Malware Analysis Report

2025-04-03 13:14

Sample ID 241109-16cndstdmk
Target Ornamental Lighting - Cruise Ship A3.png
SHA256 e32a5804ca3e3b7a0d7a3b9e8e7f9cd5333f05091cedb3bf7cc43ef89dd9be94
Tags
discovery
score
3/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
3/10

SHA256

e32a5804ca3e3b7a0d7a3b9e8e7f9cd5333f05091cedb3bf7cc43ef89dd9be94

Threat Level: Likely benign

The file Ornamental Lighting - Cruise Ship A3.png was found to be: Likely benign.

Malicious Activity Summary

discovery

Browser Information Discovery

Enumerates physical storage devices

Delays execution with timeout.exe

Enumerates system info in registry

Suspicious use of AdjustPrivilegeToken

Suspicious use of WriteProcessMemory

Suspicious behavior: EnumeratesProcesses

Suspicious use of FindShellTrayWindow

Suspicious use of SendNotifyMessage

Uses Task Scheduler COM API

Uses Volume Shadow Copy WMI provider

Uses Volume Shadow Copy service COM API

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-11-09 22:15

Signatures

N/A

Analysis: behavioral2

Detonation Overview

Submitted

2024-11-09 22:15

Reported

2024-11-09 22:18

Platform

win10v2004-20241007-en

Max time kernel

93s

Max time network

137s

Command Line

cmd /c "C:\Users\Admin\AppData\Local\Temp\Ornamental Lighting - Cruise Ship A3.png"

Signatures

Enumerates physical storage devices

Processes

C:\Windows\system32\cmd.exe

cmd /c "C:\Users\Admin\AppData\Local\Temp\Ornamental Lighting - Cruise Ship A3.png"

Network

Country Destination Domain Proto
US 8.8.8.8:53 104.219.191.52.in-addr.arpa udp
US 8.8.8.8:53 172.214.232.199.in-addr.arpa udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
US 8.8.8.8:53 196.249.167.52.in-addr.arpa udp
US 8.8.8.8:53 53.210.109.20.in-addr.arpa udp
US 8.8.8.8:53 206.23.85.13.in-addr.arpa udp
US 8.8.8.8:53 75.117.19.2.in-addr.arpa udp
US 8.8.8.8:53 43.229.111.52.in-addr.arpa udp

Files

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-11-09 22:15

Reported

2024-11-09 22:21

Platform

win7-20240903-en

Max time kernel

108s

Max time network

343s

Command Line

C:\Windows\System32\rundll32.exe "C:\Program Files\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen "C:\Users\Admin\AppData\Local\Temp\Ornamental Lighting - Cruise Ship A3.png"

Signatures

Browser Information Discovery

discovery

Delays execution with timeout.exe

evasion
Description Indicator Process Target
N/A N/A C:\Windows\system32\timeout.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 2216 wrote to memory of 1752 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2216 wrote to memory of 1752 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2216 wrote to memory of 1752 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2216 wrote to memory of 2748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2216 wrote to memory of 2748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2216 wrote to memory of 2748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2216 wrote to memory of 2748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2216 wrote to memory of 2748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2216 wrote to memory of 2748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2216 wrote to memory of 2748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2216 wrote to memory of 2748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2216 wrote to memory of 2748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2216 wrote to memory of 2748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2216 wrote to memory of 2748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2216 wrote to memory of 2748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2216 wrote to memory of 2748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2216 wrote to memory of 2748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2216 wrote to memory of 2748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2216 wrote to memory of 2748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2216 wrote to memory of 2748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2216 wrote to memory of 2748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2216 wrote to memory of 2748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2216 wrote to memory of 2748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2216 wrote to memory of 2748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2216 wrote to memory of 2748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2216 wrote to memory of 2748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2216 wrote to memory of 2748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2216 wrote to memory of 2748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2216 wrote to memory of 2748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2216 wrote to memory of 2748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2216 wrote to memory of 2748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2216 wrote to memory of 2748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2216 wrote to memory of 2748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2216 wrote to memory of 2748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2216 wrote to memory of 2748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2216 wrote to memory of 2748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2216 wrote to memory of 2748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2216 wrote to memory of 2748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2216 wrote to memory of 2748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2216 wrote to memory of 2748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2216 wrote to memory of 2748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2216 wrote to memory of 2748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2216 wrote to memory of 2976 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2216 wrote to memory of 2976 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2216 wrote to memory of 2976 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2216 wrote to memory of 2924 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2216 wrote to memory of 2924 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2216 wrote to memory of 2924 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2216 wrote to memory of 2924 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2216 wrote to memory of 2924 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2216 wrote to memory of 2924 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2216 wrote to memory of 2924 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2216 wrote to memory of 2924 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2216 wrote to memory of 2924 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2216 wrote to memory of 2924 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2216 wrote to memory of 2924 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2216 wrote to memory of 2924 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2216 wrote to memory of 2924 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2216 wrote to memory of 2924 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2216 wrote to memory of 2924 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2216 wrote to memory of 2924 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2216 wrote to memory of 2924 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2216 wrote to memory of 2924 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2216 wrote to memory of 2924 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Uses Task Scheduler COM API

persistence

Uses Volume Shadow Copy WMI provider

ransomware

Uses Volume Shadow Copy service COM API

ransomware

Processes

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe "C:\Program Files\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen "C:\Users\Admin\AppData\Local\Temp\Ornamental Lighting - Cruise Ship A3.png"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef72e9758,0x7fef72e9768,0x7fef72e9778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1112 --field-trial-handle=1304,i,12812522578543797664,12847426530190636439,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1540 --field-trial-handle=1304,i,12812522578543797664,12847426530190636439,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1620 --field-trial-handle=1304,i,12812522578543797664,12847426530190636439,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2124 --field-trial-handle=1304,i,12812522578543797664,12847426530190636439,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2132 --field-trial-handle=1304,i,12812522578543797664,12847426530190636439,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1484 --field-trial-handle=1304,i,12812522578543797664,12847426530190636439,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=1196 --field-trial-handle=1304,i,12812522578543797664,12847426530190636439,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=1412 --field-trial-handle=1304,i,12812522578543797664,12847426530190636439,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3468 --field-trial-handle=1304,i,12812522578543797664,12847426530190636439,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe" --reenable-autoupdates --system-level

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3452 --field-trial-handle=1304,i,12812522578543797664,12847426530190636439,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\TEMP\Crashpad --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x154,0x158,0x15c,0x128,0x160,0x140057688,0x140057698,0x1400576a8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=3764 --field-trial-handle=1304,i,12812522578543797664,12847426530190636439,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=3728 --field-trial-handle=1304,i,12812522578543797664,12847426530190636439,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3724 --field-trial-handle=1304,i,12812522578543797664,12847426530190636439,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2764 --field-trial-handle=1304,i,12812522578543797664,12847426530190636439,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4024 --field-trial-handle=1304,i,12812522578543797664,12847426530190636439,131072 /prefetch:8

C:\Windows\explorer.exe

"C:\Windows\explorer.exe"

C:\Windows\system32\cmd.exe

cmd /c ""C:\Users\Admin\Downloads\I_LOVE_YOU-Virus-master\I_LOVE_YOU-Virus-master\Love.bat" "

C:\Windows\system32\cmd.exe

cmd /c ""C:\Users\Admin\Downloads\I_LOVE_YOU-Virus-master\I_LOVE_YOU-Virus-master\Love.bat" "

C:\Windows\system32\timeout.exe

timeout 10

C:\Windows\System32\NOTEPAD.EXE

"C:\Windows\System32\NOTEPAD.EXE" C:\Users\Admin\Downloads\I_LOVE_YOU-Virus-master\I_LOVE_YOU-Virus-master\Love.bat

C:\Windows\system32\shutdown.exe

shutdown -s -t 100

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=3812 --field-trial-handle=1304,i,12812522578543797664,12847426530190636439,131072 /prefetch:1

C:\Windows\system32\cmd.exe

"C:\Windows\system32\cmd.exe"

C:\Windows\system32\shutdown.exe

shutdown /a

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2796 --field-trial-handle=1304,i,12812522578543797664,12847426530190636439,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1072 --field-trial-handle=1304,i,12812522578543797664,12847426530190636439,131072 /prefetch:8

C:\Windows\System32\WScript.exe

"C:\Windows\System32\WScript.exe" "C:\Users\Admin\AppData\Local\Temp\Temp1_ILOVEYOU-master.zip\ILOVEYOU-master\LOVE-LETTER-FOR-YOU.TXT.vbs"

C:\Windows\System32\WScript.exe

"C:\Windows\System32\WScript.exe" "C:\Users\Admin\Downloads\ILOVEYOU-master\ILOVEYOU-master\LOVE-LETTER-FOR-YOU.TXT.vbs"

C:\Windows\System32\Notepad.exe

"C:\Windows\System32\Notepad.exe" C:\Users\Admin\Downloads\ILOVEYOU-master\ILOVEYOU-master\LOVE-LETTER-FOR-YOU.TXT.vbs

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=2540 --field-trial-handle=1304,i,12812522578543797664,12847426530190636439,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=740 --field-trial-handle=1304,i,12812522578543797664,12847426530190636439,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3836 --field-trial-handle=1304,i,12812522578543797664,12847426530190636439,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=2648 --field-trial-handle=1304,i,12812522578543797664,12847426530190636439,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=1268 --field-trial-handle=1304,i,12812522578543797664,12847426530190636439,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=1408 --field-trial-handle=1304,i,12812522578543797664,12847426530190636439,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=1388 --field-trial-handle=1304,i,12812522578543797664,12847426530190636439,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --mojo-platform-channel-handle=3808 --field-trial-handle=1304,i,12812522578543797664,12847426530190636439,131072 /prefetch:1

Network

Country Destination Domain Proto
US 8.8.8.8:53 www.google.com udp
GB 142.250.180.4:443 www.google.com tcp
US 8.8.8.8:53 ogads-pa.googleapis.com udp
US 8.8.8.8:53 apis.google.com udp
GB 172.217.169.10:443 ogads-pa.googleapis.com tcp
GB 216.58.201.110:443 apis.google.com tcp
GB 172.217.169.10:443 ogads-pa.googleapis.com udp
US 8.8.8.8:53 play.google.com udp
GB 172.217.16.238:443 play.google.com tcp
N/A 224.0.0.251:5353 udp
GB 142.250.180.4:443 www.google.com udp
GB 172.217.16.238:443 play.google.com udp
US 8.8.8.8:53 consent.google.com udp
US 8.8.8.8:53 encrypted-tbn0.gstatic.com udp
GB 142.250.200.46:443 encrypted-tbn0.gstatic.com tcp
GB 142.250.200.46:443 encrypted-tbn0.gstatic.com tcp
GB 142.250.200.46:443 encrypted-tbn0.gstatic.com tcp
US 8.8.8.8:53 encrypted-vtbn0.gstatic.com udp
GB 142.250.200.46:443 encrypted-tbn0.gstatic.com udp
GB 142.250.180.14:443 encrypted-vtbn0.gstatic.com tcp
US 8.8.8.8:53 id.google.com udp
GB 142.250.179.227:443 id.google.com tcp
US 8.8.8.8:53 github.com udp
GB 20.26.156.215:443 github.com tcp
GB 20.26.156.215:443 github.com tcp
US 8.8.8.8:53 avatars.githubusercontent.com udp
US 8.8.8.8:53 github.githubassets.com udp
US 185.199.111.133:443 avatars.githubusercontent.com tcp
US 185.199.111.154:443 github.githubassets.com tcp
US 185.199.111.154:443 github.githubassets.com tcp
US 185.199.111.154:443 github.githubassets.com tcp
US 185.199.111.154:443 github.githubassets.com tcp
US 185.199.111.154:443 github.githubassets.com tcp
US 185.199.111.154:443 github.githubassets.com tcp
US 8.8.8.8:53 user-images.githubusercontent.com udp
US 8.8.8.8:53 github-cloud.s3.amazonaws.com udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 172.217.169.42:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 collector.github.com udp
US 140.82.113.22:443 collector.github.com tcp
US 185.199.111.154:443 github.githubassets.com tcp
US 8.8.8.8:53 api.github.com udp
GB 20.26.156.210:443 api.github.com tcp
US 185.199.111.133:443 user-images.githubusercontent.com tcp
GB 172.217.169.42:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 codeload.github.com udp
GB 20.26.156.216:443 codeload.github.com tcp
GB 20.26.156.210:443 api.github.com tcp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
GB 216.58.213.3:443 beacons.gcp.gvt2.com tcp
GB 216.58.213.3:443 beacons.gcp.gvt2.com tcp
GB 216.58.213.3:443 beacons.gcp.gvt2.com tcp
US 8.8.8.8:53 e2c23.gcp.gvt2.com udp
US 35.184.229.211:443 e2c23.gcp.gvt2.com tcp
US 8.8.8.8:53 api.github.com udp
GB 20.26.156.210:443 api.github.com tcp
US 8.8.8.8:53 github.com udp
GB 142.250.180.4:443 www.google.com udp
US 185.199.111.154:443 github.githubassets.com tcp
GB 20.26.156.215:443 github.com tcp
US 8.8.8.8:53 beacons.gvt2.com udp
GB 142.250.187.195:443 beacons.gvt2.com tcp
US 185.199.111.154:443 github.githubassets.com tcp
US 185.199.111.133:443 user-images.githubusercontent.com tcp
US 8.8.8.8:53 github-cloud.s3.amazonaws.com udp
GB 20.26.156.215:443 github.com tcp
US 8.8.8.8:53 collector.github.com udp
US 140.82.112.21:443 collector.github.com tcp
US 140.82.112.21:443 collector.github.com tcp
US 185.199.111.133:443 user-images.githubusercontent.com tcp
US 8.8.8.8:53 www.ikarussecurity.com udp
AT 91.212.136.200:443 www.ikarussecurity.com tcp
AT 91.212.136.200:443 www.ikarussecurity.com tcp
GB 20.26.156.210:443 api.github.com tcp
US 8.8.8.8:53 matomo.ikarus.at udp
AT 91.212.136.27:443 matomo.ikarus.at tcp
AT 91.212.136.27:443 matomo.ikarus.at tcp
GB 20.26.156.210:443 api.github.com tcp
GB 20.26.156.210:443 api.github.com tcp
GB 20.26.156.215:443 github.com tcp
US 185.199.111.154:443 github.githubassets.com tcp
US 8.8.8.8:53 codeload.github.com udp
GB 20.26.156.216:443 codeload.github.com tcp
US 8.8.8.8:53 api.github.com udp
US 8.8.8.8:53 collector.github.com udp
US 140.82.113.22:443 collector.github.com tcp
GB 20.26.156.210:443 api.github.com tcp
GB 142.250.200.46:443 encrypted-tbn0.gstatic.com udp
GB 216.58.213.3:443 beacons.gcp.gvt2.com udp
GB 142.250.180.4:443 www.google.com udp
AT 91.212.136.27:443 matomo.ikarus.at tcp
AT 91.212.136.200:443 www.ikarussecurity.com tcp
GB 20.26.156.210:443 api.github.com tcp
US 140.82.113.22:443 collector.github.com tcp
GB 142.250.180.4:443 www.google.com udp
GB 142.250.200.46:443 encrypted-tbn0.gstatic.com udp
US 8.8.8.8:53 lh5.googleusercontent.com udp
GB 216.58.213.1:443 lh5.googleusercontent.com tcp
GB 142.250.179.227:443 id.google.com udp
US 8.8.8.8:53 ogads-pa.googleapis.com udp
GB 172.217.169.10:443 ogads-pa.googleapis.com udp
US 8.8.8.8:53 play.google.com udp
GB 172.217.16.238:443 play.google.com udp
US 8.8.8.8:53 archive.org udp
US 207.241.224.2:443 archive.org tcp
US 207.241.224.2:443 archive.org tcp
US 8.8.8.8:53 athena.archive.org udp
US 207.241.225.195:443 athena.archive.org tcp
US 8.8.8.8:53 github.com udp
GB 20.26.156.215:443 github.com tcp
US 185.199.111.154:443 github.githubassets.com tcp
US 185.199.111.154:443 github.githubassets.com tcp
US 8.8.8.8:53 avatars.githubusercontent.com udp
US 185.199.109.133:443 avatars.githubusercontent.com tcp
US 8.8.8.8:53 github-cloud.s3.amazonaws.com udp
US 140.82.113.22:443 collector.github.com tcp
GB 20.26.156.210:443 api.github.com tcp
US 140.82.113.22:443 collector.github.com tcp
US 185.199.109.133:443 avatars.githubusercontent.com tcp
GB 20.26.156.215:443 github.com tcp
US 8.8.8.8:53 collector.github.com udp
US 140.82.113.22:443 collector.github.com tcp
US 185.199.111.154:443 github.githubassets.com tcp
US 185.199.109.133:443 avatars.githubusercontent.com tcp
US 185.199.109.133:443 avatars.githubusercontent.com tcp
US 140.82.113.22:443 collector.github.com tcp
US 185.199.109.133:443 avatars.githubusercontent.com tcp
US 140.82.113.22:443 collector.github.com tcp
US 8.8.8.8:53 api.github.com udp
GB 20.26.156.210:443 api.github.com tcp
GB 20.26.156.215:443 github.com tcp
US 140.82.113.22:443 collector.github.com tcp
US 140.82.113.22:443 collector.github.com tcp
US 185.199.109.133:443 avatars.githubusercontent.com tcp
US 140.82.113.22:443 collector.github.com tcp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 142.250.187.202:443 content-autofill.googleapis.com udp
GB 20.26.156.210:443 api.github.com tcp
GB 20.26.156.215:443 github.com tcp
US 140.82.113.22:443 collector.github.com tcp
US 140.82.113.22:443 collector.github.com tcp
GB 20.26.156.210:443 api.github.com tcp
US 140.82.113.22:443 collector.github.com tcp
US 185.199.109.133:443 avatars.githubusercontent.com tcp
US 140.82.113.22:443 collector.github.com tcp
GB 20.26.156.210:443 api.github.com tcp
GB 20.26.156.215:443 github.com tcp
US 185.199.109.133:443 avatars.githubusercontent.com tcp
US 185.199.109.133:443 avatars.githubusercontent.com tcp
US 185.199.111.154:443 github.githubassets.com tcp
US 185.199.109.133:443 avatars.githubusercontent.com tcp
US 185.199.109.133:443 avatars.githubusercontent.com tcp
GB 142.250.180.4:443 www.google.com udp
GB 20.26.156.210:443 api.github.com tcp
GB 142.250.179.227:443 id.google.com udp
GB 142.250.179.227:443 id.google.com tcp
GB 172.217.16.238:443 play.google.com udp
GB 172.217.16.238:443 play.google.com tcp
US 207.241.224.2:443 archive.org tcp
US 207.241.225.195:443 athena.archive.org tcp
GB 216.58.213.3:443 beacons.gcp.gvt2.com udp
GB 216.58.213.3:443 beacons.gcp.gvt2.com tcp
US 207.241.225.195:443 athena.archive.org tcp
US 207.241.224.2:443 archive.org tcp
US 207.241.225.195:443 athena.archive.org tcp
US 207.241.225.195:443 athena.archive.org tcp
US 207.241.224.2:443 archive.org tcp
US 8.8.8.8:53 ia803405.us.archive.org udp
US 207.241.232.195:443 ia803405.us.archive.org tcp

Files

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\CURRENT

MD5 18e723571b00fb1694a3bad6c78e4054
SHA1 afcc0ef32d46fe59e0483f9a3c891d3034d12f32
SHA256 8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa
SHA512 43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2

\??\pipe\crashpad_2216_TIBHWCXVLFDKLQKI

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

MD5 f50f89a0a91564d0b8a211f8921aa7de
SHA1 112403a17dd69d5b9018b8cede023cb3b54eab7d
SHA256 b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec
SHA512 bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\000006.dbtmp

MD5 aefd77f47fb84fae5ea194496b44c67a
SHA1 dcfbb6a5b8d05662c4858664f81693bb7f803b82
SHA256 4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611
SHA512 b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 2d5a29c33a11ca8b6f1ed018df824f66
SHA1 d8bda9afab90ca0a57dc437918c9a983714fcb63
SHA256 405d0291c4c6ad025b4612fd715966509d04f9bb1ba908ce5a52ac4dfe5b3e23
SHA512 1d8420b2230ccafc39ae019b9ad99bf909891d689df0b742102813c453226ecf36b7da5b28796a54d5621d3381e84b8977836f3bb5a568bee6ea45b67b709fcc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5ab7156ba539856d658c0de205d56e63
SHA1 e1af57e37f58e31a72474614039f1c21a7342ad5
SHA256 7c3e251e0703109e25cf5c7d519af43739d40db086dbd3a2c8c99cdf1d88aa3c
SHA512 a8aa732155412e79ecc52cd6d50f9bea387872619b64a67a36dd26598c9d8febb2bdef793dbc4175883b45571852479beaf19053435ed0ef022679afc9bb0b2a

C:\Users\Admin\AppData\Local\Temp\Cab43C6.tmp

MD5 49aebf8cbd62d92ac215b2923fb1b9f5
SHA1 1723be06719828dda65ad804298d0431f6aff976
SHA256 b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f
SHA512 bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

C:\Users\Admin\AppData\Local\Temp\Tar4407.tmp

MD5 4ea6026cf93ec6338144661bf1202cd1
SHA1 a1dec9044f750ad887935a01430bf49322fbdcb7
SHA256 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8
SHA512 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 c9b24f48c020f13e4cd7d45acf029452
SHA1 78dc099ea700b09cc285c9ac5bbb961b507c9f76
SHA256 6383042bffe0667f02029e72b8b07568b6d01f3cb468b064671f8fea707021bb
SHA512 f1621a254b1ff5e27dbabeef8f57a61a600e6332a2fd64ae37213e749e833e07ad5c3e29f43df4ad93e39a6ad91c541b2062b759875081792cbd785d3fb2cca4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 64e2de3873c006c2387a77f16107cd59
SHA1 9bcb38bbe4f4ee33796d0b1b9e5f7ffb2728f184
SHA256 696525e230d4b24a0c549016fbb78188d457b090b3b2f387be104bf64ca6a1a1
SHA512 5ab571439f01dbf9418bbb7f703c6aa8982f8404d66b8774881b222fa370a914197a0936df5e2b86900c112672383053b617a6fae7903d63310e6f051271d8bd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b17d5a347312cfb8fb53e3222f281b39
SHA1 5ab805790e80401a458e4f2bd3894a6022d7a265
SHA256 55df4fe4fa7db5c0af330d12f1e61d5791594518c3c02c34cabce47d9fb9436e
SHA512 1027795db8fb405c1b4f8ae29b405cef769018aee030f436d2f34695676333223c474c8bf6dcd8e5cc11301cf4bd1cdd778564e3dbb14fbe0daca73b0e54be0a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 859b3c00bade45062a8a2f800704b3b3
SHA1 52e9d43779c4d56277cf07b3a88b64b0de44358c
SHA256 b7304fd4f73b4d449185a5c971790c1caca213126105a39df9c6a93939e2a7e1
SHA512 1051623ce364511293863d4cc96489993330d3169f4dd8aaa71a0ec59b427a122d46cc733b283e1845fcb719ab46dff9aa150d7192d0b28110d8c0d827d1b3a0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 bb0524d9fee066f573fd499e5377ec48
SHA1 24fdad4501ccef4b2952996ceccf4bee869be894
SHA256 b13e021ca5c334c65e53be7de80e2f518ed5f465afef6f0f954cacf8b8a08ad5
SHA512 87139465e8f1a9f14e1ddf8c445c21fe5c356959ee71d3c806c492411c41ea877ef9cf4ffed2fb69a283224ddd4de7bde6381c42c7e97efb0676ff983d46a1e9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 aa7f392f4057cf4bec16052ec7e88624
SHA1 6d5a30c307d721c8c152201d342568a6b864c269
SHA256 de977caa697c3df8020e531c49fa1c139535e0719c50ee957affdc3bce266fae
SHA512 31a974efc45769aaf3aa6c6a4824ffdde198147c5e00386221865ee52d349b55eac7c2c78095860509c09364763ff7f35b3abdb5a91abc5d407b717f596d53a2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\5754fbe2-6a8d-4af5-abc5-f4590034dc04.tmp

MD5 869ddf148a39d51db31fa175d531cd12
SHA1 76273497529c516faa8af5e6d9ea34a226b450e4
SHA256 f68d278a0a2bf8e8d72c227fdd6e184361e7f3dc7495dda377aee325ed1f1a5c
SHA512 02818e49990ada9a47dd91a5af6224a93e88906cbfd641631d7be3ef910c7e6e5f2d1d414422209e6f9b4db98a3d95157c2c26fc6a1a92267c0b4d7ab4dc71df

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 ffcd9affef6c05988b4bf7bae23a9bfb
SHA1 bbf0a4feddb415ddd896fbdea919f44ce71c8c3c
SHA256 cbe5748d483ef6390cff8e200b6578b4791b8fa54c26e5beed4b2897e5ad34e7
SHA512 d62c94ca124cde8aee7bb522933ec85cef18df0644341b1fb176d3c84beb178190607af87f6542e620f32ebe8c7ebfae2a2cc278f8ad7bacf328c48be066436d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 fe66a418b5db1f8672cf28fee4c72b6f
SHA1 c48c4dd9637f8b013a0a5015bdc27921cf47490d
SHA256 61a8801a006c415fbce1a5e4ae9a42e17454e0dba612ccc5f8407e1cbd96c79e
SHA512 0fc7b453fc207bb8258ac0772d9e8e1969448241e6cb78d7640d19de78aec7fad95dbda8a0b4d5ef49b09c883f93cfe7eee415f257ff77a3ae965c4ae27ba765

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 4cf16f5809828f8c39551af6474b0355
SHA1 63b9e15568b15ee58a136b6d367d3ae1f1baf2a0
SHA256 2ce228b7d4e6653c393ae808486a0480437dec224e7f56f26cb2565c821598f1
SHA512 9cf4d8f253a98f1a4fcf00a7e0a1d2ee3a614db19b3597421dd56d5d3e75e2422ae85db153cf402549d9465bd847315976bcd26bd0e682941944219c5653a28e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 b256ee25722102993b0d0fd5cdc1abb8
SHA1 c4f4e958abee89508da3d30dc5f981d1ec0ccab8
SHA256 049248b25eb19eaec3427db8f103988f92fe2a3416f9a03b1757e9f9c68d90ec
SHA512 d6eea26f2ac146352b7d191ab2ff919568b4eac40c3f28346dd76453b94fbab3665cc6549d39ce85a3490afb33f5c2d956d02ae40d68cb7442ab86885af2301b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 9a1a01bc852195ed8c5deac6a17f8768
SHA1 50c21682043255803aea3bdb04363122af02cdd6
SHA256 a0f5a0e27f2b73592067f9e4517848feca8d0a3d16b3e5ff4717bad0857b0af4
SHA512 d9145c9d8a0da9f8f885e56be54dfb257fa4ee693b0810fdb42a878d66bea5cdc8e8188afb307e1f30e5b9f52d65f323ae88589ea2f10b1ef8829f086a74d8b2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 a5d1912b523149ff69651a83858a7234
SHA1 c95ab04008edc5c9a53e8ba669a8ae408c7d2769
SHA256 e88a50023d18b586d0a841d96e3016831efbcc1e6a515512555e908ecf93e448
SHA512 df1668539aae3d5de61efcc385932008056bc814060984d75b88788e69b8c0277dda80dec9298b5807deda8367f04584ef360cd42f61b3056fa362b7e892d46f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 6a8395a308debe459f7ed2b71ffcc5ad
SHA1 c0e5af452124d29b4f1da1e1a7cb3223dc1707df
SHA256 0e0563aa7559b49bf2bfe23b440b12d7d530c9820e59c28103fee93b9603988b
SHA512 4d9e121bf491646d7a84da3534f375b545d0e18aefda723f51c8eca73788ed699ac718337a5e726617b3b309370d2e88b2cb6860f9ba424404031e92e4a75260

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 5ca15666d2128c0046202373f8a8f4ff
SHA1 d4ebc13f7dd879ae15e9550b0de3b3fcaac21b2a
SHA256 d3684ec6fd8f427d9e4ee54366cac2f437f7b677e68c02eeceff95163bc4b3de
SHA512 3eb1a0bd847f49a071866f6cae94a1fc27d88864e93fa3732b3104fa2cdb97974d0135fcaf690a9250b8c33fb0320c5f9f3e88d6831abfd80bb27492297f07b0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3f726a4f191f3ff44dad627f381fef6f
SHA1 0d174299e4ab12f8e730967f6c31437c12eb0f53
SHA256 c34f934a0d50d664a9b451cb1c9ef601433c93db45b0ef991b96fcf868d504f7
SHA512 9b7d8e87890a829a0c9f49a131b3ad2d42c920aa4579abf5f245d9514b3bf6b66e2b5a8ea18f80c9f30216e190bf6d0e5068dbf01e112a2ffe8673317ac0133f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 5c561680fb5c367d0d685fd6643da995
SHA1 70fcd1c9a44fd842d88617770ab0f0916944e108
SHA256 2e53d40b2c8d0d5683d707eac4dc8442def60178e2a7c3bce5f70ae3305c9357
SHA512 45e527ecbc78663e6a90a6bd8055e8ae5b56e46772922e7ab7a6aa708b8b937e1924d7355ff4b87c707bf8a923cdebdcdd5d286f8bd827fc6afc44cbf496bb57

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 2e587d270dfad39fa9bfbae9e35c1ea5
SHA1 3e1aaf0d7bdc23c2771752f790c22849e1a03528
SHA256 afff50414a1eb7ec877533dd6477a997e4db365cff77858abc95b54a65948fcb
SHA512 49ad1c3a7b294d9347359bf66c080e785818d591cdf4e661d66eb4a9e8d69d208d9d6ce87c7a3e712540c6f1f6a12c829e49557788a7834191db189f5392b077

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 eae09dccf0c222c92f50e2a664890815
SHA1 0d5a88340243d3bf5d6652e09290b20a2083a74b
SHA256 5a3031f71b5f02164da75e85860da3343ffab6bd2efe690786ff877288ce243f
SHA512 a2ae715c890a01591b8a5339c963323e003d9914da7d96e84e3a8d07b5b3007e07d3052073ebc54ddf2f3319217edbcc5aac57183e11db51f53e8651e4c278cf

C:\Users\Admin\Downloads\eicar_com.zip

MD5 6ce6f415d8475545be5ba114f208b0ff
SHA1 d27265074c9eac2e2122ed69294dbc4d7cce9141
SHA256 2546dcffc5ad854d4ddc64fbf056871cd5a00f2471cb7a5bfd4ac23b6e9eedad
SHA512 d9305862fe0bf552718d19db43075d88cffd768974627db60fa1a90a8d45563e035a6449663b8f66aac53791d77f37dbb5035159aa08e69fc473972022f80010

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 72de4bca884912223090e89ee0d041eb
SHA1 a6249ee1eb12644beb142925e5febd66a113e26f
SHA256 219e2aacde078adecd77d0e31cc2fc0cdac1030f5818f802bc587f06a88995ca
SHA512 12466633334347007d28fcbb616ce1ff4844ba23d1a275032fd7c1f96e36c7daad832b8d073509a6558981ac2f382710d362839721458d45eedf8ba0c7871a02

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 c53f1bfa231d1650e56503a8a8ca50a9
SHA1 5b2f5c8d74c92f9ee4d5a90c73add75f42bd87b3
SHA256 dd1879e889078b62aa34425cce6ef63a31cb857ee3cea13e702ce8d0b0111563
SHA512 41f076a342998eb50d6a69e2365c64972d584f871ab8d77e299a81118479d171f290928e56c908f433a4c6cf41d2cd7994115c252e9725f1bafd7c62f0c5c401

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 998abb29bedb92c11b81decdd061ce10
SHA1 1a40ddff6bb0b45a0d440575a20fe788e239df21
SHA256 0ea6f203fb21b90534ba3b1e1c90b476caccfb3576fa1f03703781d683ab9791
SHA512 95af1a5f391d1b4f4349ee49deb2d6714fc906b1903fd26e086f10658b3de3752f210f0b544d0fe0afebf124123365fa78bf48a88ee54cdc9dfb297067137854

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\6725cee4-a98a-47fb-8762-bbe3edc3f865.tmp

MD5 d9fd83824e1a4ed2b67b6b895aee8869
SHA1 0c0ed3ace160db8a69f25499ddd6ad35c8b2a61d
SHA256 a36abd1d2303cb36bf475184d91273cbb743807b7fb83d9ed83fcf499aa4d1ac
SHA512 3e2673119750bd048f4059a9ffa1572b875205011246a3e78b1a3d80d6f2612d484baecb3bad6ab41e2b6c3585870806f919a32e43c6996f9c93ab01b04e443c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006

MD5 6e16a0e00a70defc9c40ae9ece97c9e5
SHA1 9772b4012ee94ed05356c98ba7e27e71283211d7
SHA256 82c83658c88de47b8e7da9904ca19299fc174763fcee974dd3c087b80b9bd532
SHA512 5e3984a7985a21d5644f5b579f32f408b28bfcb4de59764f403e4e10e08085e7b3f099748fa6e22180b6097edb4d8c20b676de182999155b13fdec4fae93367d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000e

MD5 1bc16342586543c6af7c4a0a1e79854e
SHA1 587fccbbd81611d3b0628f54820edbf9941f2be8
SHA256 94781f24054f1bbf35a3a581676d8a7cdf0a4cacc1b8d2f2b0fdb37501921efe
SHA512 3ae3f2fc2a4054ff5b20724214850b8e336704a2ec4e05f62ca0817b3379906a9d17da574b609714244ea0d4ad6176d3ff3d7c0b9003e549e52070d38fffb8a7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 4b9eff7a68e6c49bf4abe581fbdeaed3
SHA1 7bd7cd90e1827bc4b9d20e2ee639e178bf80db2f
SHA256 fff4b7d12f62005640716fed992c0bde32ce194cd0879e87b4bd957ef3eaa4de
SHA512 7091a79291cb4ab012a0123d365ba4c8256d873ee12603fdcc3bbeb10eceb22d4bf992896c8584ee6ff1c325895a9d65c15ae95dcbe56d4109e9d933240b90da

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 e525f84097a048fd0a772f64c11d1134
SHA1 7bec77d75480d2a36075409d6622e1980cbc7e51
SHA256 f4aab8b12a325f97af4c125dbee7392d8f3d2a824f683444648ea842c5d289f6
SHA512 f42f71262fe1cdf391fc2f805b2348e51a246c056a4e5b5d4f2ce062877fb15e92bfb83392d152e3ec1ad60ed56d2713c4c4e3ed284192accf18e5d72815beae

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 4fba60ffd3e3397f08c6c7ad8e3d52cb
SHA1 dc96902d29b8967113fb31d71175b70ef6cc6aaf
SHA256 214e54eec3f779996b2537c42069bd687da356ba11438d613b6507cea367d54e
SHA512 2c94fab977483293f08fc5b7639772d21747d0885c11f7e9474cc4bf94035e14a0c15331e7a1d76aa0f424fb133fbbc377f523a05d4f7557a080c41bdc1b84ca

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001f

MD5 3e2c62a92a15319ea2b01de479f932a2
SHA1 bed11591175df0a3b1365fafa8b563f46653e273
SHA256 39f38758553545142d8b70caa13e9e2bdc205d2c571252a2f9d58320cc31aa23
SHA512 331ad4573974647a3cf5f34678564bbef8fd7541c7bfee141154d130ca7cb3cb610c89b293f6389fab15f035bf27e7744732003e37d43c5a9763db28c5f049f4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001e

MD5 76d82c7d8c864c474936304e74ce3f4c
SHA1 8447bf273d15b973b48937326a90c60baa2903bf
SHA256 3329378951655530764aaa1f820b0db86aa0f00834fd7f51a48ad752610d60c8
SHA512 a0fc55af7f35ad5f8ac24cea6b9688698909a2e1345460d35e7133142a918d9925fc260e08d0015ec6fa7721fbeae90a4457caa97d6ce01b4ff46109f4cd5a46

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000019

MD5 17a3b62be9665b1d0e411a8d87565ecc
SHA1 be09b90a1a121126dab9689f156c51f77bee1ac9
SHA256 038deabc8e304a2d574cfd4ed4aa515f8f174f7b3f8b80b416a4354d60b4f311
SHA512 6de650c1d46b2d19c14f1b8d21c8589ee276caa2a30654436176295dccea7f619c450ff1cbd01fe94d174cb032eebffed18036fbae4e10dcb17fa228d23850fe

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001d

MD5 cfff8fc00d16fc868cf319409948c243
SHA1 b7e2e2a6656c77a19d9819a7d782a981d9e16d44
SHA256 51266cbe2741a46507d1bb758669d6de3c2246f650829774f7433bc734688a5a
SHA512 9d127abfdf3850998fd0d2fb6bd106b5a40506398eb9c5474933ff5309cdc18c07052592281dbe1f15ea9d6cb245d08ff09873b374777d71bbbc6e0594bde39b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001c

MD5 8a99370cbc67874d68319f5b624173fa
SHA1 46d9eec29e0fc6d642407e5d9250a2f4dc65e990
SHA256 d5c8d14b82bdd5b502444d9cfbfe9ebd3e041a819bd5c187a50ca7a6b2c929b3
SHA512 813170bfdca29d5f0de41f4f538d6d2955750419998c35bf4aaf55b9e8864ba3ffe41d039463ffc0f7d5793d90d1e7a76b9bb77f68f002d63b4ebf5531d0e921

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001b

MD5 b2fd30df44561caba77e306bab6d040d
SHA1 3aa15b05e9428b20b6072c770db79f097f0558f9
SHA256 5d6c32e6ce14a8b55f4eca20d6b324b68f401977e42e858fcb0d14d3bf642a0e
SHA512 0c1d2a2680b50189f2582cbc136f64340ed69c140ca376c87d3cd37cb842fe069ffa7fca2dfcf99590a602a073ec8ea033a1fa4c6496f14864b1624fa9a17a07

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000015

MD5 908677684413f5278249c1b08127d6a0
SHA1 df54a142c7eb47537509a54a8519f1c6c82d0965
SHA256 49910739da15aef97cf1b1fab8a1c6817991542d296c3fe6619248258626330b
SHA512 d6458614c8cf209da33129d5672f4eee9923bb56e91692c87a0f82a0e00c0ed0c03bad913e3ebfae7dab32f76465e58289e15e579bc5f8af37845ab250301773

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000014

MD5 084a7c45c750134bc52120929e4adfa2
SHA1 7caa207a66cb97095da77cb26bc03c05e3e3e3ef
SHA256 d897e13540624694573d596496a442f317069973a8bd8f9464b2ee91406fb990
SHA512 6aac3796f0435096a86e81ef9bdcd0186ecf74d35a38dbcd9d5c08662fe707c50d015453bf7eef1cbdbade8fca2779aded56bf3a2407a5ae97fb2a6eb1092f2f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001a

MD5 551ec1ab5799476429ed57184a6e0502
SHA1 7bcf188080787adcbcf62dcdad2ffa9ad38e1301
SHA256 a26c3b6f6f77a35a297032c0ab11fa2be0a3e3d0091d7d2cf275fd40c84a43c1
SHA512 c9f59fa7160d68e2eb1cc8453a770423af23c2ea93a779aca1180111705096760aee976db84155973402731b113e7e4266772d32d1efd3fdd674d2ea0e5bf058

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000018

MD5 aa9d4b0371cd9ae330d7b131493f54c5
SHA1 e83c2b6b6f023a6e00d18f0c9ed6b8ae9bab1459
SHA256 1ffe9b8b344a25a19f33e5900aadb00e53b8bf1a22210ab66c7b50bbcbea45a1
SHA512 337e27650c4b534683c8589dc4787eb9bcfecae020bcb1a507a1530b1fd7562ba8d185157e8af23b06e80cc70136f51bbc0fc0ac63e581e34e410c6d08d398e1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000017

MD5 2e23d6e099f830cf0b14356b3c3443ce
SHA1 027db4ff48118566db039d6b5f574a8ac73002bc
SHA256 7238196a5bf79e1b83cacb9ed4a82bf40b32cd789c30ef790e4eac0bbf438885
SHA512 165b1de091bfe0dd9deff0f8a3968268113d95edc9fd7a8081b525e0910f4442cfb3b4f5ac58ecfa41991d9dcabe5aa8b69f7f1c77e202cd17dd774931662717

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000016

MD5 dc1fead1a573751765cafd211836ba29
SHA1 1d94ba0be07f3e81518fb5be569ea00e3b6cbc25
SHA256 991d3d799a919cbac9895ac58d8a6e62ef3173f78f2e0a9bb5b92578cbb8f8ed
SHA512 b12e15e781cab71469d6960e7a2760ab6b376a260533fbbb7d761c827659b1d3e2838754e42fcbdebbe6ee92ff0714bfd61d24004f8a57af8885a0be6e774898

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000013

MD5 4e786ef6de6d058a7ee21d714b5878f8
SHA1 a25cf3a4ef2c4208064a295fc00bf84be1557e8d
SHA256 fd7a0097dcdb4360e99e3131665aaf1cdddb65f638323d8dcd86832ac1c65b57
SHA512 79f32a2fe5204c324bcdfd5b11b3d7423cb8961e61350ef8b1a40390212bb1f2125be11aa9a8761edb2fd4c760a39c9f18394a8bd8bc55148ff2937b4ea67bac

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000020

MD5 46c65c348f90aa174bfc5f9dbacbc3a1
SHA1 f3f1cb408e89e48b14532730632dba27858d2676
SHA256 0b36587fac66193c3e84fc32c4edfecf3b9a8717aafea51178f5480239bfa008
SHA512 e18be3c74e039ff4297313b12abae8719e26eb852724a46f119121d008a7165e249bc17d17b3275a108e6de14b1bc443a7827589bc4fd46d616de699b8294ada

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 06303186e81ca0a50c9a20bb0c4bbee8
SHA1 cf186d4a9092395ba6dc84bc69b934c256134583
SHA256 a7f01cfc99a6a7c7028f1d849369379fcb8ae0e16dba55147f41fc5bc80fc2d5
SHA512 a49fcf4563233ffaa86cd14a8daa5c3ed3db791b9fe6c64a5bcc5ba17b48c26b43cf7b81da6799ee7318b6b9e0f1b332327db2d99057197171eee515ac5227af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4f07c128534bcc71d09a18c36ab0c200
SHA1 cf0227b2e6cf66efb5f8fbecf6a56faace489351
SHA256 54e2cbca1897271df6499ac0ba94186f196e4e1d592dfb2bd84c4cc18eb13170
SHA512 2a294bfaf744b76fce10c4f340992fd92f36b2d8820f8030014d6386181494f3574726691eecf7907107f03822f0d62377c764b7b8f7ceda6b44fe749ab6267d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 2c11bac62a05660dc3b3f29aeaa9edbc
SHA1 24b2d3cb41b61c973cccc29f36476f51bd13f73a
SHA256 54849e493bbc35656e12c63799ebb97a17d736d6744b625da65f8400deb7e349
SHA512 6e3431119e76a6ddce81ce07cbd409dceced5dcc625d788749c763b133058425757daed5cd45bc577029c57e1a4ff0ac6b0646d1e9d7387e9ee3cfcbc73d33a4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 d2fa89fba011d26882aac10b22fa949f
SHA1 6a7b19bb489f820b398561e1cc5980404aabd6b8
SHA256 4fb34329cb87a20acae3b7f0c604e6513fb9f70181b5d47bafbb0b62840c9779
SHA512 0f16c6143f759d983825d8ded62249c01c02098c15259a9690f96156bdaf652a8560d1b3d203867f93b7805b686c547772c00bdda735bd123e287742d425e69e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 c8ab515df7702925882c28ccfcb15132
SHA1 1b30dab1035c272c3f96126dcc781a441c5d9ed5
SHA256 38bc5704fb10b11b5a7f168a460900e6f1c7344b584c33566edfe6cce4a440df
SHA512 5cd603cd8702e3dc73cb684b50a519018757bc35afcc23c767689aa8b86e9d28fb4250559beaa094dd627f845b4bb7d1e30ebc484ff376468ab8f10a81a2041b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 a3dec9bd0e0c106475041c3a37401cd0
SHA1 18c2dac28acf91ffed417fd19ca14ea0ac23f85f
SHA256 de18c2dbf4956408730b44c3a3b054adeef7f5ec59d1ec16abcd5a050d39b539
SHA512 23117fc2e04ed09bb517827c7f04b0573716a56e0dc3f33eca6099b7870ff69f65c036d9315f8e1911e5582de837394db670ef77c5357e51b0a296cc57698071

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 7d21fd819bf5c9aabeb1e03e81edef4c
SHA1 ebb9f1c25b91b312a5bc893cbabf3618e5142a3b
SHA256 2b00b3f864a45c0d715cddb0b4a1caa64effe87442216a5dc9fe580c110ac043
SHA512 6db12955455b619a950021e6a089c836a8f1774cd68485c2d49ea75caa5212c02e7528b34ce32159d14d19d8d8c07b921981eb271485de988b91f604bfa91384

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000d

MD5 c38ba740afd4d9ab26e57eaf753494e8
SHA1 cd5335de2af058232688f57ebce8d5b1e0440f4d
SHA256 cc5f63853e59e46e0c06de52459c1289b17bb935480674d85a713cb2d06dab28
SHA512 16c6bd8fe90c087b814820c8f34478ae0becdfee1defc545a5f89b70367fe0ecf1d44a42b0cf4efcdf8261d3ddd2bf7441340ce5462017b4074351b49aba7a3a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000011

MD5 499cd9e79455e8bcf12cab75a779b499
SHA1 4f71481ecd101f6c6137973a40967139a286862e
SHA256 9d442c43e250193fef461e5e5ea10f0a1a295848565b08d6287e779c1644133e
SHA512 730e801ee34f5b9780a8e4ff2af6f973544e8ee6bd18d53bb40e0ea6b7bc66d481886f631d04bdae34810be3e3572d56ffa3ae9c27927a3dd1876a70dd93c791

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 83eba8e847f0070a3760c4f79409274e
SHA1 01b0c6a00e767f97c2fc257b2560c09716c8e489
SHA256 2704a25627bdb34668d2cf8a0426b589497f626d3be7f5ea69446925a6ac0212
SHA512 015d3ea116aba07661db413ccad09234e10a0a31fd5068fb68d30bb160e07275b957af0eaeb3f39fc687fb93ee82c5a886437f054055e2397dd421afa6201909

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 af16efa3735db316e658123885e2ec00
SHA1 c2808c5059ee563440a32986543def62b0069087
SHA256 2421a0c757e2d29ca36a7bd42688df1c7f14575895a8bb15cf105037fca08615
SHA512 8b09bf43378b0984d126af85ab09df4156f144bc17d9ae67d955cde18e17757a8820c39925cb7e70fda2d5adc58e67ded704feef69de77001039f314c7d0026d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000034

MD5 56e6be029d77f578e709c24b614846c9
SHA1 489c375c9f3497c386174d83cad05129e537ba2f
SHA256 25f1d7fee2bd9cf97933b907f627a6ff47534b2ad58fb99676f17b472fb1cbba
SHA512 efe69b930590d01364af98e68539d8bda4538ca7becb19b8b38f6ad6838c3f42778bd5625afb6f76c12aa360b6d3a13d42419bc0a198cd4c043852130a90e8bd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000036

MD5 958e72d173944595320c1377b3015e44
SHA1 ba650126f7d4e739dd399fe8e2ab9939df2e359d
SHA256 0f26af205e088a2d95b5bf8a01905d6beca0acaedca901c6dfab31dfa114ac0b
SHA512 684a460c6f17bfc866d5d3ddd8486f068bb48ddebcc08c99a8117658a9a562fa4e982cd3ea64dcaca2336cd670d058d4be49de477cfe56b7db02014bdef00acb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 1bd23983ef0fff68be64fba433e84036
SHA1 7e19790193786f70c12c749ff3d8bd35e5b6f7ea
SHA256 89cf1b795968ace9a6ea8ff03f46acf99c63cc7a1282ecc8047a4b7755064f04
SHA512 d90a27f75d282625b7b0554e22aa9f432eedf30d37d2cb28fc2d5f09e35be0f13dc699750746ba108649e5c6762712a2050abf84c3a4a979821b733d1e4bcc48

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\afb2ee7d-50d6-4660-9402-61fbbce10705.tmp

MD5 e8f11850663e32afab87e17d74aec6b7
SHA1 5ac68d4aa9f9e010580ce5edea225ee47f9ec814
SHA256 49b9661eeca805a1133d2053564bc4af02ed80d9ad27480ce39bb8c54d46e3dd
SHA512 5a7c284253195c48a994eb459d7932a456cc7d2ff5fd0ee4ee239d3a42d61446ee495dbe24a358f443963aa463e23a00258ecd8a323780b909d5852a5a4cb460

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 73a058bf7f5313534e7ff1afa63713eb
SHA1 b0b2d528b361ca2ab46c18b8aac0a2e6b927d941
SHA256 9f8cc63c3560d758e79b26a70f50c6257949daffe678c60f991c36d3d5dc97c0
SHA512 1768e4f7d6c48f8a0f3108e6a2ffc099ee653d9eb634f1d94631ad52f28ba74f32980005bbe2343067813d47c1d2ace1b1ef5ddc7b3c7bedd1cca837294c17a6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 d535b47e6b622f4532e034e01cba1ac5
SHA1 e3f6908d4139aca9be6832e482d372b25c6e0082
SHA256 dc2fe2053f43dd095983ad5ff8fa607120712e25d33d625813542ad347224b10
SHA512 6dfdf9aa4ef0f9e99da56a7a2afb40192ec32250028c77812bd7d8b2d43add1f17a2249f7e79365523335b00810820ba66ad6f3b7417ad86b581a1105f38e813

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms~RFf7bd826.TMP

MD5 9b607b9cc9de55404971cc966153c9d0
SHA1 e01f8152cbf842f246d109b09cf0571408d41ee5
SHA256 d144847c4e3fb688f83ffa90f566b47717e40448b29962c2dce5d0fd497df469
SHA512 cc297cd329140f2682ca8fd27b1f922fc460609849984e027af9abd14d3fd76c8a7bc6e0a5c55964d5f1a997dcf4552832e87ce6e5842645a54cd1f6c1e18d8f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 bd72bcefe2a6891b2d56a6f2b00ab477
SHA1 29a859c1c3a68d0cdbe69bcc04e9eef7806e4faa
SHA256 68caeae217a7998e36fb092a90b48b2f42466ce398b18830ffda19f4fd16fa34
SHA512 a2da5bbdf37af6a8328912e4d6e73bbef12c1b704550cd753a398544f9a433e34d504413d359d1669320d1a5e1cc925fcd9cbdf2cc8b0bbb941231e42ed3d75d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 e2ff38504146d17704cd06757005014c
SHA1 1e7d9beefeb2b2ecf1e61054756863ad0034621b
SHA256 e39883e825f34b9522fcea0ad5a100fb033c0bf0d3e1627b9946f8522ea521fb
SHA512 99a1a4e3deaa12a72265da7268e336b9d835a072365d14d94fccefb07f95ed9c00ad70d21844636cddad62acbb492fc94fb454e23ac30adc7aa014b67be9607b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\4cd0c06c-3f1d-4e38-b2c8-f77a625107d7.tmp

MD5 dfde1e77bfc04570344f9d7f912ad071
SHA1 f2e3448fc8f5d589ae9413a83400b7c2c8d0c40f
SHA256 8a462a645569eeb9988a5321db345473ce6b591ecf750f952582d4b6fe292af1
SHA512 12173ae15c8baa1b62636bd7d54d6d45acbf54b7202ab913fa157b24d45166b43c7298a4d9414abfdc5549a339b8eb56ed14cbaf85270d19b9754810e6271df9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 a88ff4749c90db9bb04af78eb446d808
SHA1 1d0da3fecac6191e9171207b5b6c2baa095574e5
SHA256 8e8cdf0a5f6f7bf2009de9099e06f1dfce4a03824b2472bd11ad4e46003c27cf
SHA512 195aaf7e47817a4b424243c658fbd305376e85d771a4d416ab3148e78b874c052ff4f9ab5183c8d0f155163783d97468fd2de848e31b639b747c9eb52460aae2