Analysis Overview
SHA256
b029393ea7b7cf644fb1c9f984f57c1980077562ee2e15d0ffd049c4c48098d3
Threat Level: Known bad
The file desktop.ini was found to be: Known bad.
Malicious Activity Summary
UAC bypass
Disables RegEdit via registry modification
Downloads MZ/PE file
Disables Task Manager via registry modification
Boot or Logon Autostart Execution: Active Setup
Drops startup file
Executes dropped EXE
Writes to the Master Boot Record (MBR)
Checks whether UAC is enabled
Legitimate hosting services abused for malware hosting/C2
Enumerates connected drives
Drops file in Windows directory
Subvert Trust Controls: Mark-of-the-Web Bypass
Enumerates physical storage devices
Browser Information Discovery
Modifies registry class
Checks SCSI registry key(s)
Suspicious use of SendNotifyMessage
Modifies Internet Explorer settings
System policy modification
Suspicious use of FindShellTrayWindow
Suspicious behavior: EnumeratesProcesses
Uses Task Scheduler COM API
NTFS ADS
Modifies data under HKEY_USERS
Suspicious use of WriteProcessMemory
Kills process with taskkill
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Enumerates system info in registry
Suspicious behavior: GetForegroundWindowSpam
Suspicious use of AdjustPrivilegeToken
Suspicious use of SetWindowsHookEx
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-11-09 22:24
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-11-09 22:24
Reported
2024-11-09 22:33
Platform
win11-20241007-en
Max time kernel
470s
Max time network
435s
Command Line
Signatures
UAC bypass
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA = "0" | C:\Users\Admin\Downloads\SOCIAL CREDIT TEST.exe | N/A |
Boot or Logon Autostart Execution: Active Setup
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000\Software\Microsoft\Active Setup\Installed Components | C:\Windows\explorer.exe | N/A |
Disables RegEdit via registry modification
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools = "1" | C:\Users\Admin\Downloads\SOCIAL CREDIT TEST.exe | N/A |
Disables Task Manager via registry modification
Downloads MZ/PE file
Drops startup file
| Description | Indicator | Process | Target |
| File created | C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\startup.exe | C:\Users\Admin\Downloads\SOCIAL CREDIT TEST.exe | N/A |
| File opened for modification | C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\startup.exe | C:\Users\Admin\Downloads\SOCIAL CREDIT TEST.exe | N/A |
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\SOCIAL CREDIT TEST.exe | N/A |
Checks whether UAC is enabled
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\Downloads\SOCIAL CREDIT TEST.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA = "0" | C:\Users\Admin\Downloads\SOCIAL CREDIT TEST.exe | N/A |
Enumerates connected drives
| Description | Indicator | Process | Target |
| File opened (read-only) | \??\D: | C:\Windows\explorer.exe | N/A |
| File opened (read-only) | \??\F: | C:\Windows\explorer.exe | N/A |
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | camo.githubusercontent.com | N/A | N/A |
| N/A | camo.githubusercontent.com | N/A | N/A |
| N/A | camo.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | camo.githubusercontent.com | N/A | N/A |
| N/A | camo.githubusercontent.com | N/A | N/A |
| N/A | camo.githubusercontent.com | N/A | N/A |
| N/A | camo.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
Writes to the Master Boot Record (MBR)
| Description | Indicator | Process | Target |
| File opened for modification | \??\PhysicalDrive0 | C:\Users\Admin\Downloads\SOCIAL CREDIT TEST.exe | N/A |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\SystemTemp | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| File created | C:\Windows\xina.exe | C:\Users\Admin\Downloads\SOCIAL CREDIT TEST.exe | N/A |
| File opened for modification | C:\Windows\xina.exe | C:\Users\Admin\Downloads\SOCIAL CREDIT TEST.exe | N/A |
| File created | C:\Windows\xina.exe\:Zone.Identifier:$DATA | C:\Users\Admin\Downloads\SOCIAL CREDIT TEST.exe | N/A |
Subvert Trust Controls: Mark-of-the-Web Bypass
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\SOCIAL CREDIT TEST.exe:Zone.Identifier | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Browser Information Discovery
Enumerates physical storage devices
Checks SCSI registry key(s)
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{51236583-0c4a-4fe8-b81f-166aec13f510}\007A | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006 | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{51236583-0c4a-4fe8-b81f-166aec13f510}\0064 | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{78c34fc8-104a-4aca-9ea4-524d52996e57}\005A | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000 | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{51236583-0c4a-4fe8-b81f-166aec13f510}\007A | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{540b947e-8b40-45bc-a8a2-6a0b894cbda2}\0009 | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A | C:\Windows\explorer.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\FriendlyName | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{a45c254e-df1c-4efd-8020-67d146a850e0}\0011 | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006 | C:\Windows\explorer.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\FriendlyName | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{78c34fc8-104a-4aca-9ea4-524d52996e57}\005A | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{540b947e-8b40-45bc-a8a2-6a0b894cbda2}\0009 | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{51236583-0c4a-4fe8-b81f-166aec13f510}\0064 | C:\Windows\explorer.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\ConfigFlags | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{8c7ed206-3f8a-4827-b3ab-ae9e1faefc6c}\0004 | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{78c34fc8-104a-4aca-9ea4-524d52996e57}\005A | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{8c7ed206-3f8a-4827-b3ab-ae9e1faefc6c}\0004 | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{afd97640-86a3-4210-b67c-289c41aabe55}\0003 | C:\Windows\explorer.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Capabilities | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{259abffc-50a7-47ce-af08-68c9a7d73366}\000C | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{afd97640-86a3-4210-b67c-289c41aabe55}\0002 | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{51236583-0c4a-4fe8-b81f-166aec13f510}\0064 | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{78c34fc8-104a-4aca-9ea4-524d52996e57}\005A | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{259abffc-50a7-47ce-af08-68c9a7d73366}\000C | C:\Windows\explorer.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Capabilities | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{afd97640-86a3-4210-b67c-289c41aabe55}\0003 | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{259abffc-50a7-47ce-af08-68c9a7d73366}\000C | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006 | C:\Windows\explorer.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\HardwareID | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001 | C:\Windows\explorer.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Capabilities | C:\Windows\explorer.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Capabilities | C:\Windows\explorer.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\HardwareID | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{afd97640-86a3-4210-b67c-289c41aabe55}\0002 | C:\Windows\explorer.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\HardwareID | C:\Windows\explorer.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\FriendlyName | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{540b947e-8b40-45bc-a8a2-6a0b894cbda2}\0009 | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{8c7ed206-3f8a-4827-b3ab-ae9e1faefc6c}\0004 | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{51236583-0c4a-4fe8-b81f-166aec13f510}\007A | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002 | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006 | C:\Windows\explorer.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\HardwareID | C:\Windows\explorer.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\ConfigFlags | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{259abffc-50a7-47ce-af08-68c9a7d73366}\000C | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A | C:\Windows\explorer.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\FriendlyName | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000 | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{a45c254e-df1c-4efd-8020-67d146a850e0}\0011 | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{8c7ed206-3f8a-4827-b3ab-ae9e1faefc6c}\0002 | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{540b947e-8b40-45bc-a8a2-6a0b894cbda2}\0009 | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{51236583-0c4a-4fe8-b81f-166aec13f510}\0064 | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{8c7ed206-3f8a-4827-b3ab-ae9e1faefc6c}\0002 | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{51236583-0c4a-4fe8-b81f-166aec13f510}\007A | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{8c7ed206-3f8a-4827-b3ab-ae9e1faefc6c}\0004 | C:\Windows\explorer.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemSKU | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe | N/A |
Kills process with taskkill
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\System32\taskkill.exe | N/A |
| N/A | N/A | C:\Windows\System32\taskkill.exe | N/A |
| N/A | N/A | C:\Windows\System32\taskkill.exe | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000\Software\Microsoft\Internet Explorer\GPU | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133756647148222474" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Internet Explorer\DOMStorage\www.bing.com\ = "165" | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU | C:\Windows\explorer.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 0100000000000000ffffffff | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Internet Explorer\DOMStorage\www.bing.com | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Internet Explorer\EdpDomStorage\Total | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Internet Explorer\DOMStorage\www.bing.com\ = "7424" | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Internet Explorer\DOMStorage\Total\ = "13486" | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000_Classes\Local Settings | C:\Windows\system32\OpenWith.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Internet Explorer\DOMStorage\Total | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Internet Explorer\DOMStorage\www.bing.com\ = "13959" | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\TrayNotify\IconStreams = 140000000700000001000100050000001400000050003a005c00480066007200650066005c004e0071007a00760061005c004e006300630051006e0067006e005c005900620070006e0079005c005a00760070006500620066006200730067005c00420061007200510065007600690072005c00420061007200510065007600690072002e0072006b00720000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f50100000000000000000000e8070a00420061007200510065007600690072000a0041006200670020006600760074006100720071002000760061000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000003c384f78b218db0100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000007b005300330038004f0053003400300034002d0031005100340033002d0034003200530032002d0039003300300035002d00360037005100520030004f003200380053005000320033007d005c0072006b006300790062006500720065002e0072006b00720000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000e8070a00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff75ae2078e323294282c1e41cb67d5b9c000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030000007b005300330038004f0053003400300034002d0031005100340033002d0034003200530032002d0039003300300035002d00360037005100520030004f003200380053005000320033007d005c0072006b006300790062006500720065002e0072006b00720000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000e8070a00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff81ae2078e323294282c1e41cb67d5b9c000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000007b005300330038004f0053003400300034002d0031005100340033002d0034003200530032002d0039003300300035002d00360037005100520030004f003200380053005000320033007d005c0072006b006300790062006500720065002e0072006b00720000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000e8070a00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff82ae2078e323294282c1e41cb67d5b9c000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000007b005300330038004f0053003400300034002d0031005100340033002d0034003200530032002d0039003300300035002d00360037005100520030004f003200380053005000320033007d005c0072006b006300790062006500720065002e0072006b00720000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000e8070a00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff83ae2078e323294282c1e41cb67d5b9c00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Internet Explorer\EdpDomStorage\bing.com | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Internet Explorer\DOMStorage\bing.com\Total = "132" | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Internet Explorer\DOMStorage\Total\ = "1132" | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Internet Explorer\DOMStorage\Total\ = "14926" | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1f3427c8-5c10-4210-aa03-2ee45287d668}\Instance\ | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Internet Explorer\DOMStorage | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Internet Explorer\DomStorageState | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Internet Explorer\EdpDomStorage\www.bing.com | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Internet Explorer\DOMStorage\bing.com\Total = "13959" | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Internet Explorer\DOMStorage\www.bing.com\ = "12519" | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000_Classes\Local Settings | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4336a54d-038b-4685-ab02-99bb52d3fb8b}\Instance\ | C:\Windows\explorer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Internet Settings\Cache\Content\CachePrefix | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Internet Explorer\DOMStorage\Total\ = "1099" | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Internet Settings\Cache\Cookies\CachePrefix = "Cookie:" | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\TrayNotify\UserStartTime = "133727767258620983" | C:\Windows\explorer.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Internet Explorer\DOMStorage\Total\ = "8391" | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Internet Explorer\DOMStorage\bing.com\Total = "7424" | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Internet Explorer\DOMStorage\bing.com\Total = "12519" | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000_Classes\Local Settings | C:\Windows\system32\cmd.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-4249425805-3408538557-1766626484-1000\{5CD9EDFB-71F3-408E-BFF5-EA7EC80B4C28} | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\Instance\ | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Internet Explorer\EdpDomStorage | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\TrayNotify\PastIconsStream = 1400000005000000010001000200000014000000494c200602000400440010001000ffffffff2110ffffffffffffffff424d360000000000000036000000280000001000000040000000010020000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000a00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000ff00000060000000000000000000000020000000b0000000ff000000ff000000ff000000ff000000ff000000ff000000ff000000ff000000ff000000ff00000060000000200000000000000020000000f00d0d0df09d9d9dffc8c8c8ffe5e5e5ffe5e5e5ffe5e5e5ffe5e5e5ffe5e5e5ff8f8f8fff000000ff000000603f3f3f66000000ff00000060000000900a0a0af0c0c0c0ffe5e5e5ffe5e5e5ffe5e5e5ffe5e5e5ffe5e5e5ffe5e5e5ff8f8f8fff000000ff0000006056565660e2e2e2ff474747eb000000d0000000e04c4c4cee999999ff939393eeb1b1b1f0e0e0e0ffe5e5e5ffe5e5e5ff8f8f8fff000000ff0000006056565660c8c8c8f7adadadf6858585ff000000ff000000ff737373ff999999ff999999ff999999ff999999ffa0a0a0e8868686ff000000ff000000606d6d6d88aaaaaaebb2b2b2ffb2b2b2ff7a7a7aff000000ff000000ff696969ff999999ff999999ff999999ff999999ff5f5f5fff000000ff0000006045454571b2b2b2ffb2b2b2ffb2b2b2ffa7a7a7ff1b1b1be8000000c0000000b0080808f08f8f8fff999999ff999999ff5f5f5fff000000ff00000060303030607f7f7fff7b7b7bf67e7e7ee2525252e20a0a0af0000000f00000003000000020000000f0101010eb5a5a5af6505050ff000000ff00000060303030607f7f7fff7f7f7fff7f7f7fff676767ff000000ff000000b000000020000000000000000000000020000000b0000000ff000000ff00000060303030607f7f7fff7f7f7fff7f7f7fff777777ff080808f0000000d0000000000000000000000000000000000000000000000060000000ff00000060000000602c2c2ceb5f5f5fff5f5f5fff3f3f3fee080808f0000000f0000000300000000000000000000000000000000000000000000000a0000000600000000000000050000000b0000000f0000000ff000000f0000000a000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000a00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000ff00000060000000000000000000000020000000b0000000ff000000ff000000ff000000ff000000ff000000ff000000ff000000ff000000ff000000ff00000060000000200000000000000020000000f00d0d0df09d9d9dffc8c8c8ffe5e5e5ffe5e5e5ffe5e5e5ffe5e5e5ffe5e5e5ff8f8f8fff000000ff000000603f3f3f66000000ff00000060000000900a0a0af0c0c0c0ffe5e5e5ffe5e5e5ffe5e5e5ffe5e5e5ffe5e5e5ffe5e5e5ff8f8f8fff000000ff0000006056565660e2e2e2ff474747eb000000d0000000e04c4c4cee999999ff939393eeb1b1b1f0e0e0e0ffe5e5e5ffe5e5e5ff8f8f8fff000000ff0000006056565660c8c8c8f7adadadf6858585ff000000ff000000ff737373ff999999ff999999ff999999ff999999ffa0a0a0e8868686ff000000ff000000606d6d6d88aaaaaaebb2b2b2ffb2b2b2ff7a7a7aff000000ff000000ff696969ff999999ff999999ff999999ff999999ff5f5f5fff000000ff0000006045454571b2b2b2ffb2b2b2ffb2b2b2ffa7a7a7ff1b1b1be8000000c0000000b0080808f08f8f8fff999999ff999999ff5f5f5fff000000ff00000060303030607f7f7fff7b7b7bf67e7e7ee2525252e20a0a0af0000000f00000003000000020000000f0101010eb5a5a5af6505050ff000000ff00000060303030607f7f7fff7f7f7fff7f7f7fff676767ff000000ff000000b000000020000000000000000000000020000000b0000000ff000000ff00000060303030607f7f7fff7f7f7fff7f7f7fff777777ff080808f0000000d0000000000000000000000000000000000000000000000060000000ff00000060000000602c2c2ceb5f5f5fff5f5f5fff3f3f3fee080808f0000000f0000000300000000000000000000000000000000000000000000000a0000000600000000000000050000000b0000000f0000000ff000000f0000000a000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000424d3e000000000000003e0000002800000010000000400000000100010000000000000100000000000000000000000000000000000000000000ffffff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffff0000fff90000fff10000800100000000000000000000000000000000000000000000000000000001000080070000c0070000c80f0000ffff0000ffff0000ffff0000fff90000fff10000800100000000000000000000000000000000000000000000000000000001000080070000c0070000c80f0000ffff0000ffff000000000000000000000000000000000000000000000000010000000800000002000000040000002400000001000000000000000100000000000000 | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell | C:\Windows\explorer.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 0202 | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000_Classes\Local Settings\MuiCache | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Internet Explorer\DOMStorage\www.bing.com\ = "132" | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Internet Explorer\DOMStorage\bing.com\Total = "165" | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\TrayNotify | C:\Windows\explorer.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\SystemAppData\Microsoft.Windows.PeopleExperienceHost_cw5n1h2txyewy\ApplicationFrame\Microsoft.Windows.PeopleExperienceHo = 6801000088020000 | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000_Classes\Local Settings\MuiCache | C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Internet Settings\Cache\History\CachePrefix = "Visited:" | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4249425805-3408538557-1766626484-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Internet Explorer\DOMStorage\bing.com | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\SOCIAL CREDIT TEST.exe:Zone.Identifier | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| File created | C:\Windows\xina.exe\:Zone.Identifier:$DATA | C:\Users\Admin\Downloads\SOCIAL CREDIT TEST.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\explorer.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\OpenWith.exe | N/A |
| N/A | N/A | C:\Windows\explorer.exe | N/A |
| N/A | N/A | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe | N/A |
| N/A | N/A | C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe | N/A |
| N/A | N/A | C:\Windows\explorer.exe | N/A |
Suspicious use of WriteProcessMemory
System policy modification
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\FilterAdministratorToken = "1" | C:\Users\Admin\Downloads\SOCIAL CREDIT TEST.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA = "0" | C:\Users\Admin\Downloads\SOCIAL CREDIT TEST.exe | N/A |
Uses Task Scheduler COM API
Processes
C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\desktop.ini
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc3d82cc40,0x7ffc3d82cc4c,0x7ffc3d82cc58
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1792,i,371491284925625927,18028582815113889492,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1780 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2032,i,371491284925625927,18028582815113889492,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2096 /prefetch:3
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2176,i,371491284925625927,18028582815113889492,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2188 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3080,i,371491284925625927,18028582815113889492,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3248 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3148,i,371491284925625927,18028582815113889492,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3288 /prefetch:1
C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3768,i,371491284925625927,18028582815113889492,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4476 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4644,i,371491284925625927,18028582815113889492,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4632 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4484,i,371491284925625927,18028582815113889492,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4424 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4408,i,371491284925625927,18028582815113889492,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5080 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4836,i,371491284925625927,18028582815113889492,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4824 /prefetch:8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5084,i,371491284925625927,18028582815113889492,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5092 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5260,i,371491284925625927,18028582815113889492,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5256 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5076,i,371491284925625927,18028582815113889492,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5096 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5092,i,371491284925625927,18028582815113889492,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5280 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=5700,i,371491284925625927,18028582815113889492,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4632 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=4444,i,371491284925625927,18028582815113889492,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5368 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=3468,i,371491284925625927,18028582815113889492,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4604 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=5632,i,371491284925625927,18028582815113889492,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5668 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=3280,i,371491284925625927,18028582815113889492,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3340 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5380,i,371491284925625927,18028582815113889492,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5560 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=4304,i,371491284925625927,18028582815113889492,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5540 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=4500,i,371491284925625927,18028582815113889492,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5828 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5716,i,371491284925625927,18028582815113889492,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5964 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=3328,i,371491284925625927,18028582815113889492,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5996 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=5520,i,371491284925625927,18028582815113889492,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3844 /prefetch:8
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Users\Admin\Downloads\SOCIAL CREDIT TEST.exe
"C:\Users\Admin\Downloads\SOCIAL CREDIT TEST.exe"
C:\Windows\System32\taskkill.exe
"C:\Windows\System32\taskkill.exe" /f /im explorer.exe
C:\Windows\explorer.exe
"C:\Windows\explorer.exe"
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x00000000000004AC 0x00000000000004D0
C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
"C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe" -ServerName:App.AppXywbrabmsek0gm3tkwpr5kwzbs55tkqay.mca
C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe
"C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe" -ServerName:CortanaUI.AppXstmwaab17q5s3y22tp6apqz7a45vwv65.mca
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --field-trial-handle=5364,i,371491284925625927,18028582815113889492,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5224 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --field-trial-handle=5876,i,371491284925625927,18028582815113889492,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5916 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5884,i,371491284925625927,18028582815113889492,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5880 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5952,i,371491284925625927,18028582815113889492,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6032 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --field-trial-handle=3288,i,371491284925625927,18028582815113889492,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6032 /prefetch:1
C:\Windows\System32\taskkill.exe
"C:\Windows\System32\taskkill.exe" /f /im explorer.exe
C:\Windows\System32\taskkill.exe
"C:\Windows\System32\taskkill.exe" /f /im explorer.exe
Network
| Country | Destination | Domain | Proto |
| GB | 142.250.180.4:443 | www.google.com | tcp |
| GB | 142.250.180.4:443 | www.google.com | udp |
| GB | 216.58.201.110:443 | apis.google.com | tcp |
| US | 8.8.8.8:53 | 234.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 110.201.58.216.in-addr.arpa | udp |
| GB | 172.217.16.238:443 | consent.google.com | tcp |
| GB | 142.250.178.14:443 | clients2.google.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 216.58.213.1:443 | clients2.googleusercontent.com | tcp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| GB | 172.217.16.234:443 | content-autofill.googleapis.com | tcp |
| GB | 172.217.16.234:443 | content-autofill.googleapis.com | udp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| GB | 172.217.16.238:443 | consent.google.com | tcp |
| GB | 172.217.16.238:443 | consent.google.com | udp |
| US | 8.8.8.8:53 | raw.githubusercontent.com | udp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.133:443 | raw.githubusercontent.com | tcp |
| US | 185.199.108.133:443 | raw.githubusercontent.com | tcp |
| US | 185.199.111.133:443 | raw.githubusercontent.com | tcp |
| US | 185.199.111.133:443 | raw.githubusercontent.com | tcp |
| US | 185.199.111.133:443 | raw.githubusercontent.com | tcp |
| US | 185.199.111.133:443 | raw.githubusercontent.com | tcp |
| US | 185.199.111.133:443 | raw.githubusercontent.com | tcp |
| US | 185.199.111.133:443 | raw.githubusercontent.com | tcp |
| US | 185.199.111.133:443 | raw.githubusercontent.com | tcp |
| US | 185.199.111.133:443 | raw.githubusercontent.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 140.82.114.22:443 | collector.github.com | tcp |
| US | 140.82.114.22:443 | collector.github.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| GB | 142.250.180.4:443 | www.google.com | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| GB | 142.250.200.14:443 | google.com | tcp |
| GB | 216.58.213.3:443 | beacons.gcp.gvt2.com | tcp |
| US | 185.199.111.133:443 | raw.githubusercontent.com | tcp |
| GB | 92.123.128.149:443 | www.bing.com | tcp |
| GB | 92.123.128.175:443 | r.bing.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| GB | 142.250.179.228:443 | www.google.com | udp |
| GB | 92.123.128.175:443 | r.bing.com | tcp |
| GB | 92.123.128.175:443 | r.bing.com | tcp |
| GB | 92.123.128.175:443 | r.bing.com | tcp |
| GB | 92.123.128.175:443 | r.bing.com | tcp |
| GB | 92.123.128.175:443 | r.bing.com | tcp |
| GB | 172.217.16.234:443 | content-autofill.googleapis.com | udp |
| GB | 172.217.16.238:443 | consent.google.com | udp |
| GB | 172.217.16.234:443 | content-autofill.googleapis.com | udp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| GB | 172.217.16.238:443 | consent.google.com | udp |
Files
\??\pipe\crashpad_3300_SVXEWUZSMAQNOVYL
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Temp\scoped_dir3300_1906450266\753920e9-95c6-4483-9b80-8d93e6939fdb.tmp
| MD5 | da75bb05d10acc967eecaac040d3d733 |
| SHA1 | 95c08e067df713af8992db113f7e9aec84f17181 |
| SHA256 | 33ae9b8f06dc777bb1a65a6ba6c3f2a01b25cd1afc291426b46d1df27ea6e7e2 |
| SHA512 | 56533de53872f023809a20d1ea8532cdc2260d40b05c5a7012c8e61576ff092f006a197f759c92c6b8c429eeec4bb542073b491ddcfd5b22cd4ecbe1a8a7c6ef |
C:\Users\Admin\AppData\Local\Temp\scoped_dir3300_1906450266\CRX_INSTALL\_locales\en_CA\messages.json
| MD5 | 558659936250e03cc14b60ebf648aa09 |
| SHA1 | 32f1ce0361bbfdff11e2ffd53d3ae88a8b81a825 |
| SHA256 | 2445cad863be47bb1c15b57a4960b7b0d01864e63cdfde6395f3b2689dc1444b |
| SHA512 | 1632f5a3cd71887774bf3cb8a4d8b787ea6278271657b0f1d113dbe1a7fd42c4daa717cc449f157ce8972037572b882dc946a7dc2c0e549d71982dcdee89f727 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.83.1_0\_locales\en_CA\messages.json
| MD5 | 07ffbe5f24ca348723ff8c6c488abfb8 |
| SHA1 | 6dc2851e39b2ee38f88cf5c35a90171dbea5b690 |
| SHA256 | 6895648577286002f1dc9c3366f558484eb7020d52bbf64a296406e61d09599c |
| SHA512 | 7ed2c8db851a84f614d5daf1d5fe633bd70301fd7ff8a6723430f05f642ceb3b1ad0a40de65b224661c782ffcec69d996ebe3e5bb6b2f478181e9a07d8cd41f6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.83.1_0\dasherSettingSchema.json
| MD5 | 4ec1df2da46182103d2ffc3b92d20ca5 |
| SHA1 | fb9d1ba3710cf31a87165317c6edc110e98994ce |
| SHA256 | 6c69ce0fe6fab14f1990a320d704fee362c175c00eb6c9224aa6f41108918ca6 |
| SHA512 | 939d81e6a82b10ff73a35c931052d8d53d42d915e526665079eeb4820df4d70f1c6aebab70b59519a0014a48514833fefd687d5a3ed1b06482223a168292105d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState
| MD5 | d0513f45ae9c3355a8db7e140deab215 |
| SHA1 | c24a50250d365836ef8bd62f9bc115af824cc04c |
| SHA256 | 6818ce4e8df6dfe690c099e4448d499bcf9cb2cdfb491162e25749097d7a349f |
| SHA512 | 4914aca4626da49b80f1760b771aa479ed19212137a26781fc5e2716addf3cab971e20f066d588c9978833eb12f4caec3867f7f1c545eece83ded8786c2277f2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | fd855476755347107f0c55f3349ad5f6 |
| SHA1 | a49b9f94711f40a9f947add99aae037b74902b33 |
| SHA256 | 3f9b8f8e732c0a2f26f91c1de67baf6e8e5d417fbce7165771898fd7d9a73554 |
| SHA512 | ab9f9709ebf5676f8ea855240ce73d4431119dae69d8a8f0a4da1a6e3c0e94791612e97f6a32188c6fa7d4a5a2e810b01e454bf2112b0fb39cc5e1287ebd0f74 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f1f45ea563a6893dbeffe40470f4a743 |
| SHA1 | cf13b8f2c10210f00b3c17b3fb8196ede1935835 |
| SHA256 | 2c44a91f936cc45b89eefa26ef68f7044011c912bd12425bf78bb7a187d7fda0 |
| SHA512 | 7971c5e9cb34904e9f96119a6f7ffe7886e8017692f5f2ad0d1406a527cde9b34fded80fc00b21c3aa10fd15adc0ab35c099f0ff1287b40cbe9edbbc4c5007ad |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | e5669cacd7ea65f1d9c5b7d79853dbbb |
| SHA1 | 5543a09d6867841d4a5e4f0b7786d52d74c1a4ff |
| SHA256 | 504895b835c6489f33a86f0b4ea12dc1164eb448f3d419171ca8b0f6d742a94f |
| SHA512 | 7d364ea7a01052868403ccbad9a5c1138971b7f1afc6c0f085abbf0b51f472ece17146c3ed617bf650033cbc606ae65c61344058708c544a43b5c898913030f7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
| MD5 | 6080f794e6540b73e34303d626aea262 |
| SHA1 | aea2ace34559a8e5597261507840920bb0175754 |
| SHA256 | 765e388d50d7f906d08c55cb6c1975ba2fbf41b59e6a19cef833615bc2780c0e |
| SHA512 | d6355faac2aa1d64e59a81d2e7454caf5d0b0c761afcc1e906f74cd637cc234fe3bc3fb88c27e84f6816125fd688d685dbf673a0137d5b4e6d286f89ad9ff0dd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ec83bbc623abdfbbbd673db8fc5f0e9b |
| SHA1 | 4ff6957b7a64007c87df058a4008d74bab10d6b0 |
| SHA256 | c4ea83f46da3aeb97496cf47c5799c25152d260a2b86f5b537c059be35f92ee5 |
| SHA512 | 5cd1c3e69745cc4af0c67a8e23782106645ecb4de4247fe116ea4a76034f212333bc13c718af5253f95126c5a98d04f1352a7b3b8e5b3a0f153f86878773cd78 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 2d38f0a5223f8ed6242d45e7d50c5008 |
| SHA1 | 1aa3fb1cd14db9c0454a3b7a55036448d2cdcc70 |
| SHA256 | e83c0fd95a4859b700d4c5a8b82fbe1dbbfeca7cf1830bb651885bb6cba137d6 |
| SHA512 | 74072d3df2459159d845d5cf121f30538838b29092e9a83128ea70e7fc08f3bab8fec7bb436abc225f7f4fa4276ab50358c93cc1e9b02db9c2623b2957994afe |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 0ff510a3fafe89f86293b7576d42efdb |
| SHA1 | 9074af4b160e5f4f41ec9a9740bb56e3373186da |
| SHA256 | d2d600e06b5a7d404c0a014ebf90365bb4c462ee6faaf259473ea1eaccbdaf2a |
| SHA512 | 9518ebf971af0552b23a1e1ee5f5c272e6300b0384e465ef931b13ab96027b2b67235c20544cd1cc0f9ff22954c7bff0c1a9c3365191fa028017fac89f38af69 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 8b5dbd7992d5a69217be15a87de49224 |
| SHA1 | fc65642bc1df4fa86a44d33d76584593a582faa5 |
| SHA256 | 188cc47c0e64e3e11c0683ce4972784fb3239bd62baf7730a3b01cde44eae41b |
| SHA512 | 06a7ecab73d2990d66736b2697a2e4b8d3f5e63f7f7262c8bcda14a63e170f71cbe12ad5f306604570c608e7254fcb427390e8a5e094d5707a49856c44c674c3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 24ea39e7500070487a22b652e2126aeb |
| SHA1 | b3451f8c0812f38927ec3cbf367b87dcb6e8347c |
| SHA256 | 2b23666ae05c5cada5f1b9c1e77be536a532fcf2fb72880527b1ab604d6cd0ca |
| SHA512 | 668517f5d2aae53142e57b8b509e75c30da5608006983dbd4d00cc74feeb7cf621ab81915df077531cb7d04c63b90654d610dec6b4b59bd216792fc44830bb73 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 14e34c5f72223986f82f70dbdf59b8ea |
| SHA1 | 83557bbc06c39c643cebb08f5616485583c11622 |
| SHA256 | 3aaf831e8173e671dd411e7bd55eefaf50e2a95c0d5aad655cf3a3684abb5b79 |
| SHA512 | 9ba69d81d002d7a43d2baeadc438499bb14be6f310752966273ae7188237b179d146b8d58b5eabc79cfbca0142ddd18b6637b2b076c907d30892a3172fe7fc2b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 490ec964a5b33b1e8ce8863a49f98502 |
| SHA1 | 3534b41713d72edd9b010688f4c05c6400221d3b |
| SHA256 | 5942739aa9e1903e808a54592176b72ddb47f3b76603e273b3a76b052d568b08 |
| SHA512 | 1c7c54872e74b66dd9eea503ae1b2f0f418d64842c417e03580c616a9667b6ebff54bcb250bc9d4493ba0f05c88b01e767824e6fd394e46961c754ada55bb92e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | e6ea78d3f0ce2a8ca0c643f8bacfa95d |
| SHA1 | 9684b5d8d7138790e2b2e14b4e8a2c2606d974a5 |
| SHA256 | 321a9957f6c73d986ff88e973fa24e217e815e0f86d4bfc2bfdedd749ccd9913 |
| SHA512 | 304f2cd46624eddc99cc5bd2df95d7227b711d525f25ad6a8801aa493a5942e07d7201d5a5540ab10a9b6a151e6223d8d6d8cbc90fff0b24b4ba2e8437ca6474 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d6dc0777c14312552851b1396099f5e5 |
| SHA1 | 4dfe4c92ffa8f5f3af3fd2fccd4804cc422215cd |
| SHA256 | 0a7819fcedc7401717f2db7f6399db25aba6dd26d735959439d36100964cd795 |
| SHA512 | 7170bd18f395b8c15cb8526e8719ebfee948dcc363e0f53efe8a46d2a84dd0cb40c5593ec271a4a4eb11bf91878969174a49b3bab5090a90a405f92daa3a4a6a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | c791179eaef87dbb8c02370f18cd2666 |
| SHA1 | 8b30d47c2aee8d052465bdd988c3e35d06167355 |
| SHA256 | 2547558c479f4f0ad83093e870398c39e8860951d3aba6958e9b70e920d0e01d |
| SHA512 | c3ccba9addbc1d78fabff31c9e9f5422454906d7c072708ea1c5c1cf97d1569a0d955b423d109a58cc319895f69edcf7a1891c869f95d025ca74cf3fe6a1dd19 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 2106f1c15a67da82a352071e9a59028b |
| SHA1 | 1e1386fc88e8e89b8ab481d37988b3d8e661a5da |
| SHA256 | 38cf702eef7a3a98e7858c8b7014c5572fa45f8d9595c8f29a924da59a7df7d1 |
| SHA512 | d31c6f7c37d6292b7f9a10729672d9088e455cbcd910393ebb9a1db1f2513c0f284e686fda5dcd0b4beb5e40ce8bbab901d9c3918fd350bf452f32e14186369c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 618b605b4a6b943aaa221fa1254ef4b4 |
| SHA1 | cc37e2744de2ec29d1e36b5b1fdd90d216aa460b |
| SHA256 | 61e9425cab3afdbeef396a67e11299c4aa666063f36ee291aa30cbee54a610cf |
| SHA512 | aacb2ed60245cb38ab61b49057c6a5cdcbba79a322a49b11022a945fbab8016d56e5ded4c9fb8d874b835bc1941b6b13a525d0fdc332de3be26c573ee83d0fc8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\d3195ea4-942d-45cc-9380-6a66e4fb4174.tmp
| MD5 | 9c4b8cc63dfbb6d4e4b7c808e393d50d |
| SHA1 | 40d282a31915a44d40da1ea594cab030bb69df2c |
| SHA256 | 17787f54795ad50accb4f499dee9f48fe9dc0555853a7a21815a7179ebb1b4cb |
| SHA512 | 8a704be27ab4bcc395c38d253b62f0b0c8c31e30ce021514151f11e379d5430ac030b84beff4daba96ef0dae467f514b1ff92a38f3530a0c0215aae68ea26c03 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 9c60e4864723ef6c269deb16e3b4eba9 |
| SHA1 | 4810640608ff18233046bd0380514c60570fc0ed |
| SHA256 | bda72a108b60d7298ef951bf8c9efa004071465197845f24d40b5fdd5b2cc8f2 |
| SHA512 | 01fa8fc430ae70cd76e7a800c91176174214accc066f112782126edd4b5654964ab7bbb7a037e59ee77dfcae5e46ca87d04b88ca9ddf3a172ee3976988965b06 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 070cc88f6e365817aa44bcb8549a3fef |
| SHA1 | c14a7cfcf703150d3b3f6daca1dfa2d488fcc0d4 |
| SHA256 | 6b2526dd675a6399570503d5427cc4b345da4d612ccb229db6213277e017a906 |
| SHA512 | 12d1d90b86fc609026178a2f1967a2662d3fe948fbc85d2ef3a7b435a52c037a30c691748f285e65e924b4cdbbaa645e0e3e22f06279c2155769fb6be1215189 |
C:\Users\Admin\Downloads\SOCIAL CREDIT TEST.exe
| MD5 | 80c506da3df5e4580c06c48162bccbea |
| SHA1 | 43fbccf50f91cd8e1190869b0edc96d920519c14 |
| SHA256 | 5699b2e12f78b7eeca0633c6a5a93effe7187565eccd7668acccf93c61ab7acb |
| SHA512 | f4a424bf758bb48da944701397ac1e82bb72a15ea4e8818535f2e52199d37e9caf4361303fee4bd9d6db528e1c0171d1612aebc5f636ca9c4ee4fd795432b8c5 |
C:\Users\Admin\Downloads\SOCIAL CREDIT TEST.exe:Zone.Identifier
| MD5 | fbccf14d504b7b2dbcb5a5bda75bd93b |
| SHA1 | d59fc84cdd5217c6cf74785703655f78da6b582b |
| SHA256 | eacd09517ce90d34ba562171d15ac40d302f0e691b439f91be1b6406e25f5913 |
| SHA512 | aa1d2b1ea3c9de3ccadb319d4e3e3276a2f27dd1a5244fe72de2b6f94083dddc762480482c5c2e53f803cd9e3973ddefc68966f974e124307b5043e654443b98 |
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val
| MD5 | d222b77a61527f2c177b0869e7babc24 |
| SHA1 | 3f23acb984307a4aeba41ebbb70439c97ad1f268 |
| SHA256 | 80dc3ffa698e4ff2e916f97983b5eae79470203e91cb684c5ccd4ff1a465d747 |
| SHA512 | d17d836ea77aeaff4cd01f9c7523345167a4a6bc62528aac74acde12679f48079d75d159e9cea2e614da50e83c2dcd92c374c899ea6c4fe8e5513d9bf06c01ff |
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx
| MD5 | b5ad5caaaee00cb8cf445427975ae66c |
| SHA1 | dcde6527290a326e048f9c3a85280d3fa71e1e22 |
| SHA256 | b6409b9d55ce242ff022f7a2d86ae8eff873daabf3a0506031712b8baa6197b8 |
| SHA512 | 92f7fbbcbbea769b1af6dd7e75577be3eb8bb4a4a6f8a9288d6da4014e1ea309ee649a7b089be09ba27866e175ab6f6a912413256d7e13eaf60f6f30e492ce7f |
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock
| MD5 | f49655f856acb8884cc0ace29216f511 |
| SHA1 | cb0f1f87ec0455ec349aaa950c600475ac7b7b6b |
| SHA256 | 7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba |
| SHA512 | 599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 4242456bfb888f480851db1ed532b0d7 |
| SHA1 | 70476e4a2466aa8bb9ca9bf8e42ecab12ae502df |
| SHA256 | 4976781a174e57d49440635734044b03899200254a183c5fe3ee4ff1e634c784 |
| SHA512 | 7514faeca106de8a8ec9b3ea4273a8db6f0ff4ecf26118a15b5b15293e467dc229ec8d7b1fdebf884a24ff1a766e2c8f8fec385028771e2cc711fd92d2a7e145 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 1f15f23992a0107d77cdef69b5a70e0e |
| SHA1 | 1367cf952d82a184bcd75e0845277c82fc298723 |
| SHA256 | e8843f92032f3106316cd97306c5d2c00bf6286c7c4311c251a4092f2ea41ed7 |
| SHA512 | 739a8843f7a44e820c2cadde9bc5df3bb5cbe93e51539609e9c53af3cbb6678d3e1d162f60c152971062bf62244b7de918484e1c4719cab618c34a1d815980c2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 9a3dbefeac9a2ad277d28cb5b0116d60 |
| SHA1 | e52271e75d662c8a657b2fc5288cfa11d54f9836 |
| SHA256 | 898a021252dabe79bb36b0f5938b7660f8d3446c9d038fd91308def83e691d16 |
| SHA512 | 6f5dc85d70ab0b069b464fee6d808b57b2aedfbb6c84df7d1b1b6a06b2e72e983be0cf4d5800ccf359e2acd4fe3dc7755b5233136f48c7e01751f39726df3ea8 |
memory/3076-972-0x0000000000880000-0x0000000001C44000-memory.dmp
C:\startup.exe
| MD5 | 12b162b0c010fcc23fa43b03cbb76509 |
| SHA1 | a696c6b6d5c0216b3eddf8dd4eb2a269abe19d00 |
| SHA256 | 6be68911f16ec9283da61ce222d946c9e8e5ea39d71ad9d23216b4961947d180 |
| SHA512 | f983d2a19c18574cd09c1be30f44a6c8b586bfc74341367f6dfab26a6c7440f73e7ba252e66d1ed5fa6af5a78dd3f69de3909a369fe08ad78ca1e539eaa036c4 |
C:\backg.jpg
| MD5 | aa8212e3f48d35711f219cd9bf1265ab |
| SHA1 | a3b17cc5311f23cc2db204f5b7081cd7d170094d |
| SHA256 | ddc65eb885e5f89406a0b9ec5d23b0bf041ef9c15b689ddf6b855c9a62132200 |
| SHA512 | 1d15ea1e09dae7d5c2b507f26dff3c052888deb7e5f8d17f5baac1c76a15cc2b0f11b470d855213ba17c03b32856e921b36c8acc6a32e9ff1ab9c04dc4ccf261 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 61a706c26835de4822ff06cc715035fb |
| SHA1 | 6feac5883a57c3b801235e33aa150d4e608dc57b |
| SHA256 | ed75f81986f4b25ad53272e19f3029adc0cda090c82ed52c6ed7dca304fa34d6 |
| SHA512 | ac2660a61e2a3d4494fbe3996471bf339da8fb515dc710249b6f4c02788f74bf17bbdf31b210cc71d1d1f0f6c73c74f00dfb92d3afa604f40ad8ab1ab060c877 |
memory/1328-1144-0x000002414C780000-0x000002414C880000-memory.dmp
memory/1328-1279-0x00000239004A0000-0x00000239004C0000-memory.dmp
memory/1328-1280-0x0000023900630000-0x0000023900730000-memory.dmp
memory/1328-1281-0x0000023900140000-0x0000023900160000-memory.dmp
C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\AC\Microsoft\Internet Explorer\DOMStore\PQ45N7WT\www.bing[1].xml
| MD5 | bb97adb60b277856d85b68998f61bee8 |
| SHA1 | b8afc2c040591f1521cf9a2ff8715b4991c871dc |
| SHA256 | a4f25938e4e13dba5c78e0f857508b07628fc0b351fb0100a2d69bbe230b37a0 |
| SHA512 | ebbe76d2796f6c3f91b2a5f1b3fcb90bd0d821596760effbf1e514d289614a38e341d6ebfcbf9bed38b4589e0b528c6c012d503de1935d4f26238f292540d526 |
C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\AC\Microsoft\Internet Explorer\DOMStore\PQ45N7WT\www.bing[1].xml
| MD5 | 95125f2392633cd1f957bccf67da5bbc |
| SHA1 | 31251d6ba19b7189cc4a01dfac5eb45e59fdf2c1 |
| SHA256 | 4e68768ec099440eba58c5e4bdc797cf256fffa997be3b4aa5c2d7089b8a2b69 |
| SHA512 | bdf53301055ea7d4bb694a00e04bbafea1b1c299ca55a5d1d4da1f951ff037a21bc03ea93bf5df28345adda3c03d992e8ba1f4e8918f90c07978ece778e23856 |
memory/1328-1374-0x0000023904000000-0x0000023904100000-memory.dmp
C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\AC\Microsoft\Internet Explorer\DOMStore\PQ45N7WT\www.bing[1].xml
| MD5 | ce2b3d4aa9fbf44a503129e9bb3a567f |
| SHA1 | 619201b476c3a0ea2d0b7469d8bb9846b3798f77 |
| SHA256 | 1bd6bc2fdf686006129def5cb503143711d18ea1175df1ce34b9cb14b9dbf67e |
| SHA512 | fb0c636ae13056ee7298eaa919aa43eca2a22d1859d0aace6a033f1f4b391b734a3548e9d4522b09fee6cd6241fb4941aec9fc52a2f512daf46b20370f391bf2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7f72e6046f7f0707b3890ca8f49f3d97 |
| SHA1 | d3a4b0ae377ad055eae8d423861511899cada3d0 |
| SHA256 | 19516e4a13f2d9e7b273442e9d805f4bb4b2485a1c16f60031e996121658db71 |
| SHA512 | a338d6b7fc85df4a557a18674ee15d4f534317211f7c0167d5f903efa80056824befe1594a73cab09dc64dc4f17fe7d51d1e4a286be43b1a7644e533c0bcee13 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | c067fde283ecb8c40ec38e0c3719b73b |
| SHA1 | f81d494dd0767ace78ce7d2153bd70a538b117ca |
| SHA256 | e57992552a727b24778f62fee42fc4ffdaf66bd5f0eb10e95b4e258d649569d4 |
| SHA512 | e68f665f48f41d50cd591d6fdc3a5b4b6d86a6b7b52f9130d6a095b2b51a1ae4dcf50451e21b0c396f79af95e6ef393745c1a9a3bf6620d76e7ee41be47883cc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | e27ed535c3e62165acc8d46a4413aceb |
| SHA1 | 6aed9db4669c0bf8bb81682b1c337f15f37dcdc0 |
| SHA256 | 0972887e5ca83c71fe9d94161f454f86a249b5d40fde6a253e7f5387c6ed5c05 |
| SHA512 | 2bf8cf06b617a528c57ea25e5176301e16c22be68e025ee1833790f4c4a64b1a26f38407aacf8beaab6c0006d9e41c94a5440d7bebdd789a83fc41834208005e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | d9bf1f9d4705ecf11debe601cba4d183 |
| SHA1 | bd6ee521a19f431ca918fc4e2f812ecdc085942d |
| SHA256 | 5a880b5f7066e2e1d2d6197539f6a728376d49be91ea932c0fff7e940cf6094b |
| SHA512 | 29cbe2ac797981661c408e7ec189e5033fca232073a28a406840da74fc633192c1ed1a1ce032decc46bc9f66ecc96492cd5b98c68e41c362f75cb51c3fe97adf |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | f96f68f16fe2bd5033636573bf06fdba |
| SHA1 | 8794ffd2195c7ac74d251ddfd1a157ea9be5edfa |
| SHA256 | ed365a6186902ef54400e6f0437ff96f5e451a6294db78f01c92c1da5ce0a2d3 |
| SHA512 | df8867e70bb4ce343fafee54e23a05ac541f0206e071d7734bdb98f3e655ddb634f655b0ba34f4c50e07f4d0eab4dc0a7679aa4aa34603e0e24713591b42f6a0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8796a08e3938f26c027a31ce6a732a1b |
| SHA1 | e8c45fd210f23b27bd5864c3f7e1dc945a35040e |
| SHA256 | df04ca1608d16423ceaa20790373d6419cfff252b1281a915569e6d32ac80de4 |
| SHA512 | 1474ce8742ae9c4b02f01f9245d5607b99eed9b5a93e34aa4b6665193363f2d8520f9720c13920ef054b8eb8d7f3d09d9fd83bd44c50be3d691398696246b343 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | c3d8671f65520137aef171673db0ffde |
| SHA1 | ff0979ef77e3f8ae518ae4f3a0f1ce48cfb59d3c |
| SHA256 | fc5a83cf39b224a20f037e4409c4b22f4adc4ea9de6bab5f29fbdd879a46f137 |
| SHA512 | cf69ff21b3416951b591086db1e89fdfd9a3bfff7aec0b62f1386e5dfdddcf61456f412f71993b13199e96bf8c7d760724137f6c2fda0cf212902620a75485b8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 568f6f1c09c2d99a3079832d4c496aff |
| SHA1 | eeb091f72a98725b4c399e11a282afbfd60bc827 |
| SHA256 | 2d3b5302d94b832362a245dace964d9910e92b13017847bd5e4bb37a9f722b05 |
| SHA512 | 9c4027962dc5bc814e3bdda46360ff1fed39156e074db4a47c03d4649c73d8a8c4f977575658b7bb2e558a0deafd5b664b6199e57d166d3ff58632c8227fa088 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | f6073ec17aea8a00e48b50c858f07016 |
| SHA1 | b2d4bce1fe52e0be963b3a9d51679b1eab30dc4f |
| SHA256 | 9ffaf44070424ec90bd110b287c92e1da6994d715178b59c280daeb76acbd21c |
| SHA512 | e23df25bf4bda19f473058956a0fe7397efdedda0c0ed9099beb3ec0913069d3b5e21ab5596d0975cf579a75f7953d7ac665dd0594c408b29055b748ebb49ec3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\DawnCache\data_1
| MD5 | d5e85cc4d073c21dcaeb80217d340d33 |
| SHA1 | 7f236b9d77f87200fda9b624fb35ec7e280cca9a |
| SHA256 | 2043f6de79aeff45e590332e591779809a8769e08c9c602286f1a00bdbcf62e6 |
| SHA512 | eb9790c41501288c4b39717f5508291de64c782fd8a66105790052bb265b557395b96cb4fb4f534a3f3f132056d5fb16c7b6ad05fb9e530a7159ebf0c4fc6b47 |
C:\avocado_icon.ico
| MD5 | 6d362a3e515cc18d537f74fca1f75293 |
| SHA1 | 99a5b363ac274e027530fa7a532a007b0e6c56f3 |
| SHA256 | c87dc1a91720070afe96d3be716d6203540da4d08e9d2339967a8a2a6a521d42 |
| SHA512 | 896ac439ff7ff58b33413fd978bee25afffd9f4b2a8183ad63db861b92c7118bad0b845ccd85390c8b8a76ba57f6a6fb7d0ad3970bdb0a28fb9f2ed718979821 |
C:\guy_icon.ico
| MD5 | caf2b6d49aae9303b222fdd06b91f10a |
| SHA1 | 12b967bd3aafa465c228551a7cb2d70f8b9f972e |
| SHA256 | 2b670bfb2029e8f023f13180780c648f606bb91fd5854e45e08c27bad2f4e1b8 |
| SHA512 | 0eb51b3e222c4843fb3d79bddfd04faf41135845f1d20a320be84f076289be9890624cb34b73bf4093b2ddbb8d48ff409deeec5aaf3b10216204a24da4c2f92d |
C:\amogus_icon.ico
| MD5 | 43042269818924374a29891d79cb676b |
| SHA1 | f34ef8a688e15efa9c0117816a617892a2730bb8 |
| SHA256 | 77aa5f8536b9c30133f8083712b2d5434123d31a6ed41f0680fce52e06144187 |
| SHA512 | 09cefcf48c1ebd4d5593d6d4f6973ff39330d23cf606da54bf79eeecd355842c675bd530b4e43d19b3dcc3fa6f4539d5d161ca423347197d6b319c17abab0e31 |
C:\the_wok_icon.ico
| MD5 | 8e1462f2d993e1bd6fd00268623abece |
| SHA1 | 67367e20f64d32ab8d1840dedd91d686ac989952 |
| SHA256 | ac084f24272a89b616e21add98739a7c4dc55830e6c7ac8fff74a9d495eef4c5 |
| SHA512 | 9184a8a87c2b5ec222df4d51a940977b2ec784c634ca66e5d11a46d35ef1a38162b6e1090e1df364eaef3fc1313a39a989a803c2ace603e90fb4473ec9105ace |
C:\theme.wav
| MD5 | e4f642067670a4001d31ffb18f481f96 |
| SHA1 | 538336f1beed8f74a0913454265cbcce4822c4e4 |
| SHA256 | 5b41d14436cdd8e5467be6a1705daa108c428176c9fa4f9c74bd88cd4b703960 |
| SHA512 | 5b7e27540c1bcd579d633597de005b7cb6a91f2dc8a6849c23b16a1fcc942688cd59ef0b0422a2832a2c84b6517e9debd87c5a1e9a57521837dc1c18ffe4a59c |
C:\xina_icon.ico
| MD5 | 0f111a8457f17592240624b2e80a6c61 |
| SHA1 | 23b009e988c3a95d9e8ac97e9baf2979dda3211d |
| SHA256 | 8d49d92735d094885cbb57a63988e6205b5a477f2a571aff2f1e8d295f3d8e2f |
| SHA512 | 4e14e5e9c834723a23d3982fa2c5223eb0ac09403bc5cde638733c2a96dc28f820f76b6614e444b5a2aef3fb9f53c6e8f1fffd265ae7bb0af0c372aa7f548bfe |
C:\ustupid_icon.ico
| MD5 | 6e3e6e1a0f01c0168c7b1fcb4e63a89d |
| SHA1 | 785688b7caa8f28583e417a651517b721405d835 |
| SHA256 | b856abc28d3d026fbe327376bbd72f7a169012bc987d59dc9fe600e9714ff634 |
| SHA512 | d2038420bb997ff0d97561ff8b167822de36fa1f924962abed0f29b3c8b2ef7bf9a9f52311738d498b894cfd7d488ee0a1741150e45782e555028483bb1ecc99 |
C:\whenimpostaissus_icon.ico
| MD5 | 57a21de76111fd67dd32bbf5b8cbbe8f |
| SHA1 | 127d6c20da0234ac8bc9dd65391fcfd695185274 |
| SHA256 | 8a5f22591d81c5ce727cab12fa380c3331fd9a3118a69667bd21b8ed9d6bb96f |
| SHA512 | 4177b17475c7dff84fa577077d844e27af7d8dafba7f6beacc1b45174d4df2ae88f242529dfbd5f6e5b80bbc5ceb949ba0fcd2c3c7065dcf32226b0e9da85629 |
C:\ben_icon.ico
| MD5 | 35ed09899d21d2f9806e5c4eb1411324 |
| SHA1 | 5afa7972868a84f4e49d65f149aa09dda07870d2 |
| SHA256 | 66775b29fdbd36e7ea15b038224a12271fe84b0e1129b11dec008af1dec986b3 |
| SHA512 | 625d060ab49f371a9416315f85f6c01874cc19bfd5a4fb9b0a84287f1af0411695623e4176e62afa6623b16339b4c603f6a2179fe00ef505fdcd97e2b36cf820 |
C:\walt_icon.ico
| MD5 | fa516d1d0fce7db4dfa81e73cf74e917 |
| SHA1 | ecbb4b0ab88b6c7574279693bda9a7cfd0a2d9c0 |
| SHA256 | 335b92e10ea035e1061ab8d44d02472d2db80a838eae63900b9d02ab9483c4af |
| SHA512 | f9adda2c53121fbe6a0c42582f2af6d19dc8225f9422a2163210153bd5bc458cd4fadb1d97085fadc658b45557ddc3650ca96d68764241a153c70b68569dec8f |
C:\dad_icon.ico
| MD5 | 8883262af502c220932bbc50979391ca |
| SHA1 | 0be9ff95e86e798493f5f067a6dd3ddec9ed6832 |
| SHA256 | f500586d27d938ebfc965c59cdc42e361b78bc41246d52a075bc278271c96fc6 |
| SHA512 | ca78bd4cbf199ac1ec91058e48f357b3dae908a5bc06eba132ad9e143d5791d11e04462a96bf836999dd412ff0d9f37d06243c8b944f84ec354a3fb223b1d076 |
C:\speedrunner_icon.ico
| MD5 | a0bd05bdf6641d55fff217fc45b6e7a4 |
| SHA1 | 9c4f824bda8ec17d0c23fbe50cd8f6c55d5784e3 |
| SHA256 | c34b87c2f0454d80f7b1989e80eb5b6ca04052c16f94ce294f15a0053cc76ce2 |
| SHA512 | bdecd28c096925852936f0aa96a406596a3d60bbff51ac1e12d9241f4c7552630bf12aeb73cfed8cf8afc916cad90d4e6d23e5eafea6e14f73b73ced4992bad3 |
C:\skream_icon.ico
| MD5 | 21a8888b16b257c094fd38d09612fc48 |
| SHA1 | 9ce7e89da63c663987c9624a845144a4fecc3e72 |
| SHA256 | e1e71925f5169df514d0c196f41fe91ae1419426ed28422aea78ab85b4dafbc4 |
| SHA512 | cc554f7180b8f79de7ee6278b19fe8a4331ab9caa5cd980caf66eeed973a3577b56dfb57e4c0797d7987ce55ff8ab305a9a51b27568ae0fb9414498d3c494af2 |
C:\rock_eyebrow_icon.ico
| MD5 | 56afb11ebd7367af4c03b065ef3580f3 |
| SHA1 | 4f30fbf3d5c0469533c1b33b98aa612e6704c14b |
| SHA256 | da6e60fa7d074a5b8a90e3ebe53ed1c01661423ec0ec1ff154857bcef14ecff7 |
| SHA512 | eef0e1be7dfde83f546d36f41a6339ce17d5c7153da3f3d003838c333884458697b2d156abf9c119f4786d4d53f08563b79d17c0c3e316dabfa519db145e32c4 |
C:\obama_icon.ico
| MD5 | f89f675153effeea979e32716d1dcac8 |
| SHA1 | 84780277f79505ccf920d13391726741e127a79d |
| SHA256 | 99232a1b8d11825ccdc89ad8a9e095c6a1c36731836c17207ec5f45cfc0270f7 |
| SHA512 | 8c447c5a226a127cb671eac033bc7db370a5dd47aeed7e46fcbd112684bcbff300827292c8bd87aee6f21bff887c4c04b7620b3bc22a3b6bd3b6843678083fff |
C:\hell_no.wav
| MD5 | 22aa4efefa11404c5656516f4f257a59 |
| SHA1 | 2b7476f4fc38d51303dc78dcdef4577ea59efa09 |
| SHA256 | 88f4e80980753871fe322f8dda83e72900cca29961efdf25bd119b259a57d05e |
| SHA512 | 167d77f6f5aeb19fc98b6dc969f8ea91906aa23f5771b3f764884a685acbea5fa545486e72daf79decfa86265e6718a0d5e95c6f9c01bbc14a5c6b7c0ad2380f |
C:\xina1_icon.ico
| MD5 | ea930fd90cdcf6d31a2ec4c1559b41f9 |
| SHA1 | 498db95c46ed784d6c6b83b6ad30184ceb7f80f0 |
| SHA256 | aba2367393eab39caa359b90c62ac0231e7af228070c50496a984be89bba4f3e |
| SHA512 | 726bf8c578a9019ac025c2fc021cdf7c111597d182720d62c48be9ea4fb3c8f4da777ff2305695a27d0db61c3af9da48e99ada694eab71df9fec459c50a00656 |
C:\xina2_icon.ico
| MD5 | d129b378192f4f70d831fb7034d7992f |
| SHA1 | c782ed401d9a33644568dd3d4c78b49ec3d9a4a0 |
| SHA256 | 3d41e7d8040bc0c91f371f88dbbd7eee29e7c8408d2de331636096f81cc57b4d |
| SHA512 | b31d3191ad62011d53f77e789333f3669b515172aa30f914ca116af0b8b6949a031b002aa391637fdd7ab9a63a5b0dd5ce37dd691766f3d896ff570dcf23b2a7 |
C:\xina3_icon.ico
| MD5 | 37cf805ea6e33432e8bcd4e028938faf |
| SHA1 | c0ea05823441d9115a2f079346efff5ad2967930 |
| SHA256 | c638d0fedabee0972e593ef24aacb2bc86ddcb6a3357d0ddc2228e76d73051bf |
| SHA512 | 091bd6d4e0f5707df74a461657b513cf7c61b94e780b80f8f93fb000b0e29b7f59c08a35964d4dbee005e7bd9d3c9be5a69a2486996e3a9f09a3d3784d424a4f |
C:\xina4_icon.ico
| MD5 | 5e3393e772f5aad126c10b86b8b59c62 |
| SHA1 | ac70b3a5ce29c2d432263a11a4f157fa53222c23 |
| SHA256 | 049e8a377ff04c64b0e804d14a96f1469bfdf60c6b38d807d8b1af5b293221ef |
| SHA512 | 3903acb567fdfd0abff26dcbd4c7c9ebfe569569b1af78283beedd7c2343baa3e3fe19a2e851e43b7313017624435ce814dc839f79c67d3c7ee528b3c71666a7 |
C:\xina5_icon.ico
| MD5 | ef185b61dfa8298a39bd12bc5b5ad56e |
| SHA1 | 3401678e4ebf8a78c664994e864a18cde058c20f |
| SHA256 | ff3838388c2ed572a4d2ce6b8b6d77490bc56bab33ccf8c586bac27d2df83b68 |
| SHA512 | e7fa3e4f302801e617442764a28b7f7a24a394319903a411f40d6da31d03b7530a8160193010ef868c90f9259d44085d113b73fc09a0e72c5a1f9f990d87e7bf |
C:\xina6_icon.ico
| MD5 | fc5f065a5e8ede646d1595c50f9253f8 |
| SHA1 | 5c9a10baa223eca0ca3005b760b21f9dfe656e94 |
| SHA256 | 90a1510f938da7440b9b0d2f82428885684761898d4f76575b1c2fbdfc245d92 |
| SHA512 | 49a96c244bacdf8b5dde05f3b57c18d2f83a53f3f82bf32f6c8026d890e047f6b11d0d7d9357e8d6f509acbaa5fa37d5aab72c26e58f46c99885f272a747f544 |
C:\xina7_icon.ico
| MD5 | cb099d15874bc078218294749eb7b6bd |
| SHA1 | 27647365028ef3fe8df37d9341595501c5748b9b |
| SHA256 | 2efb6ed0f26f8a561014536a1eb846cd4467d830998f6bf2c89f5dbd4a87f1f3 |
| SHA512 | c350bd8959004da8cf76a4d79a25629c4e38ad57e22230a29c339685c076cfc0044cc241dc206016183549ac66da685a3d673938f0af6c69f40c0bb6ee5fbc2e |
C:\xina8_icon.ico
| MD5 | 337dc66064bf405d08a2c9c2f8b80ee1 |
| SHA1 | 34e79eaf97bc9274222df62331ed464b06c26deb |
| SHA256 | 0bcb24229a3ca5ab524b3241e79d71d0b190994b77d4c420985e8f89b9557774 |
| SHA512 | 61616a7d4e29c9a47b8f0f6c3a21e68b51ee2a185a2e0e6d3f7933a932305a246091c9ae757aa4d49601f2631e3cb5c62618a1e2a2932b957b9b279d019db337 |
C:\xina9_icon.ico
| MD5 | c7e83c267bc0e3238163b11a968d59d0 |
| SHA1 | 180d269f95d88ab98c4abfaf5024119ab22f5424 |
| SHA256 | 939f8ad378a8372438fdea72adb3f56cf4ecf3ab3d517efdbf5588c3a34be3dd |
| SHA512 | 054593312a083ae7f86b6aaa18ec206193b08368a8166f09815056ed339d1370ed0f03500fd39ad45bcba7a4a450b819415e695ff0a8cbca6db2a5999f9bb741 |
C:\xina10_icon.ico
| MD5 | 312462041a762b3ca42e106dd23c77ef |
| SHA1 | 199e0d9650f70bc9d4aceb95da7d7200668dddde |
| SHA256 | df0e53d5be9ecf641313960c107ab41bce93c8cf4849d006077e33a424cb15c5 |
| SHA512 | 4d57c6b4659ededbecb127a9676f6cc64644cc270e33ceabe469e84c2a1b38981134aafb8f1d1e53cd0d6cc1f22f08fa3bd7e8568e8f1d907efd4bd07b51f790 |
C:\xina11_icon.ico
| MD5 | a6a4e4e3398f437cd4d431d85e9d54a8 |
| SHA1 | 4afca6d917412205203b9498fd1fde26a926b7af |
| SHA256 | 03f9584495fef61a2f54a0f0cc469f26f25f35394be48b5d954d449ca37bc784 |
| SHA512 | 2ef129c544c12373b8eb06160450ec4c925d2b3075d1f7925859c4a0f184911dda59b6687944b7fc086276b3966e1111535e4e859b3f3715078e1e68dfe6ac2b |
C:\xina12_icon.ico
| MD5 | 813e47eaed5990689d0d53815c68d29f |
| SHA1 | a20cf1de1b653e7267c5dd134db2207fb1150e3d |
| SHA256 | 710b492db43e192fdf281d9d5ae58a06500b506694ce4685c64d413188c4b245 |
| SHA512 | 9aa5898a1e6942e41d7cf2ccb9dfb96a0b12c4d148d24a9ec8b9f5bf608bdc0312fdfd97c779a73ea81dcb9ce7df06941efd2a0841b2afc6b439528ec0f84fa5 |
C:\xina13_icon.ico
| MD5 | fafd6d2d4a64f53220994bd4bbb9de94 |
| SHA1 | 05d90ef5327c3ec114d0a36cb29927ca4796e5b7 |
| SHA256 | a8cac8b5521a9ff85faa0999ed21af3669c57a9cf51eb14760c001305c44c195 |
| SHA512 | 64cc77861e5a3679cf2f323ecd673805aa6df266e720d4e889ca283017201d25f194767b7c36aaeeb4a4eebe062d2597fc3e13f1b7e6054b4707ee74178df232 |
C:\xina14_icon.ico
| MD5 | 398df692cd2ec1bb7920ea5449d965a1 |
| SHA1 | d4fb9dc4e31cb5ec3ca4e2dd2223a0d4bc4256ec |
| SHA256 | 76fe950ef1408b93f1a13a7197cd3221d8eb6f6660ccf9aaec3bf94f8b9ef703 |
| SHA512 | 2156c194183d961a06daeca442fe8da4808f2065e8936f4fee10f487784721c0976a69e39a466f1bc1a0c31e082025774a391bbad2138cab638bce4153ca7201 |
C:\xina15_icon.ico
| MD5 | b28cdde3e6551f820fbf4d1ae4da6677 |
| SHA1 | 8e1fbc56e308b24dca374eb5debc9e9bdd5f6135 |
| SHA256 | dc1a15e29698e60ac326185e619eb875e869ea3d01746ac0701d11a2716f6b85 |
| SHA512 | 21bab2e588190151a380d0663f0d8f307c95805af7197bb2adf6019bf28eb3cf57d9e7f621395a7f23ca847811e5a9fd316bc45fa3208c71832966c4127b8cc6 |
C:\xina16_icon.ico
| MD5 | 66bd198bf0cfca918c45067bdbc354ea |
| SHA1 | 04d7bda4cd83a7d1e950a8da7f409eea72033578 |
| SHA256 | 06f24e06f12ce66cb87a29d7eac67befb737ee1400f11071d4ca83ecb5c78dfc |
| SHA512 | d2d775f19e5cd72671c739d03b6bed554dcc517f93bb83cba7bbe54fc3408cb8d177bb237620894f0cb45117bd902b6e39a7ce3f630f21c8c45b08d2280306c7 |
C:\xina17_icon.ico
| MD5 | 9225599ab65c613124185b2529989cd5 |
| SHA1 | 94cf9fdd8808ddc34d8c552a5fd52dd3bd6b4043 |
| SHA256 | e64658b6ee5ee61b29cbf79812b1f6cc45367eeb2cbe9da9fa5f1e63979644e8 |
| SHA512 | b535e4bf42d1bfe8d0280a694e8663fdfda224b030a80f0ccf0568009e1476cc062c3e88f9e3a3c31b62e5156504570fc17f1466acc234e83cf1f3628ac999b1 |
C:\xina18_icon.ico
| MD5 | 3807d3a5a2f9fb626c97e048e3b64b1e |
| SHA1 | 1b14e6ef507551e72370b03a876e9534b0da3883 |
| SHA256 | 5d99c8bc9f302d87e86addeebe013c34ca4305f3c9752fd92e979ac6d97aca34 |
| SHA512 | fd5ee94044f25dd20495dc3bae17ba89257211be6ca36df224813d7a71afe8270df7e8a74d11655dc6ab1397b5ceab3e56bfeac149a09d3015f10d4b50755164 |
C:\xina19_icon.ico
| MD5 | f6ecf41acb43f283021fa952e762b9e4 |
| SHA1 | cdd89bee571630d93ceb186ec5dbef3fc28d0019 |
| SHA256 | 9962141bc3e2a1936bffa25de1e8ad85aa630d4a9770f90e9900534784683be2 |
| SHA512 | af637de1c505023a03e2fce65847fbb596a3c7dc6789f636dfc78b185b583e801274fc00f63c12e531a6eefb505a0c2bb29222a133a4f0d08a1eafa3be17acde |
C:\xina20_icon.ico
| MD5 | 0e027d0c11f6adfa7aaf640ef5cbb83c |
| SHA1 | b9d69ff6f1ea832de0c713fd2011a1d588cc1d6f |
| SHA256 | 93bd144b21f021708564d17a127b241b6236ec7922cc772a78bbdfa9b0fd8ee4 |
| SHA512 | 77c242c76e6f3aaea9df664ccfa280af6c4931adad908a069073d35cbbf521f5650a0135239f6f831049a5d13ebab595169f27eb9f847a952f8a47a18e092d7c |
C:\xina21_icon.ico
| MD5 | 0c12f084e52be0801c90d48ebaaa9c4b |
| SHA1 | 8954a0a34e1344e0ef0a8920c9935dedd1eb4dec |
| SHA256 | b1b86e511ff375352a46b9b6fc8f3a7a20c55b7516dd1dd9d5af38adb7f527e9 |
| SHA512 | 01b8f27eb18a77a7be9a1b910b93c16afcfda1e0c371463619dc6562bfc469af34d152282bde6fd4c14fc191c6b7cf1877d8607e257489498ba1c96f68c52e2c |
C:\xina22_icon.ico
| MD5 | adb1b10c27228fd7a59a50a5839ee6bb |
| SHA1 | 579e67dca36773986fcebdd955f86cb6d47a7164 |
| SHA256 | 4e876b157be27295d52d754db4367a05e2bd10550006355fef27542de0603c1d |
| SHA512 | a2efeda33021d205b11cfce73b9897e82571f42596438020786dc58abcb0e42287ac3730f5f57fe92249f5b8fc8cf74f391fab5ba25004ee84b3741be4849499 |
C:\xina23_icon.ico
| MD5 | cf293a4f73d67d90b43d6fe2fc707e0d |
| SHA1 | c779c8794392ac1d907170999a15d8a7440e85c0 |
| SHA256 | d2767668d76008045bb9ac633f6ae30daba499cdd4c803030b3f4119169220f6 |
| SHA512 | cd2dbe59f40101d36bcf9b2da70ed8f03e66e5c57386be68bc929e1fd05ef2b806afae135ec703e960bc159400cb402d409e7745f7b348ff47fb24861267dea2 |
C:\fnaf.wav
| MD5 | a91d1592b7e50f377e7d173951c58178 |
| SHA1 | ba8c41495c9209b17b2538bc991a537f3493ebb1 |
| SHA256 | 65c3102f1a750db1921c3c28064f94f1b53aec88852b874810cefc6a74f402c4 |
| SHA512 | 8cac33c4b2964fd87ce396e519a894c6674f123e4c2f3642e358dba59ab64a17c110aa74363fca1436fc325f0a986ffdfe94c161fdeae30e425648576a8be1db |
C:\alarm.wav
| MD5 | 84b81f71beda7afeded4085a84808465 |
| SHA1 | 7199bd12cc0ef1f77fcaaba8b3ea5645ab388dce |
| SHA256 | 0884ecdc6f9a9ce52f67f6fdeaf02d579b2d7a1c7cf14d20d77c2906e41196a9 |
| SHA512 | 698bdbc47b061ad37982195a16930caeaccda52f95f9c0d4ed33653590023eda6a2c3f110ea2112aaa67c99ed588d9117797aedd9298b36b37e78dcc5c74a5ae |
C:\bom.wav
| MD5 | 1c782f17124b6eea9619acc46fc165a4 |
| SHA1 | aa22fe4a52723cf2ec83af3b478531c83ac1c589 |
| SHA256 | 9f1c04f4d37d995f9f6cdb7751be399468c275f91c35f30bdb45ff9ff31190eb |
| SHA512 | 2b63129054cffd9037963f9e42c46c489e697f81109f8465c9cf3915894f143ffa444e9fb1bef195111ea915f36b51f08246b5ddc7ae5763d056bd0c8b0a7921 |
C:\amogas.wav
| MD5 | 7c96d6b14ab956a856d47e87c4be4553 |
| SHA1 | a4626ab555204ae9221547b539fe9fe8b21cf500 |
| SHA256 | 3e6482553b51c3bf6d419f8333647f59762240861c79f166d1995fc59eb189b4 |
| SHA512 | aef86dfb77cce4064a634f3b1accdebb3c066e6d9fc966538df80b2c0d948a017b1af1bd34d93d525f907bb983504544d541ae1a1f074caabaea55d71b4f3f3c |
C:\rock.wav
| MD5 | 2483ba5ed0b989e311c585760c624055 |
| SHA1 | e4a793b783beb97a94d04c2e2795f02aced64d14 |
| SHA256 | 651ab26c519b7a0ac97e0adc3c452efbc9233f695f5ae0bb70d42d5b3e37cac5 |
| SHA512 | a37554d540383958614fbd898dd7435476480b4c7aa83b9191f626567c1835f338ec35c4799fa544d9cc0bc2aa7b2139ec929f26bffb4fc0424c10c09b8a72b1 |
C:\whatdadogdoing.wav
| MD5 | a55dee0b6901e6cc5dee3ee6db227b41 |
| SHA1 | 914b3ff1faa2a3009b13044ba08f08a71f2f3f20 |
| SHA256 | 6fd47a0e90adba6e9560ba5fbbc162b346b528aba268300f560d5a144924bd9f |
| SHA512 | ecbd6e493df019e3045a420e0aa6235fdee1d1e97e455370e29ee7563e7c25f9d75afa9b7c1c9d8e2693e90e1271811dbe88072ba8ec4e93cf23d08cdba0f4b5 |
C:\bass_imposta_sound.wav
| MD5 | f6d67bd69fe398b2c5238fa4c9d6455a |
| SHA1 | a8c7dfb2cd54dd46f2eb1e2fe6a19bdf40c47e44 |
| SHA256 | 3ad823c535650fcba2de953fb2ce6fc46afeb04e529494e6b60b788cb28ddc32 |
| SHA512 | 63e0e262338850ffe35929af320d17eb850efa046f860ca4fdb93518dbeeb2fe9ab3d4d13305c6d1f5c9fe78b42615ac0794d160b66fad5e3a30309dfed117e8 |
C:\fart.wav
| MD5 | e87a6a5fe2591cb8c7a88c0bd4cc8d3c |
| SHA1 | 75c4ca221b2f4782709f16230059bf8413de13b9 |
| SHA256 | 840bbecc0e95ca503740df9ac0ac944303c4a4c5f163a3eb4d4aea329629371c |
| SHA512 | 2fce9c3827b0d16828175f8ac86029f615614ad0f147c95842113824d8177e2919cd0e09d67b9723396d259dea99e3b465b7a83972a8f1d344925cd8c14f0605 |
C:\sussybaka.wav
| MD5 | 8853da13437c21bd8c8b131dacd73d4f |
| SHA1 | 844f143af3aab36ce1cee355eb7e7c5a4ba67f4a |
| SHA256 | 7616c3dc3ef9a7a6d08a54a5e955b33f001647f0821c29b92b022c044226e480 |
| SHA512 | 31a3989fddbffbb8e6979bf3e855eb13ba97146cc1cee4ab6f939cf002e0a2e698a12383f0f2a8d3d6aab437da9bac7e641189565a7ced1d2c5ae1a8f149cf30 |
C:\amogus.wav
| MD5 | c30df0f1ba8d92eccb020946a107c7fe |
| SHA1 | fe95d0b0246a4ecc25fc89ee7102647e12c1dcb5 |
| SHA256 | 3d6d12cadb2ef6fe5b2a03d15964512bc32895e338c2da25ae2cb07bcb31deae |
| SHA512 | 624aebee4d918c8eed1716d17829a36104eb5aeb2d23be021e61f9d8e59a6aeb7215c14365ac081fa2f820e561aa108be25640d1634983dff7ca8ebd4dbd6a45 |
C:\ustupid.wav
| MD5 | afc635b14cc1d36ce347aa3ad423bcde |
| SHA1 | 306b78de47455914a0550229035516b951e638c5 |
| SHA256 | 80d9439a20f9f0b09bfb6b7b71a84bd9875c2363141b323522ab0473df90c0b5 |
| SHA512 | ce4b43b1b876b741d312a045fede59c4b1287f084a4fd0a1929aa8e6da3820450f25ae9436d48885e30908201e6a82cd3ad7e8e9d92b16aa68aa1e0b37366d40 |
C:\scream.wav
| MD5 | 2d714bed0f2a11e2daba10305c667e93 |
| SHA1 | 20af1afd4f3283cd142904a285b6471b119f8079 |
| SHA256 | a65f7847e0c4ec164b204cb5abb90a4b58cacc4c957f0749b52c7130094b860d |
| SHA512 | da26fb5aba9377c746993daf6ffbe3df60db4ce0992058b7d70a1a26398f9014a7c111775e1acfe26526500a90daaacf805dda3b8a7cce87c36b60f641fd0119 |
C:\omg.wav
| MD5 | 4f0ad7516cd72bc8e78452edbfb7675b |
| SHA1 | fdaf974becd0d3d66eb580df0e4beaf048ef22b4 |
| SHA256 | 654700adddf4f3b7f18f08d3d7ba2df035a026fd38b86f700b950d4ce4cc0cfe |
| SHA512 | d973a212cb46199bfbb938edd724e187f52d273eb92f0f32390f6b8c269886d55a2009545a3b46d456eb8a42f1c76e4956bfde803898d053e2164aa58a92f584 |