Malware Analysis Report

2025-04-03 13:10

Sample ID 241109-1nk7tawjhr
Target https://github.com/suffz/luna/raw/refs/heads/main/Bootstrapper.zip Please use responsibly, we are not responsible with how you use this.
Tags
discovery persistence privilege_escalation
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

Threat Level: Likely malicious

The file https://github.com/suffz/luna/raw/refs/heads/main/Bootstrapper.zip Please use responsibly, we are not responsible with how you use this. was found to be: Likely malicious.

Malicious Activity Summary

discovery persistence privilege_escalation

Downloads MZ/PE file

Event Triggered Execution: Image File Execution Options Injection

Executes dropped EXE

Event Triggered Execution: Component Object Model Hijacking

Loads dropped DLL

Checks computer location settings

Network Share Discovery

Checks installed software on the system

Legitimate hosting services abused for malware hosting/C2

Checks system information in the registry

Drops file in Program Files directory

Drops file in Windows directory

Enumerates physical storage devices

System Location Discovery: System Language Discovery

Browser Information Discovery

System Network Configuration Discovery: Internet Connection Discovery

Suspicious behavior: AddClipboardFormatListener

Enumerates system info in registry

Modifies Internet Explorer settings

Suspicious behavior: EnumeratesProcesses

Suspicious use of AdjustPrivilegeToken

Suspicious use of WriteProcessMemory

Modifies system certificate store

Suspicious use of SendNotifyMessage

Modifies data under HKEY_USERS

Modifies registry class

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of FindShellTrayWindow

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-11-09 21:47

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-11-09 21:47

Reported

2024-11-09 21:58

Platform

win10v2004-20241007-en

Max time kernel

491s

Max time network

616s

Command Line

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://github.com/suffz/luna/raw/refs/heads/main/Bootstrapper.zip Please use responsibly, we are not responsible with how you use this.

Signatures

Downloads MZ/PE file

Event Triggered Execution: Image File Execution Options Injection

persistence
Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\Temp\EU1F2E.tmp\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe\DisableExceptionChainValidation = "0" C:\Program Files (x86)\Microsoft\Temp\EU1F2E.tmp\MicrosoftEdgeUpdate.exe N/A

Checks computer location settings

Description Indicator Process Target
Key value queried \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000\Control Panel\International\Geo\Nation C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8A0D272D-9088-49FF-87DB-FD42572CCA4C}\EDGEMITMP_1B9CD.tmp\setup.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000\Control Panel\International\Geo\Nation C:\Program Files (x86)\Microsoft\Temp\EU1F2E.tmp\MicrosoftEdgeUpdate.exe N/A

Event Triggered Execution: Component Object Model Hijacking

persistence privilege_escalation

Executes dropped EXE

Description Indicator Process Target
N/A N/A C:\Users\Admin\Downloads\Luna\Bootstrapper.exe N/A
N/A N/A C:\Users\Admin\Downloads\Luna\luna\Luna.exe N/A
N/A N/A C:\Users\Admin\Downloads\Luna\luna\Luna.exe N/A
N/A N/A C:\Users\Admin\Downloads\Luna\luna\Luna.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeWebview2Setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU1F2E.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.31\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.31\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.31\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8A0D272D-9088-49FF-87DB-FD42572CCA4C}\MicrosoftEdge_X64_130.0.2849.56.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8A0D272D-9088-49FF-87DB-FD42572CCA4C}\EDGEMITMP_1B9CD.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8A0D272D-9088-49FF-87DB-FD42572CCA4C}\EDGEMITMP_1B9CD.tmp\setup.exe N/A

Loads dropped DLL

Description Indicator Process Target
N/A N/A C:\Users\Admin\Downloads\Luna\luna\Luna.exe N/A
N/A N/A C:\Users\Admin\Downloads\Luna\luna\Luna.exe N/A
N/A N/A C:\Users\Admin\Downloads\Luna\luna\Luna.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU1F2E.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.31\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.31\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.31\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Checks installed software on the system

discovery

Legitimate hosting services abused for malware hosting/C2

Description Indicator Process Target
N/A raw.githubusercontent.com N/A N/A
N/A raw.githubusercontent.com N/A N/A
N/A raw.githubusercontent.com N/A N/A
N/A raw.githubusercontent.com N/A N/A
N/A raw.githubusercontent.com N/A N/A
N/A raw.githubusercontent.com N/A N/A
N/A raw.githubusercontent.com N/A N/A
N/A raw.githubusercontent.com N/A N/A
N/A raw.githubusercontent.com N/A N/A

Network Share Discovery

discovery

Checks system information in the registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\Temp\EU1F2E.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\Temp\EU1F2E.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Drops file in Program Files directory

Description Indicator Process Target
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\130.0.2849.56\microsoft_shell_integration.dll C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8A0D272D-9088-49FF-87DB-FD42572CCA4C}\EDGEMITMP_1B9CD.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\130.0.2849.56\Trust Protection Lists\Mu\TransparentAdvertisers C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8A0D272D-9088-49FF-87DB-FD42572CCA4C}\EDGEMITMP_1B9CD.tmp\setup.exe N/A
File created C:\Program Files (x86)\Microsoft\Temp\EU1F2E.tmp\msedgeupdateres_is.dll C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeWebview2Setup.exe N/A
File opened for modification C:\Program Files\MsEdgeCrashpad\metadata C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8A0D272D-9088-49FF-87DB-FD42572CCA4C}\EDGEMITMP_1B9CD.tmp\setup.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeCore\130.0.2849.56\Locales\nb.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8A0D272D-9088-49FF-87DB-FD42572CCA4C}\EDGEMITMP_1B9CD.tmp\setup.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeWebView\Temp\source5208_2047730709\msedge_7z.data C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8A0D272D-9088-49FF-87DB-FD42572CCA4C}\EDGEMITMP_1B9CD.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\130.0.2849.56\Locales\cs.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8A0D272D-9088-49FF-87DB-FD42572CCA4C}\EDGEMITMP_1B9CD.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.56\WidevineCdm\manifest.json C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8A0D272D-9088-49FF-87DB-FD42572CCA4C}\EDGEMITMP_1B9CD.tmp\setup.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeCore\130.0.2849.56\Locales\nl.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8A0D272D-9088-49FF-87DB-FD42572CCA4C}\EDGEMITMP_1B9CD.tmp\setup.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeCore\130.0.2849.56\oneauth.dll C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8A0D272D-9088-49FF-87DB-FD42572CCA4C}\EDGEMITMP_1B9CD.tmp\setup.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeCore\130.0.2849.56\Trust Protection Lists\Sigma\Staging C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8A0D272D-9088-49FF-87DB-FD42572CCA4C}\EDGEMITMP_1B9CD.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeWebView\Temp\source5208_2047730709\msedge_7z.data C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8A0D272D-9088-49FF-87DB-FD42572CCA4C}\EDGEMITMP_1B9CD.tmp\setup.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeCore\130.0.2849.56\identity_proxy\win11\identity_helper.Sparse.Canary.msix C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8A0D272D-9088-49FF-87DB-FD42572CCA4C}\EDGEMITMP_1B9CD.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\130.0.2849.56\Locales\es-419.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8A0D272D-9088-49FF-87DB-FD42572CCA4C}\EDGEMITMP_1B9CD.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\130.0.2849.56\Locales\pt-PT.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8A0D272D-9088-49FF-87DB-FD42572CCA4C}\EDGEMITMP_1B9CD.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.56\VisualElements\SmallLogoDev.png C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8A0D272D-9088-49FF-87DB-FD42572CCA4C}\EDGEMITMP_1B9CD.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.56\Locales\en-US.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8A0D272D-9088-49FF-87DB-FD42572CCA4C}\EDGEMITMP_1B9CD.tmp\setup.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8A0D272D-9088-49FF-87DB-FD42572CCA4C}\EDGEMITMP_1B9CD.tmp\SETUP.EX_ C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8A0D272D-9088-49FF-87DB-FD42572CCA4C}\MicrosoftEdge_X64_130.0.2849.56.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeCore\130.0.2849.56\Locales\ru.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8A0D272D-9088-49FF-87DB-FD42572CCA4C}\EDGEMITMP_1B9CD.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\130.0.2849.56\dxcompiler.dll C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8A0D272D-9088-49FF-87DB-FD42572CCA4C}\EDGEMITMP_1B9CD.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\130.0.2849.56\VisualElements\SmallLogo.png C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8A0D272D-9088-49FF-87DB-FD42572CCA4C}\EDGEMITMP_1B9CD.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.56\Locales\fa.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8A0D272D-9088-49FF-87DB-FD42572CCA4C}\EDGEMITMP_1B9CD.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.56\Locales\is.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8A0D272D-9088-49FF-87DB-FD42572CCA4C}\EDGEMITMP_1B9CD.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.56\Locales\pt-PT.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8A0D272D-9088-49FF-87DB-FD42572CCA4C}\EDGEMITMP_1B9CD.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.56\Locales\ur.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8A0D272D-9088-49FF-87DB-FD42572CCA4C}\EDGEMITMP_1B9CD.tmp\setup.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeCore\130.0.2849.56\Trust Protection Lists\Mu\TransparentAdvertisers C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8A0D272D-9088-49FF-87DB-FD42572CCA4C}\EDGEMITMP_1B9CD.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\130.0.2849.56\msedgewebview2.exe C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8A0D272D-9088-49FF-87DB-FD42572CCA4C}\EDGEMITMP_1B9CD.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\130.0.2849.56\EBWebView\x64\EmbeddedBrowserWebView.dll C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8A0D272D-9088-49FF-87DB-FD42572CCA4C}\EDGEMITMP_1B9CD.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.56\msedge_100_percent.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8A0D272D-9088-49FF-87DB-FD42572CCA4C}\EDGEMITMP_1B9CD.tmp\setup.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeCore\130.0.2849.56\Locales\kk.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8A0D272D-9088-49FF-87DB-FD42572CCA4C}\EDGEMITMP_1B9CD.tmp\setup.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeCore\130.0.2849.56\Locales\mt.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8A0D272D-9088-49FF-87DB-FD42572CCA4C}\EDGEMITMP_1B9CD.tmp\setup.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeCore\130.0.2849.56\Locales\pa.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8A0D272D-9088-49FF-87DB-FD42572CCA4C}\EDGEMITMP_1B9CD.tmp\setup.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeCore\130.0.2849.56\notification_helper.exe C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8A0D272D-9088-49FF-87DB-FD42572CCA4C}\EDGEMITMP_1B9CD.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.56\Locales\lo.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8A0D272D-9088-49FF-87DB-FD42572CCA4C}\EDGEMITMP_1B9CD.tmp\setup.exe N/A
File created C:\Program Files (x86)\Microsoft\Temp\EU1F2E.tmp\psuser.dll C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeWebview2Setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\130.0.2849.56\libEGL.dll C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8A0D272D-9088-49FF-87DB-FD42572CCA4C}\EDGEMITMP_1B9CD.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.56\Locales\nl.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8A0D272D-9088-49FF-87DB-FD42572CCA4C}\EDGEMITMP_1B9CD.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.56\Locales\qu.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8A0D272D-9088-49FF-87DB-FD42572CCA4C}\EDGEMITMP_1B9CD.tmp\setup.exe N/A
File created C:\Program Files (x86)\Microsoft\Temp\EU1F2E.tmp\msedgeupdateres_ru.dll C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeWebview2Setup.exe N/A
File created C:\Program Files (x86)\Microsoft\Temp\EU1F2E.tmp\msedgeupdateres_sr.dll C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeWebview2Setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\130.0.2849.56\Locales\sr.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8A0D272D-9088-49FF-87DB-FD42572CCA4C}\EDGEMITMP_1B9CD.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.56\Locales\de.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8A0D272D-9088-49FF-87DB-FD42572CCA4C}\EDGEMITMP_1B9CD.tmp\setup.exe N/A
File created C:\Program Files (x86)\Microsoft\Temp\EU1F2E.tmp\msedgeupdateres_pa.dll C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeWebview2Setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\130.0.2849.56\Locales\id.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8A0D272D-9088-49FF-87DB-FD42572CCA4C}\EDGEMITMP_1B9CD.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.56\identity_proxy\win10\identity_helper.Sparse.Stable.msix C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8A0D272D-9088-49FF-87DB-FD42572CCA4C}\EDGEMITMP_1B9CD.tmp\setup.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\Temp\EU1F2E.tmp\MicrosoftEdgeUpdate.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeCore\130.0.2849.56\Locales\fa.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8A0D272D-9088-49FF-87DB-FD42572CCA4C}\EDGEMITMP_1B9CD.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\130.0.2849.56\Trust Protection Lists\Mu\Other C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8A0D272D-9088-49FF-87DB-FD42572CCA4C}\EDGEMITMP_1B9CD.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.56\Locales\bn-IN.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8A0D272D-9088-49FF-87DB-FD42572CCA4C}\EDGEMITMP_1B9CD.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.56\Locales\sr-Latn-RS.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8A0D272D-9088-49FF-87DB-FD42572CCA4C}\EDGEMITMP_1B9CD.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\130.0.2849.56\icudtl.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8A0D272D-9088-49FF-87DB-FD42572CCA4C}\EDGEMITMP_1B9CD.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\130.0.2849.56\Locales\lt.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8A0D272D-9088-49FF-87DB-FD42572CCA4C}\EDGEMITMP_1B9CD.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\130.0.2849.56\edge_game_assist\EdgeGameAssist.msix C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8A0D272D-9088-49FF-87DB-FD42572CCA4C}\EDGEMITMP_1B9CD.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\130.0.2849.56\AdSelectionAttestationsPreloaded\ad-selection-attestations.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8A0D272D-9088-49FF-87DB-FD42572CCA4C}\EDGEMITMP_1B9CD.tmp\setup.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeCore\130.0.2849.56\Locales\ca-Es-VALENCIA.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8A0D272D-9088-49FF-87DB-FD42572CCA4C}\EDGEMITMP_1B9CD.tmp\setup.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeCore\130.0.2849.56\MEIPreload\preloaded_data.pb C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8A0D272D-9088-49FF-87DB-FD42572CCA4C}\EDGEMITMP_1B9CD.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\130.0.2849.56\msedge_100_percent.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8A0D272D-9088-49FF-87DB-FD42572CCA4C}\EDGEMITMP_1B9CD.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.56\Locales\nb.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8A0D272D-9088-49FF-87DB-FD42572CCA4C}\EDGEMITMP_1B9CD.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\130.0.2849.56\v8_context_snapshot.bin C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8A0D272D-9088-49FF-87DB-FD42572CCA4C}\EDGEMITMP_1B9CD.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\130.0.2849.56\Locales\bs.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8A0D272D-9088-49FF-87DB-FD42572CCA4C}\EDGEMITMP_1B9CD.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\130.0.2849.56\Locales\kok.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8A0D272D-9088-49FF-87DB-FD42572CCA4C}\EDGEMITMP_1B9CD.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.56\Trust Protection Lists\Sigma\Other C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8A0D272D-9088-49FF-87DB-FD42572CCA4C}\EDGEMITMP_1B9CD.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.56\AdSelectionAttestationsPreloaded\ad-selection-attestations.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8A0D272D-9088-49FF-87DB-FD42572CCA4C}\EDGEMITMP_1B9CD.tmp\setup.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeCore\130.0.2849.56\Locales\eu.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8A0D272D-9088-49FF-87DB-FD42572CCA4C}\EDGEMITMP_1B9CD.tmp\setup.exe N/A

Browser Information Discovery

discovery

Enumerates physical storage devices

System Location Discovery: System Language Discovery

discovery
Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\DllHost.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeWebview2Setup.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Microsoft\Temp\EU1F2E.tmp\MicrosoftEdgeUpdate.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

System Network Configuration Discovery: Internet Connection Discovery

discovery
Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000\Software\Microsoft\Internet Explorer\Toolbar C:\Windows\explorer.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar\Locked = "1" C:\Windows\explorer.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133756625067642864" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{492E1C30-A1A2-4695-87C8-7A8CAD6F936F}\LocalServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{77857D02-7A25-4B67-9266-3E122A8F39E4}\LocalServer32\ = "\"C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.195.31\\MicrosoftEdgeUpdateOnDemand.exe\"" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{9F3F5F5D-721A-4B19-9B5D-69F664C1A591}\ = "Google Update Policy Status Class" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{C76C02A1-BCDF-4632-88E6-55698920001E}\InprocHandler32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.31\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{5F9C80B5-9E50-43C9-887C-7C6412E110DF}\ = "IAppCommand" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.31\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C853632E-36CA-4999-B992-EC0D408CF5AB}\ = "IPackage" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.31\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{195A2EB3-21EE-43CA-9F23-93C2C9934E2E}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F7B3738C-9BCA-4B14-90B7-89D0F3A3E497}\NumMethods\ = "26" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.31\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{99F8E195-1042-4F89-A28C-89CDB74A14AE}\ProxyStubClsid32\ = "{35725228-BF11-429E-B5B8-ED0F2BCABF82}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.31\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3E102DC6-1EDB-46A1-8488-61F71B35ED5F}\ProxyStubClsid32\ = "{35725228-BF11-429E-B5B8-ED0F2BCABF82}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.31\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{C20433B3-0D4B-49F6-9B6C-6EE0FAE07837} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{D9AA3288-4EA7-4E67-AE60-D18EADCB923D}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.31\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{D1E8B1A6-32CE-443C-8E2E-EBA90C481353}\ = "Microsoft Edge Update Broker Class Factory" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3E102DC6-1EDB-46A1-8488-61F71B35ED5F}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.31\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{35725228-BF11-429E-B5B8-ED0F2BCABF82}\InProcServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.195.31\\psmachine_64.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.31\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A6556DFF-AB15-4DC3-A890-AB54120BEAEC}\ = "IProcessLauncher2" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.31\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{7E29BE61-5809-443F-9B5D-CF22156694EB}\NumMethods\ = "12" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{2E1DD7EF-C12D-4F8E-8AD8-CF8CC265BAD0}\Elevation\IconReference = "@C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.195.31\\msedgeupdate.dll,-1004" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{77857D02-7A25-4B67-9266-3E122A8F39E4} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\AppID\{A6B716CB-028B-404D-B72C-50E153DD68DA} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{FCE48F77-C677-4012-8A1A-54D2E2BC07BD}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{6DFFE7FE-3153-4AF1-95D8-F8FCCA97E56B}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{837E40DA-EB1B-440C-8623-0F14DF158DC0}\NumMethods\ = "24" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.31\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.31\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{837E40DA-EB1B-440C-8623-0F14DF158DC0}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.31\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{8F09CD6C-5964-4573-82E3-EBFF7702865B} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3805CA06-AC83-4F00-8A02-271DCD89BDEB}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.31\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{837E40DA-EB1B-440C-8623-0F14DF158DC0} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{77857D02-7A25-4B67-9266-3E122A8F39E4}\LocalizedString = "@C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.195.31\\msedgeupdate.dll,-3000" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{3E102DC6-1EDB-46A1-8488-61F71B35ED5F}\NumMethods\ = "8" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{D1E8B1A6-32CE-443C-8E2E-EBA90C481353}\LocalizedString = "@C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.195.31\\msedgeupdate.dll,-3000" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E55B90F1-DA33-400B-B09E-3AFF7D46BD83} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.31\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2EC826CB-5478-4533-9015-7580B3B5E03A}\ProxyStubClsid32\ = "{35725228-BF11-429E-B5B8-ED0F2BCABF82}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.31\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{DDD4B5D4-FD54-497C-8789-0830F29A60EE} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.31\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A6556DFF-AB15-4DC3-A890-AB54120BEAEC}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.31\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3E102DC6-1EDB-46A1-8488-61F71B35ED5F}\ = "IRegistrationUpdateHook" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.31\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{1B9063E4-3882-485E-8797-F28A0240782F}\NumMethods\ = "4" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.31\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.PolicyStatusMachine.1.0\ = "Microsoft Edge Update Broker Class Factory" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A6556DFF-AB15-4DC3-A890-AB54120BEAEC}\ProxyStubClsid32\ = "{35725228-BF11-429E-B5B8-ED0F2BCABF82}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.31\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7E29BE61-5809-443F-9B5D-CF22156694EB}\ = "IAppCommand2" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.31\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{AB4EE1FC-0A81-4F56-B0E2-248FB78051AF}\ = "IPolicyStatus2" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{6DFFE7FE-3153-4AF1-95D8-F8FCCA97E56B}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{EA92A799-267E-4DF5-A6ED-6A7E0684BB8A} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.PolicyStatusSvc.1.0\ = "Google Update Policy Status Class" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7B3B7A69-7D88-4847-A6BC-90E246A41F69} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.31\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2EC826CB-5478-4533-9015-7580B3B5E03A}\NumMethods\ = "11" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.31\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{2E1DD7EF-C12D-4F8E-8AD8-CF8CC265BAD0}\LOCALSERVER32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2EC826CB-5478-4533-9015-7580B3B5E03A}\NumMethods\ = "11" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.31\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{DDD4B5D4-FD54-497C-8789-0830F29A60EE}\ = "IGoogleUpdate3" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.31\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{35725228-BF11-429E-B5B8-ED0F2BCABF82}\InProcServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.31\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{492E1C30-A1A2-4695-87C8-7A8CAD6F936F}\ = "Microsoft Edge Update Broker Class Factory" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{8F09CD6C-5964-4573-82E3-EBFF7702865B} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{450CF5FF-95C4-4679-BECA-22680389ECB9}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.31\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{AB4F4A7E-977C-4E23-AD8F-626A491715DF}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{A5135E58-384F-4244-9A5F-30FA9259413C}\ = "IProcessLauncher" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{D9AA3288-4EA7-4E67-AE60-D18EADCB923D} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2603C88B-F971-4167-9DE1-871EE4A3DC84} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.31\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\AppID\{CECDDD22-2E72-4832-9606-A9B0E5E344B2}\LocalService = "edgeupdate" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{A6B716CB-028B-404D-B72C-50E153DD68DA}\VERSIONINDEPENDENTPROGID C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{6DFFE7FE-3153-4AF1-95D8-F8FCCA97E56B}\NumMethods\ = "8" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.31\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7E29BE61-5809-443F-9B5D-CF22156694EB}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.31\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3A49F783-1C7D-4D35-8F63-5C1C206B9B6E}\ = "IAppWeb" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.31\MicrosoftEdgeUpdateComRegisterShell64.exe N/A

Modifies system certificate store

evasion spyware trojan
Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\D1EB23A46D17D68FD92564C2F1F1601764D8E349 C:\Users\Admin\Downloads\Luna\Bootstrapper.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\D1EB23A46D17D68FD92564C2F1F1601764D8E349\Blob = 040000000100000010000000497904b0eb8719ac47b0bc11519b74d00f00000001000000140000003e8e6487f8fd27d322a269a71edaac5d57811286090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b0601050507030853000000010000004300000030413022060c2b06010401b231010201050130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0620000000100000020000000d7a7a0fb5d7e2731d771e9484ebcdef71d5f0c3e0a2948782bc83ee0ea699ef40b000000010000001c0000005300650063007400690067006f002000280041004100410029000000140000000100000014000000a0110a233e96f107ece2af29ef82a57fd030a4b41d00000001000000100000002e0d6875874a44c820912e85e964cfdb030000000100000014000000d1eb23a46d17d68fd92564c2f1f1601764d8e3491900000001000000100000002aa1c05e2ae606f198c2c5e937c97aa2200000000100000036040000308204323082031aa003020102020101300d06092a864886f70d0101050500307b310b3009060355040613024742311b301906035504080c1247726561746572204d616e636865737465723110300e06035504070c0753616c666f7264311a3018060355040a0c11436f6d6f646f204341204c696d697465643121301f06035504030c18414141204365727469666963617465205365727669636573301e170d3034303130313030303030305a170d3238313233313233353935395a307b310b3009060355040613024742311b301906035504080c1247726561746572204d616e636865737465723110300e06035504070c0753616c666f7264311a3018060355040a0c11436f6d6f646f204341204c696d697465643121301f06035504030c1841414120436572746966696361746520536572766963657330820122300d06092a864886f70d01010105000382010f003082010a0282010100be409df46ee1ea76871c4d45448ebe46c883069dc12afe181f8ee402faf3ab5d508a16310b9a06d0c57022cd492d5463ccb66e68460b53eacb4c24c0bc724eeaf115aef4549a120ac37ab23360e2da8955f32258f3dedccfef8386a28c944f9f68f29890468427c776bfe3cc352c8b5e07646582c048b0a891f9619f762050a891c766b5eb78620356f08a1a13ea31a31ea099fd38f6f62732586f07f56bb8fb142bafb7aaccd6635f738cda0599a838a8cb17783651ace99ef4783a8dcf0fd942e2980cab2f9f0e01deef9f9949f12ddfac744d1b98b547c5e529d1f99018c7629cbe83c7267b3e8a25c7c0dd9de6356810209d8fd8ded2c3849c0d5ee82fc90203010001a381c03081bd301d0603551d0e04160414a0110a233e96f107ece2af29ef82a57fd030a4b4300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff307b0603551d1f047430723038a036a0348632687474703a2f2f63726c2e636f6d6f646f63612e636f6d2f414141436572746966696361746553657276696365732e63726c3036a034a0328630687474703a2f2f63726c2e636f6d6f646f2e6e65742f414141436572746966696361746553657276696365732e63726c300d06092a864886f70d010105050003820101000856fc02f09be8ffa4fad67bc64480ce4fc4c5f60058cca6b6bc1449680476e8e6ee5dec020f60d68d50184f264e01e3e6b0a5eebfbc745441bffdfc12b8c74f5af48960057f60b7054af3f6f1c2bfc4b97486b62d7d6bccd2f346dd2fc6e06ac3c334032c7d96dd5ac20ea70a99c1058bab0c2ff35c3acf6c37550987de53406c58effcb6ab656e04f61bdc3ce05a15c69ed9f15948302165036cece92173ec9b03a1e037ada015188ffaba02cea72ca910132cd4e50826ab229760f8905e74d4a29a53bdf2a968e0a26ec2d76cb1a30f9ebfeb68e756f2aef2e32b383a0981b56b85d7be2ded3f1ab7b263e2f5622c82d46a004150f139839f95e93696986e C:\Users\Admin\Downloads\Luna\Bootstrapper.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\D1EB23A46D17D68FD92564C2F1F1601764D8E349\Blob = 5c0000000100000004000000000800001900000001000000100000002aa1c05e2ae606f198c2c5e937c97aa2030000000100000014000000d1eb23a46d17d68fd92564c2f1f1601764d8e3491d00000001000000100000002e0d6875874a44c820912e85e964cfdb140000000100000014000000a0110a233e96f107ece2af29ef82a57fd030a4b40b000000010000001c0000005300650063007400690067006f002000280041004100410029000000620000000100000020000000d7a7a0fb5d7e2731d771e9484ebcdef71d5f0c3e0a2948782bc83ee0ea699ef453000000010000004300000030413022060c2b06010401b231010201050130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b060105050703080f00000001000000140000003e8e6487f8fd27d322a269a71edaac5d57811286040000000100000010000000497904b0eb8719ac47b0bc11519b74d0200000000100000036040000308204323082031aa003020102020101300d06092a864886f70d0101050500307b310b3009060355040613024742311b301906035504080c1247726561746572204d616e636865737465723110300e06035504070c0753616c666f7264311a3018060355040a0c11436f6d6f646f204341204c696d697465643121301f06035504030c18414141204365727469666963617465205365727669636573301e170d3034303130313030303030305a170d3238313233313233353935395a307b310b3009060355040613024742311b301906035504080c1247726561746572204d616e636865737465723110300e06035504070c0753616c666f7264311a3018060355040a0c11436f6d6f646f204341204c696d697465643121301f06035504030c1841414120436572746966696361746520536572766963657330820122300d06092a864886f70d01010105000382010f003082010a0282010100be409df46ee1ea76871c4d45448ebe46c883069dc12afe181f8ee402faf3ab5d508a16310b9a06d0c57022cd492d5463ccb66e68460b53eacb4c24c0bc724eeaf115aef4549a120ac37ab23360e2da8955f32258f3dedccfef8386a28c944f9f68f29890468427c776bfe3cc352c8b5e07646582c048b0a891f9619f762050a891c766b5eb78620356f08a1a13ea31a31ea099fd38f6f62732586f07f56bb8fb142bafb7aaccd6635f738cda0599a838a8cb17783651ace99ef4783a8dcf0fd942e2980cab2f9f0e01deef9f9949f12ddfac744d1b98b547c5e529d1f99018c7629cbe83c7267b3e8a25c7c0dd9de6356810209d8fd8ded2c3849c0d5ee82fc90203010001a381c03081bd301d0603551d0e04160414a0110a233e96f107ece2af29ef82a57fd030a4b4300e0603551d0f0101ff040403020106300f0603551d130101ff040530030101ff307b0603551d1f047430723038a036a0348632687474703a2f2f63726c2e636f6d6f646f63612e636f6d2f414141436572746966696361746553657276696365732e63726c3036a034a0328630687474703a2f2f63726c2e636f6d6f646f2e6e65742f414141436572746966696361746553657276696365732e63726c300d06092a864886f70d010105050003820101000856fc02f09be8ffa4fad67bc64480ce4fc4c5f60058cca6b6bc1449680476e8e6ee5dec020f60d68d50184f264e01e3e6b0a5eebfbc745441bffdfc12b8c74f5af48960057f60b7054af3f6f1c2bfc4b97486b62d7d6bccd2f346dd2fc6e06ac3c334032c7d96dd5ac20ea70a99c1058bab0c2ff35c3acf6c37550987de53406c58effcb6ab656e04f61bdc3ce05a15c69ed9f15948302165036cece92173ec9b03a1e037ada015188ffaba02cea72ca910132cd4e50826ab229760f8905e74d4a29a53bdf2a968e0a26ec2d76cb1a30f9ebfeb68e756f2aef2e32b383a0981b56b85d7be2ded3f1ab7b263e2f5622c82d46a004150f139839f95e93696986e C:\Users\Admin\Downloads\Luna\Bootstrapper.exe N/A

Suspicious behavior: AddClipboardFormatListener

Description Indicator Process Target
N/A N/A C:\Windows\explorer.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\Downloads\Luna\Bootstrapper.exe N/A
N/A N/A C:\Users\Admin\Downloads\Luna\Bootstrapper.exe N/A
N/A N/A C:\Users\Admin\Downloads\Luna\luna\Luna.exe N/A
N/A N/A C:\Users\Admin\Downloads\Luna\luna\Luna.exe N/A
N/A N/A C:\Users\Admin\Downloads\Luna\luna\Luna.exe N/A
N/A N/A C:\Users\Admin\Downloads\Luna\luna\Luna.exe N/A
N/A N/A C:\Users\Admin\Downloads\Luna\luna\Luna.exe N/A
N/A N/A C:\Users\Admin\Downloads\Luna\luna\Luna.exe N/A
N/A N/A C:\Users\Admin\Downloads\Luna\luna\Luna.exe N/A
N/A N/A C:\Users\Admin\Downloads\Luna\luna\Luna.exe N/A
N/A N/A C:\Users\Admin\Downloads\Luna\luna\Luna.exe N/A
N/A N/A C:\Users\Admin\Downloads\Luna\luna\Luna.exe N/A
N/A N/A C:\Users\Admin\Downloads\Luna\luna\Luna.exe N/A
N/A N/A C:\Users\Admin\Downloads\Luna\luna\Luna.exe N/A
N/A N/A C:\Users\Admin\Downloads\Luna\luna\Luna.exe N/A
N/A N/A C:\Users\Admin\Downloads\Luna\luna\Luna.exe N/A
N/A N/A C:\Users\Admin\Downloads\Luna\luna\Luna.exe N/A
N/A N/A C:\Users\Admin\Downloads\Luna\luna\Luna.exe N/A
N/A N/A C:\Users\Admin\Downloads\Luna\luna\Luna.exe N/A
N/A N/A C:\Users\Admin\Downloads\Luna\luna\Luna.exe N/A
N/A N/A C:\Users\Admin\Downloads\Luna\luna\Luna.exe N/A
N/A N/A C:\Users\Admin\Downloads\Luna\luna\Luna.exe N/A
N/A N/A C:\Users\Admin\Downloads\Luna\luna\Luna.exe N/A
N/A N/A C:\Users\Admin\Downloads\Luna\luna\Luna.exe N/A
N/A N/A C:\Users\Admin\Downloads\Luna\luna\Luna.exe N/A
N/A N/A C:\Users\Admin\Downloads\Luna\luna\Luna.exe N/A
N/A N/A C:\Users\Admin\Downloads\Luna\luna\Luna.exe N/A
N/A N/A C:\Users\Admin\Downloads\Luna\luna\Luna.exe N/A
N/A N/A C:\Users\Admin\Downloads\Luna\luna\Luna.exe N/A
N/A N/A C:\Users\Admin\Downloads\Luna\luna\Luna.exe N/A
N/A N/A C:\Users\Admin\Downloads\Luna\luna\Luna.exe N/A
N/A N/A C:\Users\Admin\Downloads\Luna\luna\Luna.exe N/A
N/A N/A C:\Users\Admin\Downloads\Luna\luna\Luna.exe N/A
N/A N/A C:\Users\Admin\Downloads\Luna\luna\Luna.exe N/A
N/A N/A C:\Users\Admin\Downloads\Luna\luna\Luna.exe N/A
N/A N/A C:\Users\Admin\Downloads\Luna\luna\Luna.exe N/A
N/A N/A C:\Users\Admin\Downloads\Luna\luna\Luna.exe N/A
N/A N/A C:\Users\Admin\Downloads\Luna\luna\Luna.exe N/A
N/A N/A C:\Users\Admin\Downloads\Luna\luna\Luna.exe N/A
N/A N/A C:\Users\Admin\Downloads\Luna\luna\Luna.exe N/A
N/A N/A C:\Users\Admin\Downloads\Luna\luna\Luna.exe N/A
N/A N/A C:\Users\Admin\Downloads\Luna\luna\Luna.exe N/A
N/A N/A C:\Users\Admin\Downloads\Luna\luna\Luna.exe N/A
N/A N/A C:\Users\Admin\Downloads\Luna\luna\Luna.exe N/A
N/A N/A C:\Users\Admin\Downloads\Luna\luna\Luna.exe N/A
N/A N/A C:\Users\Admin\Downloads\Luna\luna\Luna.exe N/A
N/A N/A C:\Users\Admin\Downloads\Luna\luna\Luna.exe N/A
N/A N/A C:\Users\Admin\Downloads\Luna\luna\Luna.exe N/A
N/A N/A C:\Users\Admin\Downloads\Luna\luna\Luna.exe N/A
N/A N/A C:\Users\Admin\Downloads\Luna\luna\Luna.exe N/A
N/A N/A C:\Users\Admin\Downloads\Luna\luna\Luna.exe N/A
N/A N/A C:\Users\Admin\Downloads\Luna\luna\Luna.exe N/A
N/A N/A C:\Users\Admin\Downloads\Luna\luna\Luna.exe N/A
N/A N/A C:\Users\Admin\Downloads\Luna\luna\Luna.exe N/A
N/A N/A C:\Users\Admin\Downloads\Luna\luna\Luna.exe N/A
N/A N/A C:\Users\Admin\Downloads\Luna\luna\Luna.exe N/A
N/A N/A C:\Users\Admin\Downloads\Luna\luna\Luna.exe N/A
N/A N/A C:\Users\Admin\Downloads\Luna\luna\Luna.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 4888 wrote to memory of 3672 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4888 wrote to memory of 3672 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4888 wrote to memory of 3648 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4888 wrote to memory of 3648 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4888 wrote to memory of 3648 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4888 wrote to memory of 3648 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4888 wrote to memory of 3648 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4888 wrote to memory of 3648 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4888 wrote to memory of 3648 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4888 wrote to memory of 3648 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4888 wrote to memory of 3648 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4888 wrote to memory of 3648 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4888 wrote to memory of 3648 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4888 wrote to memory of 3648 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4888 wrote to memory of 3648 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4888 wrote to memory of 3648 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4888 wrote to memory of 3648 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4888 wrote to memory of 3648 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4888 wrote to memory of 3648 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4888 wrote to memory of 3648 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4888 wrote to memory of 3648 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4888 wrote to memory of 3648 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4888 wrote to memory of 3648 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4888 wrote to memory of 3648 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4888 wrote to memory of 3648 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4888 wrote to memory of 3648 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4888 wrote to memory of 3648 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4888 wrote to memory of 3648 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4888 wrote to memory of 3648 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4888 wrote to memory of 3648 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4888 wrote to memory of 3648 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4888 wrote to memory of 3648 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4888 wrote to memory of 2440 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4888 wrote to memory of 2440 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4888 wrote to memory of 456 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4888 wrote to memory of 456 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4888 wrote to memory of 456 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4888 wrote to memory of 456 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4888 wrote to memory of 456 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4888 wrote to memory of 456 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4888 wrote to memory of 456 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4888 wrote to memory of 456 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4888 wrote to memory of 456 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4888 wrote to memory of 456 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4888 wrote to memory of 456 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4888 wrote to memory of 456 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4888 wrote to memory of 456 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4888 wrote to memory of 456 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4888 wrote to memory of 456 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4888 wrote to memory of 456 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4888 wrote to memory of 456 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4888 wrote to memory of 456 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4888 wrote to memory of 456 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4888 wrote to memory of 456 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4888 wrote to memory of 456 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4888 wrote to memory of 456 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4888 wrote to memory of 456 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4888 wrote to memory of 456 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4888 wrote to memory of 456 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4888 wrote to memory of 456 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4888 wrote to memory of 456 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4888 wrote to memory of 456 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4888 wrote to memory of 456 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4888 wrote to memory of 456 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://github.com/suffz/luna/raw/refs/heads/main/Bootstrapper.zip Please use responsibly, we are not responsible with how you use this.

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ff86669cc40,0x7ff86669cc4c,0x7ff86669cc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=2024,i,15519781419637998343,12104528836222526855,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2020 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1908,i,15519781419637998343,12104528836222526855,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2548 /prefetch:3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2132,i,15519781419637998343,12104528836222526855,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2556 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3108,i,15519781419637998343,12104528836222526855,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3128 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3116,i,15519781419637998343,12104528836222526855,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3260 /prefetch:1

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4864,i,15519781419637998343,12104528836222526855,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4912 /prefetch:8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4916,i,15519781419637998343,12104528836222526855,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4484 /prefetch:8

C:\Program Files\7-Zip\7zG.exe

"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\" -an -ai#7zMap18848:86:7zEvent30453

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4552,i,15519781419637998343,12104528836222526855,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4588 /prefetch:8

C:\Users\Admin\Downloads\Luna\Bootstrapper.exe

"C:\Users\Admin\Downloads\Luna\Bootstrapper.exe"

C:\Users\Admin\Downloads\Luna\luna\Luna.exe

luna\Luna.exe

C:\Users\Admin\Downloads\Luna\luna\Luna.exe

"C:\Users\Admin\Downloads\Luna\luna\Luna.exe"

C:\Users\Admin\Downloads\Luna\luna\Luna.exe

"C:\Users\Admin\Downloads\Luna\luna\Luna.exe"

C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeWebview2Setup.exe

C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeWebview2Setup.exe

C:\Program Files (x86)\Microsoft\Temp\EU1F2E.tmp\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\Temp\EU1F2E.tmp\MicrosoftEdgeUpdate.exe" /installsource taggedmi /install "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.31\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.31\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.31\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.31\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.31\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.31\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xOTUuMzEiIHNoZWxsX3ZlcnNpb249IjEuMy4xOTUuMzEiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7Mzk2NUI2RkYtNDc2RC00OUMyLTgwN0YtQUQ0ODJCRUJEQzQ1fSIgdXNlcmlkPSJ7QjY3Q0RDNDItMzgwQi00Rjc3LUI1Q0ItRTk0NkJCRThEQTQ4fSIgaW5zdGFsbHNvdXJjZT0idGFnZ2VkbWkiIHJlcXVlc3RpZD0iezY3NjIxREFFLUM1QjctNEIyNi1BRkNDLUNCOTMyNEM1RkQ2QX0iIGRlZHVwPSJjciIgZG9tYWluam9pbmVkPSIwIj48aHcgbG9naWNhbF9jcHVzPSI4IiBwaHlzbWVtb3J5PSI4IiBkaXNrX3R5cGU9IjIiIHNzZT0iMSIgc3NlMj0iMSIgc3NlMz0iMSIgc3NzZTM9IjEiIHNzZTQxPSIxIiBzc2U0Mj0iMSIgYXZ4PSIxIi8-PG9zIHBsYXRmb3JtPSJ3aW4iIHZlcnNpb249IjEwLjAuMTkwNDEuMTI4OCIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiIGlzX2luX2xvY2tkb3duX21vZGU9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSIiLz48YXBwIGFwcGlkPSJ7RjNDNEZFMDAtRUZENS00MDNCLTk1NjktMzk4QTIwRjFCQTRBfSIgdmVyc2lvbj0iMS4zLjE0Ny4zNyIgbmV4dHZlcnNpb249IjEuMy4xOTUuMzEiIGxhbmc9IiIgYnJhbmQ9IiIgY2xpZW50PSIiPjxldmVudCBldmVudHR5cGU9IjIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjkwODkyOTk2OTkiIGluc3RhbGxfdGltZV9tcz0iMjUxMyIvPjwvYXBwPjwvcmVxdWVzdD4

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /handoff "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers" /installsource taggedmi /sessionid "{3965B6FF-476D-49C2-807F-AD482BEBDC45}"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --default-search-provider=? --out-pipe-name=MSEdgeDefault69312eafh1409h43cfha300h2982db31f9a3

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ff8540346f8,0x7ff854034708,0x7ff854034718

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k wusvcs -p -s WaaSMedicSvc

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1988,5988815756366217945,3120483207320091347,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2004 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1988,5988815756366217945,3120483207320091347,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2124 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1988,5988815756366217945,3120483207320091347,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2776 /prefetch:8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k netsvcs -p -s wlidsvc

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xOTUuMzEiIHNoZWxsX3ZlcnNpb249IjEuMy4xOTUuMzEiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7Mzk2NUI2RkYtNDc2RC00OUMyLTgwN0YtQUQ0ODJCRUJEQzQ1fSIgdXNlcmlkPSJ7QjY3Q0RDNDItMzgwQi00Rjc3LUI1Q0ItRTk0NkJCRThEQTQ4fSIgaW5zdGFsbHNvdXJjZT0ibGltaXRlZCIgcmVxdWVzdGlkPSJ7RjJBQjQwQTAtRTY0QS00QjBGLTk5Q0UtMDNEMUQ3MTUyMDE3fSIgZGVkdXA9ImNyIiBkb21haW5qb2luZWQ9IjAiPjxodyBsb2dpY2FsX2NwdXM9IjgiIHBoeXNtZW1vcnk9IjgiIGRpc2tfdHlwZT0iMiIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4xOTA0MS4xMjg4IiBzcD0iIiBhcmNoPSJ4NjQiIHByb2R1Y3RfdHlwZT0iNDgiIGlzX3dpcD0iMCIgaXNfaW5fbG9ja2Rvd25fbW9kZT0iMCIvPjxvZW0gcHJvZHVjdF9tYW51ZmFjdHVyZXI9IiIgcHJvZHVjdF9uYW1lPSIiLz48ZXhwIGV0YWc9IiZxdW90O2xoVmkxMlFjazZTbDB1VTFPQjZZMTUyOWJSNmJzZXk0K2N1N2RIeHM2Y2s9JnF1b3Q7Ii8-PGFwcCBhcHBpZD0iezhBNjlEMzQ1LUQ1NjQtNDYzYy1BRkYxLUE2OUQ5RTUzMEY5Nn0iIHZlcnNpb249IjEyMy4wLjYzMTIuMTIzIiBuZXh0dmVyc2lvbj0iIiBsYW5nPSJlbiIgYnJhbmQ9IkdHTFMiIGNsaWVudD0iIiBpbnN0YWxsYWdlPSIzMyIgaW5zdGFsbGRhdGV0aW1lPSIxNzI4MjkyOTAyIiBvb2JlX2luc3RhbGxfdGltZT0iMTMzNzI3NjU0Njg2NTIwMDAwIj48ZXZlbnQgZXZlbnR0eXBlPSIzMSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMjE3OTg2MiIgc3lzdGVtX3VwdGltZV90aWNrcz0iOTEzMDM0NDM2NSIvPjwvYXBwPjwvcmVxdWVzdD4

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DisplayEnhancementService

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8A0D272D-9088-49FF-87DB-FD42572CCA4C}\MicrosoftEdge_X64_130.0.2849.56.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8A0D272D-9088-49FF-87DB-FD42572CCA4C}\MicrosoftEdge_X64_130.0.2849.56.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level

C:\Windows\SysWOW64\DllHost.exe

C:\Windows\SysWOW64\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8A0D272D-9088-49FF-87DB-FD42572CCA4C}\EDGEMITMP_1B9CD.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8A0D272D-9088-49FF-87DB-FD42572CCA4C}\EDGEMITMP_1B9CD.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8A0D272D-9088-49FF-87DB-FD42572CCA4C}\MicrosoftEdge_X64_130.0.2849.56.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level

C:\Windows\explorer.exe

C:\Windows\explorer.exe /factory,{5BD95610-9434-43C2-886C-57852CC8A120} -Embedding

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8A0D272D-9088-49FF-87DB-FD42572CCA4C}\EDGEMITMP_1B9CD.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8A0D272D-9088-49FF-87DB-FD42572CCA4C}\EDGEMITMP_1B9CD.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\MsEdgeCrashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=130.0.6723.70 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{8A0D272D-9088-49FF-87DB-FD42572CCA4C}\EDGEMITMP_1B9CD.tmp\setup.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=130.0.2849.56 --initial-client-data=0x21c,0x220,0x224,0x1f8,0x228,0x7ff6480ed730,0x7ff6480ed73c,0x7ff6480ed748

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --default-search-provider=? --out-pipe-name=MSEdgeDefault8158bebbh3670h4d7cha589hdcef459c7dc9

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x124,0x128,0x12c,0x100,0x130,0x7ff8540346f8,0x7ff854034708,0x7ff854034718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2152,8072103882577838135,17164832907707457576,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2240 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2152,8072103882577838135,17164832907707457576,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2292 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2152,8072103882577838135,17164832907707457576,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2804 /prefetch:8

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xOTUuMzEiIHNoZWxsX3ZlcnNpb249IjEuMy4xOTUuMzEiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7Mzk2NUI2RkYtNDc2RC00OUMyLTgwN0YtQUQ0ODJCRUJEQzQ1fSIgdXNlcmlkPSJ7QjY3Q0RDNDItMzgwQi00Rjc3LUI1Q0ItRTk0NkJCRThEQTQ4fSIgaW5zdGFsbHNvdXJjZT0idGFnZ2VkbWkiIHJlcXVlc3RpZD0ie0FBMkQ2REY5LTk1NzUtNDAxNC1COEEzLTUwNjhCQjEyNTk1RH0iIGRlZHVwPSJjciIgZG9tYWluam9pbmVkPSIwIj48aHcgbG9naWNhbF9jcHVzPSI4IiBwaHlzbWVtb3J5PSI4IiBkaXNrX3R5cGU9IjIiIHNzZT0iMSIgc3NlMj0iMSIgc3NlMz0iMSIgc3NzZTM9IjEiIHNzZTQxPSIxIiBzc2U0Mj0iMSIgYXZ4PSIxIi8-PG9zIHBsYXRmb3JtPSJ3aW4iIHZlcnNpb249IjEwLjAuMTkwNDEuMTI4OCIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiIGlzX2luX2xvY2tkb3duX21vZGU9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSImcXVvdDtWUFFvUDFGK2ZxMTV3UnpoMWtQTDRQTXBXaDhPUk1CNWl6dnJPQy9jaGpRPSZxdW90OyIvPjxhcHAgYXBwaWQ9IntGMzAxNzIyNi1GRTJBLTQyOTUtOEJERi0wMEMzQTlBN0U0QzV9IiB2ZXJzaW9uPSIiIG5leHR2ZXJzaW9uPSIxMzAuMC4yODQ5LjU2IiBsYW5nPSIiIGJyYW5kPSIiIGNsaWVudD0iIiBleHBlcmltZW50cz0iY29uc2VudD1mYWxzZSIgaW5zdGFsbGFnZT0iLTEiIGluc3RhbGxkYXRlPSItMSI-PHVwZGF0ZWNoZWNrLz48ZXZlbnQgZXZlbnR0eXBlPSI5IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI5MTk2MzY5MDIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iNSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iOTE5Njg2MjY1MyIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9Ijk0Mzk5MzkzOTUiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIGRvd25sb2FkZXI9ImJpdHMiIHVybD0iaHR0cDovL21zZWRnZS5mLnRsdS5kbC5kZWxpdmVyeS5tcC5taWNyb3NvZnQuY29tL2ZpbGVzdHJlYW1pbmdzZXJ2aWNlL2ZpbGVzLzM0NmFkOWQxLTc0NmUtNDVjNy04ZmUwLWQ2Yzg3YTczYTI2MT9QMT0xNzMxNzk0MTIzJmFtcDtQMj00MDQmYW1wO1AzPTImYW1wO1A0PUFZN1FNTCUyZk5vaXp6VDM1Tm50U3V1M1h5TGpGUjBuWnpzSkU0VXN2RkNRM1Zkd1Y5VkhmaVByJTJmOHlXRU5GMlhhSWFqQ1RkZ2Z1WkdjZjM0R0lhSmtTQSUzZCUzZCIgc2VydmVyX2lwX2hpbnQ9IiIgY2RuX2NpZD0iLTEiIGNkbl9jY2M9IiIgY2RuX21zZWRnZV9yZWY9IiIgY2RuX2F6dXJlX3JlZl9vcmlnaW5fc2hpZWxkPSIiIGNkbl9jYWNoZT0iIiBjZG5fcDNwPSIiIGRvd25sb2FkZWQ9IjE3NDkzMzYwMCIgdG90YWw9IjE3NDkzMzYwMCIgZG93bmxvYWRfdGltZV9tcz0iMTI4MjkiLz48ZXZlbnQgZXZlbnR0eXBlPSIxIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI5NDQwMDk1NjA2IiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iNiIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iOTQ1ODQ1NjM3MSIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjE5Njc1NyIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTAyNTY1OTY5MjMiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIHVwZGF0ZV9jaGVja190aW1lX21zPSIzNzQ2IiBkb3dubG9hZF90aW1lX21zPSIyNDI3NCIgZG93bmxvYWRlZD0iMTc0OTMzNjAwIiB0b3RhbD0iMTc0OTMzNjAwIiBwYWNrYWdlX2NhY2hlX3Jlc3VsdD0iMCIgaW5zdGFsbF90aW1lX21zPSI3OTgxNCIvPjwvYXBwPjwvcmVxdWVzdD4

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.56\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.56\msedgewebview2.exe" --embedded-browser-webview=1 --webview-exe-name=Luna.exe --webview-exe-version=1.0.0 --user-data-dir="C:\Users\Admin\AppData\Roaming\Luna.exe\EBWebView" --noerrdialogs --embedded-browser-webview-dpi-awareness=2 --disable-features=msSmartScreenProtection --mojo-named-platform-channel-pipe=3516.5456.11102367332941422805

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.56\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.56\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=C:\Users\Admin\AppData\Roaming\Luna.exe\EBWebView /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\Admin\AppData\Roaming\Luna.exe\EBWebView\Crashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=130.0.6723.70 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.56\msedgewebview2.exe" --annotation=plat=Win64 "--annotation=prod=Edge WebView2" --annotation=ver=130.0.2849.56 --initial-client-data=0x15c,0x160,0x164,0x138,0x16c,0x7ff8523c4dc0,0x7ff8523c4dcc,0x7ff8523c4dd8

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.56\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.56\msedgewebview2.exe" --type=gpu-process --string-annotations=is-enterprise-managed=no --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Roaming\Luna.exe\EBWebView" --webview-exe-name=Luna.exe --webview-exe-version=1.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --field-trial-handle=1784,i,15618118075864400920,4004932608436420446,262144 --disable-features=msSmartScreenProtection --variations-seed-version --mojo-platform-channel-handle=1768 /prefetch:2

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.56\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.56\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations=is-enterprise-managed=no --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Roaming\Luna.exe\EBWebView" --webview-exe-name=Luna.exe --webview-exe-version=1.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --field-trial-handle=1856,i,15618118075864400920,4004932608436420446,262144 --disable-features=msSmartScreenProtection --variations-seed-version --mojo-platform-channel-handle=1940 /prefetch:3

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.56\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.56\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations=is-enterprise-managed=no --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Roaming\Luna.exe\EBWebView" --webview-exe-name=Luna.exe --webview-exe-version=1.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --field-trial-handle=2272,i,15618118075864400920,4004932608436420446,262144 --disable-features=msSmartScreenProtection --variations-seed-version --mojo-platform-channel-handle=2288 /prefetch:8

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.56\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.56\msedgewebview2.exe" --type=renderer --string-annotations=is-enterprise-managed=no --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Roaming\Luna.exe\EBWebView" --webview-exe-name=Luna.exe --webview-exe-version=1.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=" --field-trial-handle=3592,i,15618118075864400920,4004932608436420446,262144 --disable-features=msSmartScreenProtection --variations-seed-version --mojo-platform-channel-handle=3648 /prefetch:1

C:\Users\Admin\Downloads\Luna\luna\Luna.exe

"C:\Users\Admin\Downloads\Luna\luna\Luna.exe"

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.56\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.56\msedgewebview2.exe" --embedded-browser-webview=1 --webview-exe-name=Luna.exe --webview-exe-version=1.0.0 --user-data-dir="C:\Users\Admin\AppData\Roaming\Luna.exe\EBWebView" --noerrdialogs --embedded-browser-webview-dpi-awareness=2 --disable-features=msSmartScreenProtection --mojo-named-platform-channel-pipe=4704.4104.16759627170442919317

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.56\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.56\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=C:\Users\Admin\AppData\Roaming\Luna.exe\EBWebView /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\Admin\AppData\Roaming\Luna.exe\EBWebView\Crashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=130.0.6723.70 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.56\msedgewebview2.exe" --annotation=plat=Win64 "--annotation=prod=Edge WebView2" --annotation=ver=130.0.2849.56 --initial-client-data=0x160,0x164,0x168,0x13c,0x19c,0x7ff8523c4dc0,0x7ff8523c4dcc,0x7ff8523c4dd8

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.56\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.56\msedgewebview2.exe" --type=renderer --string-annotations=is-enterprise-managed=no --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Roaming\Luna.exe\EBWebView" --webview-exe-name=Luna.exe --webview-exe-version=1.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=" --field-trial-handle=4420,i,15618118075864400920,4004932608436420446,262144 --disable-features=msSmartScreenProtection --variations-seed-version --mojo-platform-channel-handle=4428 /prefetch:1

Network

Country Destination Domain Proto
US 8.8.8.8:53 github.com udp
US 8.8.8.8:53 196.249.167.52.in-addr.arpa udp
GB 20.26.156.215:443 github.com tcp
GB 20.26.156.215:443 github.com tcp
US 8.8.8.8:53 github.githubassets.com udp
US 8.8.8.8:53 avatars.githubusercontent.com udp
US 185.199.111.133:443 avatars.githubusercontent.com tcp
US 185.199.109.154:443 github.githubassets.com tcp
US 185.199.109.154:443 github.githubassets.com tcp
US 185.199.109.154:443 github.githubassets.com tcp
US 185.199.109.154:443 github.githubassets.com tcp
US 185.199.109.154:443 github.githubassets.com tcp
US 185.199.109.154:443 github.githubassets.com tcp
US 8.8.8.8:53 user-images.githubusercontent.com udp
US 8.8.8.8:53 github-cloud.s3.amazonaws.com udp
US 8.8.8.8:53 215.156.26.20.in-addr.arpa udp
US 8.8.8.8:53 10.213.58.216.in-addr.arpa udp
US 8.8.8.8:53 138.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
US 8.8.8.8:53 154.109.199.185.in-addr.arpa udp
US 8.8.8.8:53 133.111.199.185.in-addr.arpa udp
US 8.8.8.8:53 217.106.137.52.in-addr.arpa udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
US 8.8.8.8:53 collector.github.com udp
US 185.199.109.154:443 github.githubassets.com tcp
GB 142.250.179.234:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 api.github.com udp
US 185.199.109.154:443 github.githubassets.com tcp
GB 142.250.179.234:443 content-autofill.googleapis.com tcp
US 140.82.114.21:443 collector.github.com tcp
US 140.82.114.21:443 collector.github.com tcp
GB 20.26.156.210:443 api.github.com tcp
US 8.8.8.8:53 234.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 210.156.26.20.in-addr.arpa udp
US 8.8.8.8:53 21.114.82.140.in-addr.arpa udp
US 8.8.8.8:53 154.239.44.20.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 raw.githubusercontent.com udp
US 8.8.8.8:53 200.163.202.172.in-addr.arpa udp
US 185.199.109.133:443 raw.githubusercontent.com tcp
US 185.199.109.133:443 raw.githubusercontent.com tcp
US 8.8.8.8:53 133.109.199.185.in-addr.arpa udp
US 8.8.8.8:53 15.164.165.52.in-addr.arpa udp
US 8.8.8.8:53 2.36.159.162.in-addr.arpa udp
US 8.8.8.8:53 15.164.165.52.in-addr.arpa udp
US 8.8.8.8:53 50.23.12.20.in-addr.arpa udp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
US 8.8.8.8:53 88.210.23.2.in-addr.arpa udp
US 8.8.8.8:53 43.229.111.52.in-addr.arpa udp
US 8.8.8.8:53 58.55.71.13.in-addr.arpa udp
US 8.8.8.8:53 api.github.com udp
US 8.8.8.8:53 collector.github.com udp
GB 20.26.156.210:443 api.github.com tcp
GB 20.26.156.210:443 api.github.com tcp
GB 20.26.156.210:443 api.github.com tcp
US 8.8.8.8:53 github.com udp
GB 20.26.156.215:443 github.com tcp
US 8.8.8.8:53 133.211.185.52.in-addr.arpa udp
US 8.8.8.8:53 objects.githubusercontent.com udp
US 185.199.108.133:443 objects.githubusercontent.com tcp
US 8.8.8.8:53 133.108.199.185.in-addr.arpa udp
US 8.8.8.8:53 raw.githubusercontent.com udp
US 185.199.110.133:443 raw.githubusercontent.com tcp
US 8.8.8.8:53 133.110.199.185.in-addr.arpa udp
US 185.199.110.133:443 raw.githubusercontent.com tcp
US 185.199.110.133:443 raw.githubusercontent.com tcp
US 8.8.8.8:53 msedge.sf.dl.delivery.mp.microsoft.com udp
US 8.8.8.8:53 246.197.219.23.in-addr.arpa udp
GB 2.19.117.90:443 msedge.sf.dl.delivery.mp.microsoft.com tcp
US 8.8.8.8:53 90.117.19.2.in-addr.arpa udp
US 8.8.8.8:53 133.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 msedge.api.cdp.microsoft.com udp
US 4.155.164.36:443 msedge.api.cdp.microsoft.com tcp
US 8.8.8.8:53 36.164.155.4.in-addr.arpa udp
US 8.8.8.8:53 cxcs.microsoft.net udp
GB 92.123.128.180:443 www.bing.com tcp
GB 23.213.251.133:443 cxcs.microsoft.net tcp
US 8.8.8.8:53 180.128.123.92.in-addr.arpa udp
US 8.8.8.8:53 133.251.213.23.in-addr.arpa udp
US 8.8.8.8:53 msedge.f.tlu.dl.delivery.mp.microsoft.com udp
GB 87.248.205.0:80 msedge.f.tlu.dl.delivery.mp.microsoft.com tcp
US 8.8.8.8:53 0.205.248.87.in-addr.arpa udp
US 8.8.8.8:53 cdnjs.cloudflare.com udp
US 104.17.25.14:443 cdnjs.cloudflare.com tcp
US 8.8.8.8:53 74.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 35.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 14.25.17.104.in-addr.arpa udp
US 185.199.110.133:443 raw.githubusercontent.com tcp
US 104.17.25.14:443 cdnjs.cloudflare.com udp
US 8.8.8.8:53 tr.rbxcdn.com udp
GB 2.19.117.104:443 tr.rbxcdn.com tcp
US 8.8.8.8:53 104.117.19.2.in-addr.arpa udp
US 185.199.110.133:443 raw.githubusercontent.com tcp
US 8.8.8.8:53 edge.microsoft.com udp
US 13.107.21.239:443 edge.microsoft.com tcp
US 8.8.8.8:53 239.21.107.13.in-addr.arpa udp

Files

\??\pipe\crashpad_4888_FGJIGXHACRLUFPFF

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\bb863d61-e8dd-4cd4-8157-ad592f69f630.tmp

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 9f5a7caa4721a605c33dbcfd2f520df5
SHA1 9de80ad1b039117677629040af10850bebe4662a
SHA256 0c3a31b6a597a92e74dc8843737bed9e55903ba3700403b453b211ed44a9f16a
SHA512 96b9a65bd76ef2bc67d4d368acc8187cdb46aefbb5b1fefcd0962b9f8ab4b47f8c2e50ad92f2b56c108b607553a4d372a9f83584abd04a8fcca6186795b65205

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 cd2f73eb0f1ce812335b266e004fdeff
SHA1 61cbb8b0db660221a0b87067d538cba90c108415
SHA256 a64beb01fa401b174307d0cdf16e0ec570e1b4fe466e1d8e4ed9cae25eb3a0bb
SHA512 e3009aaab6adeb5423d258bde0ebe812a12849858891a337edb3f8d9c175502edaa1af8908fc4cde9e93ba113f5be7ea8b93576fcf51995cf12298febe609b5a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 973d1f06a39bde38488af7b5cfb33a33
SHA1 818556c5c9830f01278ffde3b8092eb655d87d60
SHA256 104923d97b506a7dd8812039d9cb310bcb9a6fe54519d956ca460e6555e71b44
SHA512 cafc3008e63a26992a3ebf1554badc89b55b56d52092871ffe3712817343b31e10da8b623a3b00d8abb39e978520df781dc0908e01e0d45b570ee3d6b3eb23ce

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6714287d330b6a528df99b964081de8a
SHA1 f303303a245fe5ea1d17ccccdb34c39e391f6232
SHA256 c4e55d4468747cc71745cc4d6bf63d7be079fb004bdf5b405dd300fd9f79156d
SHA512 1dce90ac9dbc00758200165235157c7b82a452a5dc71bb873801d2927f7e23ee16714a37c8c0062986e31f17e39a34f629c4c5cdab86d577e587860982af7119

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

MD5 07f9c1f8652d4679161e23b36614db77
SHA1 51206cac5c7e74e9cc1c1b05ad25fa673722d4a9
SHA256 0b71556896247bfdb2a5c6bf14988f085bbddfd13accce02c9a57b1c3b33ffe6
SHA512 2f83c0955e0547721243a3f960344f98aaad6efb6855739e55c2b86e018ef426f21378a11814d325f042ac895be8de8f4af325aecc1b334dd3f3f91fda68ef84

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 6f3453293c74adf40970f5f78a5298bc
SHA1 977c28ff5c80f195a910912368c4485fa5147eab
SHA256 1dc12638d0b0f5712e7ebe559f2ed39bfb7928cec26f1464632a40d67b74c54a
SHA512 2738281d0c4dc85354523f87d5c140fce192798edbe69a245ed2f00759d43229e87c2229c57e1bee2b6cc448adc631c91de382103c1d4e50c8356ec813be2d44

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 126f2bfa3d982811f79ef17ad7e32e5c
SHA1 a10387f80ba7d91c2827225ae4cefdd9b1a84f68
SHA256 191905483091fccfdb4df1ce9137c2105cfdc7741c5616e4629fddf1723572f6
SHA512 5e9720d94165c0f4e651c155bf32d260bc3533d256bdd0fb004bfed0d3ea57c2111aa051dbdf8ac97fc6f86e4ddcebb3abd366400e4517ff58d74c45d1e7430f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 8c7d9f1c139abce1f297c25f6649f432
SHA1 170f923f75b4684f8f4ee555dd1ccf06205ae52c
SHA256 f61252f2ebfa8ad077cfb5fab08f5f8d4ef2b62576e4eff430c67f131cdd6b04
SHA512 7772addf3d561b2def80c0e8a8bea6df99d7ba2ffc40e2b7d41da000014e95afaa1c75df4c4d6573f4762358107470e6d288e796eff575a678e58e4e317663a6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 fd3f5163376bebccea77789dce39cb55
SHA1 9c3c9858143ce456a397e3d81dbe071c20f1280d
SHA256 1fd6f54d7f63bf80e720be59141fe89673dfd929ed95baaf9f99ea0c3125f7c6
SHA512 5401fd90d1fc2ed390f85bcc3bdfcef323459c39abf20aad660c8834ac1b9ddef7569e7a32f86b44e9461d146d45aec446770b3729fdff55ec88ab07fdd28eec

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 7d52723c4c8c63bc83a30449f49ec958
SHA1 14c182a4e689eadde0251433d81fb40c724d91a3
SHA256 a5a52750b7b52364c3cbe56ee92fec8eb4532fe7f6963702491ace169baf1c08
SHA512 36a0f2a08f38b2df8787be4f93c5dfc145a8a079712b181410bef44a447f9b90bb9cbc5f5d44608cbc0435f3c21bd282e2d691f0b3c95eb7cca9483bd7255f49

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e8ccb12838f6b07b191f1afde95c0124
SHA1 4331717813fc85035104c642e826780da19101a8
SHA256 40f5a30e7448405e2a336a70561ca0ce28282adb12d09da8b99792c9f48298d3
SHA512 5ae49eefc5150cb4525bcda7c68eb158c19c26e8f402868dca076707333e0c2e9595b8800446ddc52164e65daa8226c39ab900f0a94b3d4ef916ebbd32f01dae

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 da16460780a12907e5499582f64da663
SHA1 4e7a9845e76b496319efa257731267a2546831ab
SHA256 e6eb8586e4c35de6e78683ae1af6afc15f74ba556dfce2e776528edc38069bdb
SHA512 2e9367482fbda698c1fb5a00a33bf21e7ebfc5051b85404fbcded96922b0f1544cf4ede420f29f5f117d9cbdd8bf7076e15862d7b41580167fa8f335f844ffac

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 8571139834d3b6f0acaac21279bcbf7e
SHA1 d15adbfe70b0080a4f656f40d791cee62fb0f447
SHA256 e79bd93612a4e27491102bca7e3e6c7f2fc2a7463725271f928463689734a1b8
SHA512 8ca73cec1f438b430783ca922a17a2cb935f365680a66d590e5c84d6f2192300e32240652d8431d1739bb79cb2b5e3bc3763166f7c90d008963a7f26ebdd6605

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2375ad0f6d6ede729b1cc9e7227e5ff3
SHA1 322434c90f8111a489e9bee9eba87a20559373f2
SHA256 21d6e4081d61bbf49cbd257e7942a0ea116ecb274ce780ec47b3feddc3900204
SHA512 871eec202ecc9c377dfe5f2ed874e62aa072fd182e1a60d3e2b003280655f4b022e435ff9725ee7c1447337c2c697e777c920b2aef901892eea3dcab49a732a9

C:\Users\Admin\Downloads\Bootstrapper.zip.crdownload

MD5 9ba94ac44294258328b5b23e6fbcaf4a
SHA1 3ef50da71c5800f02680733b184bb11bb0ca309b
SHA256 a9e76b770fb8a61f793a61ca6701e1f76ea95282d5a3647d8dfccf1b560f401a
SHA512 52e3118e8e40d621275d0ce3157138bb0e9a4d56c1c570666930de60e46e8050af8e0c377aea2e5ccee2ff78c427576bd4954226a0f800eac6cabbaa70f267ce

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 96334e96bcbc13523569f786ce2139b1
SHA1 e7a3f2035a041b0b26b2aa29e27b51b95b42c129
SHA256 a3863d16adc76b37dc6e4bc4eb1248e97f03256435b2cc1e50b3abc9f5afe8df
SHA512 f250b57aaaf7d4db45177d4e8a730aaa4d03650e6f8e3fcd88c7eaa95b352b2b3b9ede780c268f4fbd973ffa8181e7fcc07f05638afa96dd0d82853c3c1def17

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d3560d41d8fac67c6e3a190e71afc5fd
SHA1 ea0090414cde9a42e5bf854688ed5e55a603f554
SHA256 335b370ea83494c483d2370a7e8c8090063d935ad47985c5ed729df69b2844dc
SHA512 aba455b9a3f80b544ac2f4fdfb0282f0d2abee5ad1f717a4e2bbc9b3b96275f807fe6b6659ca35977caf137927255b0acef4f298a08b0bf382e8607ea1b617d8

C:\Users\Admin\Downloads\Luna\Bootstrapper.exe

MD5 f2a6133b7f38fc49f792ae799d1b4750
SHA1 6bef46ddde325f45a0e9ff123112c96bbd47c795
SHA256 37bde6655e1272e159b9c2e3a7eee3f4e9a837c0f04240645d3991d112287f8d
SHA512 f9611bed83b4bce1841868880a42dacb6b8f7e8859be1d85b3c8d3a365a0244566cbfb12294c7b2c82b15d6c0e47095d8246a95d522c3a064a0d8511b2411254

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 e416bc4297018e0faa67e038bdb64466
SHA1 9dd5397f7997caf7d3601d31398b258ca7831237
SHA256 18803b68ed181812d94c913fb88598c4156da3ffdb896033ed7e5aa41c77070e
SHA512 3a734e3c1700390ed2a730c48376ba0d611a37a330d2e5892d9c1ff76f6869a8cc1423b639edf5c3b0d30e78454edb8fcb0ca78806b27accb2f745a39ab74f89

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7ac13178edef459ed45b8607abca093e
SHA1 0b3aa0d539425a3a89c417b72c0136f482ba907f
SHA256 0278ec3b503c419198bb3b6bcbff057405e02e3f655362721d747e27c543619b
SHA512 45448723a6c7661e4d18244797f5218d6cfed4cff1e99f613175057245bbd399d307259c0bd9c733e0a1b467cc5ed03c41cd686329bb5872940c9c020cad8f9f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 eba912acbd1465dfb0b0f498872dbb0e
SHA1 03ecebef2c03844fc0d64807c07243f8b555bbf5
SHA256 05bcaa6f05ad615a296ef9c23e6e8423b1ecb3136ef433684d3e76ecdd5cfd83
SHA512 3eb5dd4c6559be58ecd7097ea288853bbfbdc5877b94e66acee6063317edf8a3e2752b1136006a5ab9cfead9ef98e6174998dbbb7492e6839e47117aa57b176c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 cc2113a3ad31fc1019fe7fab2f8b55d9
SHA1 ddfc6193bcaf186a5cf139b5f128cf4c65294625
SHA256 83b6e0d590089b3b7eed2dbc2281983a04f0f967ff0676f235a91e01ad62e68c
SHA512 fdcef40c184d1d22f618581f2d7ff12cf44e755bd02cfb2d616ee8aa5a6817b424896c9ebba526572d7a540d288d0a1284b02c4d34ca64eef3fdbb53bc388e25

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6b11146319e0e90bfb2c7f7aa22b57f0
SHA1 c7c07c294c53b40807b41d57440580ea588ff920
SHA256 7df22b5030ca592774684bca997e0a9450520e253e8af2cf39c2af1feed0f2ab
SHA512 30940299d59fcdddc5ad1171607f1f34c421545b747be7306c9cf1f871879f2b68a3947cd7518a6f68c5918732060c018980ee74ee656c87de7bb12430ea2ebf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b9ad9afa5e4eb21d49d163d96e56cb0c
SHA1 1c37a64b5e95b687a2aefe386ac221557c028f56
SHA256 42b875c453c7614a875cd44c210cf2547885bca8385b460468756fb15f68fe65
SHA512 95e646afab2b357f36c96d7268e58bd70efc1246e4cf58ef08e8469eab32b1e605783b2a2921527a11f226f35a17681e08531a7f534c30bcdafcedeab627ffb1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ba1a4526bda8935c984c13fb9cbfa18a
SHA1 9a5b199e92cfdde606f6461df1e1f32096c1238b
SHA256 af3227381922fb13f5069a97e37e3d157307aeae583cf0d1351169bb3130accb
SHA512 3960edf78ee7805b2b1fbb681a618c92e2aef6e72b260d6cb6a57222e50808bbdea5ce3f0060aa367056cbe1a4b85b3712a5bed19350ec86a4ab45dbab9131e7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 539ccf5423b7da97f701a208aaa55dac
SHA1 58707e0ab518a781dabb3815641918d28d3bbcf6
SHA256 68020dd743f81230193033ebf1b68aacfe31bf93906625eea3cc5673f25d7956
SHA512 fc3a09537104fce483156bb6d48f27a55c2bda1742c08f9940edc76a1199c3d0347b9afb30a5094da91068165dc79d629f5bebcf74e1d8e897c47c37b1139905

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 60cb16b61eeab57ab430e771fd5ae3ee
SHA1 ef293b520ea47c70321a2b553cbc0019a6f3e33e
SHA256 0f0ea7ccce8086cc5a521aa6254f4904679d3f99d43a370f5a538cb6d88886fe
SHA512 3a07c5a3d27dc1fd992348d5fd4619ab17c97f827176486b33e3a3ac6b92ea2cf1a41ac94efc8e51d6a7c802bc7ba04e7b34c526c54c4b28462f27eb79737cc6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 da15935501689e3e4798b73a4322fcb2
SHA1 dc2fb81bd5babf67c2642ef10ad3bf16e3ed0253
SHA256 9c812952791e8dd82e2248a63d288d29db0a281fb77a8757170cfab65e095ec3
SHA512 3ddd7c978d9138de82f0126ab888e5d127749a9ee61893ae5d56655daed72ce1c65f2326860ef81af7f37d9b8251123676a8bc2f997122b48a68e84127fa3efc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e8d7f8086c2138fe5a0c79ce3af0c604
SHA1 4037cb7bfc0cee2f7aeb36c51b7e923bac41f3df
SHA256 12b79e0a712ad3535c3a3704ab8b9824f0a46c8358dfdc591755ee65ab902c72
SHA512 7d096a9b5836aeff64332345eba58bee613e91fbeb269efa6133cf26af84dd5813f1104d4736a4e9e19dff1ac0e883253e7b3b2a1eea248fd15eea4accfe6484

C:\Users\Admin\Downloads\Luna\luna\Luna.exe

MD5 c6a90ab2a4998038546774d2d88890de
SHA1 024207d467e598a3888b25b4eec2d76f81c970be
SHA256 af32cf284b8bee03c77a4b18173fe89413a1f2f1228ed8d0e9e99e86648da95c
SHA512 b3217e680ee13ed493f10a1cf3acad8d686f60d6d29b769b2e7134879df168e12b38fed5514a37ede77502cd915e9120cc55020b35b80afd88d16d7b143759ff

C:\Users\Admin\Downloads\Luna\luna\Luna.dll

MD5 d3418af778a91c134b8361c10fd16be4
SHA1 1654ab09bcc1ef4d168088518adc165e0c6469a4
SHA256 d21975e541c3838d2f83bf6faf360d7a7417da2106a610489a768b382ad3b91a
SHA512 128e8741bbe08bb90185d0c1c352572757e2848773ec39f21c8744ce4eb0bf9095ade326174f9164e94f568a00714be8bedc197f36a46c6fb16a880f2c6f9c8d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 85253ae9d3d79b0adfec73ce39286219
SHA1 0b3b22839824c4633e39ac2eb38759857a49b3c4
SHA256 47f207c2e0d11c264084614085fbd9ba172ad39a26a8609fd21ad28284c25a0d
SHA512 24e8f37327713617744e2134960c4ed0a2f9521b66de50b208d06e096addec6161e074a26c445f8201ce3a5d4d7af4baf4745366070715189e0d76c52675c3de

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 637bb3db910ac938277377f8032dcf9b
SHA1 76324b46a71c839f50dec3f0d1cf9940e62981d7
SHA256 336a8e2d7af48955d028cf0dd73b921a288eb93a2ef92d1a62ea73e3877bacb1
SHA512 7e2a32ccad5f6cde42aa544686ba2f1f4664b2d495e54ae9b0c26a02fe557ea857c58c92912854196844fb368d579753d4d9b452e2fb9768c7525f7ba3bdb5f7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9025cf419125ef1d13eaf0a4f89dff7f
SHA1 1fa2c6c76b6462ee67e70726245725dfa51ca5b8
SHA256 0c2104eb921c33a07d9b993dc289c6f2aa68541e0069235a67a0285a9e2ae8a5
SHA512 9edc5f4c3fbbb39ec1f268e5a95c7948ae3d7f7228dbca942ebe8a1e7dcb9af3afba9fcd98b474a61ec894ee8630627e2b75de1e944bbb6eb0cad99c84b75691

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 744b135ef2ce7161ed8f150da68be7ef
SHA1 ee818ee61fe6a32f7b3e5c7abadaf96d85f9da7e
SHA256 61de6516d5a6e449900c4fcdbba15bdb6aff154f10c54fdfaec68168fefaaf45
SHA512 c0b46cca6dffe99b6e32500feb1e365eb938ab51f72fb1eabc26e0b89c3f08d068d4cebaa0e419a1183cac5b01afc20337df2d6e4f1b675d7f9c165a7847c22c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 45c762f9f6811826b8f721703efaf935
SHA1 d2e6588144de5f15f9f10bb97a5338dda0498251
SHA256 c32af1952881b933c97f940e7ee887ac6411c25c070d0554157e7a0c35cc501c
SHA512 e5322932199e3873d467bd538bce6c1a1d0f74563262ec5026827b6ff308f83f2bc54f8b0cb8fd3f33898c522b408053562d5fa8eecbb4e1ab83ec4e61625880

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4d28ac5d6b5c7572d3695ccec37975e0
SHA1 14415382cc378aea8fbd22045dad8fdbd582c27e
SHA256 636312b8ebd50614a41b831a92a70df21a821fe99b520820f9ebe351b21daec0
SHA512 16d18f2a4c5406502f22f32083ca9d31d4d2b418c3544b6a41e9440aa87299eab468b56fa067f6cb478c32451079ad79679102fd1a5f2089ce0395c0f03eaf4e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7a9bc5c7937e64164695818520eeba7d
SHA1 d24d922cd1b9ea1070a8a7d19bf7d72932d02638
SHA256 5383bab7c43df4bd2546f0d9e88d41efa33d527dcbe93ca88aae5712c7f3f760
SHA512 dd5e36de734a30af854f9dd4a3b712ddb4834bab579311a722d3a102b4530e78f0efc22b72738d12fbbb63417143a55b6e2d2dc2e16580932a7a3d1cfec6c392

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b5386a83d062d685a96f562490279847
SHA1 82c2a54e74ac286a95b2d51a35ef326f814b8473
SHA256 2999c828a1cf06ee7ec29743ed352373f8383729d89fae98d1cf1a880b2aaadc
SHA512 20bd2a51037fd5c315d68bfa2b7027a9b5293d57f1a3e2314df5c8e410ee49689fc74bad7aa8d28e93b579047f23c6fcecee4df436e984facf33e541d3f2e9a7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8d966668894d7b53cb4d3562f32fcd0f
SHA1 0435f49a0cd377107d4c6b0045f2753d73413346
SHA256 50b882873b51f530944818b3e9535241996671cf49406de0ca87197b0c28edb9
SHA512 e185ef4183a97d22362895111bb7fcffa7a0cc3dc49fe834c4e7b8fe498a8f531d9a3f73380ec5049160d4254669341e2ac0b0c2a0e9a315f7807f2363d218f6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 da8c00fe1ffbd0ad1916b620af9c6ef5
SHA1 aa5fcaea3bb69b6e5a65ea55be2ca8509d17e1a0
SHA256 26537a59c67a43a6a253bffe68783c9f880f9f85422b685ef6aae2553f24ae64
SHA512 7ffc79f1964f6b9e58a0e529eaf6c831272a8e192c3c8abd8e40ea473852ce3cf16434418d4a50388fdf7bc0cec18459696ac7d9cf4c755005c8b9bec23280d8

C:\Users\Admin\AppData\Local\Temp\MicrosoftEdgeWebview2Setup.exe

MD5 431a51d6443439e7c3063c36e18e87d6
SHA1 5d704eb554c78f13b7a07c90e14d65f74b590e3a
SHA256 726732c59f91424e8fb9280c1e773e1db72c8607ad110113bc62c67c452154a6
SHA512 495d60ad05d1fadb2abd827d778fe94132e5bfc2ae5355e03f2551cd7a879acf50cc0526990e4ccde93bf4eff65f07953035b93cc435f743001f21b017cbfdfd

C:\Program Files (x86)\Microsoft\Temp\EU1F2E.tmp\MicrosoftEdgeUpdate.exe

MD5 35a79bd6de650d2c0988674344bf698b
SHA1 a0635c38472f8cc0641ceb39c148383619d221dd
SHA256 a79a81da2b8dcbe39609a9e1b4e8c81ae0bc54195c0c854b77bebe7bfa7f10c1
SHA512 afe33d38785afe489845654ba1c3ed6648b36b1ebe5f98b3d5d4bf24eba3af9bb6676af5a79d2ec570bf2b4b6ae40d14fc3d4b872c5d4577aea40f6d1a26c0cf

C:\Program Files (x86)\Microsoft\Temp\EU1F2E.tmp\msedgeupdate.dll

MD5 39ac5a029f87748e964491b97936d890
SHA1 24777aad794a13d0e7381fc6f32f0e1bcdb1ba80
SHA256 ba861524fe648ccb47b7ac57421bb07a6231a7aab5eaea332548511cce6185bc
SHA512 2ecb9b208846f84cd37f37d2100f26358d6c37128efc4010b2e7efc10202dc37b621d0c0138a8b76b23d968da324c685a41b44f4ae30cbbe243581f1904e14c6

C:\Program Files (x86)\Microsoft\Temp\EU1F2E.tmp\msedgeupdateres_en.dll

MD5 894b6ea4b49fa390bd70167a75f3ff7b
SHA1 4f834ef6567d02f28390d63c8ca9fd3c735b2140
SHA256 a8dc2b1e32d8d3d2c321c469eed3329f7661f4fc71d14696f97106b5aa6c532a
SHA512 9b4fcbd07dc7f65c34575aaabb7a517198739f7268133f084b101edf99f0b96387f3f0248de1be5252b2466db0bc59036d40e3990d4264bfab89aa01aace7ea6

C:\Program Files (x86)\Microsoft\Temp\EU1F2E.tmp\msedgeupdateres_hu.dll

MD5 df2764d7bf9bbc6d4e96301c928566b5
SHA1 1f9adfed63fff6cd144515e8a7fbf8c4131d2f65
SHA256 3dcf3b4acc066674418e30239406abf59b85f9a00ba2a0aa7ca33036caee6514
SHA512 8c1eec6d813fe2266f0e03ce72f504f355f720e0112527fd411abd5e7fea05dd4bfa3ee9a878c882c16e8cd30224727eabc5ab38bd85cf146b21547ade988391

C:\Program Files (x86)\Microsoft\Temp\EU1F2E.tmp\msedgeupdateres_hr.dll

MD5 ca9abf92edc001d3c0cea4c926bd004c
SHA1 740513a325a5c15376f4b1aea402e9c54155ab33
SHA256 d6d9e064773b121fbf224252ef6c7d64f239d6b5013c119738a8240cc047e346
SHA512 7171143ee05b0e03bc936fbd98d3a37c3763bc244ffd8ae85e3229b85e13ec6262c3111b93b3a067f3d82f5fa6b6f691438c0e148efd14606cdf5a850e474a7c

C:\Program Files (x86)\Microsoft\Temp\EU1F2E.tmp\msedgeupdateres_hi.dll

MD5 274c267b7ee544d36698b2db119a6929
SHA1 27377267ddc09060254033c4aa9916a60a254956
SHA256 ac843711f010925cfdd60c396baafc3ead08584ed4b1b3df57b0c975cefd039f
SHA512 f9073912e9c314efe60f36dd9b2bdb4b1475aadde18e82bec971c447293a4f8dce46abe625bb9cec4dc48280fce3cf3d8175054b70b4e440e89a8c072f4a505a

C:\Program Files (x86)\Microsoft\Temp\EU1F2E.tmp\msedgeupdateres_gu.dll

MD5 bb4a1f9374f1c3e0cbc4788a3ce1d4c5
SHA1 30667d6dbaa689db9a08b42acacdf68435dac46e
SHA256 bdbd0882aba924075c40de48fcbbe951ea6a937c0b85541fd6f1fa5701b8e655
SHA512 d0a5260ae123d4698e2f62fdcf97a73aa038b69b200508948185bb5de5f5edb50d6859c9e6e21e84145ceebc144882d0ed5723ce1486e805c26737358ae77504

C:\Program Files (x86)\Microsoft\Temp\EU1F2E.tmp\msedgeupdateres_gl.dll

MD5 31276d0895baff6976c94c549efbb47d
SHA1 4f0fe790cecc28823e6359fb3b78dde13cc17681
SHA256 d3bf99db747f3e6a2d541ecab380244c0a33ceef8655383d54e2daff37dc9a88
SHA512 413958104046b85772d4a32550ae3a7a3a50eb66dc35966554123bd9dd15fc7a76fa7511f6d2ac666d8a205a9b58042f68e2322189c2b34d372db6b180b70da8

C:\Program Files (x86)\Microsoft\Temp\EU1F2E.tmp\msedgeupdateres_gd.dll

MD5 d64f47e1971f1e9faba211ca984e550c
SHA1 6f4de57c6f174dd778788b138a9b25cf4725258b
SHA256 75fd1c674a460dcdafbbc1429a4c30c9ac28e58527c6f0797c3706012ec19e00
SHA512 722c9f1e5d27d6ac678ca13aa648aa22aaf1121b835fad5209ce3e482471724cf4920390f51c8df2d31c66898def51ad76b0c119f4de831011b56afead2fef7e

C:\Program Files (x86)\Microsoft\Temp\EU1F2E.tmp\msedgeupdateres_ga.dll

MD5 3ca8dfe9af49bdde95188002ebd5f227
SHA1 d18d7af889c4d03ea417c09bc56069f3f697c547
SHA256 6577e1a60f0fa340dcb70dcf625c877fc9502d122744782708ede0c53ceb56a5
SHA512 a61ba9baa6d0116b769c4add55aefc99a360bf85be7986ab099a424ff7a39ccee18d946128e74e39283629b52aa14821f36fe338c0e17de29694fff5138590be

C:\Program Files (x86)\Microsoft\Temp\EU1F2E.tmp\msedgeupdateres_fr-CA.dll

MD5 08b6c8f26644370c6dcbee63e4abf884
SHA1 e4981733831c4d31715cad1749545d21dc29acf2
SHA256 916b52a362fddae79461d1d07ff01fd3bb4f7b8916b263d62572a8ad420946d8
SHA512 31f074e494a372a1b961fa9c053b561bae9e52182866a538a734b7589cad550a42b1d88649262a7d265226288084e5ba65e9e1d6d32ffd9292258a9f65e236a5

C:\Program Files (x86)\Microsoft\Temp\EU1F2E.tmp\msedgeupdateres_fr.dll

MD5 cf3ff14718b5e6125b956d6d9e897196
SHA1 041de2587e03f6c52dba60e9d2459ce33b263eb9
SHA256 d75ece04e40e34beaaf50cce0fef63e52918b5939c9c267fbfd1e6cdcb2a82fa
SHA512 551ed975b1afdc75f464bb742c30f239f9d18aa99bf9140ec0620c938629868b38a952041288244b6e2387748c16546a8fe55a664a9903577b8e484856583ac4

C:\Program Files (x86)\Microsoft\Temp\EU1F2E.tmp\msedgeupdateres_fil.dll

MD5 20134024ed75deda002dc0839b352f84
SHA1 e67bbd13a320d2b4413b283e165385c44a65ea0d
SHA256 425e0834cb73365cf78a233a5b139e1897961e5225e9cc92ab365b3efbe30d76
SHA512 7dbab9a85d852546ab8c30b3452ab8b200874eb3aac0c862bdaf5c90cc882cec11de536851693f8f115706448e3323c66affbdd7e65257395baf24a0208dc537

C:\Program Files (x86)\Microsoft\Temp\EU1F2E.tmp\msedgeupdateres_fi.dll

MD5 7f47c9b9bc9488754579935209291c55
SHA1 470e590c6f5263a44b95abbd6d0c158fae326d21
SHA256 f0d8c44d909aed479b3e770b556eb3792c0d3ce247defff953a4dd9f7ce4cc75
SHA512 6f81ddd06f6a1c796bbf21143737bfeed8f9ca0ace82a4de00ccf79d7288586376439e0564f1cb128e5e585eaba122d406af8c3a6e3969efdadfe0cf65c3ed4b

C:\Program Files (x86)\Microsoft\Temp\EU1F2E.tmp\msedgeupdateres_fa.dll

MD5 ba417f44f7564f1aca70cca9166f3f44
SHA1 d8f064e25038e0076bffcd1a694b58063b7268d7
SHA256 56632098f623cbb58fadddc5c7a889fbc91954f661078501e62517709b8ba703
SHA512 c35ba956e92a2298268bb6ee7a753d6b7f94bdec96118c834f028a0fa45f18b67302b0e20a26d948d1720b04461d3074ae30003bb9028790d9d2d63cb80f4467

C:\Program Files (x86)\Microsoft\Temp\EU1F2E.tmp\msedgeupdateres_eu.dll

MD5 ed883bbd9e4b3de4db68e356707f3e67
SHA1 e03dde660c15a614442552f8c4d2cc5dd8425fc1
SHA256 168eb27052a559561af3ed650bc170eb471e53f05b9065f0e229672d040ae1c7
SHA512 ae48fe344b2644380e56a95d98aeb0ffeff7ddf0c914f5d14ef518a4d40bb090fee9a7fd30f7178524bcdec1a2d8fc870b4b40d5d8437e3f2577320262236126

C:\Program Files (x86)\Microsoft\Temp\EU1F2E.tmp\msedgeupdateres_et.dll

MD5 6b03eb5b302e72727977f2431ea7f30d
SHA1 ac5cab93d3c28e46f92d2719638c739c680cc452
SHA256 b5b51fe000e0e0ce42e8dbaf4b8343a5411e2e99440726c747196a02ed736137
SHA512 362e94f79b7726b277cc90c5158d3cc5a0a890bf32e11707f9901233414b3ff22816df78276afa67f0122fc7d6fc2d09dbb1fd8602e3a01f807f93b9423bb463

C:\Program Files (x86)\Microsoft\Temp\EU1F2E.tmp\msedgeupdateres_es-419.dll

MD5 bcafbabbfc8f810220b2ebdbb8a76d19
SHA1 58703c8355f996f2ce8ae5fd1ce4dc29318fd414
SHA256 7fef9c85b5d7dadf344ff39d82794ed252066cceb2b6531be2a45ee3d84844b7
SHA512 b02820c3088ceae9ebf19ede77e3a406483a3dc13c030860d3818e6e8a163e9f54293fd058ec9575c196d12f1465211ab7feff145faf684be6a8cc251d1c0d71

C:\Program Files (x86)\Microsoft\Temp\EU1F2E.tmp\msedgeupdateres_es.dll

MD5 3ccb8eab53a0b4c93507bf2adff6ced5
SHA1 25fa2435e97bd0e1cf986a882ce33e68f961c139
SHA256 8bcbd325374a8cc5c1c7ea774382515316473c200baec86a65ae21073fae33b0
SHA512 4f443ded84d74e150a0be3c32edc734ca01298817933a7b1f0e5c5cd93f26987f051c4c306848301e688b9334d134a12bcdcc0ceabe1fcaaca5c4d307c697bfd

C:\Program Files (x86)\Microsoft\Temp\EU1F2E.tmp\msedgeupdateres_en-GB.dll

MD5 39dc20ae50a0e2ba9c55dda91256b3cc
SHA1 464139f11db3fd6ae77502b183c4b59f581d6c7a
SHA256 e1891a155be133e6dd82cab3f9437bb7f047f0f80689ca724ca4d1d90d1fef14
SHA512 08b8e19528ff007b904f55872935e0de9e06e7cbcb3f3ed751264e3e20a740b477b55c818bf2b0ed213c4ed9cbaba0c8953c19f427be3e8ab8f50c9c86a74bf4

C:\Program Files (x86)\Microsoft\Temp\EU1F2E.tmp\msedgeupdateres_el.dll

MD5 09cf47260852ff7b2c91c65d127b9314
SHA1 b3d362f3d08f81bd1b719a1c94b54f5f9c9610da
SHA256 eb4344676280f83e6023ddc604ffa42e96eb46e765a216fbc5ecbe49ddb3c920
SHA512 114a21296d8e7e054906139102617e6cd6008337a0877053721553cfed10183f54f890c8071b1cea17bd0b2535589af7aafe5bd1d161886ad7363f89919d7300

C:\Program Files (x86)\Microsoft\Temp\EU1F2E.tmp\msedgeupdateres_de.dll

MD5 ce66ef1a806c21949b75055f81cac760
SHA1 3719e4af114a3c0baceb133d152a02bc6a1fb9f8
SHA256 23f5414d554b96db0b93c7dbe27939d294b8061e56c19ab74d59fe9135e81c8f
SHA512 04d9575c866ac28db490a291be3da41f884d3ceadbc9b7077776ea7deb1819277aadcf9c9e1b5afede3e90bafbcb00e6ef0840166228d153be7e8d8d53975593

C:\Program Files (x86)\Microsoft\Temp\EU1F2E.tmp\msedgeupdateres_da.dll

MD5 19a7aee0daf68fdc1a24e3228a8bf439
SHA1 1fc6ce227a11245787c80f3932e2c311de2d44bb
SHA256 409cce12be8b7a86313bd1d9e3c6d9154cf0c5735db61d94852a128a746dab99
SHA512 0051119311316d29dbc13ace84c24283aa2eaf1d46459c81ba7b31cc6178b43165618fd7bec17de698b1431ef2b33be179c2c8b1537c1000aadf849e2c888c84

C:\Program Files (x86)\Microsoft\Temp\EU1F2E.tmp\msedgeupdateres_cy.dll

MD5 11b92ae8fe94c784480d465a37935766
SHA1 f4ead29d4b20c57bb0e4d16a7488784f61a25972
SHA256 571b0cf8b0383e33393b8b8fa79d1632688ffc2bdde794fff62c85f5e1a3f161
SHA512 b636dec2e1d48916d0c83d2fe45eb24d826c027455cf22ec78e013166e59fbdb4780ebe69de3ab4b5730dae03652d253890917f53fc835aa73f9f75b01dc4f23

C:\Program Files (x86)\Microsoft\Temp\EU1F2E.tmp\msedgeupdateres_cs.dll

MD5 8eff4531519a4b768005b9411d4a5f9c
SHA1 59b354e3f32f0a0da8755c27b903803994f4aa31
SHA256 2e9a230a8b8a7fa437a28e2115ebf01178f3209fc0d61eb90160f49c11a16cb0
SHA512 4426ae1e2937e1f6c7364d2f437aeb83d834f9997d28cb1ffb07fe1c448dd954083aa822ff439c886249a387823a23245640a0425dd8c42b75b73912733f11ee

C:\Program Files (x86)\Microsoft\Temp\EU1F2E.tmp\msedgeupdateres_ca-Es-VALENCIA.dll

MD5 afdafc9f56401b662f42cef830d92b38
SHA1 b56966370ec07cd676e35d93fad001e0f6b3fb8a
SHA256 03d7a1c0d8810df4b908fcc40c8491df0e3ce19db8ee22e6be79d02fd9df8f72
SHA512 884f9cd99785ea91c5c8e26200bbf0b010ff278b52c5ac590cb73712321a9cdb645e5448bf4cf62622cdb06543b8de4a8e6956a2f6b6677c0b9befb35589d8b0

C:\Program Files (x86)\Microsoft\Temp\EU1F2E.tmp\msedgeupdateres_ca.dll

MD5 15ee7526536790bf77317975896542f9
SHA1 365bc54203b490daa0e24a1c9813d5d99c9de720
SHA256 5e2349af6e02da1c5d18f1b3235fc5099229d2d99e1c5cf2713c21472c151f8e
SHA512 475fd9c0879c8cbc418a66441e3dc026fca983327a95763eddd1537c1f44fdf272d212c69e1b06aad55d91c68379a2beafb2908659d58a61c740731a7d047406

C:\Program Files (x86)\Microsoft\Temp\EU1F2E.tmp\msedgeupdateres_bs.dll

MD5 5e06d311c2e24b94f378c4d3b3deb260
SHA1 ef7df63f63746eb197c21694ebb21cfb86c0b2b8
SHA256 d2052450e3a3272b302d80af9f2c46b766153267100bc902dcf03a78ec609b65
SHA512 8d73b5265735aa19116cf41bb8d2bdacde5b22b286a56af58068f9579b631b044c155e625f6e1fda12e505f621f245faebe126c2557dd2ec873d7d980f8ba552

C:\Program Files (x86)\Microsoft\Temp\EU1F2E.tmp\msedgeupdateres_bn-IN.dll

MD5 1e038b27661b303e15a39a55305e86bb
SHA1 35b48fe72d50406063f9145fea64c57f205f0084
SHA256 385665137d0dfee16ed8ef2da5ce28d826d210eb2bde1fa4ef13dac50e4b5364
SHA512 13fcfde6923b38acc2cfa530087d13725a2cabdd2e771d503f4d2f5cff93e8744f142e235dd484244d920d80cb3e7cecbbd731b473f6e509edb39159c51e9465

C:\Program Files (x86)\Microsoft\Temp\EU1F2E.tmp\msedgeupdateres_bn.dll

MD5 9afe531b6472cf9eb66028e9638584bb
SHA1 6212292867bd59fe376e79988c07f4db8ad26cdc
SHA256 383754fc147dc6ef5f1edd14b60bab6bebf32639dfea718aaa64b2b65ac98812
SHA512 352bec509ccd3ad15a274ddd3ccea43b76eaed885b0e7722235abd95aab8fec1c645722765d76865c1b32ed422a10e6666f220e3abcc5a24268ba94c5cc6b8d8

C:\Program Files (x86)\Microsoft\Temp\EU1F2E.tmp\msedgeupdateres_bg.dll

MD5 4b23c7229eb43740744cfbf48c4242ca
SHA1 4938dcf6239e14db53c8f085d3c477905a9986af
SHA256 a7527b867ebc222114b679b2ac542cdc46a75f8bc24e5ca8b7ebc17b7a2963c2
SHA512 4bd8ed0ecacd3f2c69dcd0789ab8ee10dcfd6144b019dd8858c2234bebddfe42c83037fb8e2f934f3320f58796683bed5ab050ba897ba1fa409b6df60f02ec53

C:\Program Files (x86)\Microsoft\Temp\EU1F2E.tmp\msedgeupdateres_az.dll

MD5 bf510bb9b7639af7da969f77620b480f
SHA1 17a6693a5d6aea1f3fa6f34abc46daf558cac645
SHA256 2507da222cf6c6dd608da9b569f89f8e11c47b6e16134c767cdc23b7c1f56bd3
SHA512 6cebe80005cb7759ee4fd8dd9ca41bdd073c01e969e1ebe03cb07616921e50516974019faacc2f9dcaaccdc0044eaae57a6a94f3a4a4ce044a781cd8091478a7

C:\Program Files (x86)\Microsoft\Temp\EU1F2E.tmp\msedgeupdateres_as.dll

MD5 16b0c8a664626da016a95fb46fdc9c0e
SHA1 c674b635cd8927511825847f3d86a5562b4155d7
SHA256 b059fc9713d3a41e9a83f0d61f8cce29546d3759def0a7b8e162a13915e51255
SHA512 ec39269fbd9e510d10d665c86b8a8161208b74f919e4fd128e365144d71f2b59d3c48c50b8f017b1d30c711ee4f63668f843539957b4643d2a488c9e17290e75

C:\Program Files (x86)\Microsoft\Temp\EU1F2E.tmp\msedgeupdateres_ar.dll

MD5 b4c28669b9d4e56b094af6062f4db065
SHA1 4c492c03138c8a796cf0673866892b9e0c2073ec
SHA256 7fe494dd265f99f330b153ef69c51c0541016755ca1876788f7f0ede78f9cedb
SHA512 35941ab6f2dcf5f60824d172f75f9f7b8b93e65c7bd8bc441fc32e49cbb414a68d65a02e3479b096f728b2a34d3e85dfd868e8bf95ff9b1a57d10adc3da0022a

C:\Program Files (x86)\Microsoft\Temp\EU1F2E.tmp\msedgeupdateres_am.dll

MD5 1903bc250fc269e79c9f7aada2979aff
SHA1 efbf76b1259217c02c138078c56f36b2cb8543ab
SHA256 228fa3e2fcacc78111a8152d6862de2302c024e81cc8b5e3f16e31caf96cfd04
SHA512 9db527c2e26ef691c089f5d1d010298e0f47e2e0420fba03ed18c7c2793b92c5860240b214b5233dddbc150413a2649e9cf4823239b9831930c2804b143ab538

C:\Program Files (x86)\Microsoft\Temp\EU1F2E.tmp\msedgeupdateres_af.dll

MD5 2a9524cf8afae49394379d9d9be69206
SHA1 e43d4146f8abebbb30831fbd39a39846bfb7eeef
SHA256 e5a08731963e681b6386c4e85c16bc98452ebc13c4a7de3ff6979125c609d5f0
SHA512 a0111589960cbdcb10b55c17aa82555e44f0f0f173ebad09de6364881138cb35280596f1de6d86b31044427445575630c22079c3585e34729ce461599b8979b1

C:\Program Files (x86)\Microsoft\Temp\EU1F2E.tmp\EdgeUpdate.dat

MD5 369bbc37cff290adb8963dc5e518b9b8
SHA1 de0ef569f7ef55032e4b18d3a03542cc2bbac191
SHA256 3d7ec761bef1b1af418b909f1c81ce577c769722957713fdafbc8131b0a0c7d3
SHA512 4f8ec1fd4de8d373a4973513aa95e646dfc5b1069549fafe0d125614116c902bfc04b0e6afd12554cc13ca6c53e1f258a3b14e54ac811f6b06ed50c9ac9890b1

C:\Program Files (x86)\Microsoft\Temp\EU1F2E.tmp\NOTICE.TXT

MD5 6dd5bf0743f2366a0bdd37e302783bcd
SHA1 e5ff6e044c40c02b1fc78304804fe1f993fed2e6
SHA256 91d3fc490565ded7621ff5198960e501b6db857d5dd45af2fe7c3ecd141145f5
SHA512 f546c1dff8902a3353c0b7c10ca9f69bb77ebd276e4d5217da9e0823a0d8d506a5267773f789343d8c56b41a0ee6a97d4470a44bbd81ceaa8529e5e818f4951e

C:\Program Files (x86)\Microsoft\Temp\EU1F2E.tmp\MicrosoftEdgeComRegisterShellARM64.exe

MD5 1723c5e707061e59d769c492a95d5083
SHA1 3b535b7a0df2f7a4ab5e531956dad9892adfb5e9
SHA256 e97ab6dc0ed865aa8606f5c113fd62170341d1a3d63d5618f233aea969ec49ab
SHA512 a4e3bd9ec331a27338c123a9a3ae23619fc5a5b80fc9aea38d23d3b82ca015f47669e0f3e1a6f98e7f464e6bc21e92723a04f72805e45e0dfc81540a2d299a8a

C:\Program Files (x86)\Microsoft\Temp\EU1F2E.tmp\MicrosoftEdgeUpdateComRegisterShell64.exe

MD5 c55b37823a672c86bc19099633640eab
SHA1 da5e15d773c794f8b21195e7ad012e0ed1bceb72
SHA256 3df9cd2fecf10e65be13d4b61ca0a9185845f2cb04b872adeaf41ca46af39aa0
SHA512 1252c3fde4aa4ce239103e8df7224afce093a2cbe539bd40347601980a314ea3326ea6ce4c1ebc845c125845969ad65ebca319b9df35a809ef871bad14aaf33d

C:\Program Files (x86)\Microsoft\Temp\EU1F2E.tmp\MicrosoftEdgeUpdateCore.exe

MD5 dd30f3ff486b830211df62d20348f86f
SHA1 08c7d7407dee7ed20b50e8f1a2cb1b08a9282dbf
SHA256 9d57bdc8b97e75f8a04b93a1657dfd18d4e2f68607783c9bca42140233978fa7
SHA512 af3b48ced7018c7edeabdfa998e51356d57c2d7a846c76629fed0ff2e5db8db79041184c58a5a67a10ec627f53af8e3c80bbffacaecf5dae6d989cecb82e72e4

C:\ProgramData\Microsoft\EdgeUpdate\Log\MicrosoftEdgeUpdate.log

MD5 8b6dcec0e0459c2c3e0bcb0c661f2226
SHA1 4484b8ac8ae78a12a1dfac7a1f8fe7717482ba30
SHA256 bc4200919f98d4e4e9dbca2753417acb991f39d81d5ba148576060a164db706c
SHA512 6323d02465d82e8ad3d57cf1f2904393fcd7524d00594719eb8f4339ad0b2b05d4e7bd9454a59c6a84ba5d9c45f35c1e8099ad94f42f37fc1705eb30951afbf7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e40e2b2452478a5f73951795ea9d04aa
SHA1 b41e0a9a86559106e875c74c731662aaa46f9535
SHA256 51d182b1b6d56d9d8a4c53448e03959e80dc22f69b9673989a1d467476bf9d85
SHA512 1e10a5792a4adb99e23b3473592032ab89e0bf88075518cf9df78ecb55d138659a586bc02495d72b1dfa40f937228d51462d99acc28c66afbd23c90967bbf404

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 36988ca14952e1848e81a959880ea217
SHA1 a0482ef725657760502c2d1a5abe0bb37aebaadb
SHA256 d7e96088b37cec1bde202ae8ec2d2f3c3aafc368b6ebd91b3e2985846facf2e6
SHA512 d04b2f5afec92eb3d9f9cdc148a3eddd1b615e0dfb270566a7969576f50881d1f8572bccb8b9fd7993724bdfe36fc7633a33381d43e0b96c4e9bbd53fc010173

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 2090058d2f07d0fc9bbcbfd21b87ca50
SHA1 a5400dc1ab1590fee56be85e22b8febe4b59ca0f
SHA256 c28c5ea2cd1bea4e6b33aa95332c702d681d3065425e574f0955d20c92419b54
SHA512 d424135d77b869e7cd6e5f83752594ca7b1e94ef3288924fe4d61fc7b41d96b260f938a6d47dbb4f0824d8059201e0bda5fe8b62b57203573c8d2c459c87baa9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 def0073e04f4e0dbf3e024e549a385e1
SHA1 dd67937281e00c5186867002a5660213db5b62c7
SHA256 6d3b0274da72fc0404b80e30892f2b372de54f56f8963c87248441074b46af41
SHA512 83d8f65a79060c81acc2bfc827819791e52c906f7c7c681d851fa4559d0667eb1b2cdce6da7a363473b25b3a53549f1c2b7b11e007af9990198db59596740ac1

memory/744-682-0x0000000074C40000-0x0000000074E66000-memory.dmp

memory/744-681-0x0000000000190000-0x00000000001C5000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 4df4574bfbb7e0b0bc56c2c9b12b6c47
SHA1 81efcbd3e3da8221444a21f45305af6fa4b71907
SHA256 e1b77550222c2451772c958e44026abe518a2c8766862f331765788ddd196377
SHA512 78b14f60f2d80400fe50360cf303a961685396b7697775d078825a29b717081442d357c2039ad0984d4b622976b0314ede8f478cde320daec118da546cb0682a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3d9fc0f95213b8ffd410395d6ec0479f
SHA1 4f3c6890446fb66213786177c86f338487ddaae3
SHA256 105c64e4682987e5a75be53dcc441482069282485a45696ac8fb7942d4a01abd
SHA512 cffe50c42669c95a801c3faab4aa21c47cfaf535d522d69d16637b54e9c0d47f735d66e70e50c30a9d2ae5fba5a3b38e80f5938ab566c93a5adbf31b33af523f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ba0e2c4e9a8bc1c5cee20ec158320e2f
SHA1 85efaac52276a5c01322ff09197a74592f78a107
SHA256 af96c70b635dce2ef46e840e70b06eb265ca499816e3011d94ac34032edeb12f
SHA512 d8e68e66737569a1d4b3dccea9d70e2f24ce2afcaa8da8a767b70face556dc46fb18e6bc932ae8cc17b9ffc9ba176dc1d1beaa03bdd1d0b44008c8b9778e210f

memory/744-730-0x0000000074C40000-0x0000000074E66000-memory.dmp

C:\Program Files\MsEdgeCrashpad\settings.dat

MD5 5172d8040c1c5f6119624d2688815496
SHA1 770f10f118db35156744102a76ae7a19902bce26
SHA256 7a76e0ec56a06eaf2e1e025b68db42e1d7c1e743bcdd65d0583ff0fe0d2b2bda
SHA512 7bbd889d906e626e9782cbec27a766781664f4393efb169425a1eba89a7439eb5930fb9997534ee519547eddec5bbc1c50964be72a1835ea16774907b206f648

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5bcf19d71dfae590d5dff95030944df5
SHA1 a85b9adae763ed60093a6ab02b048c433259a5c2
SHA256 9f887f02ce0c0260878d8557e4dc2889cc431f0923b8cdfc29fce4ca66b5119a
SHA512 7bd7f1052bd921978bb9e37dc52dbabc4fd0415b3225c44bddb052e2f02ad266f1431ed99152144c9ddbd75b4ea62674c34a056a837b508edcdd2aab332f1fd7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 fab8d8d865e33fe195732aa7dcb91c30
SHA1 2637e832f38acc70af3e511f5eba80fbd7461f2c
SHA256 1b034ffe38e534e2b7a21be7c1f207ff84a1d5f3893207d0b4bb1a509b4185ea
SHA512 39a3d43ef7e28fea2cb247a5d09576a4904a43680db8c32139f22a03d80f6ede98708a2452f3f82232b868501340f79c0b3f810f597bcaf5267c3ccfb1704b43

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\cd79f637-8d00-4ad2-9fd2-e9fbaef44605.tmp

MD5 5058f1af8388633f609cadb75a75dc9d
SHA1 3a52ce780950d4d969792a2559cd519d7ee8c727
SHA256 cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8
SHA512 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

C:\Program Files (x86)\Microsoft\EdgeCore\130.0.2849.56\Installer\setup.exe

MD5 9a98f71bb7812ab88c517ba0d278d4c9
SHA1 459b635444042ad0eeb453cdba5078c52ddba161
SHA256 273f8406a9622ddd0e92762837af4598770b5efe6aa8a999da809e77b7b7882f
SHA512 5685717b2192b477b5c5708687462aa2d23999f565a43b7d67388f48eb9a3d33d9a3da54474ce632a0aee1bc4de8a6172a818239033d4a035f045e15947868f3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0bbaf1c2db5a01b4565ba36cd3b94d0b
SHA1 a3ec59df396835217acd345d7bc49c6356a62b21
SHA256 d77b3ed2b7be3f9241934b26b045bc30d49427b48efba0bb0284150da568b204
SHA512 556f93fb7f45ae7546e0055efd8e3d0c214e8255856056e85c4da0dce765972ae6cbd6dbdcfb42355a06c1d4797ccf53a589ac21981b8082d017dc2f2e312257

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache\data_1

MD5 f50f89a0a91564d0b8a211f8921aa7de
SHA1 112403a17dd69d5b9018b8cede023cb3b54eab7d
SHA256 b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec
SHA512 bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 fb56a578ecd47131301f57a0dfe88626
SHA1 afacd0456529417f7bc82bb907cc52fdfea43d31
SHA256 84a176c1a2ddaa4d8570658930939fdf850e1589bacb309b4e2f6cc41550ff41
SHA512 942cb8764c9679aec2475a0157a692e9892168789369d88d85441bbf297148de3604c80cb365b93e53183a00a0ee75cc908622c00bc5f1650181dc05513cde2b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9976edd1e727c71517a0b4fae410e802
SHA1 5c225c14d050c69ea5faf87df2701449e39b3122
SHA256 6272979289fd509e808bba984062fbc7a417a5244ff6b53457a09e2c3dc65944
SHA512 f46ef4989ae6d4aa6b7dc060b1f8507bc5dde95de85a86697920a47503965070aa43a276a29d8051a953e88b0c1d9391bb89c07733f4d7356bfe907cf2e10eeb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f3617ded3e0290b29b5447212f1238a9
SHA1 70c9e46ee998fd6d9e898ceeade6b90643bbb8de
SHA256 386c3e8d16947b6da46dc464966970a9b01da93641090cc24631bbfbdc62cdf7
SHA512 7381696aba1c6bcce3f5d5cd77ae3092889525efa7decdbd0cbee05700318ab6750faad31d82921e40a58cee80dc896e3cf74c4563499af542a771035ff64818

memory/744-869-0x0000000000190000-0x00000000001C5000-memory.dmp

C:\Users\Admin\AppData\Roaming\Luna.exe\EBWebView\Local State

MD5 9710303cb3b7c1dc263558846a0ece6d
SHA1 1c356fb8b04d765b669dd7485123b03a5ba844a1
SHA256 20450d8b8628fd7c6ce92fd30239e115008b30a6c4e3259c38039d2a5711b793
SHA512 9edb16c0ffc01131cd1beeefe06cb85f7d037f1ad9e4511a09ba1b3a93b5a722ca0b7d5026a9cdf4d25a582bf09694a518179c86fbf34b010e61d81db2e1abea

C:\Users\Admin\AppData\Roaming\Luna.exe\EBWebView\Local State

MD5 d3634c5d92d05077b4dc1eedb27cad6f
SHA1 000e49b6558e1c14b88c5a9122db5714aeade11d
SHA256 9778e694f273fd38634288d82439e28b689dae47bdbc170d25a474d694b799f8
SHA512 55188e22c6b5203a4d9aff6e9c3b3ee45ce4072d1efef16d6c78af780ad2c87012297a6d14c0a76fa30917101bac474f9b7ef086595f526e228685c7838bd389

C:\Users\Admin\AppData\Roaming\Luna.exe\EBWebView\Default\Extension Rules\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

memory/1132-974-0x00007FF874F80000-0x00007FF874F81000-memory.dmp

memory/1132-973-0x00007FF8752B0000-0x00007FF8752B1000-memory.dmp

C:\Users\Admin\AppData\Roaming\Luna.exe\EBWebView\Default\shared_proto_db\metadata\MANIFEST-000001

MD5 5af87dfd673ba2115e2fcf5cfdb727ab
SHA1 d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256 f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512 de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f6afc9e653456e86c3a2a7e0af1d61d9
SHA1 a5717e4cc0b8c934073a94cce22dfcdfd295c3a8
SHA256 e36437ccbf880180702a83394c9e4414d8ddb86c7fc551c480476a4d3a05be55
SHA512 099ea0cc06fcbdbce8e4b5d079df77f2e17a4d567a476312e5943a6d5d41977d2eb79030e521b924453d2d0cbb8a37db046d0d62553cebcdb697b77f56703940

C:\Users\Admin\AppData\Roaming\Luna.exe\EBWebView\Local State

MD5 066c58387fac49239981363ed9876935
SHA1 33cfc82ec8a032a2285bf4d8d3808b0560c6dd0b
SHA256 75ced6ab37b5d4ba1952963f8dc2e86bbb81d690e1f5fb6b69f127857afa8a9f
SHA512 47883dfc310682144fc1d6cb74fca4437c39d5371ba0d16e51b91ed1d0c13971d9ae12ca5adbdec6745db827ed07c490e086749293569685739351415be720aa

C:\Users\Admin\AppData\Roaming\Luna.exe\EBWebView\Local State~RFe60039e.TMP

MD5 7038a23c759bdaa0616196bc36f683a3
SHA1 b0f1d54e6536a71581fbf8bb511aae2e1e025edf
SHA256 934b04317ae7cd75bdb69a267242df567698af360bdcedbabefb954066f7ccea
SHA512 91dfa46425565b9dc26f37f3562397fafca56998120b56be5a7b01f4ce1b38d0cf4621abacbcc65c5c34f33f1218fbd00514a14ac36c4c068d6f1c814518747b

C:\Users\Admin\AppData\Roaming\Luna.exe\EBWebView\Crashpad\settings.dat

MD5 154d5915c6ec842d140a8d3d73a2e037
SHA1 ecd641e3ca0592710f3b00073faefa994a2afdcc
SHA256 30a88982124ace6491fa2d6a53c88cc223f5c7c89c4360779ff2f98e6f16e1a4
SHA512 3c5e83baa04cb6e520198e13a25f95b0bb25faf2fd0d25b2b7c5dfd3feb328fedd848939171f0c58f9af245016f0d1bd71234cb1ba164d5801ddf51e9340df9a

memory/4864-899-0x00007FF8741E0000-0x00007FF8741E1000-memory.dmp

memory/1008-987-0x00007FF8741E0000-0x00007FF8741E1000-memory.dmp

C:\Users\Admin\AppData\Roaming\Luna.exe\EBWebView\GrShaderCache\data_3

MD5 41876349cb12d6db992f1309f22df3f0
SHA1 5cf26b3420fc0302cd0a71e8d029739b8765be27
SHA256 e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c
SHA512 e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e

C:\Users\Admin\AppData\Roaming\Luna.exe\EBWebView\GrShaderCache\data_2

MD5 0962291d6d367570bee5454721c17e11
SHA1 59d10a893ef321a706a9255176761366115bedcb
SHA256 ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7
SHA512 f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed

C:\Users\Admin\AppData\Roaming\Luna.exe\EBWebView\GrShaderCache\data_0

MD5 cf89d16bb9107c631daabf0c0ee58efb
SHA1 3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b
SHA256 d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e
SHA512 8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0

C:\Users\Admin\AppData\Roaming\Luna.exe\EBWebView\Local State

MD5 8a93a71fc0958ac10b20019949daf9c6
SHA1 ee3acdfd8bb13fd1b6d756c5bb3c14174f6d41cd
SHA256 e35a5ab241bac748f4f5da6f7a64f003ae9942833868f67e90845b3366df6693
SHA512 7c6ec3395a1c3b8637812ed5c7991dc5eeb05ebe4b9d3eb6ac13ae986dfb7d84d24aa530ad791989f26e4f45e10a45112a9abd1ab5d27fd7e6aab79ad4249c14

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7014384c9d1d6c6a409525653e361a11
SHA1 9b3a4efb8ee3b3cec4fdaf58af3ca551532dba15
SHA256 21d478dd93b2f81245fa2fec5d5efe180c4e718ebbb7eb10923abc6925bee91e
SHA512 8ed23650cf77cc81e4a6d3533c4b280992a39640ec478afb491c9262542c60bee8c5cb2ee9bc04aefef1cb154732046047706cd5d7e07aee4ab2ade26c1fca47

C:\Users\Admin\AppData\Roaming\Luna.exe\EBWebView\Default\Preferences

MD5 799cbb07f5bb257b97309192482741d0
SHA1 272fb00fa5ec4a774390e585b61a2f1ded66c14f
SHA256 fa642aafee19cc067ff2fea4e16c4e50e373e6ff3007fbd430afb43dded43d26
SHA512 ca860267253166654cf3aa2e1a746b6fd47b90187b8d4c0b86e5d5b65cf58f013588767f5f0f8fbc03658ef99c598757f9d50f59ef9d0fd63d1c353aef80093c

C:\Users\Admin\AppData\Roaming\Luna.exe\EBWebView\Default\Preferences~RFe6069ca.TMP

MD5 230e0b9e7faac87116804a79c076609b
SHA1 5b625010dd566eb3d84534a6e971fed67fd80705
SHA256 2a7d5fa6d234a12e1d7c53f318b6ed1bce6ea1d37a97465d81492f468ecb32fb
SHA512 3b081b4e85c9588ccf3e55331af811df03a34201fd8b85cb8ad55797a2d9dbf9014f1fcae872e3babc9532a9047877375dfb17f69a99523c80e89b3887c6be16

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 199b2af13582c590cb7c2578415a703b
SHA1 537fa30bea97f6e4bff8bc2f85b050f8cfdeb129
SHA256 27c1d5ee6eb8ef152da1282fe04cd6974b8a4b91c26d8712e1ddcb41a1629ff8
SHA512 5d98d6a7b904ff680d05b17261a12e8621e3275604e87842b0c410e9c75b13b4080df993491554a89b2156352a60bd8707bacf7b046730cf6c659bbf19fb827b

C:\Users\Admin\AppData\Roaming\Luna.exe\EBWebView\Local State

MD5 510ba9f2621e3474f233c96adc2499b7
SHA1 73e5a6b4d8b8973fb465fa5d3f068910433bdd67
SHA256 8a66e53c3e39b68d6a8967064e37847f65866199386757a17177d1660df8a21c
SHA512 cd817f462e81b3c7b2d1132e23fa33ce3ee0fa8811fc40f1a8c5e0aa809e9a68ff9fa6660f17a4e202988ca13a1fd8e1004e18d80d0c2fe29791417e9ddab807

C:\Users\Admin\AppData\Roaming\Luna.exe\EBWebView\Default\Preferences

MD5 390d6a6fc4b8f15e70f1cb6b1d1bf41d
SHA1 f81a6f71a927102e8f1913cc8d248781c5790a20
SHA256 ac79b2246a51663cdc50fe10d7fe3af97a8a4600b5b31b553b5dccd07421de17
SHA512 03f1f99cba145b32ecd3bbde06caf28a1488a4fc2e0a2eaef1afe2dd5978b89bc05d35b4107dcd641a3f5c0c1d7616734f50a0e7db5afc0fabd2d41027607988

C:\Users\Admin\AppData\Roaming\Luna.exe\EBWebView\Default\Network\TransportSecurity

MD5 910db683121313e24da6ff04bbdd3628
SHA1 0831bbdc2ddbc6ac66987c7e332640a2a54ceb79
SHA256 8f3e616732dad0de176c17b5074515d0ef322e2973ca466c6342155f039a9ebd
SHA512 728ac2b887ee37dd2eff51b33e31b58bfc6e48558706e56876a54a72234387b7ab4c0b759293a21e0fe6a7104254ff52930237a25fb260370b968767b467dc2a

C:\Users\Admin\AppData\Roaming\Luna.exe\EBWebView\Default\Network\TransportSecurity~RFe60a05b.TMP

MD5 b0be55eac9e91d0518d555219bec640f
SHA1 09fb58f2c23a1baa1028d5f21c211bbfd03c7d9a
SHA256 3f58abff70a55396286f4e0d2828eb164b4ea977c6f9b9ee55949958d604c6e5
SHA512 3f563b8dee8dad0eb6c0e44985d46573dac138f4453bb7db14ecc379833928e27eaa493c152ca431e7fac1d5180dd1469f2923d1aa574c8a6551bfed37ea044e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ed5d783f1737ee48e3e6882fb08e6ef1
SHA1 35115f7b1ec855f3843ffe1a42573c0b4967c7bb
SHA256 4b6486ca1c07472a1e00677e394462f009525febb45a93ecb5c0146c628884bd
SHA512 ebc15d87688c42ee28a9d4ebc6dcb373fca6c444694d57906068137fe5272053e40bb8fa550f4b699703020ea598ec23adab3c1c6e06435a218165547f07ff23

C:\Users\Admin\AppData\Roaming\Luna.exe\EBWebView\Local State

MD5 c061fe2eda16e4a0fd7b4eb00d09b1d1
SHA1 1211d1509fc7060cf6de74962618fcec8929456c
SHA256 ff907c0d34f55dcace0bf6c436442bff74a6a4a53fb7459fbbb89dda8b9f9959
SHA512 fd48a76343de7211ab8009bcd058512f1677f8c592523a161d1801fd9c9e6c50776aac32b572dee2496f5793333bd539511be509da258b1fcd0d09849c0041cb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4aec59bec65434584e125888ca0e881d
SHA1 f7e6c5d5d69d664c4187a07aa854c47d6c279df1
SHA256 d62199982a23b7a5fdedf78431940cd0259457aefc66b4277615a887206448eb
SHA512 ef011a12564d6977247e55c35e84425c8ded5702bfac354689619f388beec92c9928062c67f99f7edf61a5e5d943ffc75157ff3c57f845ced96c1bb0481defc2

C:\Users\Admin\AppData\Roaming\Luna.exe\EBWebView\Crashpad\settings.dat

MD5 64cd4b8a23c288ff132185a005b16261
SHA1 202df9cabdab4a3ce52c1fda913896e2287dc2ca
SHA256 770ed7bef3f4cd7cb83dc45f998ed25600aad5af5d1ba4f736cef31c7e4e887e
SHA512 799821b321f94619edc1576b835d6e51eb7c44a6979a4fdebfb6489f750d50adbe2c7d5e7494829280726eb0de7de57e17f2e74a9837cd2c9590194b68bc69d3

C:\Users\Admin\AppData\Roaming\Luna.exe\EBWebView\Local State

MD5 bac542f701cea1763c0df75a419bddd8
SHA1 19457f547c387d2cfc7ce6e16142279b33b99bb6
SHA256 9a69459ffb2afe1e23865b0a8006265f97a7c2d3d03d9a99bd4eb29e2e2c13ed
SHA512 1054bf491d47d81a6051b9a121d3d785294cd122dc891d79ec60fde0cf7127413dc8669260f3b29ff3aff757bdaaccbaf0f167146d315626924a2b1e9c63a5c3

C:\Users\Admin\AppData\Roaming\Luna.exe\EBWebView\Default\Preferences

MD5 9828358f2de02b53e2c4905f639d0328
SHA1 41880f8ecd9bc3bfa7d6ba0d799d8884ee9b7cf0
SHA256 a75da8a4576ecf8ef949341f0d59dc0c5c1b2d496f5038e22bd57ffdcc38f437
SHA512 38c0fe1d7e1cdffb25783e520383bd18100f88f4025e7391d5157d2a8cca7491aecf129df1fead4b2c46899c47f9b1bb241ae6e23b3f18725ba3b0bcd128bf85

C:\Users\Admin\AppData\Roaming\Luna.exe\EBWebView\Default\Code Cache\js\index-dir\the-real-index

MD5 6ecb6c7bb74dc775c3e74f91faaf717f
SHA1 6e479bac51415ab343785f48bce2067c7da8ae65
SHA256 c141c5078c544c4ddee7b4271262b44357ae1e2b7205f4a7feda8cf7c1467994
SHA512 b612627e66d70e2ef854e8862f19f0f7740a5199e20e0c78e16f7c15184c8a2890d533583ffc8925c8aade3fe465a69e2915fccaac1ca79c99d48f01ac96ee08

C:\Users\Admin\AppData\Roaming\Luna.exe\EBWebView\Default\Code Cache\js\index-dir\the-real-index

MD5 ceed9a140ac3bf2eeb0e9a888fddf6cd
SHA1 e60d0f4ae41397fd3f37a21b0d6ff716df3c03d5
SHA256 ec6698f6bebfd7827928843fad30d1ac21b31620b1f73b892e4269c7ad2276e6
SHA512 d40dc65a30f034bfee4367a0823c60c53d47292dc525c5e35955bc8f5822b849c83041e78b8bb68d1a0009d459a782820589fca2d18620f08343467e722cf1bb

C:\Users\Admin\AppData\Roaming\Luna.exe\EBWebView\Default\Network\Network Persistent State

MD5 696fbff3f2372acd3a3e420e392690be
SHA1 b6d42003fa7d142bb130b0283f1e5b47a120ae9c
SHA256 16bbb392f5bcc419cf6dbddae40926f0adb2a1c4b0571f6b0d551e2e10e30b7f
SHA512 297d5d95868e6adb2f4b69ef3da8633a6af93afdbc904c20504d810c1daf17f45e2d64553311e73ac5cf7c66c52dc2d2f4a30a33976c5a2838bf9ceae3fa9193

C:\Users\Admin\AppData\Roaming\Luna.exe\EBWebView\Default\Network\Network Persistent State~RFe60fbe8.TMP

MD5 2800881c775077e1c4b6e06bf4676de4
SHA1 2873631068c8b3b9495638c865915be822442c8b
SHA256 226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974
SHA512 e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b

Analysis: behavioral2

Detonation Overview

Submitted

2024-11-09 21:47

Reported

2024-11-09 22:08

Platform

win10ltsc2021-20241023-en

Max time kernel

1199s

Max time network

1157s

Command Line

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://github.com/suffz/luna/raw/refs/heads/main/Bootstrapper.zip Please use responsibly, we are not responsible with how you use this.

Signatures

Drops file in Windows directory

Description Indicator Process Target
File opened for modification C:\Windows\SystemTemp C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Browser Information Discovery

discovery

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133756624950255230" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 4828 wrote to memory of 2204 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4828 wrote to memory of 2204 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4828 wrote to memory of 3432 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4828 wrote to memory of 3432 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4828 wrote to memory of 3432 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4828 wrote to memory of 3432 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4828 wrote to memory of 3432 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4828 wrote to memory of 3432 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4828 wrote to memory of 3432 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4828 wrote to memory of 3432 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4828 wrote to memory of 3432 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4828 wrote to memory of 3432 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4828 wrote to memory of 3432 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4828 wrote to memory of 3432 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4828 wrote to memory of 3432 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4828 wrote to memory of 3432 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4828 wrote to memory of 3432 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4828 wrote to memory of 3432 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4828 wrote to memory of 3432 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4828 wrote to memory of 3432 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4828 wrote to memory of 3432 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4828 wrote to memory of 3432 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4828 wrote to memory of 3432 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4828 wrote to memory of 3432 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4828 wrote to memory of 3432 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4828 wrote to memory of 3432 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4828 wrote to memory of 3432 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4828 wrote to memory of 3432 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4828 wrote to memory of 3432 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4828 wrote to memory of 3432 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4828 wrote to memory of 3432 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4828 wrote to memory of 3432 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4828 wrote to memory of 652 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4828 wrote to memory of 652 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4828 wrote to memory of 1216 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4828 wrote to memory of 1216 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4828 wrote to memory of 1216 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4828 wrote to memory of 1216 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4828 wrote to memory of 1216 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4828 wrote to memory of 1216 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4828 wrote to memory of 1216 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4828 wrote to memory of 1216 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4828 wrote to memory of 1216 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4828 wrote to memory of 1216 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4828 wrote to memory of 1216 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4828 wrote to memory of 1216 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4828 wrote to memory of 1216 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4828 wrote to memory of 1216 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4828 wrote to memory of 1216 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4828 wrote to memory of 1216 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4828 wrote to memory of 1216 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4828 wrote to memory of 1216 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4828 wrote to memory of 1216 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4828 wrote to memory of 1216 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4828 wrote to memory of 1216 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4828 wrote to memory of 1216 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4828 wrote to memory of 1216 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4828 wrote to memory of 1216 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4828 wrote to memory of 1216 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4828 wrote to memory of 1216 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4828 wrote to memory of 1216 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4828 wrote to memory of 1216 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4828 wrote to memory of 1216 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4828 wrote to memory of 1216 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://github.com/suffz/luna/raw/refs/heads/main/Bootstrapper.zip Please use responsibly, we are not responsible with how you use this.

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x21c,0x220,0x224,0x1f8,0x228,0x7ffe0ee1cc40,0x7ffe0ee1cc4c,0x7ffe0ee1cc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=2040,i,17384291649586125087,10122245173432629403,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=2036 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1928,i,17384291649586125087,10122245173432629403,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=2056 /prefetch:3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2244,i,17384291649586125087,10122245173432629403,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=2332 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3128,i,17384291649586125087,10122245173432629403,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=3156 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3144,i,17384291649586125087,10122245173432629403,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=3344 /prefetch:1

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4808,i,17384291649586125087,10122245173432629403,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=5008 /prefetch:8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.4355 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4776,i,17384291649586125087,10122245173432629403,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=836 /prefetch:8

Network

Country Destination Domain Proto
US 8.8.8.8:53 8.8.8.8.in-addr.arpa udp
US 8.8.8.8:53 github.com udp
US 8.8.8.8:53 217.106.137.52.in-addr.arpa udp
GB 20.26.156.215:443 github.com tcp
GB 20.26.156.215:443 github.com tcp
US 8.8.8.8:53 10.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 github.githubassets.com udp
US 8.8.8.8:53 avatars.githubusercontent.com udp
US 185.199.110.154:443 github.githubassets.com tcp
US 185.199.110.154:443 github.githubassets.com tcp
US 185.199.110.154:443 github.githubassets.com tcp
US 185.199.110.154:443 github.githubassets.com tcp
US 185.199.110.154:443 github.githubassets.com tcp
US 185.199.110.154:443 github.githubassets.com tcp
US 8.8.8.8:53 user-images.githubusercontent.com udp
US 185.199.108.133:443 user-images.githubusercontent.com tcp
US 8.8.8.8:53 github-cloud.s3.amazonaws.com udp
US 8.8.8.8:53 215.156.26.20.in-addr.arpa udp
US 8.8.8.8:53 154.110.199.185.in-addr.arpa udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
US 185.199.110.154:443 github.githubassets.com tcp
US 8.8.8.8:53 collector.github.com udp
US 8.8.8.8:53 api.github.com udp
US 140.82.113.22:443 collector.github.com tcp
US 140.82.113.22:443 collector.github.com tcp
GB 172.217.16.234:443 content-autofill.googleapis.com tcp
US 140.82.113.22:443 collector.github.com tcp
US 185.199.110.154:443 github.githubassets.com tcp
GB 172.217.16.234:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 73.31.126.40.in-addr.arpa udp
US 8.8.8.8:53 69.209.201.84.in-addr.arpa udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
GB 20.26.156.210:443 api.github.com tcp
US 8.8.8.8:53 133.108.199.185.in-addr.arpa udp
US 8.8.8.8:53 210.156.26.20.in-addr.arpa udp
US 8.8.8.8:53 22.113.82.140.in-addr.arpa udp
US 8.8.8.8:53 234.16.217.172.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 10.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 136.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 fd.api.iris.microsoft.com udp
US 8.8.8.8:53 104.219.191.52.in-addr.arpa udp
US 8.8.8.8:53 212.20.149.52.in-addr.arpa udp
US 8.8.8.8:53 206.23.85.13.in-addr.arpa udp
US 8.8.8.8:53 209.205.72.20.in-addr.arpa udp
US 8.8.8.8:53 88.210.23.2.in-addr.arpa udp
US 8.8.8.8:53 14.227.111.52.in-addr.arpa udp
US 8.8.8.8:53 83.210.23.2.in-addr.arpa udp
US 8.8.8.8:53 208.143.182.52.in-addr.arpa udp

Files

\??\pipe\crashpad_4828_XYMAUMTTOZWXGZAI

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 fc7516390555a0b358892f6b752eeb2a
SHA1 9e2359f22a9b0fb3a091db8e46f4655a4ee00faa
SHA256 269eb44896a51953975032c24e4fc2d6fbd4c9c8f6ac291f3634c57f68b52941
SHA512 a25837b6427bcf64100f16cf1e3930bb5fde6e6ecd54fa29dd2b4057122ad6d75c75fb40fba3b098576fb09522543bcf63cf1390e4d698651cb33cc91e8b85ab

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 eff969d6ae57508da363e78915bc2f38
SHA1 5d610a07243c9ae599756a3d28977292fc35a2c8
SHA256 e17c76b9d12612835023c4722e0a28b7771de190095c1fafd08cc914632335aa
SHA512 5fc451f4d6a3d6e191b19c61baad44462a5403b8189514e9707b4694a315c65315b7c7eaca693c3219971118f5b81cf9ecc1101685ee7b9d2f6d2a63ced4d2fe

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 31dca5f6afc0ecf8f1bc39de72758fd7
SHA1 d70d3526d55a450f899b234e12c2ee11998225f0
SHA256 25b37b209ae7892cf898200ef1f323611e8a33ddc8f4c81958851e62c865aded
SHA512 b4bc90f61249085366d3adead1f3e484c89e8ca274a345a458b6c30e1a9d1ec90dcc58ab6d1037275ecb40c265acf85cc3db1c19724d848c1a5adbd1215e617e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

MD5 dc383e9e6c74e850942427afd83bed1f
SHA1 7372e5ac1761ebcac4246a9bfa0dcf9140430eca
SHA256 86561804e73ff1287a39fcee2d3f08c0c42afc2017496099fd5c3a875b6bb73d
SHA512 676a4375f1617898953e64c74f1b98a104b31afd8936012b6ce3a38554ae83ee85c4b64a80572ef561be18f93d04ad064ec7ba7ed4279cb049d3ce643874b25a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 6d16c286a8a037a9535c2399811d1e31
SHA1 fb569ca108320ac98cf951b8fe2c8576bd706664
SHA256 0e163c004c0d51e363be5e949298949045bbdcb1744295780819667ec3a9af8c
SHA512 81755317aa2b2cc3396f380d22d0e9681665fa52b02e6c8ef15b83f9e235bdeaacc350897587d1060bb62d16bba303883f51d20092c8fbb573ab205d12b7ae4f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 57f16d30f785f2426eb4e66941a8704b
SHA1 f9848b84b9c74ffb0dc80bd3ed9140769bb94252
SHA256 076bf138dbf4cc09814376ad700a0bb39c3dbdfdff7f98acf68d53e31e0d33dc
SHA512 28bee92f7f80d7577484badd9b034a4dcb309d63e3996833d940487cb6bc112cb1c95fac16cd23953b8672173308dc546f5236f549c5a80e41e520b85c7c17b4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 57167dd6c599e9fb314fbcee7343b998
SHA1 7af4960b1a17fbc2c81ae8687b214801e18109fe
SHA256 5906b3c6f295290a31c0c134abed8557ff967aed4b1e11da2f0341258bc9aff9
SHA512 015b5cbc39e3d3e908792cc7cf84cc176aa47989a55830327669e62c86be5e24a789904eafaf8c83bf7afc396b3ab9bae89cec2e187d03c22a5fae2d326f635c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d178635b957c4f16feb3834abf1b21b1
SHA1 2f69855c9247d2c275a7ffd9984dd6196ec379b5
SHA256 33619022ef36af079d3113cb406042ba7f5fc4db8fd25fe5866e4724e1ab64d7
SHA512 ed01ac873d82210d4b494aef3b22ac1520083febaf4f6c4d3e9b74e1e2a45935273b3f4f1fa1b328a726e874a14f6b594324eadfa5eccd8f560f27c0d318a3f7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 5900683d395ee651e19ef1ab9f44c9c7
SHA1 0a570f3e86a2f167126d0ac669722f5993427b17
SHA256 e03bb908a5c63ff3a32f1586b78ad4b440424cdcf0d5545503419ebe7798df16
SHA512 da0b13b667eaa0a5654f7acd41c367ec4517e894f569c173b30fbbba3ea93dbc6aa9cf722f546f5628b940cbc33016e0ca86c0364d4966995cc7ef8127a8781f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 deebbd5e9954b0355853399a49e08607
SHA1 31825afbc0f314c38ae1accc715ff6052200d327
SHA256 ae83929ce500117a9b6805b5e0ee6a2aa1acce8006677232963e1378c2f05634
SHA512 9204e09d8c000897112d4ad00ea711ba30f755c12d012f235539dfb3773ea6818d7928bfd9bae97713a82da4157be99f5fa7cccef122915820fa7ace4a9ae336

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4f509d0f26f6d813f88ba34f49a42608
SHA1 a951750d46e89813079ce7c18b33cf73e853b5d1
SHA256 169dbc5c7b0e589567d131ac58e1340384e78d26d2b7e69083d46db4eeb90891
SHA512 e73aec9f1cc0578dc303c0133a6294d36bab27b7a66ac14fe52468364f86ef6b5c90c7ee370617fbc608dcb7215f700311e0a5f7f7c75e246aa5602bb7221db2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 5da34d1e11d39d8a13800a47dd45ca56
SHA1 4944baa992610bed15c8a4c775d62cf661fa794b
SHA256 92187b19a2bb180fa4fead1f1effa428ff9c322585f8fae5233c04f12a2a156d
SHA512 2da2dcd4e6095f730ca8536a7084b1166e088d4004880eddd833955d7e8a110e3dd662886c081212371a62774e33282598b97f7f2083940c27889ddb5cae559b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 af44dc29aaba3068616d29950181baa0
SHA1 381c08c639ba870c9b7107926fa2810ab722861d
SHA256 44ac447be3ba7d5cc3361b9544b8cb07f11a32f1a5765c7995cfa9d05d2118a2
SHA512 7bc73c6aa66091677ad3639ef47a608bfe3145b6de1257d7e1097728ccc081037bbbaa2327379adf4f0b829bc46d0a8dbdb798613ad4e46d8eb337665ee0c082

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2495588c2c4933763b2b4f6c0bd76cb9
SHA1 ab98f1966737089800d30ff4ff708418d81a376c
SHA256 d94d64d78e42e6428b15790da58f3fc143461e778de7fff304ef9da7f781e347
SHA512 d84ae1e4feb06d7b2ca831160a0f855c18d41f6733f82bafe56c569c7c252dfd9aa8924ee7d99a287e9a09c0a9bd7fbd98bf1f9a429c870d1dd8238a629e87ec

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d6683e5d297f20de521cb1dab910317d
SHA1 9789ac49df6c41670b54997ec29208d8d7166ca1
SHA256 142544a75e8095dcc8a059d74271c6273503c9db2c0619bc74f8a408f1c775cb
SHA512 18430d0b460c107964e2fb866d0a59a478bf04bb0f47f3ed454d9fccc99b8d1b1e53bd086c15493b5edb47005d8782e1c02d77a4f68d9d5185643a5d2a48dfdf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 364f68e014fbd8f1e87ed6f8f8946c39
SHA1 119c3a269ca84b7eca949996a65b5befb2e71ef7
SHA256 d15b369de537e931ecc89c6c157597bf43abf4f092867e4ebc82461fcff1a81c
SHA512 bf5c5c370daca656de8a7daf6476fa64c0dd94bbdbb9ef6fc30ef5ca124af1b2e013629a0b4cef17b4820dd6e605d77c2f570fd4365f5e269599ca95ebca0b41

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3a860f3bdbd31838896e6928e91ff0ac
SHA1 edca48667cea4d713c5346673747d594d00f1154
SHA256 91bd6ab3ad140b5448a793b0a404ab5e7e96b131dc11ee6a761bede8970919ee
SHA512 524e4096d6de00e534d6f966760a5b1a44a5b3a0756ce8cd972e522e30941ac6f5a08ee3947e4f66e69f318abbbff9b01f43c91cbe97cd784dd8a2391bd736ff

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d902e235dff59249f431bd3bd36e5d4e
SHA1 bab291ab61593f70671e574014e5fa40f189e67b
SHA256 96587f51a0299e0b181a65b39e7f79a20be44a5716b59a744b39940728bb5b96
SHA512 43229f9af5cdd38e976d57554e1a45ba928a4c41c0113cf47fa1c3b9e81f0b1809c0f94c5d1f3a21dbe2cc0fa889452204a0795e160d658310f5ce494247522b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 14294b8a24be7425b8363b33871e0bec
SHA1 ce79a6ca3dcef55cc03b9e75a2d927ef0a9e84fe
SHA256 a34f3e9b2e3683e2b5bf92a19e55d258d4d4a84dcf49bb88c0f9787af1882f7b
SHA512 e8970188d2be4ff957b3bdc34f3a9339aac3b7493a43cfa289b2ca999bb6e93db3616001fc1f4892278b0b4235edaf550dd1c0fbbdb0a123093a13f77b66b7e3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5bd9dd07f3e5d5f228cd2d97943d5c2d
SHA1 ad0b277317a71bcc154a630ab1436e5ed28dd860
SHA256 afd680c87c71b9231650b54e820758f3bcd84379657710f27f7713de3bdcd616
SHA512 20a79089b34ebd1f651541b35ac3a838f1564260e8e84eab96231037fea83a3bff108ee8b57931ddc5fa016147501a320e95857d425ac4142511c67699a74947

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c91c20e4142d785f7ef888c639d57a6e
SHA1 fb27c764a7ec67c7f91de1eda1f54c408d103ebe
SHA256 2c088375490c982ff4cee6afa99077892e4b9bac0f8a7c17d1d9c459a45336e7
SHA512 67754276b356e179fa1c13a1a308e12a4e5254dd5845970e606692d540e2b9cbcee1b9141352c97e16bbbf260d716a56d51dcb4d3dbae6400418464bfa6b8cea

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 723df1040008457ec01f89f0b789ea21
SHA1 36d5778c67f1150a10c0c1932c90cc1d67835d19
SHA256 281d1ba94829cc8c0dcf80f225e3773f4299dc52580f5c59c4ca002b548e4a2e
SHA512 85d2b364b657b3e3fcdf9c86b92be475b05c969aa17feb5812f7413b46291ba10b2f764e5ae3022460df56064688b1c0cd7fa7fbab85759822fb0cac0fd8e32d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 843e4430cdaf1e634a3a24e4702c3400
SHA1 b29d56c87d0e18311c0f7d1a3df1b3903fc5a563
SHA256 e71f2c41686fd7c01d4a0c23abab1aa89b8deabde6482d7311279c9edabb0b2f
SHA512 44523bc30612098a4b02dede39f4aa246fc206e090d3491df67af90e7d2d77b794cb51c28991804b328ce4447b8a033e646e96345f65d0958071fd6629c692ec

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ee6b9f3ad93af59331501b2d1ae36d79
SHA1 1f53ceff5382bf22d07f81b969fe822d54b9e671
SHA256 49f8e9036c044db0b87b1144b549ac94d3769f30986f0cfa1f6e0f3a834a6513
SHA512 7245182efb2d83f9e746753aa9427a1d7e1764b8a6022c37d3ec42827fef5918922d2a74a0d6a8b1c4b6683e854eb855e3b5f6fd0f601b73ebf42a371af1cf0b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a03a2f715e0c897845014b7be53865b4
SHA1 e030621e6518ccbcbed7a54caeb45f18d12d23a4
SHA256 7595295ad257847349665556a41f834b68355366aee2aa62251f78fe8455d227
SHA512 914ea8bada790ed2374a2c160da58b69a7aa1c0f2bdbb6997b26e4824e3501f1b4a4b9bd1e5d745904cdf49c53fde958c9915ef98c021e10d56bc165cb8992ff

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5a90828faa64d60cd05b514fd3483a7f
SHA1 a531b06fc2652638eece11df81ed536c0c48af23
SHA256 c4d3607b81c555be7f13707622ba79f6d8443ac520c5927d75f97451ded3f62d
SHA512 14133ef30bc2679a15b1029e5b803dc874b53c21091a9f6a558983645e15d3036effc0fedda624afded84db4441a00ff2eae3bd4254f2e6acf9e0a75c91d1c09

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6f6ee10c86e6bf282c7c7c9985e7a142
SHA1 7f74c565675d8f0a28a3d75acaf23fd3c70d1fae
SHA256 6fa903b5332149505d4d623559b5bc391380bd8a1effa707b760e5b91f2afacb
SHA512 3c877fb3b3aac05198d907a7405f0100c15003eda4cb88c733ff84073ae9c156d737de4f70a0196e0c6b3b4c41dddcb9e9d44a716094df51f4f29e7407e07982

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 41c06e586660f2a4f9faf895d84d7e47
SHA1 e73615fb2078ab29bf7fbab0581d7017a0358597
SHA256 bed69b04158641faf65c1f7581fd98d89255a5e2a8c05bd4b762a51f0f4f0ffd
SHA512 88584dae48cae9d773adbe009d52433a9c1575b7b8f86822df9e9000271c4e52190c70f51ea54fafc412379faca20c662b798510d61f29f555ad2f4579be459e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6ca126255937e845c67d449ab4ddcff3
SHA1 921f4405c1eb1cf17a7015f7ccab0656375f0c39
SHA256 c9a637b855c471d3e4f9df8c0ddda2ef7459718c639d8968cb2e0507dbfb6f17
SHA512 26ea399e7aeafeee4e74d7e942afcdbc6bfbbd9a2f0eea588d4230b9b938cb9214825d6893115eddd1c8ffc0f11d9c7cbfc14c128b3d08dda75454e87766c986

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 bd1cbd0f0d0363bbad51a8978ca0182f
SHA1 f8e0612536c04f76f4e8d6bf5fdc96d457b41cc8
SHA256 9974c1072c48dbff7215b0e1796d35e249ba9c856201fa4161e2996a7fb5cebf
SHA512 788ee9be69f9c4106e3cdb8afd05286ff6a0c8505a26b0330c5ae5b4cfa94c3538599118365fedcf682e498f22c3e22a910668c3535f6d475b565fc3f0cfdd5f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d04552a71da34ad13c0ff748a632a0ec
SHA1 eca671148e0cf1f1290b2b12614b0e00721cabf1
SHA256 f15c6a1134b27aa87d491d68a9c4360a411f9568bf04533f7630ae5995f7070d
SHA512 bd5c81925b36d529d3eb0069d335b6ca3296535133d1a4801840f01bbf6459bf463c67240510c8d9c0a8e5c6fff93b4ed2b07cb732a54928027ddf56c254585f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3f5555ec785c314b442cfde41262103b
SHA1 0b929d26b81d9c565c31487e6cf15b102b74f006
SHA256 7b29fef6ce4dd670e6dc75dafcda4074c3eb1f6d806ef960fc6e54ac38ee075e
SHA512 504d65c14fc1173a4c2041270b00b36f710e2319eeabe3e1aa571edbae28694b25a19a2551ab056184796b51b2aa3e260e91803955f17b9b1e737ffdcb94ecec

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 957f40555d19cdd67936ff4f9ceacea2
SHA1 f7ad01307e03eaadbeb9d1928aceb0f9196f0bdb
SHA256 4976519f5764b37a1d4f4109249f3adab7e644b4fee632c312a25203bd6730bf
SHA512 19a9754bd28525285da8c70e6cabc427509409a6ef2d0c7a86c057e99c6d6faabac725a7e41af15bbd4f96f1e4e4e05f62961ba2c866a7561f800c3e3f5d02e2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4811c2a00c37cb2b2f1ad4cd287a39eb
SHA1 564e8eb8f75a405188f35146a376265206714ec9
SHA256 0cdec21fc1981701d734b938846dd400715e4de64a198bb46934cf450b1493f5
SHA512 ad9ced8afc65b3471d342b24bafd8d6fe049176c43ac45cd29bd52c644c60e16a437277ac97552e3ecf3c8005c3b3ef54b7742556932eae8fe2b51149f22e6b2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 45fec526c08c9dde2b9ea35293954132
SHA1 4883907d04babc14b3cb392583bc18d5a072f325
SHA256 7208c0b005641420fedf6a40241ca795e0f3aff24067e298a76e6bf1257bfa1e
SHA512 400df328e059ca361ad6499fbd4832db152763b00d63cb29671dfbceec7981f8237e44ed1b8005f4dad9d251718347129f43d2e487b6028ed22558b460d6281d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a143db770ad20139e216451aadaf14cb
SHA1 39c7d5f00a93a8c18fb803bbc77fdc759382a560
SHA256 552b9b4244a26108dd8260436f1fa5842691d532e236bf8692ebbdc5ac9ae36d
SHA512 9555a458347cea2aac25efce783cec2c24e9e303f1d674201dc88fc0c55042e26a03f5bb0f188338f2e337a01b24b1e0cd82be11fb97e4e7c75c33430b38fa97

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a3e30736db520097a28d864f78a6d9a0
SHA1 b5f2ac2e1578e834dd831bb2cd0f3c61493b68e9
SHA256 db0beda14d53b81d994156155e1af9b78f7d1e6a818cc9ee2b6e4e0843c1e0e4
SHA512 55c23870ee6fbedb1fb103f8cbe7c5ce4f9822016afc5e2a25693e8b125f2dba2864edf3d2ef93f5ba715f3d5cdf04ece4f079653b8fb003ac62165f14436c9e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d69de679c9c49af0b0f4722f98b9ef55
SHA1 528b848da122124e01065e9323409c8596814e59
SHA256 48a0e3f145c440fb6cb10a5611be16f81c1f9d308c9bcc2558d2fb23010ac161
SHA512 27724fa15e22bdf32c908b096e61682edcbf2aeae451e07a7724ae02d91f57cf0a0d26358e591747fdc42311f5dd29f264a9dfca78f3b8154ed3f46ef7006628

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0d9246f6bd74ff52c5e551d59cd71741
SHA1 c072acdce2c1ab8bbb788f4b74c81e0145a04c37
SHA256 5fbd645ef31ce0e551885fb945523e92d184fa26e17314e77450a2e6182a04e0
SHA512 5ab095484782374f00acf896e43e6049dd66c222cca9bae91693f790cecd82e68935f0ed04414f1d8a0f01dc8a3f90a33349855c582f76051f26cad43ed7fb9e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 977d1378c3c60ad0c95733e62509311e
SHA1 68557f644afb6d371f0b8d4506030d83fc6092a3
SHA256 4d28d844366ccaddea402712fa8262edae620fa55f9dc030b199f4492509c62b
SHA512 3f500c3d874050a90bf4927e67e11f33e0407c14aeb478cdb5eedd7eb3dafceb72f5c5729c9f6b946636b85ce5df1cecf81f68e6ee1eb91c0a41db07662276d8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 afe5d5f19170a75d62b879f2ebfc74d0
SHA1 67140e2dab32a326250674d978fee2a001d41559
SHA256 0a54688bbc923e2808c2057921e633cdfed2bfcb86354d1ff62fe5fe0106777c
SHA512 3b5a9f61f4c866069a646b641443e548a467e902f5cc294d6f5a793ebf254d6056ba47d969dfa1fc62d6888dc0c9f3c9cc98742ed7f4fa3743662644021a22f6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 486d232cba9817f7de31bb151c44b1df
SHA1 64de61a1f0c40361dd8238e573a431555261af22
SHA256 921bcadf6b9356f1e79e616b5bedeff14a701591023ae7fdd0ce49d664ec6190
SHA512 a8faee36d7c4435e8cd65363471e1f3c5dcd186a021d8bf3c241a11abfcb7d68819f13e11f47fb0f27cacbe820f2b6fedbbc9b2079daceb9a96b11f772153936

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f77dcb568b2d3b99028aa112f3b87b2c
SHA1 24dab6551d6767e92bc1327d16342c255fc2a91e
SHA256 8d02c5fb2724d01c0ad0f97291090f1c95bca37b743a7d10c46aab82589278b1
SHA512 08f24acbd27ff981e4dc2d073f60599d178829400a4abcccaccdffe8ed436ae4ec387ee16a275ef648f96bae9f9a78dd897cb3e9e5bf47e938d3847fdadcc3ed

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6467da19fcad053ab4cf523bf582684e
SHA1 3b1069be5c9efb906319a4980e6dc81bd20b2f8a
SHA256 9f0f4c237c29ca689bf956cfbbbb5d63d60dffea018fb85abfd6dafd4ddec484
SHA512 b206a471c9e9821835b0d9495392164d27ca11bafcf1aab9a4c18ef81b7c0988a61b8ee34bd484b5dd78d3f6eb0b0b90ba4e3dc154570962c4685ef5e54650aa

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 973a8061d04890d345afe356aa29a769
SHA1 e356cd544a524d0b24c8cea05b34f4b517ecdeb9
SHA256 4ef5659f6742be90dd353241af4f2e7666e90db09b1f0c239afbdc6967abf22c
SHA512 48c7d9dbad2631f3f1a37f906ceaa508c1b8b7b2369cf00e0b088537bcbf802115ca4bfc22322fac5045d72bba26990c21caea68ea521618aa38f16a2062f5e2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ce5a7eb9c7bb50ab4bcdc5332e552801
SHA1 2f6b1711e8c2807e3eaec8a7c0e7d36939f17709
SHA256 c9eb4e3f70ac4bf011e3c9fb4240eb6f76e6ee12f83c39fe3cc086bfde3ee51d
SHA512 4db7c884391decd84499f80e1ecb7dff442be9e25ac80f5f5c3e744de28365ca9335faf48cafb1a506117914812d6bdfb96421c483d6fd75f32ae1106213e826

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 192fddab4a64e47ed5c7357f755dd1e2
SHA1 3384d9d893891e69ef13ada607ff8831d3281f80
SHA256 02dddfa5e0d1b75304bb83cbe4e63d5fb1d6a10d92014b30a282fdea49c38e02
SHA512 946019d80d9b6c25c6481561d7495feb23c571783c00a42559e68265f56445ef37d904aa44a8cf284434ce11023b7da39eb73af54ed3cc4cda4b660cc72b7ba5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 df40d3740fe5fe1433c41884c95a5df2
SHA1 1a606b70ebe4fc08f9ad0665b51977c374def963
SHA256 355ed82cb14265588df93839cc30cf64404ed65aa1c4f97b6522b7bfa2b24452
SHA512 ecdaa39872466a2f267fed664f20c58fcee447b856068a1a7a400b0b74e74c28d4762880132963090e20964f43b05c2602d91fb2c6a620df20118d4b93bf6551

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a0e9e2c29c0d627f4a70c6a85f0471ff
SHA1 00eccfec6871c99acf4a5a8cb1807bebb10e54d8
SHA256 27ce703419d4bdf3e03763244ba7c58990be5fb999b78e12a1aeb793242a47b1
SHA512 1d38f2a66df6be1c2b71029005c774feb83bd16903410b827e599acd512117d5205cba03ea975df6907e6fed0b248caba2a74ed145081d87abfcd1404cf8f03a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ca69ed828b82cddaf36a25bb25102225
SHA1 4ccb5ff490fcf72c7175839db8c69862b77ac4b0
SHA256 f1179344732c7ac0a2d5d6d514e1c873ff56a3649052c6e7df16b8a5eb969bd9
SHA512 0e959aed74f31c085ea53e80174a3eccb2558241a5105c1042949b747c41438e3346a779c13885c8cae0804d10e20fff8c1ff31126b1724dd9e3a9049db936db

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4b1f73796b0382b6fc4c325642b548e3
SHA1 085a363c677da628149a466bb3592718fa903e03
SHA256 ecb6d11575eed8e23af7d8fb3e03afeab8d35f9dffca5f16d2a6ba0a9e6e7a7a
SHA512 ce804bfe67cac096cbaeb2b4233e8043d681b45b3c66363ce6bc062037c1b39b5769bbadc886560dc1769ff4c85d709834ea6fe8d521a2ec744996371b3e356c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f416bb5887cdef8b6b59bcceb43ae099
SHA1 2e48f960b8de9b54cdb4b4b0ffce3c487e1a3828
SHA256 bbb6b7682203ab763a6a99c26edc8fa7f3ee233ab5d77466ccee45c56232d2c5
SHA512 28c2254e0402e64070b09de35791664a1c23c737b67a9ca73fee8c4e836c3c27a43384f545d460615f0260964a4186c54bf4aae6ebbc45dbc41f9a99e841bf51

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 29267f135c654b9e25319e5f82cf2d73
SHA1 496e8c127db3a8fc11fcbf5d591884e47d223aaf
SHA256 2c3e20ee0a302de7fd992df49e73bcdcb2ade3d15c99fbe2619ce95f86398551
SHA512 71b156c6e3e245c0a427750453e4594e5a2c1aa2259d65c15a95eb511c55caf9b5d5c901a2461da0fe2a0bd87d5f50ab70aa52054a936511a2ed3b924e938549

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 64efd712fadd9ff79d7b3d2abca564ca
SHA1 53044923415d6d5b62b819ff17ea18337dc20727
SHA256 98813ec41f896b7fb6adf42d42684fcf21ca9f8401ce10d1d304570e706e871d
SHA512 9e38284f1935537c2868148ce3a471f9ac8d6e3c84f9a344a69834610ee6d9e5ddf12a0607a149c83a915dbbb750b3114b19cb28999327d38f16edac6f58f598

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 917e66bd772299d1dcd3b62d6d49058d
SHA1 6035a747ba11bdd2ba1c906f8d66a8b66688cb5d
SHA256 6694cef92d302d8da38d94ad66fdb678d781f99591f938c2db9f9c764f621d82
SHA512 bd968b29a352da060de0c41e64e2efd0c738a44e3e464df73e523df9f4a94da01135f9ba1c89f08519386863543fe5c6f48f9b4966abd080ef8795b6c0a86b11

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b55723d54d1182b36f6d578c61a3e8cc
SHA1 97e5d8be6d722aa7acefd7a39eccdb467ff5fb78
SHA256 8bf6e69c8abd54353b56c428a53466b0b75447380f790cb950ef587cc9961521
SHA512 d128bebe134101ddb0fb27fdb341eacd1b0ec4dcdb8c2a1588c3d6bb56becc39d9230eeb0ad43334d1d2b5792d1e03327af8b6dec5e29d5f26085751057b94a1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 116a43f38c04b930c37d28d2879c1567
SHA1 ad30fe4d0550f64b0b8b0f72310712591fd0d9dc
SHA256 1e5600ce1a825c661ce578078a318385afa838c7cfd655961a366be77f028d1a
SHA512 0b0b1fa7e831175a8ec5be38e131fa8405a1cdab3d6debf28c3beabe5a8923d3b6a048b3b7911b5861c455b5a5581b71e0c4b90ef88c770a07b0040cb3bba12c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9a0efb73bf63bd4ac415ab70e17fd774
SHA1 0766c28b4d3066a8f52cf99c9634d31e4741e8da
SHA256 d0733b34cb48347a5ce0eb383ae66d9ab1b56e7f4f0c7c34565789d7c7d56bc5
SHA512 8d4a2b2b7663cf1a0bee384975c6b0104808b37f2bbf57c1f46e20d6dc420b1a2d65641e6379900743750a5e37de6696cfbcb767d650a00a01cde29100268eed

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c5f988247d5366a4065e7c4f9cdb4011
SHA1 4b3857230f76bba1f4f1b24790ccc4599947d19b
SHA256 80f429bd9362b1696506f935c1a5e41e8863232689dd82cff83cfed303203edb
SHA512 dd025e3c266376fae40a9c02db34a34c73e3d489885d15ee16decf193e153e2aabd595442fd68ec99834f2bcf9c6dc4c51de849f65d25376411402e577c65c7d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c3aba1926c3d18ecf98e0a0bc7967823
SHA1 842d9139821a5b5987d3f0c642e479d55c4d3ba9
SHA256 998ebfc740089be3ddee64cc706896816e5318ff237373e3d14f183977f81ea7
SHA512 5abb602cb40a05aef4c5a59d5328e4fac7eb68a06254d83d3e0445aac3fae71b6024188f4dd304a48e28d97414ed61ec1408e1b2fec1954509631c6cc5b85b03

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3bef5f4f9e4e8831a96350d8feae1054
SHA1 bcb9c81a92651a21792cbfbcb97b6b4944f9fee8
SHA256 2cfc46a6ddc1c5231fde7e114323417f1da6d247efe35a62e73d5913035cd0c5
SHA512 545cecd0bc2092aa14efb3d69a8ca4499edab5d6e1d35ee9689a353aa66117cc282c6714ddfc146489be02908ba6ab18239c159dd6afcc2fe2fc0768d46f73e7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6788c43f0e8e5efdd0e849d65cc8e85a
SHA1 2b7c7f1dc09eb04e9ec24df643d46fe985fdf06c
SHA256 2c4aab470275e650ca42fdec495d0bb0328ef601a23ffb0bacb26d10e55a237f
SHA512 0cd9d3d71298cf4c60ee32e4820e0bfed05fb6390f57a62450be27b9df983bfbb01a1bd2cd32f39361172c4a8c57b0c67e7272c5a91235a982dea32e0b4ce7ff

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 01a01eb82b5f912cf0cbd93514157557
SHA1 6234f5a305bfe253090a42bcbfcc8904e30b2ed1
SHA256 fd327e29a6a6ec0bd0b1d012110242127729eadf1c4114f91ad4192b3859bf04
SHA512 532a74dd6c685787e2d06b67711598f8cf4b2625f3a3289744a293ce8b7e89c600f5df953d1681fe6d4200a756f79bd4b9ee5f3b2f23bc62b9ab7f56f83af769

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 89cb785b561ac5c7281d01a561825679
SHA1 9e981fddd8ca1e1e4df396016282f1ee768ad4da
SHA256 64f7145dbf7761cf980eafd46d30932caede835f2f4dbf004da39ff4b9502636
SHA512 96296774b1498e9dac9c0bfeda1da6b9cc0a2fa3a3c30c760a0cb1787cb3dc612f0a40a1d3399c8b4edef3a12111757b680477feb356eaff9b6ef572ef04f22e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 21b4b54f3eff60cff40e1f2d3b5c0f9b
SHA1 bfcb3678ec250ebc6c87d2a941f4221285394bde
SHA256 271812dd5dc4256b33c79302e19d016f46ac16b5145a397e0aa416cdb24e74f7
SHA512 38fe58dc05ffa311c0a2917bb88403bc8c37687733bbef63cee04a7751671475ebdc7d79a41c051e8274b27193c49ba3746b5a2f47ff5ba0cbdbea52793d80ca

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0378ff30eb7bcc788bbd23c94320e67f
SHA1 6e4972dca1030a43b97af5d5828339b07318f4ba
SHA256 5cdeb056a64522e9f69959020151ba20380089b57e4bc504ba40264c142daf4f
SHA512 2b03685bd504e80b04bd55802f4dbbcace50a714d2462e995b376ab97b270e847b6b6cb7aad760c2d64159a47982157d60f7d93e5ba3cc49dfd17e48bd9375b5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c1d366f90b7be297ff118acba26223c8
SHA1 9bb42ccd1e9cf4a490d9e75aa6be1741619d2a33
SHA256 1b84841dd78947a9eb86c72dcb1e7a6f3d51fb830619a21115fc05917c03309c
SHA512 794981dfdfe12f21d14e8367fb6a314313d71d6099c74780d8fb8148eb7c2a155596b6ff53ee3f0f853f1b6668e1b101c54ad7cd584f18118a2325eca54fe7fc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2ae300b41ee0e600b921eae17f12ccdd
SHA1 5f71dd47b4a3cb62acecf8738e28b3b9d9cd16df
SHA256 b3771d54579f1bd9591fe7f9e663996770433f15d0e90a5ac167888a29a4e2a1
SHA512 9c6640d1c6a2489fd305cb2ad214fd0fe723894d38cdb7cc2971976ee083a9d1d56bd7257e7cc49a8d5dc71f2a127d663b17abb4ba808291ad55b90f651041e6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3ee2f4f9c9b74d179c59097f562b6180
SHA1 03992c18452f8c46a13e3db58b73629e3a759952
SHA256 dcca3481d78948f9310ce1e0d002169bdb242fe2d1a40983dfdb24d3b3e3b439
SHA512 14edcf3b31095bef38aa76b8acca832cfd35bac884463c4fafb3985ade7003f2eedf9a6298f77e117cd746c7abb0478c1a89bcf886efef52e25c4818ee28ce32

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d094f622bb3841d92c508373c36d1456
SHA1 b76a81f8f5fa730b3e4c7330ef2718aad83b5bf8
SHA256 a2ce8d53bdf5c929f02d256e7ca43c3b6e211abcb1ead2fc4513700291e87de5
SHA512 42ba8c7f529ea42c0746b5941851ea088abf1220547a5be152c2e047042af2396b735086d1c89e900531a043f5ba49049f970bf82a99d8978bcad723644c47a7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 04e01cf9d7520407667610a9db90d882
SHA1 2c301942da4809c1b7867c381745c607c3e40f86
SHA256 e854e49d435e9b6a8d145b0f39e8891d4315b8bbf92b318593dc59d5941afdfe
SHA512 1659a74428253ab37f6a76296e65f0b05dd06ec95ce0e2cc856fdd263b1b9376eed20c24a76b7b0ed6ecdfb7fa4167a44d149d99fa3370e49313de5be9cf65ba

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 16a54917ca7a7d62f97ff23673684795
SHA1 f88db77a28b097807e76fb53fd99bbe981978b52
SHA256 acc0ef0e57c7f0499e4995657b379fe0232dbacfb51c48fefe89948ca01d6926
SHA512 66503b05276b2df34b50202613e07683d059a2d9e1dc0d12a8d66fc2d687348bf23744a529766092b59099702527eff74e67b11b7d76db23b89285d6c0a39012

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1681ea88ed9b403019ccc0a4a4010850
SHA1 e80fb0cba9c77f42bb2e9537427ec7254e8270cf
SHA256 5b81975ba71f17c319255f601bc04f6f1c5c28d5385655faa9c2e29768a5b862
SHA512 95401f29bd54a87f572d71784721c33aaa96feb6ec63a5603895056b18b84a54f9d9abb0fc9fa046ea385c4d780631ebe52253827beff38c540897073b5b9451

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 eaef3fb50aafda10d0177f2d92538a30
SHA1 1fb2f0d821fe13b4ebc2edf02f9691a5410bbc73
SHA256 edafd68a27e5e420213c9ef4f4775e9722452318a15a148ae6bc418689f7c342
SHA512 97c5bd4172dc47580b0732fef51211a26e506f0cf6b69960b480bc2825e1fd11488aaf4e805fee73428bf711be0df1a911b7318a04b8995510210c9a228aa6e7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1c34debbf27469f92f6c7e8ee5895827
SHA1 da8db1c544cf497e8f1a8d73c3a344b7aff8051e
SHA256 0fe669584e63aa924548942678d3886de0e244806adfeb4654ebb8bd13cc8382
SHA512 d068a86e356f44c52db9863806e452c4a78340aa3b21f37ac1727f7a7469b11557a1a8310943d99337c7983fa2490c2abd1a5bba2e31f7b201dba70916ce5ad0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b8dee2ea530462fcba46cfd222ef2c30
SHA1 a1355a3de2c6e03f09f6bafa2f18f3826a490a4e
SHA256 ac33d9d28f3c226fe718c450bf1f0446ab3b2b75c4a04cfe48dca79f6c745316
SHA512 5af5f21bea7b8a24b38bf7b8b35dbad8507ecf8e665b276c12bf969d5ecae492017296e1f8b438908d82e22af6586d9dcff9546c1837a2b07fb96a0e2891d983

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 cb0672132f79e68a303efb6ae9f783d0
SHA1 ec16c36103707dc143467182ffad8219b9c6f6c7
SHA256 131cd2b61eda4e72526812789d0d607c859b6ac3613601d5275c7208435e9ed5
SHA512 cfc603b5c634ee1d94192b7f23901e98f0a4ee84de3c5b47330ae655d9e9321f6e7b9355c2194d30027866651c93252a7794cfa581d4e9b2e96bb353cf1d1d7e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8fe6e4208b3fe3b03189f0991a033944
SHA1 0f59803b297b05ad20e24594a7ef87e3c294a24d
SHA256 954bbe46780364f2dc558497196c337f341fd340481c063d8cc312ccc2b70918
SHA512 aa4890f2e7f64bc1fdce43ce26c6d88ee79ae32af1ee0423599bf6f59b438fe2d22d6328fa5d35c0de522d75ba388f4249100e40d95a939bf5193e1d3b33d7e4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4af815ffac59787d0ceff3f794965e4b
SHA1 afc79d16495790e29067af3c6539ce58856e566b
SHA256 b27c369959757a86c136d5596adeb68b9f8514de5405c6b18614dd7425448ef3
SHA512 59cbebe34e38cfdd165c9876bd6d806ecfa9c3f2a5d3e666b29be55dd5a05cd08c8af6a1227b5dd2c4db4709c9716b2ef9c22265a073815008c840d028f398d9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9d344193a91b7b416721c2a236693197
SHA1 8d642dfa32c3256a0ff5a0ccda72275ea76d0b63
SHA256 00aea7a5b818aa3b9ad8869fcd5b887e52486616554bce070e084bb03018a0d3
SHA512 7325c821d9c90c1b1809d343508672acd2eca8cffbb993566e2299235b949ccac4e6ce6632ead8cb4cfa508274febc30789a0e61797c98bf77a617da7b52f0ec

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 330595f9d46a7f6288c1fdf122422c0f
SHA1 d68fb8ca7a2a8bb642f619613009ca80dfdc49c8
SHA256 26749f60999c5594e7cec1524042443bce4ae86d30a106ed82a269368f500ab0
SHA512 1301154bec3869e7226c10599d217041e54007e989785b341fa24bd9e767dd67d962bbd93718bd94c821c689a8e738de5afabcee48d3ce9486c86ec3f55547e9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3f9cbf98a4703a29909d9a9b8f95b400
SHA1 1b5b9244acd5a827b10c6a7a0dc3560fa8d49cf8
SHA256 38af3012dac2862997e6caed693e85dc547d56903ba58cb031ce7b65585b9db4
SHA512 4cab9922a4d9784c3430dc23e2075e69b974fe4e59738152a005721dda2948d403c8a2a38b3d19cce6787f3c7e057fd41d34ea77f633321eef76934202c3a936

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ec62a44ac5d19f1eb4e0feb08636cbf1
SHA1 47018ab7f94f4ffc51113829ed20112a9ebdf094
SHA256 a053dcfcc8a86cf930dac7c4007de2a9c2363aeef4de83c78ebb3ca8718d1bcf
SHA512 b32feccd20ab4a6aa3440eb5254f456ef94c7c80e60047648864f0a92931d3436aec2bc13f379953aecd53378ead0944b3d2b4f04d8c09ada931adfbf69f347f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4b613afc227b96126eadd53650ee4ab6
SHA1 bbbf924681ef76f8f87377bbfd8f5673dd3b8985
SHA256 c0d7a330b309c3558ba8700d5219712e519652e59696e2f83c7ef2083e90456d
SHA512 88d9f8b5d0128c8a43e57781d92602371634fc68980fae92e09e80d359c2a3cf33cd9cd5800508db686262a6e3fb495ed28dbc16342992a2e85923ec5c2b302b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 28eb8d2d413a95a0a5b9173a4bd75aea
SHA1 19818af37e1364e4384c45567738d670111468dd
SHA256 873b9c3a72f11a271001e63e47291e7a705229232a32ec087d12006de586e903
SHA512 d4a9671c2724755982368a9743879b0a8f811ba8f442d4f32f4d2ced897ee8eea01814b76f629b6f1fd61b460fbe76e8a0fe4b60447ec6201e10ec419b2fa38e