD5 7ab78ac7829b85647f818af340eed12f
SHA1 c746a11095baa6505e1a4a63ea1ddc5d5754157b
SHA256 d7063c1511d2dded4d81d5b51501e9e336e38208e7307aa17ba6bc67e0a65185
SHA512 9fa2222019eb7d1f5fac13c3d9e08c07ebbbe3f27326089c37b48ec82b8a0489ee5eb9e64b3fcd0bbc452783cdf440dec643e7e2e71f76dfb76dc847db9e553b

C:\Users\Admin\AppData\Roaming\Code\User\globalStorage\storage.json.vsctmp

MD5 0e783157dbaa87efe42ad9bb2086c521
SHA1 26eacb7c2cde2839caf9d03b488047d401fd7eb7
SHA256 0642d5e44df9d537e10a6b0d634f30f98af3db9adeddd9e99c1f288dc1402a74
SHA512 c48c575d4ff47c35382cb0c540c8403af8d9db09c2735e7119b3220e71fbf214ec50705fcfbc5f57e63b67f493cdd2dc7901f4fa8cfdeca6fbb746bab1b7c714

C:\Users\Admin\AppData\Roaming\Code\CachedProfilesData\__default__profile__\extensions.builtin.cache

MD5 98ecacdb415c1c3db457bd451847993b
SHA1 3621315827191d71f6695eed40aeb2b89f9f417d
SHA256 ec549c45f4b219d4978fdd4535212c7d2e5be299f4f28b717ecfe4d58809c674
SHA512 676549071d1916083e5cde2cdf269892caba842ceffd7c7c577a8931dd0bcb96e0dabb58fdd2a95a97865049f65222c50940a7c2506fb9f30e9385e7421cccb9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 04714efa1db37a61cdc54321238e03bd
SHA1 75f6026ee31f7f18337d1df7f8e250bcd5883ffa
SHA256 46c0e8428797bc87a0901ecb0120aa722abf8eed89dead4248f3e65a97e9bc74
SHA512 6fc809055ec13bc28f4933f1d118597f5daccc114ddb2dedb62d27f98a7a41a1fcb34894aee5b19a2357d1a28d798f3e2d63927203847e79a5123f52aa084626

C:\Users\Admin\AppData\Roaming\Code\CachedProfilesData\__default__profile__\extensions.builtin.cache

MD5 eea7d89b7473f45b6456518fefa812de
SHA1 d024ae6c169aa5b13194120feae36b7b2489eb99
SHA256 384bec5df3d73f4b5a7e4794d20c6b4ecd32f74dc7ce7dac533c63380886ea27
SHA512 65a3639a97a13718bb1d627aa742987b5f6488d01cabdc46a900fc0fa5aa9e35a765b7f2ecfe356b6c39734695f28eb8f57ba9a9cb3426579d975dba6ea6837b

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\1ced32d74a95c7bc.customDestinations-ms

MD5 b9bdf7d722a165d967a8ebca97a0d3d9
SHA1 39f9a2491b5ad919f2203f6450eb46a890f3d2fc
SHA256 a21fec481b76badf419f1ceee92dd8ca6a65253a45e363215632028ed56501a3
SHA512 33dd44eb9a6227115057641a7acd9569f3981d4c0f71af906753dfcd860187f4fad91b96a0ad2e8e0263226856e6b080ff93c1e7ad6ab3f597396c0953b2be0a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e33a9c97b497cf075ee883987aadc7b3
SHA1 fa508393ae01fc463bd85dd9d4d6c6dd8b93561f
SHA256 335dd9871280333a7cb4231ba6245afcd9a868058940771f09e0ba76ead931c8
SHA512 9f18e7d79e56900d34dac078570333b90cc122d2a2dff546580d2af5275ead5a850e01a8ebd4f0a165c31979c4757b39c161af63a6a758f1f9d7bc9f33fcc50a

C:\Users\Admin\AppData\Roaming\Code\WebStorage\1\CacheStorage\f265a8e7-022c-423d-bf82-238636ede579\index-dir\the-real-index

MD5 9147b5d74f4d5d6f364b1bad603363f0
SHA1 cd7427a76e89973379ba4a2db7ac1b621ccc7996
SHA256 f44a50a899180b2844497d4f0560aa4713130a7cb511151eec431b04045395ee
SHA512 f45efab00caec13eeceddb245b82b2536a4dac48c3df7c14c22c2aeb80ea4af8904986b75147484e84cc704ef1bac342508a0ee3d6b44a2892dea68cc55c35eb

C:\Users\Admin\AppData\Roaming\Code\WebStorage\1\CacheStorage\f265a8e7-022c-423d-bf82-238636ede579\index-dir\the-real-index~RFe5fa2e0.TMP

MD5 814bfa4fe75e8abb2e84f4685c1b3a16
SHA1 89c5e3c7c20f4e14e5e7d67e962f653828a795b5
SHA256 8c176ed5d20a121074f8174f3e09349966f757195de5fea67acd12230742ae1e
SHA512 c44c595e956e171355896fe15ee308c05a92cd3b76b6ed39fd5b023af17a82c22f36a4d73be5582dc04f0c086a8c9a053d1edd3ff27ad272a9c93914e4dc6d5d

C:\Users\Admin\AppData\Roaming\Code\WebStorage\1\CacheStorage\index.txt

MD5 89863dbc4b16ffd846e1083bfaab93bf
SHA1 d48ffc55998cddcf7a7276db6a891abe74ac1f9c
SHA256 1183bb6f95fd95334c818d9724e52e65d5090558979a0fe4513a43f0d71f30ea
SHA512 f66ff34b2806e40a655eb89f50723caf720b79bfbee92d734bc68602ecd68019b80e049dd807e39cb89b3c73d84e5b2ffe815eff229d13efc1bb1f7ef476c08b

C:\Users\Admin\AppData\Roaming\Code\WebStorage\1\CacheStorage\index.txt~RFe5fa30f.TMP

MD5 a7883c098ed2ad28e079c3af6e79735a
SHA1 53b06feef4fd4dbe325e16f2c07f175d7e344ed0
SHA256 3997cad7215b343cc3b5e2a190200b282712e5035fb14a6737e8034ddbe02f2d
SHA512 134e55c7d71323723a2f1e578c749b7fe9d37a03eb5f1cbbdea651a9ffadd185f5b6d0e194cd2db704d9859af1e21c24b4735d45e32d38e60d406c357c5e69e1

C:\Users\Admin\AppData\Roaming\Code\Service Worker\ScriptCache\index-dir\the-real-index

MD5 206118043d389ac3bf99aff9d1c34411
SHA1 e1b2aae8b86dfdf9591fbda48f6dc335d1e20909
SHA256 57179dbaa2f51be10a40fd7b6d531e22b7332701d7d10af56bbd153420d90986
SHA512 044c46894ab78fd16fd61e54d976fd6ce97ac13cbe6fd61f6ff0d8f8825246a0ba10c37108f225c5b4f6f198a83c297723392885090704fb0c6fa92b8d69766f

C:\Users\Admin\AppData\Roaming\Code\Service Worker\ScriptCache\index-dir\the-real-index~RFe5face3.TMP

MD5 b7b996f12d0a656d0af138d15876db0c
SHA1 6b6c18da7b0669743908bf9e252094a1472ea2ad
SHA256 875ab4dd2b2cdc0117205049a8456d4cccf738b60fa2796dde6209c50a58849d
SHA512 1e11bf78a730d1658486641ee354f4de1abf6712aa24778711e43d0484afc5d94523c28282795769e821ec1a065c96dc0b1e83252ae299e16fb5551b8dc235bd

C:\Users\Admin\AppData\Roaming\Code\WebStorage\2\CacheStorage\bdcd6ebb-c5b3-4506-9f7e-8f1ba179214c\index-dir\the-real-index

MD5 f115a2895de0af5b7def9abe335f1130
SHA1 83fee18a428d7e21e39e2e5c1149556368fbfdf2
SHA256 4ec03907f351d508ef65e1a19762519fd290ecd0c2ad6e0a1f6f28332ac8fce8
SHA512 fef7f945ee8e8d7e8b4d6d8db1de81f89bd1b42e4867e54bb0be0c2cbbe91df5c22ad65f891272108f33ba1882d065f1232bc197c4ad4a99cc9170694bdedee1

C:\Users\Admin\AppData\Roaming\Code\WebStorage\2\CacheStorage\bdcd6ebb-c5b3-4506-9f7e-8f1ba179214c\index-dir\the-real-index~RFe5fad12.TMP

MD5 5b023b05c0c8c5d683281d3a3fea20bd
SHA1 1f49a26338f7c47671914c7b619d3be2149000c5
SHA256 5158fda45a15f498ec4639a27260030b6f471e3d2cf51e0b36cfd06b9b018e4b
SHA512 4a53d97a99c4436a9c866451e93e49164f085c349b5115d9fa18bedcb264b1438d14e9867797b5777e509430ab9ae99663223314e627b956f30be0c2cc56d364

C:\Users\Admin\AppData\Roaming\Code\WebStorage\2\CacheStorage\index.txt

MD5 f57f6fb24903f587e826ee8dc2faa19b
SHA1 44c934ee425ab90373cce12662ddfdffb95b2448
SHA256 7493453943c71b4314fba3787ebd7433280dfe7d4da07c7d9f783b849620ae25
SHA512 542786784f5d874ff3c68bd579f2c87f44d2ed446c13d31fed88e1d0e72e9bd5699a09059efa8519f0acf85b25ae88aaf7b3daa3fe89c446cd14ede97f93170d

C:\Users\Admin\AppData\Roaming\Code\WebStorage\2\CacheStorage\index.txt~RFe5fad50.TMP

MD5 b908f46b38d6fb236a34209a6ed6c0cb
SHA1 3e90eea8ec4b617f717b2fd27b9736779ab8ca94
SHA256 40ff1ee12a217c7a7d9e4f7da894f3384fc0cc4fc86962ae3d444cacc7801a4b
SHA512 736d7ff2b4aae1787011200bdcdca7dee0b49ef3178c0cc35653219f6c9ba459750912299445d05554e9d36ee54f663f08b2e88ff8a3ed550309e015adde07ac

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d68bd6bb29843e0f8939b05680525ee6
SHA1 2baafa0b41f81c33cd2692a1b192a16da12f2732
SHA256 29e08ef65537a253e6f788b6a0df3830ea914260767554f1d2c55131947edaad
SHA512 75aa7910b7f655f76a3729c400bfbe29fac690bc1135c5ef4bff022a85d14c0c488d96a40056d42453b428dee22094fd1357f4fabfcbed12914cc058163a5a18

C:\Users\Admin\AppData\Roaming\Code\CachedData\65edc4939843c90c34d61f4ce11704f09d3e5cb6\chrome\js\index-dir\the-real-index

MD5 93559188bf57d103a66fb1da92323a54
SHA1 5bafc391d2707c6a82589419478954a11fc6f3f6
SHA256 29de6efd3bda15c98b9cb074fbf8e93769505e2aa82c7dfd06124e2b691d2dda
SHA512 ab26a34bca3ccad1e3041546054d954330339e26950c639c5bee99af8ef6f6f6c941acd56a378851904e826cee0b3a1f0a49f4351f69ce94ca40d4f5b349aab2

C:\Users\Admin\AppData\Roaming\Code\CachedData\65edc4939843c90c34d61f4ce11704f09d3e5cb6\chrome\js\index-dir\the-real-index

MD5 1d28f53a2aef1af90a546231b52352e1
SHA1 fb30377934f342f4a83cb3819d6f44535372ee71
SHA256 7361d9de829a10df2191c0b8637d3d3b5067e5790804de3befb5f6c3a613e795
SHA512 eca9fd771aa2f12d0377b10595312e13fc638716bdd58b2d00e89cdcecc10c94b739b964a7d14da89fab5446c413758a2ad635d7c3d2284d47a361b25b592ac6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006

MD5 24393e2ccc4e7a164f062df993d27335
SHA1 c8f960244677439e72295d499440f295ae5be7c5
SHA256 3ecbdf289749ebf07b749a91eb3db3d1f8fc338e5cae2dae22730fb893736130
SHA512 a675af57b19197f17a1be1351c3cee6a291f23dc2614081bd7bd71adbe5eb0d191c4d50b295d43b3a002d48454a24ef9e4dc52510f2db54dcfe0c8e71948d10c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000007

MD5 d4586933fabd5754ef925c6e940472f4
SHA1 a77f36a596ef86e1ad10444b2679e1531995b553
SHA256 6e1c3edffec71a01e11e30aa359952213ac2f297c5014f36027f308a18df75d2
SHA512 6ce33a8da7730035fb6b67ed59f32029c3a94b0a5d7dc5aa58c9583820bb01ef59dd55c1c142f392e02da86c8699b2294aff2d7c0e4c3a59fce5f792c749c5ce

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d228784900ebfd624a337e56f4410524
SHA1 8174b10f1498c1a677ad7c983a04641486e23d0d
SHA256 7dd787964ed00033ca566adb656f79c8720e36a4a8f3db572dfff3dc51d21dcb
SHA512 1dd3c5b83a243d09d66903f4616513e18da828eafb52c0d61dc5fc7098b5e26c1b93e86ec0908fbf8bf40040f7ad2af794bd731e8b20eed74c11584e0d154b35

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 4ce76d612170441224f89dea6ed320d3
SHA1 a956eb1c0b805021e0751942ec0b83b046746d05
SHA256 29dd793beeeb2ec1cc56d0286b30fc461d269047d44e31317934825ecd2a165f
SHA512 9b807415dbaa5ba35991e52e25173e26485d178c0be2740e8be45d8292bf013369c169fef75c2fc2af81faa72d68f1c1265193190c1dbb5e2d027e66b6ac4b70

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 40b90f94270edf85563ff0b751319502
SHA1 0269c1c4f440ff71672b6c72e225c29fef32b338
SHA256 7c3b6dc137d01841f95495f1a56275384821bf7d3ab89c5e10365a2396da8cb9
SHA512 db8c7027f24c4cdfa609169b3c3cb4ac890db24a4147b15546192f2bf52d83cf27f85e8308780c6796cde03a81d7b082ce4fca6b8e983ffd7f6f43b35b5590c0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 d9494c272b4736f789d854ee51ce77c9
SHA1 77f9a3518bd18d107b446cdd1e8ae54df385fb67
SHA256 c388f01512c32723e160f20025f83e4aeefaf1f5720e7e1d464055e085824743
SHA512 baa0c7dd70e3b46f8cc55c51c08d3733487206fcc9da84e477cff870c2dbe25a284ee5f77d2ce9643bb07505966c9780a4eabc93ca6af9b3534e33aed4c72810

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 91332500ea7c5a813ee46b0486462b68
SHA1 d0e34676eafe0eed953788aa3b0916ea1a7c2b07
SHA256 8b345a8f1e839719b2835d08d9054d5ec3f3b9498a6393fd00a204c4729c439b
SHA512 75fb9a193e6706303a908aff447712c8050bd66517f27cc199f6f0c02b6224272648d0b10f34ced3fa704f60b26c0d1f4f757a7d0cd1c1571e33bc986c3ad9ef

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 c272e981c9183b3aa0015918fa7fe681
SHA1 0f04fae22e01bfd198ebd3688fbff6fd4a6b1cb3
SHA256 84255fa4f05542858a8e00facf17071665b326234754adbb6ac3012c9594fe5d
SHA512 10bffd3fdb9f81df934babf462d539820eaecffcaeff73b6fe4d8f28b03949e943e9f290ae45a10f992298e3802bd478566c7b171416a282b79e865d7e946dca

C:\Users\Admin\AppData\Roaming\Code\Network\Network Persistent State~RFe6062f4.TMP

MD5 2800881c775077e1c4b6e06bf4676de4
SHA1 2873631068c8b3b9495638c865915be822442c8b
SHA256 226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974
SHA512 e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b

C:\Users\Admin\AppData\Roaming\Code\Network\Network Persistent State

MD5 281441126a68bbd076eea94eef97d84a
SHA1 82b5922ec123a119a8e2fec0a2d4b90c848807bb
SHA256 7efdabd13577280110430fb4c602cf8061880c4e6a9583b64a739508c64b3f67
SHA512 e145666698420c19bd9840fe96e7ad8449504fe7661ec30e2d404f5f4577354971e43340f1677e409eb5fecc7f514711fc51b03d7d384a375fba28fa7a84357f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5185a59e5cdb3136062e505865df5956
SHA1 323c35fad04844cbb21b2349b992842dc4792cfd
SHA256 0da8f9879d5aea3006058e4961588dbe5b7437783fa98df308b8ef3e95c1bdba
SHA512 4fe4a7369cbb387960252791f1c980eaa2a538aff76f9590455af13800c2d052ae79ed98c40aa4fb14e0a46dcc96b99f310adcbce5972a2b248c56b985f3610e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 1ceb7881d614ebde446f580b8d6d9ed5
SHA1 d31be6de94737e9c48cf81abd51a042e0e627b02
SHA256 a939b3b92c2372634ff221c573cf522f4e4110bb7725d322183b92f0b735f613
SHA512 053a0f9887863d5f7794d1eecf85fbff5dc6c3db6f3adb58294080b876289d751aa488935a82993fdfb54fdf84382db2ca8ede044a671fef173bbb453ffca017

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7c3687d8cc3ad047e983edf74dba67d0
SHA1 dade28bc1630d52d8616b24c7d38dd796461f53e
SHA256 49b8b5569f1006ca01ca8d8c539a0cced1dda5c2ba6a12709cafdaf89dbca3ea
SHA512 11f2eda3b39524f1cdd6703b95ff090f4f3a71d9392eb3f99f85b301ad28fc6bb1b039229265b7f522a04ada8be76cd2b0c5374f9418e686e6c38b0dec112c7d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 059a0735f29f47a30f10674dd2e14376
SHA1 d8e1d72f371a5992c9f27940fbf075800242e424
SHA256 f869f80b8a52f7eef88c826acc816a8b1c7d8fd91f0255583738a62eb818f416
SHA512 fb9dfdd21611a093ee79014760e79b3f3fed971b6b2b03107e47dabef0c24fecfbc4d79bcfe7f7d014007355d1ddacd49a23e3b51c9fbb5f671f7d535dc77e83

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\2\CacheStorage\index.txt

MD5 a7a2f6dbe4e14a9267f786d0d5e06097
SHA1 5513aebb0bda58551acacbfc338d903316851a7b
SHA256 dd9045ea2f3beaf0282320db70fdf395854071bf212ad747e8765837ec390cbc
SHA512 aa5d81e7ee3a646afec55aee5435dc84fe06d84d3e7e1c45c934f258292c0c4dc2f2853a13d2f2b37a98fe2f1dcc7639eacf51b09e7dcccb2e29c2cbd3ba1835

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\2\CacheStorage\index.txt~RFe60acde.TMP

MD5 604fb522d1c1732eebe02c5e337e0dc7
SHA1 f8972c8e79073d02d0cd317394c8c4a1eea44f53
SHA256 bde08c9133431434b82f0b541bbdae700ceb5e016da19b3ae1482e830ecd78f3
SHA512 d2ae0ccf21674ea6de95caf76c2eb502ec04fb1a80165611f4f9b0cf321ae4ceaccf258c9bbf9996061adccaf8a9d538b99d343b3dfcc32861bdeceeede3606e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 d99ec5f2e25dbb1848543d01cd201394
SHA1 7a370f8e25ada421467a8e92da6ea3fa8a1570e8
SHA256 6b439f14b402bedcc5d6615427d9eedf4f601ce13770a4f30fca8e23bf28d9de
SHA512 648818dfc5ba30755a0f82a5073c599988e56ddec41a49808879dd77e7a18157d6bcc14ce6223296ab5ceff6a9af4812661ce7ea3e1cdfbfdf8280a0f105e2c8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 085ad3ad644c2cefc3998f76ecab16de
SHA1 ccdc5bbf7fc937b9e6cf328814988aca18487a88
SHA256 5e4fa7599026e343b42dc84884f825760763f51f5d9c562a059061536d2d994b
SHA512 bd098a0c893b48625946df4ba051bd8b4e5205bbe17a04280c7866cb9524c5bce23fde919cd85237f318b180609e2aec879dff3cd21bdf80cdbbeb0fa2006702

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000014

MD5 3e2c62a92a15319ea2b01de479f932a2
SHA1 bed11591175df0a3b1365fafa8b563f46653e273
SHA256 39f38758553545142d8b70caa13e9e2bdc205d2c571252a2f9d58320cc31aa23
SHA512 331ad4573974647a3cf5f34678564bbef8fd7541c7bfee141154d130ca7cb3cb610c89b293f6389fab15f035bf27e7744732003e37d43c5a9763db28c5f049f4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000013

MD5 76d82c7d8c864c474936304e74ce3f4c
SHA1 8447bf273d15b973b48937326a90c60baa2903bf
SHA256 3329378951655530764aaa1f820b0db86aa0f00834fd7f51a48ad752610d60c8
SHA512 a0fc55af7f35ad5f8ac24cea6b9688698909a2e1345460d35e7133142a918d9925fc260e08d0015ec6fa7721fbeae90a4457caa97d6ce01b4ff46109f4cd5a46

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000015

MD5 b4531788b760b922549c6455516f6dcb
SHA1 15c5daf988f05ccb841a118f7c568a259e739455
SHA256 003aea421fdf60d15881b872df89314e0414c2ae48ebfe1813d9c2b42e5539c1
SHA512 9fa5cc39451c66b315c58bc697675f37cf1e6aa92573c785343c06cd81758a539f1fe3fd9fdee210da80f0909e750f8e10ec5d4fd7f643872a79a95b13097769

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000012

MD5 cfff8fc00d16fc868cf319409948c243
SHA1 b7e2e2a6656c77a19d9819a7d782a981d9e16d44
SHA256 51266cbe2741a46507d1bb758669d6de3c2246f650829774f7433bc734688a5a
SHA512 9d127abfdf3850998fd0d2fb6bd106b5a40506398eb9c5474933ff5309cdc18c07052592281dbe1f15ea9d6cb245d08ff09873b374777d71bbbc6e0594bde39b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000f

MD5 8a99370cbc67874d68319f5b624173fa
SHA1 46d9eec29e0fc6d642407e5d9250a2f4dc65e990
SHA256 d5c8d14b82bdd5b502444d9cfbfe9ebd3e041a819bd5c187a50ca7a6b2c929b3
SHA512 813170bfdca29d5f0de41f4f538d6d2955750419998c35bf4aaf55b9e8864ba3ffe41d039463ffc0f7d5793d90d1e7a76b9bb77f68f002d63b4ebf5531d0e921

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000011

MD5 b2fd30df44561caba77e306bab6d040d
SHA1 3aa15b05e9428b20b6072c770db79f097f0558f9
SHA256 5d6c32e6ce14a8b55f4eca20d6b324b68f401977e42e858fcb0d14d3bf642a0e
SHA512 0c1d2a2680b50189f2582cbc136f64340ed69c140ca376c87d3cd37cb842fe069ffa7fca2dfcf99590a602a073ec8ea033a1fa4c6496f14864b1624fa9a17a07

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009

MD5 908677684413f5278249c1b08127d6a0
SHA1 df54a142c7eb47537509a54a8519f1c6c82d0965
SHA256 49910739da15aef97cf1b1fab8a1c6817991542d296c3fe6619248258626330b
SHA512 d6458614c8cf209da33129d5672f4eee9923bb56e91692c87a0f82a0e00c0ed0c03bad913e3ebfae7dab32f76465e58289e15e579bc5f8af37845ab250301773

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a

MD5 c67ee59476ed03e32d0aeb3abd3b1d95
SHA1 8b66a81cd4c7100c925e2b70d29b3fdbd50f8d9b
SHA256 2d35ec95c10e30f0bddbfb37173697d6f23cd343398c85a9442c8d946d0660e3
SHA512 421d50524bd743d746071aaad698616e727271fdf21ee28517763a429dcb6839a7ad77f7575b13c6294dc64d255df9b0a64eb09c9d3b2349fef49b883899d931

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000010

MD5 551ec1ab5799476429ed57184a6e0502
SHA1 7bcf188080787adcbcf62dcdad2ffa9ad38e1301
SHA256 a26c3b6f6f77a35a297032c0ab11fa2be0a3e3d0091d7d2cf275fd40c84a43c1
SHA512 c9f59fa7160d68e2eb1cc8453a770423af23c2ea93a779aca1180111705096760aee976db84155973402731b113e7e4266772d32d1efd3fdd674d2ea0e5bf058

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000e

MD5 aa9d4b0371cd9ae330d7b131493f54c5
SHA1 e83c2b6b6f023a6e00d18f0c9ed6b8ae9bab1459
SHA256 1ffe9b8b344a25a19f33e5900aadb00e53b8bf1a22210ab66c7b50bbcbea45a1
SHA512 337e27650c4b534683c8589dc4787eb9bcfecae020bcb1a507a1530b1fd7562ba8d185157e8af23b06e80cc70136f51bbc0fc0ac63e581e34e410c6d08d398e1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000d

MD5 2e23d6e099f830cf0b14356b3c3443ce
SHA1 027db4ff48118566db039d6b5f574a8ac73002bc
SHA256 7238196a5bf79e1b83cacb9ed4a82bf40b32cd789c30ef790e4eac0bbf438885
SHA512 165b1de091bfe0dd9deff0f8a3968268113d95edc9fd7a8081b525e0910f4442cfb3b4f5ac58ecfa41991d9dcabe5aa8b69f7f1c77e202cd17dd774931662717

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000c

MD5 ce98c3b639ff53e62db72824806a2f32
SHA1 4ebdf1ac5041a2bbfc736eee17784a24a7b2fdef
SHA256 84a942b9db6aba18b48f01a3e866b3ebb2b064655dc61969fa0f4d5e70194844
SHA512 078c00acf0ec32dcd849d9f65405d3be8b7cffd8b42acffbf7fe6c6ffaf7c75be299cb10bece3768606db21765d2296cfcce334ad94a12b9a46bd65720e7c696

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000b

MD5 4e786ef6de6d058a7ee21d714b5878f8
SHA1 a25cf3a4ef2c4208064a295fc00bf84be1557e8d
SHA256 fd7a0097dcdb4360e99e3131665aaf1cdddb65f638323d8dcd86832ac1c65b57
SHA512 79f32a2fe5204c324bcdfd5b11b3d7423cb8961e61350ef8b1a40390212bb1f2125be11aa9a8761edb2fd4c760a39c9f18394a8bd8bc55148ff2937b4ea67bac

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000016

MD5 46c65c348f90aa174bfc5f9dbacbc3a1
SHA1 f3f1cb408e89e48b14532730632dba27858d2676
SHA256 0b36587fac66193c3e84fc32c4edfecf3b9a8717aafea51178f5480239bfa008
SHA512 e18be3c74e039ff4297313b12abae8719e26eb852724a46f119121d008a7165e249bc17d17b3275a108e6de14b1bc443a7827589bc4fd46d616de699b8294ada

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 d0070ea40c290baf76446ee48063ea43
SHA1 7156483396223442facd702d10841f4f22832100
SHA256 2eed8a2a3706cdaa7f2c6d4317fbc12dd0269c03906c0d9c8ccfb15d30f24661
SHA512 74b41fbe9dbfb0850ddacad70d8b5de0f25c4cbf011dfa3477ad3e14ffe4144e6b24b6adfd39d6abad32d9ee4684b6132d56008f45b74903e162674802d509cc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 576b90b842374283d779b7190a199885
SHA1 2fc4e19b6b3099310268960b0d1b8ed1a24054d7
SHA256 833c66aa656feb7938922d7ce69b05e8bb3ef0ec80174bd5b5cf39eb361188b4
SHA512 98209d35e8debd29e0896bfc8b15fb0becbe9e9f658f910baa792e635dce049a4d05e099eb133c03250cbbdd0561f210934e4c77d2c48abe1f0a15af4d9987a9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 1966b5f31a67ff3f045fbcc4942f2eca
SHA1 9a21f60dd461ffe86c4812ceac46c64b5bad257e
SHA256 aed5620b8d9ba89695e4884807b7104413c2e91128521a6206d375ac1d199842
SHA512 7d3b50e4f913862d419336a87b69ba9262f0248a43c8a4d04138d09871a07c6926c8367ea210c2f00a5c74bb8b57eea5e83f3eb02d0f010a9b9623592780102a

memory/2396-6566-0x0000024D924F0000-0x0000024D924F1000-memory.dmp

memory/2396-6565-0x0000024D924F0000-0x0000024D924F1000-memory.dmp

memory/2396-6564-0x0000024D924F0000-0x0000024D924F1000-memory.dmp

memory/2396-6576-0x0000024D924F0000-0x0000024D924F1000-memory.dmp

memory/2396-6575-0x0000024D924F0000-0x0000024D924F1000-memory.dmp

memory/2396-6574-0x0000024D924F0000-0x0000024D924F1000-memory.dmp

memory/2396-6573-0x0000024D924F0000-0x0000024D924F1000-memory.dmp

memory/2396-6572-0x0000024D924F0000-0x0000024D924F1000-memory.dmp

memory/2396-6571-0x0000024D924F0000-0x0000024D924F1000-memory.dmp

memory/2396-6570-0x0000024D924F0000-0x0000024D924F1000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00004b

MD5 2deaae9748c64bb506ec195d4cb1d19c
SHA1 84b7cc2a5fb4334eb5f7c62245e4a51712886ac4
SHA256 085ea3f3683c45586929b673c433b416d00dea070427243662eac00392131304
SHA512 b2502c1e8c6d4ee8f896098af6c3eec3941cfcbe5733720346464f4b24b88bc9ce4d0fc64e966052bce51200b9617b8ff798275849229a60622f93429bceaed6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 054dca3d334bc512588ca9ccdc6eec86
SHA1 0e6f9d22c25e7c840ce266dfa3616dafac80df17
SHA256 2ed8816421fc4d05dee92bd15d6db2033bf0eded37593b5aa336b261f0d46458
SHA512 2cf07879733dfc63477de44259b6384c4025af7d794845139c9cb8251885df44e17eae19adc2ece8c9a192115e1e22d0cd4f16ea3f511615a34fb0777222d475

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 42641729d738ba3d17145cab635aff89
SHA1 120c0f3ed0294cf5785b9f57de7b3ff61c1a342d
SHA256 d2eb464fb85fcdf126482bb12de4e49f1bfc869f575436fbfd916ef753969272
SHA512 ba220ec35e9df1207934144cc63f3bd14d67f9615de9627ef7d432007e6ae8c8b2d09a4fbd6f49e7be7cdd914304e8a6ce775390c4414d62256e845dd9e21fbf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 25525597eccb682ab5256f1875d2e5cb
SHA1 9621bb13f78172e5b72ee157d53bc4b3f949e73e
SHA256 ce4073d6b0efaa822fe6b4915ca16dee1854c64762716af9aac80c9f2c98f85a
SHA512 94c72709e5badb9db4ca020c8fe41ac12d4e383141896123e6e581f49a885f42f8de47ee92503d318bde08584af60f716782c148ccae24631e4cf7808114dbd2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e88f159a9a11ace788b63ac6017f76ea
SHA1 e5b8a852f34a92e946c7d8440af0a22ca2845cbf
SHA256 028df4617b78a342e2aa424c9c01bc334bbb0d7ff72ff0318d386c035d069429
SHA512 e2b8f6ffb2fb398af170cdf6d28b1750730cebffad9fa8529d717c78bf6ab6e48bbbd352ee94d324dfe9aad60d2f67ee25de32d23530334e720e0168d4ad577b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3f93f7daab85d5ee7e4ef260c6d258da
SHA1 11cceb5169b306b3c45800ea0fe8b6f6dfb5a322
SHA256 4aaa8fca47b128c465f763512c12ff6d8436f96cc7a9be49493e55a218ae6bad
SHA512 3b17f2abe7ed2b9d2f43e47526e4c1bb4d85f2d685ece4ab8c0083b6fa451c41cf397938583a2d919fee2e3e44998ae83e3191b20983e63f41c4fbfb21c38d19

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000019

MD5 87c2b09a983584b04a63f3ff44064d64
SHA1 8796d5ef1ad1196309ef582cecef3ab95db27043
SHA256 d4a4a801c412a8324a19f21511a7880815b373628e66016bc1785a5a85e0afb0
SHA512 df1f0d6f5f53306887b0b16364651bda9cdc28b8ea74b2d46b2530c6772a724422b33bbdcd7c33d724d2fd4a973e1e9dbc4b654c9c53981386c341620c337067

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001c

MD5 d9a0ed48a22201491a39d70e1688a7ad
SHA1 98648e3645c27a83b6c334922565a807f437f575
SHA256 0ea78b4e72578ebaf367029ecc25e3a6ce608bd4efa6bfd69fc410dd271be762
SHA512 aaff77c1bd1cc18ac3702dc258994455f1a84b78a50d03e87cd330bc6ad371fd89adf6c748b3ecc898734c41c3fc03e6098dfea86f071b1f7f74822e02ebe4cc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001b

MD5 6e16a0e00a70defc9c40ae9ece97c9e5
SHA1 9772b4012ee94ed05356c98ba7e27e71283211d7
SHA256 82c83658c88de47b8e7da9904ca19299fc174763fcee974dd3c087b80b9bd532
SHA512 5e3984a7985a21d5644f5b579f32f408b28bfcb4de59764f403e4e10e08085e7b3f099748fa6e22180b6097edb4d8c20b676de182999155b13fdec4fae93367d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001d

MD5 fc8c6d3189aefb36f05f5b63b349e8e2
SHA1 2178c8dca1fbf3d176c0f8f43c58196f45e7a19d
SHA256 89a85ab01fab33a5c2a15de3354cd19530c72d5e234d54ea4c4f055525ccec9e
SHA512 384542d8ac6142d9b1db0d1cd3b6e082ae03c39eaddf80791da514054e94f6e54e83716d36d824f69cf27f94ca7d2691ef77527af153e320094c5a27b22d9cf3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 35eadc58af1984a2db796fd44307de75
SHA1 b97b816dc3c6e36dac63a3d396242899eaedde55
SHA256 207bbc36acebca550910d2304cedf2d4442842e78f3793f8649735b9a73659c5
SHA512 5c36b73029414fb4bf9dfdd12863bf062471d239f55436d41a69e0c9bcfc19f6f84228b7d3513a947b2a656bb8d90c31b716e329f5721d5acafc234f35e8291f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8e6ce79954421d2663d426cfe14ded56
SHA1 3a9884413f01f85bb620d0410f78e5279323411f
SHA256 6190abbd295a8f0c53d29db37c985f86fdd2ee6cd0669dfe2175f97efbe8fdde
SHA512 6ba5a3e68fdef12f398869da6ae80f7d8993bee07f307cc67a129977c4b63296c810aaea09cdb1fba317333f5ebbb3a90512ebe8dba136f26adadeba937b8197

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 71c1521f7e1b7e55afba0f93a023f833
SHA1 99b4acda2efe9b4a83f1b6e167e7c83793715fd1
SHA256 e837fd87dac17156822714d442cac4510da0023542275aae40df749e6369ac1c
SHA512 6834b4f07416b9e44e5cac6ea544273318813c2df588325f3f77f8d72de3d7a2167e7430bf3b34b70a88a2d6944205396cc7a07a9dd6b6cce69f4cbdead66789

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000086

MD5 e579aca9a74ae76669750d8879e16bf3
SHA1 0b8f462b46ec2b2dbaa728bea79d611411bae752
SHA256 6e51c7866705bf0098febfaf05cf4652f96e69ac806c837bfb1199b6e21e6aaf
SHA512 df22f1dff74631bc14433499d1f61609de71e425410067fd08ec193d100b70d98672228906081c309a06bcba03c097ace885240a3ce71e0da4fdb8a022fc9640

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000085

MD5 503766d5e5838b4fcadf8c3f72e43605
SHA1 6c8b2fa17150d77929b7dc183d8363f12ff81f59
SHA256 c53b8a39416067f4d70c21be02ca9c84724b1c525d34e7910482b64d8e301cf9
SHA512 5ead599ae1410a5c0e09ee73d0fdf8e8a75864ab6ce12f0777b2938fd54df62993767249f5121af97aa629d8f7c5eae182214b6f67117476e1e2b9a72f34e0b4

C:\Users\Admin\Downloads\Unconfirmed 521455.crdownload

MD5 ecae8b9c820ce255108f6050c26c37a1
SHA1 42333349841ddcec2b5c073abc0cae651bb03e5f
SHA256 1a70f4eef11fbecb721b9bab1c9ff43a8c4cd7b2cafef08c033c77070c6fe069
SHA512 9dc317682d4a89351e876b47f57e7fd26176f054b7322433c2c02dd074aabf8bfb19e6d1137a4b3ee6cd3463eaf8c0de124385928c561bdfe38440f336035ed4

memory/5464-7069-0x0000000000460000-0x000000000190F000-memory.dmp

memory/1736-7083-0x0000000000460000-0x000000000190F000-memory.dmp

memory/2440-7077-0x0000000000460000-0x000000000190F000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 4aae906f0aa9eaac87ffe21c5d991abb
SHA1 0afd38f72163937fd300c19b06bced7c5f4d03b4
SHA256 2737c16f543ad073cd3d9ecaf5e57e8650bbfc5a7c16188e5d28e7c1aae765c6
SHA512 0a1b5c7cfc40131dfe73ecacd81f21252859b0ff3f871d7c7fb2a6778b7c16f040016f89bb639501d1ccf8b6b63d3e6fcd0ec16c377459dfa9044710dd3980ac

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e864233e6bbb573f2c00b1f3d6ac3b63
SHA1 05787b2614209f878abe72f55cc1e706980bb046
SHA256 d1f999b8d33dee80d1105f29c61b11c8ed29d0e0aac93a2205783b67caf35cc1
SHA512 912c1482c834573787cf7fc35bc05ed351f328ff473df4514ae714fdb7a825e42fa81ff530ffda9c2cc1bc74f101d8c7129cc4ed7e17c3f9b950925a1178a370

memory/2440-7121-0x0000000005450000-0x000000000546B000-memory.dmp

memory/2440-7118-0x0000000005450000-0x000000000546B000-memory.dmp

C:\Users\Admin\AppData\Roaming\AnyDesk\system.conf

MD5 8c0269b3d2db409ddd7b59b863b3c7a5
SHA1 e784bd843b15da1a679540b58a40bb9467792f73
SHA256 ae062926981ea894c3824a713bb94c819cb8ae8c60bdd5b574412b916f083fe8
SHA512 030d0f3c1d029bd75103f374ce90d8a3659d0f1981ac7c910ff8e97b0cb0afa7d6ab83e901cd84dd0bacd856880c024dcf17bb586b777c4e2f13920cd0f62948

C:\Users\Admin\AppData\Roaming\AnyDesk\system.conf

MD5 806fb35c9be73afa93eb2d749459551d
SHA1 a1d0fbdfd51ca7f07ee7e2221488d2121a0f37c7
SHA256 1f007e00ed1e409435246c56b8a93394bb99c9e34ac7a17a4c0344015aea82d4
SHA512 b3cbf614711278fb73c0d9b38a2c0121bc5f3ab36f5fadc40a9e3f174aa58698e2b4722cd1b4cacd63b48f16932ee92db9641ec20001519ba9012cadf95cb03c

C:\Users\Admin\AppData\Roaming\AnyDesk\user.conf

MD5 be37d6d8246aef2970b6403e5dc7f97f
SHA1 73db612721b436bcc62b118071f21e60fdd776a6
SHA256 dee1a4a23e60ec3ad08059bbd62a203304cbb1d183da7f63199e031c02ed57a4
SHA512 8017fd30d72ee1b000735633f58d58251f3a90e1ee0db1f7ae40b78e72367936220f38a6945ebaa85bbc378bab45270918f46c77f66910655702106b82909d75

memory/2440-7122-0x0000000005450000-0x000000000546B000-memory.dmp

C:\Users\Admin\AppData\Roaming\AnyDesk\user.conf

MD5 8725fda4e91700eea6b2aa209490300e
SHA1 0d971059c122098d7d602de9f52f28e0bdb91c06
SHA256 dcd17cbde6b40099b13d631168b0ff62e4faabc4b627f59d2447f8138839b95b
SHA512 730170f466d04c6761c51c2dec979a6469dd35002c3b99a76ee40d340c3632f7869fea9d0974e04153ab47688e27691c6265f6d18efa199383fdb75051aab235

C:\Users\Admin\AppData\Roaming\AnyDesk\user.conf

MD5 f365bd7ebb5be735cbce627e084c6314
SHA1 8cf07fe9e0577b6ecc464f541692eb28f21e69ef
SHA256 38ddc0907903d08099b71b5bcec065ab44725de498cbf29957689e1531a8f72e
SHA512 4e850da44ed1cc82c55ceea29c752b460b693bb68c5712884ada577ebb53b70b40100cbdc197f6dde487d99f8a8db046b58329673d65fcfe5328e2d50d4683fe

C:\Users\Admin\AppData\Roaming\AnyDesk\user.conf

MD5 5ab0819924470418a2601bb9e23786d2
SHA1 2ecb1d20e8cb177bc8172297810ba0c279c609a5
SHA256 b07ab9aeef79be59146783f0819f09a02395b139df94f08cea27f29885b00b90
SHA512 ad72d9b67c5e92964d8004e7af04aa0de994c8d93ede1b73843240ac587c8b6e1842ab72773c6ca0176d864467894d51a853cce3ef2649e7ffdc2ba0411ec6d9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\ae689a2144e9e24bc49282f4757ca91c0bf7f5f1\index.txt~RFe623226.TMP

MD5 199765516f91084c4a6925fdc69c3a92
SHA1 e03740a3b5358f0e2705e0037e5650b5a111ee3b
SHA256 73eeb2618c8177b28619836c64bb8d1d111815f9c027a8ebad81e31362ace9c0
SHA512 bff007c4f2cebba16526b38ffd511b9911de41ce180974fc1dadf2b3a29e64863074d242507608367f832a1a812c771b72d2fa8d17b17e16455e0c2be1640372

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\ae689a2144e9e24bc49282f4757ca91c0bf7f5f1\index.txt

MD5 2e75424457bfe1c3f5ceabd2c37ab540
SHA1 312081c3cc3f28b07b1cf1ec3e0f7267e3ba0458
SHA256 e9beca2aca427891df0a0b49b43a1cfcf65c355a5b4aad769f5b29097a346829
SHA512 d19370b4bc160221010150660e0e633ed0abcefa1cd5a16513fd227ae84e0e4ca31022d6c7c83d58810f91d7ca995ee57c8903697359177be43712d7a63a45c7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 58a14c13b0fdd8af9d60377a872d033d
SHA1 88c32bfe2c78987e67699ea77ca3abe87a0a7e28
SHA256 a421b93945b429191c02c16b9d19133fe41ba4e9d6a1e8fceb43d5f1e42e74e5
SHA512 22cd62d3d61f1a358f11406d9591d25174e9568c67fded83cc99a334bf52abe0ebaf641929502739e699b6468c4b2c011e6fb855cced57457cfba87031f83250

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 a84c666c6d493c39a50586c7eb4f6184
SHA1 41a96e32418b7ad95e56fb23409068e548d677ee
SHA256 c5042565377704d2de7e0fa54ef67c220b522c78d13f6ae9b53feac8392ac3ad
SHA512 5ba383aa1b93955b36c9d648c5421a8eb5c4058e7e106ea1e1662e4525913200c2d923874b0f170d76f754f4f5260e0d1dbbcdedac6d50c37496e5441cc604fd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 6d21d7c6281ff8a9e83e829f0b7f0b07
SHA1 455211094d9182dceb88c53f2dce85825335f2f1
SHA256 98b6ac383af265e57ddd327e7e7d3d976b630cc162fe2893b781c0eb07adcae2
SHA512 277b4072905cd3c856595ad764ba27c66652abbba5e3342712a422c03ae150d8651d4f1dd7518d520f4862ee87a82560acae210252628c0433a821b442b6d2e4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7139b79795603b3ae078f09f61f1e5bd
SHA1 a69c83ef2b99adb2bb99ba76991b151c69c6175b
SHA256 2d93d6538a7144d241a3040f9bde2575355f4d9d807e7a761f633be29f0eab49
SHA512 3c529cc34b4d3555c643ebcc54e03351add3dab9da00a17be9d775b31b020adb8a681016fed39508b96c31e309a254c0ec6e2f146209a103259c5e71c6b281f9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 5e4a4ecabe1bf05edb6691f792ebddab
SHA1 6adc7a0e04ef5fd97c0208f6d088410e161bf2c4
SHA256 2a377ada84511dca2da19f94d178b0c32548abaee942047319b7e67f116612af
SHA512 49820bb24ae3c6d159e19715ef829051f86312d44535e9c603a1285765fe3846d66618f197dc2815feab3504e8760c669551a714dd24e4143e453457915eac0b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 870dc6f231e58ad441ef3a4e9553d904
SHA1 13b869c2312f141747e9bbddb21789deaff57500
SHA256 19bebe90b0c37a7bd44ea212e898faeceb2a8d340fb4792422d09f57f3c06383
SHA512 618d0985956d0c9b5c3b007a2b1f352beee179d17340cf8d924cbd6d4b7c9848f75e0e4f8867392116afb0cda0faa6951d5ab8feae33f208d2bd5484f3c671b6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ff5a3140251373fa9dcb39a69e3a46fe
SHA1 b0e9a84dd93012c77eceee044fab009a63401ee1
SHA256 44d99e035a259cea20b1846573fab3bc47e9713382c2b852de4d968b90432297
SHA512 b2cc06f28097c26ce51dede9b1a7fbc8a78126bdd8205ce893a7f5bf0a5ce2d75b0f035492538a85025f484971436501b95ee32e3669a7026c8bcc91576fb176

memory/6368-7369-0x0000000000460000-0x000000000190F000-memory.dmp

C:\Users\Admin\AppData\Roaming\AnyDesk\user.conf

MD5 e51fe74e4cf02361ba269e7b3caf78fc
SHA1 d8ea1dcf8daf656c29e2df96de7fefaa8e4866e1
SHA256 d10c060e4d89584885fcaf8669131662c03d45b55c06d9d6d093d373d390ca39
SHA512 0a43f6c6db8d22c3f51717edabfaf7e48a31f8fc6c74a1efc5b982b1dc6655befe158ef9e714b4f8f02e8e1efca0faeea556fc289121f734cd7730b2634c8a8b

memory/5464-7426-0x0000000000460000-0x000000000190F000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 bd21d14b0a5be590e04c98dfc84b1c4e
SHA1 2ef91c80f901fae308079d3f457e296345a3ef31
SHA256 be7d1e0e80b7760d2c8415da803d19eda18cfa6607fa30d90d85c38393b6e959
SHA512 8efc6c28ceb9874026a124748441bf096ec8d8963a5dd2311c898f7b45d6a227857d07f7e96844900b5f097f739a1ffd65bd8d8498427374c6e04469d7c19936

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c400e8a5b14b0107cbf26db2f7af8764
SHA1 9bdc1c2eb088e177f7c03e172486831c7bb6b667
SHA256 abda1cd031dd134bb1dd002c56efec678acac9a8a97e3b29a441f62b7bc32a23
SHA512 9deb6353543c6db5d6ac0409251aedf95c13bcde939e6457659992ad39dd55d0234f18d252b830045a8c94736c930239ceb7ac4a29f78ebd130db441b6790d3b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 825546be586c18c325ee71b82c5b221c
SHA1 5faccc619242d08c90f54876ba456c986a40fa73
SHA256 a084469c67794f88d55690a619f9bcf135b632dc7a4b23b2a44c98ac07820050
SHA512 27fb5628219fba62e62c5018d33c46ebb1d73b4f9708205c8345554a4bc94792542bc13c8593bd6e3c1aa3b1b52ea6854ff26db41518d4d2dfa7cf58d47b164c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 bf48c54887744a15e246789395e72f40
SHA1 d78342b9e9cdedd88ce004ea45d4543c02541802
SHA256 eb9d7b27ae1457c95117e4ddce77de7833e433c7af0582ef4de2d3c183fcaa44
SHA512 557e34eb6b2e1709f6986aa3b25cb750404e8ebc7183913c254c25dc0b0f1fa80afa1854643fed3a636861e05eb0cb28ec627a5e18fa7b558c615851bed57dae

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 213d98e8c6c760bec208245793c96830
SHA1 92de206d7922492b05e6c1006042aa4b7e7b5f38
SHA256 064016f13ce0c8410f535b58ac75177a673dcf5e87cb66b87de0a746ed8f7edb
SHA512 f9f2beb11f13139c33dfefef2203de380f606adefac042db8469c05914bd712444c08781922206a72394fa132b002ae1192c51ea7848a7f74b0b2991759c2dfe

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f8a66ea2bf4de43a0f81ab0f1b1489b2
SHA1 4c4fa03b6209b90479d95e9f599fcf18d4280c5c
SHA256 974ab3b989fb2f8ce32a8672a4b251282d4749b8a6f717713e08bac49daf808c
SHA512 38ebd13c682b2931d126eb4c01ec4197d8f6a385d52e4337b7655aaae5d69ab42a68f191bca80f222bdff28338cda78ec7939491f08a65fe3057592ffc4f39de

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 54739668d908a8dd73434130638938b3
SHA1 4844eea0c823a2407c45cb736f389b02888274cd
SHA256 9c787642d6930f2819e99e4f0ee17f6d7e97bbc5d84ca96ecdf9bbf33de45932
SHA512 ce115d6906e044c01d957d0bd65b92a86b8f42a1c7516f8226e4ce06d5769b86812e814d15b91f64185e5741404a9b6571c81cb33aba0a5543ec880b9a00bbca

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d185482972af07e1a67ae86b76eda7f7
SHA1 d0860e50362f9b89c3c9890186aff9a5e1be0893
SHA256 037d59dd49b9762ace324fc020820d8aca91ae9118d095935c34bb35cf77cbe9
SHA512 55c1622389249870d4507427356491214765b330e2af566b18348412d785a391cb1277a5b9ae3862966e285e1f4c33cf119b51df0ec52a7e66c3e3017fbe6e27

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 add353e6b50ea947acdc87769f25a28a
SHA1 9bb02b576c4b7bd6e6c80cad6b48663e4bb02ff8
SHA256 36ed8dd162960e399cf1bd67d4c1db909a6d41ba3d8c422aacd003a9f775796f
SHA512 326aa40b520db00df597a8c5585f310d971165a42459b1964ec421b9f604b42d8f9ec70b9a797f99746418975dd2782ce47d25d763d8140677e25ab0ce269863

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ba812c0ee2f92f7324c40abf158d7a56
SHA1 44612a46c4d6bda705cb93fb188cd5f54150bdd1
SHA256 9bb0074ee3865071c602cb351f55c452c15ffe0ce530c2e6f029ccd6def4008b
SHA512 8c4591c71d25c0348a77bb8e666b7db2a260abcee2924d68f502e8ee3ade55515328dc896d50f8e668315517a788422bb5867456c125d34130a789cf65b675c7

memory/2440-7584-0x0000000000460000-0x000000000190F000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\ad3da63b93fca116_0

MD5 46462bcab5934a77f5e2ebd46c0027d0
SHA1 c23f24ef7a9b13f961a4e04f6cace32d18a1b5a5
SHA256 9c922ee6a95f71acbbe421ae2942a647eaf8555a8d44c82b4fa3b373c966cba3
SHA512 51f55fe627bbe3fde72d7c7d7aace808c579b57b98b0f27beae41a267151c7903ccfcc6223264e95ec15808f345393637d25ef7173deda8ad4c96c9249fb2d11

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f2762a5014e4d24909b5f31d7f2fb9bc
SHA1 8981e75a78a845f5cbbc19f9d2abf3c0be2bb0f9
SHA256 016f13571d1ac8c1b83fb53cdded27a598c81e9c9e0df7441bd479737d07cbec
SHA512 2b35fa180e19c2da6ea8c20a63e45d55138457e5e6f70dfb09e4d81123e16baf970e377d3e4e3c475d586c7509cf0e677cbfdb283ea232cf51191e88625ddeae

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 e750d130304b66ea1e7e9d31dad0c7d7
SHA1 e4cb8ec17888e95cb980716420e90ca935dc0d27
SHA256 947500836a67cdbf04b4913e5a6fd9a5243c6bef34c6646c0e93d3c2de8dfc1d
SHA512 edbc4d4d7de59cb0d3bd93568fcada3b7636d18d771d44b3a40c5e36a374951917849ddf34640e3be86e9fd9947ad7e2fa263329bd42633e65fe3140405db448

C:\Users\Admin\Downloads\MyDesk.py

MD5 677ca9efa47d959ff841c7eb6e4f0579
SHA1 00efe28f649da191dccc27f57888f31631775c51
SHA256 5579e7e5a487b17903dacc63eeddf41ba1117bd91afa8863476f73d114798c9e
SHA512 5b52637504b1417d54d3790ce78ab77474d6b4997693ab124cbf18e78e5f3c56cc8fa0ed4a010fa69ea6aa9b6f8770fa589b5224d5238cf3a01c0bbb938a75c3

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\1ced32d74a95c7bc.customDestinations-ms

MD5 5976eef3e5682e13f341e8c660b14f61
SHA1 5608067ec25d1b8edccf70c99faaf156e347d4ee
SHA256 df9cfa8b4cbedc4e6204c75b489101442a6cdc03c47f1d5b209bb5afb632128a
SHA512 68dde460f875f21253833bcccca81a796ceb4c4417dc39f0b58407479ae55fa42560591a6adefb1a6751cf6e87077de1ef0c8202768510deed3dca67e393b7c9

C:\Users\Admin\AppData\Roaming\Code\94cf8420-b4cc-4fe9-9344-9188b241cf4b.tmp

MD5 58127c59cb9e1da127904c341d15372b
SHA1 62445484661d8036ce9788baeaba31d204e9a5fc
SHA256 be4b8924ab38e8acf350e6e3b9f1f63a1a94952d8002759acd6946c4d5d0b5de
SHA512 8d1815b277a93ad590ff79b6f52c576cf920c38c4353c24193f707d66884c942f39ff3989530055d2fade540ade243b41b6eb03cd0cc361c3b5d514cca28b50a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 9d087593363a00f8455e8cd69d19638a
SHA1 382c7865213fddfdeec22c7e13db49252b5f4066
SHA256 26b9c6f3cfdf4d1fcfd47af7d17698cdb961e5372f7b719e3ff8240b7e0c715b
SHA512 a5425d0101c1d5551f8c1bbeb7a7bd8e74124c55265711b4dce5fbf987c3d17e5386473701db97d5e18b63de0124c8c8213ec1da512ae6eccf75827b37347396

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2e1563edc4d2b0164aff2d0ff40058ca
SHA1 03ae06bc309a7d4fa76aad4f6d1d76540a5ddf8b
SHA256 1d70d68d3e72d5f918be9b41cbce5fbcd8b7a0112d9f0026b0ce34e875c68d1c
SHA512 4f92d8e499f874f121b83cc8b44f67ab24d2cb2e2f3a6436f92850519be8bf1eeaba4b1c8eef5843638a2594e2d907daddd0336532f09693f766d54679f16170

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 d78203bd68d8ac6130a2aa09a5444790
SHA1 9622e483c1e0093d3cee76407286639b6dad2ef4
SHA256 a72532653b1459e8e77cec3e8a08cb7d32e378b6f27713f323c34725f8c62b73
SHA512 300b5e7a026faed91483ce8cb4b070a8fb7455264c56265c7a037a5ce2a47458f463518a54c5e09e0b390af2a4f4438ad5f1b4374699c4888a15dc7e5af85258

C:\Users\Admin\AppData\Roaming\Code\Network\TransportSecurity

MD5 2e22872fe7ebbb2c8b0f93ad7ad41889
SHA1 ab2b13321c61289ac9d60f739b380a0ee2704145
SHA256 81421783ac9e47c90063704ef18b4ba6c90b30cfa3a4869d39a09f9cf4da072d
SHA512 f045df01692de71c1724f61474a98193bb83abec2535256672bb95e0093924bf667582c6bbc51ac002ceb5e35031b3fe45eac2ac8d5f391507b04236a0cae676

C:\Users\Admin\.vscode\extensions\.d2caa90a-54b1-45f1-b04f-c9c0338c9790\SECURITY.md

MD5 bad65d0081a954887217e979f67037b0
SHA1 4d1b95a8fd5990c0c29a01ead398276503d95722
SHA256 985e3fc1a4c6591e6dab1605ea444204211107882efc011fe7a93c6257c18fb9
SHA512 22dbc7790c01c6f4dc4621bf562577627416cfe4370d87ea25574eb7278e24d4bbb7b1bf0affcdcb9e13fe5dd07b3e8902baba0212f2e1cbd501d35ff76150e1

C:\Users\Admin\.vscode\extensions\.6ca57bb9-0b25-4855-adfa-1ad7db1f8790\python_files\lib\python\packaging-24.1.dist-info\INSTALLER

MD5 365c9bfeb7d89244f2ce01c1de44cb85
SHA1 d7a03141d5d6b1e88b6b59ef08b6681df212c599
SHA256 ceebae7b8927a3227e5303cf5e0f1f7b34bb542ad7250ac03fbcde36ec2f1508
SHA512 d220d322a4053d84130567d626a9f7bb2fb8f0b854da1621f001826dc61b0ed6d3f91793627e6f0ac2ac27aea2b986b6a7a63427f05fe004d8a2adfbdadc13c1

C:\Users\Admin\.vscode\extensions\.6ca57bb9-0b25-4855-adfa-1ad7db1f8790\python_files\lib\jedilsp\typing_extensions-4.12.2.dist-info\WHEEL

MD5 24019423ea7c0c2df41c8272a3791e7b
SHA1 aae9ecfb44813b68ca525ba7fa0d988615399c86
SHA256 1196c6921ec87b83e865f450f08d19b8ff5592537f4ef719e83484e546abe33e
SHA512 09ab8e4daa9193cfdee6cf98ccae9db0601f3dcd4944d07bf3ae6fa5bcb9dc0dcafd369de9a650a38d1b46c758db0721eba884446a8a5ad82bb745fd5db5f9b1

C:\Users\Admin\.vscode\extensions\.6ca57bb9-0b25-4855-adfa-1ad7db1f8790\python_files\lib\jedilsp\pygls-1.3.1.dist-info\LICENSE.txt

MD5 ee30d2f2c9b01bd2c6277944b6294a73
SHA1 ddb0abe729f7755296eb55e918cbb9be8da8bd34
SHA256 6f4915c6bf1a75bc611c318cf2de93de358b31b409ed02eb9e0c245a79d60a5f
SHA512 86a2293f89ab80138d67a1993948d8a924a1c3721d96091b2dd99255331776fb98785a57c1ff37949ecef2295c2a1b09d59768671693281c76d9839ae08ea223

C:\Users\Admin\.vscode\extensions\.6ca57bb9-0b25-4855-adfa-1ad7db1f8790\python_files\lib\jedilsp\parso\python\grammar310.txt

MD5 663bd8e6c3008a6849caeb04b084aed8
SHA1 bf5f44f35aa2e1649c780e87a779da4a97adae0b
SHA256 4305da1ea25c27fce08bd14001b76fd54fe42a0724bbd5168c76680a56eda5be
SHA512 7a61aa2176d1fe366eddf6e6c1ba87185790ec375a9a430038b618e382030b369fb67862c735191e3622f522f6760337e97e700ff40629b76d8c505beb174826

C:\Users\Admin\AppData\Roaming\Code\CachedData\65edc4939843c90c34d61f4ce11704f09d3e5cb6\chrome\js\index-dir\the-real-index

MD5 9fc27a094f8479b84e26d41ecb224364
SHA1 26ec60f571a309868296bdead1b8e366953a855a
SHA256 e4b0878ac3033a66ff9981a63df795abd1deab45e1240f373cedd387bcc81861
SHA512 0024cb97bdd2418308bf1a37601a62f4a629f44b6f0bd017418643cf248a3924eb9344101dd8b96df82465b3ceb52658e3230279954dc42e6301e3147ecb9692

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a71cfc574da5d95f76e1267b3f8dc707
SHA1 e704a2f79ac746e8e4919154d0bb4989da9bc3bc
SHA256 8a2df777b4909ec353547abdc21385ade197cfdd4b3c339b4e97ef489e3512d3
SHA512 9f7650b4a88b72e754bc60f19850fe9ec8bf067190a76e3e7fb2818484985169275d7c6aaa47598e406009e7cfd35d3ec26298f0052c06cab49e830658f818c4

C:\Users\Admin\.vscode\extensions\.6ca57bb9-0b25-4855-adfa-1ad7db1f8790\python_files\lib\jedilsp\jedi\third_party\typeshed\third_party\3\docutils\parsers\rst\nodes.pyi

MD5 84a27291937d76e46b277653002601f2
SHA1 fe60efb40aeeee2998bb07245d4f9571ad08825f
SHA256 ddf071712a6926be84384714a23bdf946dc47a083b96fd90a7474d41020bacfe
SHA512 e489e83fd33fdc8ba88954725f79c2132bc4162ba713c72b190b790b4a368e3ceb024d7b8bceec4544123a5435fdfd987876f1b2542da06cba899f5ac72945be

C:\Users\Admin\.vscode\extensions\.6ca57bb9-0b25-4855-adfa-1ad7db1f8790\package.json

MD5 00e77a5c4ff06680d85070eb1d29c753
SHA1 4f0533ccc74c3b672f7fd41d676595d3d133e91b
SHA256 a7646f4e8e5721b1d24aa3a0d0918b8f6712419073756ed8bca94fbd67ef8e99
SHA512 125c9042b60baa9388c2b0233276f5c98a34c38ad28c791741bc5bd468050e875ef29866fbaec5f4bad12a2c4d4393ce9e4a6c3e8606502d1671e71c99e7084b

C:\Users\Admin\.vscode\extensions\.465b4ff5-42f2-480d-bf37-64ff028b300e\dist\bundled\stubs\matplotlib\testing\__init__.pyi

MD5 c195fd87d35c2ef333da0bae5e81afbf
SHA1 7ba5530a0f12df002afd403a55ec4d779779884b
SHA256 e286fe684df994ccd65d1bcb34677b31b5b6155f6913cf5c7b8e411f350df7b5
SHA512 17a4eb1c4c3cfd2b296d58d00ce375c793a24071e97baab0b3e17040fe4bc0b17d0fa286c4fe2a06410831068aa900aaf5b240b7ec96ea7dd0deb688bfa9c612

C:\Users\Admin\.vscode\extensions\.465b4ff5-42f2-480d-bf37-64ff028b300e\dist\bundled\stubs\skimage\transform\setup.pyi

MD5 13f65f1790900479e3642f9e5b6278c6
SHA1 ff6be4141596041859277000a461c88ddcb01b3a
SHA256 30f4eeec8c8b4c9b9d8469ffc052d62136a3e11b20d992600c825882acd4451c
SHA512 c2a973de759a906165794317d05d84afba1de4a5b404edca1579d36b3e3cafd0c002a1571c47ed2f1564c1db11cfb8d8275ec5bec8534dda8ec6fe59e1ba5ba8

C:\Users\Admin\AppData\Roaming\Code\Service Worker\ScriptCache\index-dir\the-real-index

MD5 46168307baa9f8a555e2f688fb17543b
SHA1 b10e08b0663198bfa02ab1d4e8f4974d19f4bdd3
SHA256 bcb6951af92111579f1b2fc718f26661da952aff156e2d24265f4b453d48a004
SHA512 3f76e648b86ae6427006ff1ee46a9ef455d1338ff01bda010cdcf5a4835706b2dc35416d00e239be79f60dde90b6cae6bfc920a9b084eb2e607cb1168fac92d1

C:\Users\Admin\AppData\Roaming\Code\WebStorage\3\CacheStorage\c166a6f5-e7de-403f-b71a-36c870826d38\index-dir\the-real-index

MD5 daf805cdb426147b93f43dc689c42b2c
SHA1 1dad6d3df85a428c61cbb2ef786a77421ae43b1c
SHA256 1d958ba5038ff8b9508254691bf12fe91e78baaa945ee0334c6b1f9793e656f2
SHA512 2610ecfeaea4d576f78046be4a0e295f3cf829a20f51e372f7a9a5bbcb91969494f8b6cc0be021b268e8c875f05dc533bac4ed7b09e49d7dbb122044648120ba

C:\Users\Admin\AppData\Roaming\Code\WebStorage\3\CacheStorage\c166a6f5-e7de-403f-b71a-36c870826d38\index-dir\the-real-index~RFe655dac.TMP

MD5 10d3e3d987d113e4c0c06b157360e733
SHA1 e9839d8614343c499e0eb9024f1d28ed055bb70d
SHA256 2423ec9b734df460a397a3dddb7510246486c5dc50484ad7507e1a8d3923163a
SHA512 9af1bfa6599166438d0f5394f2655597d2af781ed205210fa1677088df25e8996eeea61156175b5b720005404a0703141f270ac0b66eaf8d3c6dec39395cbf03

C:\Users\Admin\AppData\Roaming\Code\WebStorage\3\CacheStorage\index.txt

MD5 3cebf2374a5a5d42b3bd9eec62c4f01d
SHA1 3bf0d85635a31b31b34b86c82e50f4294a724435
SHA256 6b6f0f29339158229e7233450dc8fee5460b4ca2b994bfc771f33d9bc9ccbe7d
SHA512 b28c25f6d0499fe888a5c05cc7fe4a29ef69b2fe9bb39776f7d82cf0f1647e645e3cd48c0fac2bcb8b8f846607a0f79aaf0ee7a959c4727de2dd9edf8c5cf802

C:\Users\Admin\AppData\Roaming\Code\WebStorage\3\CacheStorage\index.txt~RFe655ddb.TMP

MD5 f0283cd37216cba2dd6670e6ad531a70
SHA1 c632862178caa7d4929aaea114d546109680a730
SHA256 f46dd569b394f1d83601ee44fd6d142eb1941f301132268efd819b7ca3a5b422
SHA512 a5c0d0cc8ff700d7d635844c3e895eb8a667a07394f207ff779028dbee941cdcaed2a5fe4c8ad479b9d7ef0fd69ccbac0106a60e9944ea47c1f9b479161f7815

C:\Users\Admin\.vscode\extensions\.465b4ff5-42f2-480d-bf37-64ff028b300e\dist\typeshed-fallback\stubs\docutils\docutils\parsers\rst\directives\html.pyi

MD5 e36084ef83fd5269f7993ff7501969bb
SHA1 f73bcdc8ca51cb48da7aa7c0707a36c0f3a2cb48
SHA256 2417b1b9625b16f691f29a0fe8b481d6ac7d4bb0a9184ba8452c21b8ae1d0694
SHA512 d639148932fbc6059574114c7ea7a03d8802aec932237a4e80511abc87ebff7429669a1a132a67e5aa39cfa617844b1cf2c32a22eb5e7cc3cc77b683e19c6ef4

C:\Users\Admin\.vscode\extensions\.465b4ff5-42f2-480d-bf37-64ff028b300e\dist\typeshed-fallback\stubs\lupa\lupa\luajit20.pyi

MD5 d793d0f67c6431613757900751a7a056
SHA1 192bbdf3be788e8af774191b9bc331c09cdf770e
SHA256 17106b01accab06b54c453ec648ecd7295d9a3e3c25a9d98b96585ca7c0e5937
SHA512 c6776bac35816034092e169c9dbb08d0088d1fdbe99051a3b95f9dcbfcd851b298831a755c6c16e7048733d687d5f776fd27acdea7c9531b1e2befb3a1d72ec4

C:\Users\Admin\.vscode\extensions\.465b4ff5-42f2-480d-bf37-64ff028b300e\dist\typeshed-fallback\stubs\pyflakes\pyflakes\__init__.pyi

MD5 54b61c5640eaac02f504e88d569e5bb7
SHA1 f5964416f02faef1746b90a848239e2a16d73bca
SHA256 c6adc34c996fbd51d68db67512f32328906937e5103b7cf546e96a6b3d8d37ac
SHA512 4ef9f49269b3780471ed4ce2d91eec8e1bb9fd5e9927624f6ccd18a59535ad5a3deabb27c24703b1ae90289fbacc4334862f2d02000ed1528399d8023a9da004

C:\Users\Admin\.vscode\extensions\.465b4ff5-42f2-480d-bf37-64ff028b300e\dist\typeshed-fallback\stubs\reportlab\reportlab\graphics\widgets\__init__.pyi

MD5 ff97ddf89be58457efcc9ea0de31a0a8
SHA1 5bcdd90a71f97deb4ffb8b304daac18f2459814b
SHA256 2003c50e7c7a4994bf1e3fa973751149e2fbecd5aefeb0768f73d74f816f2e97
SHA512 fabce97931d283a86afbf981d1ae2c2189f6648dae81b7d5d11db7d16cf5591b6a6d924954d82cce81c44a8b10b144bb7977c3024fc7337b7a828f6424e68ad3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e2fc8272ac6444ddafa727bba3efa9bb
SHA1 93338f6ec1ac71e411ba223c817d85bed3360dcd
SHA256 110fc29b309184fcfbfc5fafdd2e3679ddd4a420ba1359b03166bc83a7d955cc
SHA512 86ea95efe5c6afa747bb683d17637a61e3ba2985bb3465633d006af2f44f135b681b9ae3b637f6100657955c69a662f8f0d52c6157f4bc02b29861e9d6a30c3d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 382bcaef4a8679b5d88ce42c501320b4
SHA1 262a1757e41b52f2926dbffd7e0d955417eb2ed0
SHA256 b43ee31c16daffb4b1d13039630da650db1802c6c884a556f8c27140524a7b0b
SHA512 b5f960b40dc6ac955dd589f0b27e578153528c951b7c47e6d1e2aacaad94a131dcc7f43d8867e3f0096b868c04ca35c61c4352c5e6999d99c916a5e0d7c5a881

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\1ced32d74a95c7bc.customDestinations-ms

MD5 5940298754008584318ecc92a46395a2
SHA1 4cb37bd6ec78be2b94df3dd03fe679971bade23f
SHA256 2dfd4fb05f4ecb0e9f7a935cc222e4cd6d861879f5a82bce7623d8643100198a
SHA512 275823a69bd9fad700cdfb5348d21aa4fd612bf482a5c8fbb15a893f07b2cce4ef017a1cce8ccc98c8541d24226e4ff76476110cce5bcd92ddce76dbf8568302

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 332d7d102811e834b854dd522581a27e
SHA1 b7ebf45df70d3df9ff9037b41bb631fd57805f49
SHA256 56ddeb8cd2007052bba41410f425f2033f968add71d3ec01cb8a42efce17f553
SHA512 20ce3e2b9137e6fbe85dfc734769378562281799b4ba047a6597036001707ab5fb59393561abf2a011f235db137c858bbf53b2aafad76edc6402679d6ffa9b28

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1cfd7a8b8a03d6f7c59256d4d49d9316
SHA1 35742ceef9eae38285d18d89aab59ae09415801a
SHA256 d5d2ba9dc57810702e36d3793fe197a6f7c16b799268a8f05a8cacf32326ddfa
SHA512 879dd4fcab7cbe926058afa4378a47e51c79939feee8d2566e3d6d885870cc8c7fb82f4bb09bdfd5175226c0061c96eb3faa34508692b0ca3cd1a0eb27778701

C:\Users\Admin\AppData\Roaming\Code\WebStorage\4\CacheStorage\9e46dbe6-09fa-4026-bb5d-a66fc2276c38\f3cd9d874e6fb382_0

MD5 5b92581b9783e21fed1f6a295da4ee2e
SHA1 4552de4470cb39726f9e8e9e5f2533a261863fd9
SHA256 bcb900f9a6b66ae6dc9c38cf5b236d90d7525a3fdfaab57ff9aefd95db364fd3
SHA512 7bc5e5a3ab0d8166cd38100f244f4e1b6f2899cbb613986c2a931710af7d69f63648bbe201686378a4f0f37912d2ca0676ae5e25e70eba28951466ce4eb9404c

C:\Users\Admin\AppData\Roaming\Code\WebStorage\4\CacheStorage\9e46dbe6-09fa-4026-bb5d-a66fc2276c38\471e026b8bae34a0_0

MD5 ae9fe7b603f37a00361318de21fbf7e2
SHA1 0ca41516a85fbb6b4f8669c5ab3f73d9a3aa7e8f
SHA256 4959e8d657236b294c2a3df684236ac350f1f733285004f093d20bf10e6f49ab
SHA512 ceaf6b133d77920376e616c14cbe7a4c61c946e07053b20cb2d30269d305501d24997e9357aba6829efd0cca1e7fa7c2c4a486fbf489053f8e4a944b8d215bf6

C:\Users\Admin\AppData\Roaming\Code\WebStorage\4\CacheStorage\9e46dbe6-09fa-4026-bb5d-a66fc2276c38\298f261db17805fa_0

MD5 db87864b69f17782a7c48d5c6df507e2
SHA1 1fa319d258525d6b61e06a6b0c16253a5fc1aa1f
SHA256 362f545aced4743960da54822edcab31a2df2995778b26fdcee5332113034c1e
SHA512 64cf52bb6927cfd9c4c93cba6e6c7a781279b45c8afd67f1462f566b7ed8bf3d82eee81603e6e7fee8561024c186d86d327f823ba759d34180f3d4eb5fda7bc9

C:\Users\Admin\AppData\Roaming\Code\WebStorage\4\CacheStorage\9e46dbe6-09fa-4026-bb5d-a66fc2276c38\59139c9b72ba2d96_0

MD5 b2a65d2407f6e508e9f75209fbfd1c14
SHA1 c8ba6750905f4c3c4f65911435c7de42c9c14996
SHA256 cc208e01c9f8fcdc87fdb21eecfc9519307609b9ab4ee340dd36f1aa4efd0d4b
SHA512 eeeb26e3c508afcb15032818ccf15abd78c28bab53fc75aee79e3ef15f5978a6860eb03004ebc7314718b7a6e4e16fa7887fea6ffef8caa2fe4de266ac127f5a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 a3a9af3eb0e45dc31acf9f983da6017c
SHA1 545537524e901ab05b8c7d60e3fa5c8302e19a96
SHA256 422a3a44c483acaecd1716ca261a8b85b6406417fa3cfaf9c900b8a58139a8bc
SHA512 6173876f8fac63f8e62a2d1569393c751658eb2c37cf9123125c6718718aa11d9a9b211bb56fbfa14208d69388fc8ffd75990d969fb74f9938421c19f5b234e6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\0b60c5d1-5606-401a-a46c-c002ec9f1a6c.tmp

MD5 085cffb0e4eb61b4caea1964b1effa23
SHA1 efe68e33b5403e69dba576f754994580e8beba3a
SHA256 fd314d9025c41db393f52e8b78a1d511c19d9ea9c6be46c0f48c04bb2e62e33c
SHA512 862d2384e163f5aa8fc3787631695aed9d006c4187c620e7d674c5d96cc695797425d385a710bce5c87aeb4362187ebf9cbae86824b0ecd94e5748bac0030856

C:\Users\Admin\AppData\Roaming\Code\Network\Network Persistent State

MD5 fd9b46beeacf1f8932d9673fb5c6dc29
SHA1 582f6842ab6f66eeab51e10caeeb315e3f32b063
SHA256 4ea7a52633e8c898adfde0287a1a29e0c2f6a71ca92d8a31a1bdf79557805b4b
SHA512 431781d86d976c0c782ae792eb59e52c0c66de9e169e6dd5527b2bf6a054cb277b94f0ba50f42d8ff668763010dfac6315fc0d342dee7bc06fcc2618193d2bd3

C:\Users\Admin\AppData\Roaming\Code\Service Worker\ScriptCache\index-dir\the-real-index

MD5 04a055849b9a8ab560d14b1aba380e01
SHA1 04ff2fba640e58b28749840a0e0cfce60df9a835
SHA256 5a061ccc8b2a73403169b1081e8a985a8adaeb0308548870cf765187a73f30c5
SHA512 1ada8a51e63c2d629b15d78a134cb0c4717422de35a61dc1eeb4afa2f8e13a883fbb8521ac973d8461a40e228f2d4987cdc02d9711dd077b23bf9a64f55914fd

C:\Users\Admin\AppData\Roaming\Code\WebStorage\4\CacheStorage\9e46dbe6-09fa-4026-bb5d-a66fc2276c38\index-dir\the-real-index~RFe6613fc.TMP

MD5 9bf01c878db1810b5a6d5c1e48cda55e
SHA1 ddaa3bf74f8c7f2aa0fc13f04a4064d9e5aecb1d
SHA256 f13a060c17d8637fd6d94363d08c2409f99c94ab4acae0f2c6e5c3c041499464
SHA512 a97a2e647b46863d7e0372a4423921d19eaeff9c8a81f8c6c40b14bf22e303bc93cbbf6860abf1082122d5e8899dc7bced83f5b384e0aa357aa9618616a614f7

C:\Users\Admin\AppData\Roaming\Code\WebStorage\4\CacheStorage\9e46dbe6-09fa-4026-bb5d-a66fc2276c38\index-dir\the-real-index

MD5 0f01d63b5500b231e234b0c50b908ea6
SHA1 fe92f552c10202b13aecf3da7876a660d9f92ade
SHA256 535f906971c92fac50d0fbc6a28fca226ed17329db38fd9275be38ce57127590
SHA512 8539fa1ad77ad74b33336f5b611615037ec065a269db2a1e085ba19fd53aba71af92a864be68c46557a643d39b57f46ae3bf9a911b0ed8f1032e84db5a8e6354

C:\Users\Admin\AppData\Roaming\Code\WebStorage\4\CacheStorage\index.txt

MD5 88f5fc3e105db01b81e167294552a54e
SHA1 b4649ff52b13ff9f64b9b1df20ca67b810db82e3
SHA256 ba1087329f867cd3b14fc3cdacccbc50418b92fd9026e8be5879d567ebfb6d9d
SHA512 27855be578cc118b4cfc2182e04d4214d6494c5c8ae06b38a661bcfad83f244a3c3350c2a6b8c6b0892840a278c31f2d6d0fb11b3a6bb9aa309893bee04be34c

C:\Users\Admin\AppData\Roaming\Code\WebStorage\4\CacheStorage\index.txt~RFe66142b.TMP

MD5 ee5b20b9c4ad4e2aaa93a8175c227668
SHA1 ce23ffcdbc32c5673e4fce55dd82ff231f8a117b
SHA256 3787cd87159d9e77269fda81e25a87d4674c5531fb52192e2607e5f0864c2e96
SHA512 15b75cb84f0e371bbcc1e646d717b299798fbd96380a65c87d1434d383c447c53c53ef8236c1220cb40feb3388439b763bed06d3b812fd96bd94a8484e694d4b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 37ad487089b0ff1dab41fc34d1685c46
SHA1 552adf5b094f3748a52e4bdee89f9a0b9d60a58d
SHA256 ee5b28dd5e8fa07d71a08f28d31177d8e775fc147cacdc2cc9a36e7c5d21c630
SHA512 aaf39eb260a8c0e6fd1e4c8df0fc8d70c5bc50ee4f4201c03a8a047e00f35c85e64b1358f43e63d6dca47bf4ef25d802284e513d74d481bcfa412c462e5f4642

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 76813d94398fe1d4985cc8312a6c94f1
SHA1 ba0617ca17999a34922d4a9e5f0314f43ef3de0c
SHA256 31738db9a157090e26963e34ca1e47d1fb06baab589dfa6ff54dcf6d991bbf1f
SHA512 35631b69fd017efaefba2dd7ed548d4fd1beedd94a7de6a712d3fb74ab239cd229da3a970f46c5ee5e8d29f575a9fea43eab734ca7f9df9b09c714933d746a4b

C:\Users\Admin\AppData\Roaming\Code\Cache\Cache_Data\f_000006

MD5 faf759efd780c5f06bdedc38aa902b04
SHA1 a77b1078ef3837fd5620288f1c7ed9457ecc4939
SHA256 5e0039e303461709f5b50501cb40591e7d6ac977f34abb967b653141de90ddfe
SHA512 52d1011f1c24f258cd3f55ef31fd3ec15e2129057cc29c7295e65857831283ddfaaa62d6b11741a516f5f1bfcf9bd4bd94d8a51e9d55fd01918016208a7a9360

C:\Users\Admin\AppData\Roaming\Code\Network\TransportSecurity

MD5 cf2a14898995e04844b73c2dcbb9669e
SHA1 8911f4e1150bf0f47ea71ec90c54b903836f67d4
SHA256 72899617c9ed54a7aa2633a8deed1aaa38c04720212e16ef84d0c3db46025da0
SHA512 0ee05d9f9ca05f38194ffe623e4eb091c7189b8fb31bb22e1692fe4d1c5f4babebea3a8f9c50f251ee9d2d3fcc06cc6e222e471a83172af6a520734658137b26

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a5542e8e7dec67cd9dc01e419191ea3b
SHA1 dcfa6379e8e05bf77128292e2aed70795f001ef2
SHA256 140434ceaa6abdb74df2f2e342ef5baa9aea5026a64c5608151ebbc4e6e4da4b
SHA512 5c5b0db27bc56abd3945acf86bdbe0b59050f15538b4eb9c841ab28b7e257429badea29aac6a81150d887df071d265aa749e9d6238a61fa41fc94c9757a27e06

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8e456d3c16ca2183f29297e936ceeaa2
SHA1 600a4f1b4d82aaddc7055b99fe2844116b72da34
SHA256 7eb250eed483ba40e3a486b168e7819ade7e1365aeb7569fe74d0283bcf8509d
SHA512 7d508523e41fb98606f7ad5202fa333e57f1fa9e7e498314a2ff380f23fae92461b9d98a38e271de9e6cc9d018434bf3430eaf9af24deeac3ca8f5870e647d65

C:\Users\Admin\.vscode\extensions\.d2caa90a-54b1-45f1-b04f-c9c0338c9790\bundled\libs\debugpy\_vendored\pydevd\pydevd_plugins\extensions\__init__.py

MD5 f2043008942917ac9351c930386cedd0
SHA1 056fe8581f10814d00bb861e32605a77e14c3d16
SHA256 63d7753d1fd95c6e949bf7db76baeb63151dd7a34a1fb762958ac928ce138ec9
SHA512 e20ede0cc5cb08740ff870f28e5ae20b8fd6fdd1c17341a7a1f6c62efd06cbeedd833d3f976fc14bf083e009194f561c94f7c136da10b2a0d0e62333e712dbf6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b3f0f6b8f6f23ba9f4052da1c7969ff5
SHA1 791d310051f20341ffbdccda0783f703ab0e3f79
SHA256 0b659afe06e3e2f6b36975afea4d848f3bf0b9f05fa58ab1b7e0a3087e22df8c
SHA512 e2a4a0b8164afea4ec46f07c2123b2108c448769488cfc617c21bc4cd6c62345816cb0afe9fc2ee31efc423e0620f9ef9a91626f93318d01f505549695cb1bcc

C:\Users\Admin\.vscode\extensions\.6ca57bb9-0b25-4855-adfa-1ad7db1f8790\icon.png

MD5 1854b08961029295351e3d80e6f0d40d
SHA1 cd7d738dad1a9cc305a955590ccce4c98df4bc40
SHA256 677615c4e4f2585c8df24364902284d3bb019b7eca56c43da1c18af0f1b2631f
SHA512 7a56ee1bc395edc0574b7cf2bcf58a0b5fdb55feb9653d809f62f68ec2374ccbbfee5b6970a33d2c9e4623e0864e07246d0d17ad3c9f1395fa3fb09599fe782a

C:\Users\Admin\.vscode\extensions\.6ca57bb9-0b25-4855-adfa-1ad7db1f8790\python_files\lib\python\importlib_metadata-8.5.0.dist-info\LICENSE

MD5 3b83ef96387f14655fc854ddc3c6bd57
SHA1 2b8b815229aa8a61e483fb4ba0588b8b6c491890
SHA256 cfc7749b96f63bd31c3c42b5c471bf756814053e847c10f3eb003417bc523d30
SHA512 98f6b79b778f7b0a15415bd750c3a8a097d650511cb4ec8115188e115c47053fe700f578895c097051c9bc3dfb6197c2b13a15de203273e1a3218884f86e90e8

C:\Users\Admin\.vscode\extensions\.6ca57bb9-0b25-4855-adfa-1ad7db1f8790\python_files\lib\jedilsp\jedi\third_party\typeshed\stdlib\3\posixpath.pyi

MD5 d6525de34375179d12889a176a91255d
SHA1 8e01efdd8a61008d775058bfdc084066d7f27047
SHA256 3191b9b9c4fb744bc025816c24737b48733616bb383727f778b9ba56a854017d
SHA512 53feeee1aeacc39818e80d521a0004acd943f1b0870d7ad85d9a1919b62377dab5cb22a456f92eed101b55975636315bb6d3ac68e0dc1d3ec675acdda622ce4e

C:\Users\Admin\.vscode\extensions\.6ca57bb9-0b25-4855-adfa-1ad7db1f8790\python_files\lib\jedilsp\jedi\third_party\django-stubs\django-stubs\contrib\auth\urls.pyi

MD5 72baef07657af40bbb9421362b0c67cd
SHA1 e0e802c0e54240712b8bd8418627b2ffa123bc94
SHA256 a0869d2c9451a944b87f059edc5d93c1d415888b98b9247b8aeb5489d9dcba7d
SHA512 32e4cddc4df9759ad46f617cd69b2adc130a918cac4f588cf563d8e3c298ece3a5bb0a9dc9a082cbdc015f2789336a6e67d545603ea69477fc5de28256fd6d06

C:\Users\Admin\.vscode\extensions\.6ca57bb9-0b25-4855-adfa-1ad7db1f8790\python_files\lib\jedilsp\jedi\third_party\django-stubs\django-stubs\contrib\sessions\management\commands\clearsessions.pyi

MD5 6b8cad3305cef8186496283d80f5ea37
SHA1 418009700ba673f4aebf49db46d1f44384d4f8f8
SHA256 1a4fa10dd76be871ebe4f02bc9ccf70eaa1e178efa5291aa6aff471a9fcdb272
SHA512 e06ba45ea1bd65681f3be4a85118d4bc75c961e82dc6d319c6a2b1a7a39533732fe7c5d152ea978e0dd62c1ea520eb62c9322eaed82ca5588495fa1465f71555

C:\Users\Admin\.vscode\extensions\.6ca57bb9-0b25-4855-adfa-1ad7db1f8790\python_files\lib\jedilsp\jedi\third_party\typeshed\third_party\3\six\moves\CGIHTTPServer.pyi

MD5 59c113ba8da07ed8b8cf1d9fa0cb0a08
SHA1 b29c918fa7f8eb1f29f0a940f7bc3473d1f5d5e1
SHA256 bed05425469b4eb2152bdec29f43212d48474a56e61c1f10810956c1a747fbac
SHA512 98a1b860fb715c34568ec9247df52f480fd5fa72eac8c3b34954bfc2b35fb4b0bf73ea421950a9c027a20fc364207bf930edff3033490acf4011098afbe098e1

C:\Users\Admin\.vscode\extensions\.6ca57bb9-0b25-4855-adfa-1ad7db1f8790\python_files\lib\jedilsp\jedi\third_party\typeshed\stdlib\2and3\xml\dom\expatbuilder.pyi

MD5 0244548e1dba18ff5c58d98bcc50b931
SHA1 37494fb84b8b2a811e2cfa2be49477ce29138af7
SHA256 c08fdebb51bcc9a6aab911e667d9984608f2e3334d8490b7f394e348ca1a9918
SHA512 a88c7f3fad1047e18794184f33787b68e9c3260d47d68e6f519d99143b928aa97fcd1ebcc3b730f0c23eabb303352ba3cf9263b16e7c9f276f9108ed616a567c

C:\Users\Admin\.vscode\extensions\.6ca57bb9-0b25-4855-adfa-1ad7db1f8790\python_files\lib\jedilsp\jedi\third_party\django-stubs\django-stubs\core\mail\backends\console.pyi

MD5 7f6526c1bbcb2aa7ba6a8cde268765bc
SHA1 cfc87c1fd110239d47886e0c5ebcad54bd453bbe
SHA256 ae9de027f591acfedc0ba387099c4398c0841a9c126535d313ffbdb18184eea0
SHA512 3c6f26b5f0ab2bc22e72e116ffe28624e5d971a86b9d85e5f733844827e784b8349c46fa46ca5390bc972607b7fb5b37a6fb47b410e105f02b147dfe77a737c7

C:\Users\Admin\.vscode\extensions\.6ca57bb9-0b25-4855-adfa-1ad7db1f8790\python_files\lib\jedilsp\jedi\third_party\typeshed\stdlib\2\ntpath.pyi

MD5 85d6a21f1a4f58f9e3ffbeb89cf82345
SHA1 db8ae818a67210b61b2a538d49b608825de04a31
SHA256 ba96ee35c718a0964e11e6ae5d5b9e800b9350cafd2ec0d9e84d1cf4f0ac2702
SHA512 995047f50de368444bad3fedb2c5b7f8efa807cdd35bb3647b1223897e4d27a94f93a48b0b12fc9121281f4f447632edf878dc54268716b67ecfb28a388c744f

C:\Users\Admin\.vscode\extensions\.6ca57bb9-0b25-4855-adfa-1ad7db1f8790\python_files\unittestadapter\__init__.py

MD5 68fcb3715541dbde5b07ac3c855fad7f
SHA1 aa234e6d9cfb4379800889dd5298e3d4dc4dde76
SHA256 e4aef18c7e65d3ae43bfb90d6484031b99b013551aea2fd6a1105cd0d75219f1
SHA512 2fe30ff033288f6d7a7367609403e7d550a0c13157165e616ff7adf54a6adf367a18b1f3400da7d39c6eb4be3951d95e93e1add9aa9fabe217fee219e8637a71

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 768519ad22721c1cf5c3f806ad2217ff
SHA1 6d47fa9f3fed9ea034802e9df5685476a26eeb7d
SHA256 4c31f7685f0d73a649a20dc5038b5cd65df964502c62243906fb6d90c8c54458
SHA512 e394fa19085fcf18b38199cd792b65554bbcf6944c54967a7295061b290c441471d11b1378d7a74ec089bf9727b2dee1d80fbdec3cbac37f530fb154aabf21f1

C:\Users\Admin\.vscode\extensions\.465b4ff5-42f2-480d-bf37-64ff028b300e\dist\bundled\stubs\matplotlib\_typing.pyi

MD5 d32b0eda5502c6696ee8260ad19f5f97
SHA1 4938c559dd6d2316788d1f5b9e72343ce85d0c02
SHA256 4003f8a20286c3f477414a3ff1c621c385ab3d60cb44164d043246a5f512e85b
SHA512 98f55a6a5a68d5892263db91d2d8fbdca012fc84948f44c6f5d60a943953525902f5ba04ce9bd4ed44f5539d044beba02dff875831cadec490cab0b14e340def

C:\Users\Admin\.vscode\extensions\.465b4ff5-42f2-480d-bf37-64ff028b300e\dist\bundled\stubs\IPython-stubs\core\__init__.pyi

MD5 a04b96d8418574917d247b47113e2a77
SHA1 d7010fc3d54a917128ce38870b8d0ee98d5c6a18
SHA256 e4ae978ecbe7a3c3d77c7d978575e4b8350a6f198dd2ae5e50ad5ec1124c893c
SHA512 6268e1bad975dd8beada29a0b2e27195ee03d48d112ec4b002c8df7e25921d45cb7de5e7919abdcecfd8922d247894bc1ab54b3ee6894ef40807a4ae82b813d6

C:\Users\Admin\.vscode\extensions\.465b4ff5-42f2-480d-bf37-64ff028b300e\dist\bundled\stubs\sklearn\decomposition\setup.pyi

MD5 d0f37de21b78c198833fd3c1ee151de1
SHA1 5ccf0b807fcba447475252a8149178ec6a8dd657
SHA256 c50162ed80180e47c3e57a420336b4cea31267e42321a7cb9a702728796dd1ba
SHA512 6717e260cf67c787ba6133ff6552a6f030383b26351ee1be8f5fcbc9b0bbb946154460d6708bedede9a779ef14d089544bb8af69966747c8aabfae7fd20d347f

C:\Users\Admin\.vscode\extensions\.465b4ff5-42f2-480d-bf37-64ff028b300e\dist\typeshed-fallback\stubs\commonmark\commonmark\cmark.pyi

MD5 7c9e114f0ca5f20a904b0711c04f970f
SHA1 78525039d3e393f1c33f57769dffbcddef20a6a8
SHA256 2250b7f7987c4e5719e038925b98ba34140ef48ef81117d7a70498024b73a1a5
SHA512 9805c7f6f0d683435455b586ab962ca8944e965283bd9bbc20969f5cc92d8ff71192c8054b5378d463bf45b021a28405110478d775f616dfb2dca3640a8d7911

C:\Users\Admin\.vscode\extensions\.465b4ff5-42f2-480d-bf37-64ff028b300e\dist\bundled\stubs\sklearn\neighbors\setup.pyi

MD5 26929155497deb2184d4bb149a703036
SHA1 604036a3ca620514cf137c130f13925c414fb8c0
SHA256 c30e2a4b1e59b0889a5d6416ff75be675db1b778a8ff033f1c84f3ee98cf86f1
SHA512 4217a559791a4efae62165b273f61462c18a76435b3118276e7349ccc80ebaaebf1959b1003df8b4d1da785621f67529a31a01430633d8cfc6a8c462ad9bf2f2

C:\Users\Admin\.vscode\extensions\.465b4ff5-42f2-480d-bf37-64ff028b300e\dist\typeshed-fallback\stubs\influxdb-client\influxdb_client\service\__init__.pyi

MD5 84a390d8b2a7425fc5d251db935881bd
SHA1 a86a54a321bd0c00e57f460217024d6c4c33f58b
SHA256 45247032483cb79a580096dba1e9e580bb6fb35e63d91aa2fc5d25f6b62a8a25
SHA512 d8d79e734de3dd7ceb387fcfa87bfc76f9f3d5cb619df3d10702b9505236aab38244cab2b1d42140072f80b41a4b37cf5ab6ac093ac3f2fa31c2132e2673b6c2

C:\Users\Admin\.vscode\extensions\.465b4ff5-42f2-480d-bf37-64ff028b300e\dist\typeshed-fallback\stubs\ExifRead\exifread\tags\makernote\casio.pyi

MD5 aac15198c28c6adee9171a7c1b3a7fde
SHA1 970696ce1f28dbcecdd1d4f13574c5d4036bcc71
SHA256 92338802f6fd17ed6c252bf1e0c3ed8b690bdf4689312ce56db1f6ae1fc3e85a
SHA512 4ddd463e8566eed4c39ab169c3f0e9db64b5a64918a960a96c38aa38acc39d4db750b14cac9e9052dbf9a8925bd3bfd05eab4b7a6abcb105ddbdb29f80debca1

C:\Users\Admin\.vscode\extensions\.465b4ff5-42f2-480d-bf37-64ff028b300e\dist\bundled\stubs\django-stubs\contrib\sessions\management\commands\clearsessions.pyi

MD5 878bf320482f60f616cd7119696499bf
SHA1 f8a0b6e2631271e5fb2dce1f66c16e5884b1cff7
SHA256 0dc69b042ad76bb2d5d9275e60f82f8ae9d725e7a066d4cb7c67b4f8aecf8908
SHA512 d5b04c44bc71d7ee567554225531df5c062c5ca9f1b79512f6dc7976410165c987c3b66ace1f2987b18b7b732847609dd79770e158498097b178a2ce4902f162

C:\Users\Admin\.vscode\extensions\.465b4ff5-42f2-480d-bf37-64ff028b300e\dist\bundled\stubs\django-stubs\core\mail\backends\console.pyi

MD5 7726c59ec408c70bb34740eba4a98604
SHA1 80c867a48da672f740b3834d8ad2147785922790
SHA256 6c61d224881ea10660ef58d65890ce1ace33c1e007b9ea8ffd32fe35ff6a94b9
SHA512 8c1f7fc8beaf61e2eda954c651bdb753cdd85c750273e51838b6d9b0062614be606339ed8aaf97af6f3008a90ebc693c5c84ca951fbf0d28586a729e58d7bd87

C:\Users\Admin\.vscode\extensions\.465b4ff5-42f2-480d-bf37-64ff028b300e\dist\typeshed-fallback\stubs\six\six\moves\CGIHTTPServer.pyi

MD5 6a62bbf37e5f14a73259b5f80168f143
SHA1 d6058570a8340e5494aad61482280b0e021f789d
SHA256 97abb317cefe85a9c2a9bf77adcee7636cf53ba50bfd05b16433dd607fc45fcc
SHA512 6b2e1e2b14e66031b9403cd288faaf1ad39bf05986850ab1e0b4092f9d06bbdce361f091fbf5b090d88cd600e01f9fcff1bfa9318ba156ef950e740ec789e26d

C:\Users\Admin\.vscode\extensions\.465b4ff5-42f2-480d-bf37-64ff028b300e\dist\bundled\stubs\django-stubs\contrib\auth\urls.pyi

MD5 fdf847f390f331afabdcfced531664cf
SHA1 987cd962eb6b53613ce1be09325d4ae2617c60eb
SHA256 412e49bde38a3131571807f3a38fc482baddcd9ea82204c468cd59f60707be96
SHA512 ce87ac74b7822e438f246381dfb1686ed56c3f94aa121926456e847d3d2fe23b7dd7efe0ede178b848348bf8e2f8eff761723f33f2fe796f2cd7b749606a13df

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 184437ff69d4b3bbba24b46cf6df20f1
SHA1 8563a29f04aa963d4db72ea1cb8879b03aa86fd5
SHA256 3fb9389b51006fe9bc6d81fec4ad6846318098302ebd24aa1461f41c46acfe3f
SHA512 4ba5d066e357fad8020b7680ae8f8c5d4d1cad8aa63b3f469ba03cf06b0102e093895a2f2d719e3d2376ce877398adbb0ab33de8e630fa70d45cd61078f13d59

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1eaae9b4fb546b5e75ec4c7c7c7979ba
SHA1 f9d3c99369e9797929daa4e48dfd480aeabacee5
SHA256 3ad207894a2e34d6495cf1a39a841b9e6007438f1fb6940e699480cf226d15ed
SHA512 17d9a511952d4f9e1615a903a355a3320e7accafe3f3964ab9bcdae78533d0d9d4b348668d3a56fa6a96ef47306eeb7508d705900044315562d9e22894a60f0e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 20800feea4a9d48a5e98a04def72a9a9
SHA1 1d056f74ec14dde2312edd5d00e9f0063df6573d
SHA256 41fc25a903c0690bea82ebf42a0b924d0ae31e2dd0ecdf5288836d02049d5484
SHA512 d7648f0b627e3b76adcfc654452ba57f55df7d31fbf62dbbf31d31328bb26a7c37d4621350bcd6da1978a904a47f7825ec790b384df8e8162532bea5a1be7f91

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1b9f48ed83b8c7e7802e65fdf6100ce2
SHA1 4fe2bfeca7083e8b7efb503ca95e615c9f591ff2
SHA256 b595e6395c5047168a9e991badbe07bac8fc80d4c231f70bd9d7a48c9280f561
SHA512 a321296f5a6b211f8c021563d6253e7219c372ee9567084a9d3d7943367843613abbe784a23954438b32d28fb74eeca5a5336dcbd944091a1296ab81490ce6eb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1855ef2a04718de7a5d4c54714c418a7
SHA1 ef6ad0aee7dcf1793ceda6a75d08bf56b571c747
SHA256 f5da291b06c622d967bc3ac57cced19ccb4dd394ebc5a4423792bc35687a7d72
SHA512 96f280d62299f9a0763e89c993a658db6b52584e36d5c15197d62468d9e025ec631536b852fbe3a727def531bd8befe8f85fc5c30929b0ec465de82169161c1d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c4bb3d2e1249702d78ef70c9296bca50
SHA1 fafe6dc8f782481e119ce02ecb4f0061a30ba1f4
SHA256 71e14a9d877d77313e772886e214846a6f4e25eb8e38e87f18be243de2e47bc6
SHA512 595f3fe19f6adada895fa5bc5fbbcf966f8d6a70282009c478efe68d02dd3ce608c16857bebc451655e23565d5edf5f4b6688b4db9d25bdc5888910f6713e46d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 bacffc7227caa4ca96c14d7dd169435b
SHA1 65b4dededdd30c02f99728871a1c2bb9c8981296
SHA256 5e3928a0efb4f06ed7f62d1ac3fce7647bc63d933f209fe6f07d43033abb8a0d
SHA512 877a05dd1bea62006bd7fa4d9a3c28af7d8bc2b2ededa2c11db175fa6a61342b8dd2d66fb0e88ab87d8cdde67940bd60099eb20722c807a81a3c5982be0531e7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3782a5cee1f6d7df2892b737d67304ba
SHA1 c9335c9e4ed859405b57ab57b7e59053a7356493
SHA256 de8b2dc742e09c3dfb15f7aeb72b09f5b00be2fbf8f5f08e18f93e37ae39976f
SHA512 ad53803baf581f9237997f93d855fba9f5b8e124ae21d397775b1474ee21ed48070e14ffa87b533ac8cf8888f2e5c27f2e0531cd9a26e5e60b29f8e966bb4626

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 22ce5fe78bab718b15a3527f164991bb
SHA1 75d82c678be87583b1414a0603aadd4f1b98dc24
SHA256 215e2186753a9f505eae9ac0118f9d7d4f2005482362d2e72ca334814f94f891
SHA512 bce8fa3f916fd47e9a900090ec87c073d2b47df4097a7c9a001d05063855f139012d6b9b8d18bd1153cae34a2c0e324260c9b1270ef4e4f4cad97c6402bb79f7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ee0a4cd0542b7915cd15487aa2e14fe7
SHA1 9c26e3df07ede0b851a2fb6efda0243d640376c0
SHA256 8cd887886beb14f589017b262c3191ab2340da6e5636d82a73e9b35f8c9d98e9
SHA512 e82d5e82b9fa9aee471ba48c118cadbd634561c64c024172bf94e26d4f646928a7feab5819d85e30b53ea3e4001af092af8606e346fd5f3017925f980669a816

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b7b17437ac4e25142e535f45df9fbce9
SHA1 ceff4aeafe4b5e9cdb52e367380197dd7ea8f511
SHA256 c3a102dd438c3ac5ddd4c42b06a697951751b60faaa71bb86c2cd58631413077
SHA512 762188391ed0b2f062ce9de009f87e35c5f422858a756b0591c9cdce7e863df9c0b707e085cfc3d9545d677b6d4b4ecce0b16d3c517763efd97858ae011aac4a