Analysis Overview
SHA256
00e381f0e1418be601cb5d607ea266298ba0d29ece03ae762a13483571223590
Threat Level: Shows suspicious behavior
The file 627121 (1).mp3 was found to be: Shows suspicious behavior.
Malicious Activity Summary
Enumerates connected drives
Drops desktop.ini file(s)
Drops file in Windows directory
Program crash
System Location Discovery: System Language Discovery
Browser Information Discovery
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of WriteProcessMemory
Checks SCSI registry key(s)
Modifies data under HKEY_USERS
Suspicious behavior: EnumeratesProcesses
Modifies registry class
Enumerates system info in registry
Suspicious use of SendNotifyMessage
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-11-09 21:12
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-11-09 21:12
Reported
2024-11-09 21:22
Platform
win10v2004-20241007-en
Max time kernel
599s
Max time network
589s
Command Line
Signatures
Drops desktop.ini file(s)
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Music\desktop.ini | C:\Program Files (x86)\Windows Media Player\wmplayer.exe | N/A |
| File opened for modification | C:\Users\Public\desktop.ini | C:\Program Files (x86)\Windows Media Player\wmplayer.exe | N/A |
| File opened for modification | C:\Users\Public\Music\desktop.ini | C:\Program Files (x86)\Windows Media Player\wmplayer.exe | N/A |
| File opened for modification | C:\Users\Admin\Videos\desktop.ini | C:\Program Files (x86)\Windows Media Player\wmplayer.exe | N/A |
| File opened for modification | C:\Users\Public\Videos\desktop.ini | C:\Program Files (x86)\Windows Media Player\wmplayer.exe | N/A |
| File opened for modification | C:\Users\Admin\Pictures\desktop.ini | C:\Program Files (x86)\Windows Media Player\wmplayer.exe | N/A |
| File opened for modification | C:\Users\Public\Pictures\desktop.ini | C:\Program Files (x86)\Windows Media Player\wmplayer.exe | N/A |
Enumerates connected drives
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File created | C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\UPnP Device Host\upnphost\udhisapi.dll | C:\Windows\system32\svchost.exe | N/A |
| File opened for modification | C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\UPnP Device Host\upnphost\udhisapi.dll | C:\Windows\system32\svchost.exe | N/A |
Browser Information Discovery
Program crash
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\WerFault.exe | C:\Program Files (x86)\Windows Media Player\wmplayer.exe |
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Windows Media Player\wmplayer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\unregmp2.exe | N/A |
Checks SCSI registry key(s)
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_WDC&PROD_WDS100T2B0A\4&215468A5&0&000000 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\ConfigFlags | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_QEMU&PROD_QEMU_DVD-ROM\4&215468A5&0&010000 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\ConfigFlags | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133756604892526291" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MIME\Database\Content Type\application/x-wmplayer\CLSID = "{cd3afa96-b84f-48f0-9393-7edc34128127}" | C:\Program Files (x86)\Windows Media Player\wmplayer.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-3227495264-2217614367-4027411560-1000\{39A74533-8EAF-426D-AF97-46C9FC65F8D9} | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-3227495264-2217614367-4027411560-1000\{1DCFE364-74B2-4B2C-94F0-0CA4E0F1673C} | C:\Program Files (x86)\Windows Media Player\wmplayer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\MIME\Database\Content Type\application/x-wmplayer | C:\Program Files (x86)\Windows Media Player\wmplayer.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
"C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:6 /Open "C:\Users\Admin\AppData\Local\Temp\627121 (1).mp3"
C:\Windows\SysWOW64\unregmp2.exe
"C:\Windows\System32\unregmp2.exe" /AsyncFirstLogon
C:\Windows\system32\unregmp2.exe
"C:\Windows\SysNative\unregmp2.exe" /AsyncFirstLogon /REENTRANT
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s upnphost
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x2d4 0x408
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Windows\system32\cmd.exe
"C:\Windows\system32\cmd.exe"
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 3616 -ip 3616
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 3616 -s 2348
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffddf69cc40,0x7ffddf69cc4c,0x7ffddf69cc58
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1828,i,11378831560331052983,15944310987927450746,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1824 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2188,i,11378831560331052983,15944310987927450746,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2232 /prefetch:3
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2292,i,11378831560331052983,15944310987927450746,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2500 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3164,i,11378831560331052983,15944310987927450746,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3184 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3204,i,11378831560331052983,15944310987927450746,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3400 /prefetch:1
C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3728,i,11378831560331052983,15944310987927450746,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4552 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4792,i,11378831560331052983,15944310987927450746,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4812,i,11378831560331052983,15944310987927450746,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4844 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=4848,i,11378831560331052983,15944310987927450746,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4836 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=3736,i,11378831560331052983,15944310987927450746,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4424 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=3760,i,11378831560331052983,15944310987927450746,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4592 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=5160,i,11378831560331052983,15944310987927450746,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3460 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=5280,i,11378831560331052983,15944310987927450746,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5184 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-appcompat-clear --field-trial-handle=5212,i,11378831560331052983,15944310987927450746,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5140 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=5636,i,11378831560331052983,15944310987927450746,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5972 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=6272,i,11378831560331052983,15944310987927450746,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6328 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=6336,i,11378831560331052983,15944310987927450746,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6344 /prefetch:8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=6088,i,11378831560331052983,15944310987927450746,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6100 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=6340,i,11378831560331052983,15944310987927450746,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6328 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=6324,i,11378831560331052983,15944310987927450746,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5468 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5732,i,11378831560331052983,15944310987927450746,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6332 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --field-trial-handle=6084,i,11378831560331052983,15944310987927450746,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5524 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5288,i,11378831560331052983,15944310987927450746,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6204 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4756,i,11378831560331052983,15944310987927450746,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4736 /prefetch:8
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 136.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.211.185.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 0.205.248.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | musicmatch-ssl.xboxlive.com | udp |
| US | 23.192.20.9:443 | musicmatch-ssl.xboxlive.com | tcp |
| US | 8.8.8.8:53 | 9.20.192.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 53.210.109.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 241.42.69.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 240.221.184.93.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 48.229.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.179.228:443 | www.google.com | tcp |
| GB | 142.250.179.228:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 3.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 228.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ogads-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| GB | 216.58.213.10:443 | ogads-pa.googleapis.com | tcp |
| GB | 216.58.201.110:443 | apis.google.com | tcp |
| GB | 216.58.213.10:443 | ogads-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | 10.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 227.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 110.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 172.217.16.238:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | 238.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | dns-tunnel-check.googlezip.net | udp |
| US | 8.8.8.8:53 | tunnel.googlezip.net | udp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| GB | 216.58.213.10:443 | ogads-pa.googleapis.com | tcp |
| GB | 216.58.213.10:443 | ogads-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | 2.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 157.34.239.216.in-addr.arpa | udp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| GB | 172.217.16.238:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | consent.google.com | udp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | encrypted-tbn0.gstatic.com | udp |
| US | 8.8.8.8:53 | encrypted-tbn2.gstatic.com | udp |
| US | 8.8.8.8:53 | encrypted-tbn1.gstatic.com | udp |
| US | 8.8.8.8:53 | encrypted-tbn3.gstatic.com | udp |
| GB | 142.250.179.238:443 | encrypted-tbn3.gstatic.com | tcp |
| GB | 142.250.200.46:443 | encrypted-tbn2.gstatic.com | tcp |
| GB | 142.250.200.46:443 | encrypted-tbn2.gstatic.com | tcp |
| GB | 142.250.200.46:443 | encrypted-tbn2.gstatic.com | tcp |
| GB | 142.250.200.46:443 | encrypted-tbn2.gstatic.com | tcp |
| GB | 142.250.200.46:443 | encrypted-tbn2.gstatic.com | tcp |
| US | 8.8.8.8:53 | geometrygame.org | udp |
| US | 8.8.8.8:53 | universal.wgplayer.com | udp |
| US | 172.67.155.251:443 | geometrygame.org | tcp |
| US | 172.67.155.251:443 | geometrygame.org | tcp |
| US | 172.67.155.251:443 | geometrygame.org | tcp |
| US | 172.67.155.251:443 | geometrygame.org | tcp |
| US | 172.67.155.251:443 | geometrygame.org | tcp |
| US | 172.67.155.251:443 | geometrygame.org | tcp |
| US | 104.22.3.60:443 | universal.wgplayer.com | tcp |
| US | 8.8.8.8:53 | 46.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 251.155.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 60.3.22.104.in-addr.arpa | udp |
| US | 172.67.155.251:443 | geometrygame.org | udp |
| US | 8.8.8.8:53 | imasdk.googleapis.com | udp |
| US | 8.8.8.8:53 | afg.wgplayer.com | udp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| GB | 142.250.178.10:443 | imasdk.googleapis.com | tcp |
| US | 8.8.8.8:53 | www.clarity.ms | udp |
| US | 8.8.8.8:53 | static.hahagames.com | udp |
| US | 104.16.79.73:443 | static.cloudflareinsights.com | tcp |
| US | 172.67.68.74:443 | static.hahagames.com | tcp |
| US | 13.107.246.65:443 | www.clarity.ms | tcp |
| US | 104.16.79.73:443 | static.cloudflareinsights.com | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 172.217.169.74:443 | content-autofill.googleapis.com | tcp |
| GB | 142.250.179.226:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | tcp |
| US | 8.8.8.8:53 | b.clarity.ms | udp |
| US | 8.8.8.8:53 | fundingchoicesmessages.google.com | udp |
| US | 4.153.129.168:443 | b.clarity.ms | tcp |
| GB | 142.250.178.14:443 | fundingchoicesmessages.google.com | tcp |
| US | 8.8.8.8:53 | 10.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.68.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 65.246.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.79.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.32.239.216.in-addr.arpa | udp |
| GB | 172.217.169.74:443 | content-autofill.googleapis.com | udp |
| GB | 142.250.178.14:443 | fundingchoicesmessages.google.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | tcp |
| GB | 142.250.178.10:443 | imasdk.googleapis.com | tcp |
| US | 8.8.8.8:53 | s0.2mdn.net | udp |
| US | 8.8.8.8:53 | scout.wgimager.com | udp |
| US | 172.67.180.10:443 | scout.wgimager.com | tcp |
| GB | 172.217.16.230:443 | s0.2mdn.net | tcp |
| US | 8.8.8.8:53 | lh3.googleusercontent.com | udp |
| GB | 216.58.213.1:443 | lh3.googleusercontent.com | tcp |
| GB | 142.250.178.14:443 | fundingchoicesmessages.google.com | udp |
| US | 8.8.8.8:53 | 168.129.153.4.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.180.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 230.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | c.clarity.ms | udp |
| IE | 13.74.129.1:443 | c.clarity.ms | tcp |
| US | 8.8.8.8:53 | c.bing.com | udp |
| US | 204.79.197.237:443 | c.bing.com | tcp |
| GB | 142.250.179.226:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.179.226:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.179.226:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.179.226:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.179.226:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.179.226:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.179.226:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | ep1.adtrafficquality.google | udp |
| GB | 216.58.204.66:443 | ep1.adtrafficquality.google | tcp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| GB | 142.250.179.225:443 | ep2.adtrafficquality.google | tcp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| GB | 142.250.179.225:443 | ep2.adtrafficquality.google | tcp |
| GB | 142.250.179.228:443 | www.google.com | tcp |
| GB | 142.250.179.228:443 | www.google.com | tcp |
| GB | 172.217.169.33:443 | tpc.googlesyndication.com | tcp |
| GB | 172.217.169.33:443 | tpc.googlesyndication.com | tcp |
| GB | 172.217.169.33:443 | tpc.googlesyndication.com | tcp |
| GB | 172.217.169.33:443 | tpc.googlesyndication.com | tcp |
| GB | 172.217.169.33:443 | tpc.googlesyndication.com | tcp |
| GB | 172.217.169.33:443 | tpc.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | 1.129.74.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 237.197.79.204.in-addr.arpa | udp |
| GB | 142.250.179.228:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 66.204.58.216.in-addr.arpa | udp |
| GB | 172.217.169.33:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 225.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 33.169.217.172.in-addr.arpa | udp |
| GB | 142.250.179.225:443 | ep2.adtrafficquality.google | udp |
| GB | 216.58.204.66:443 | ep1.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | pubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | csi.gstatic.com | udp |
| US | 74.125.141.120:443 | csi.gstatic.com | tcp |
| US | 8.8.8.8:53 | 120.141.125.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | video.wgplayground.com | udp |
| US | 172.67.74.181:443 | video.wgplayground.com | tcp |
| US | 74.125.141.120:443 | csi.gstatic.com | udp |
| US | 74.125.141.120:443 | csi.gstatic.com | tcp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | videos.wgplayer.com | udp |
| US | 104.22.3.60:443 | videos.wgplayer.com | udp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 181.74.67.172.in-addr.arpa | udp |
| US | 74.125.141.120:443 | csi.gstatic.com | udp |
| US | 8.8.8.8:53 | rr2---sn-aigl6nek.googlevideo.com | udp |
| GB | 173.194.183.103:443 | rr2---sn-aigl6nek.googlevideo.com | tcp |
| US | 8.8.8.8:53 | ade.googlesyndication.com | udp |
| GB | 216.58.204.66:443 | ade.googlesyndication.com | tcp |
| GB | 216.58.204.66:443 | ade.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | 103.183.194.173.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 38.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| GB | 142.250.178.14:443 | clients2.google.com | tcp |
| US | 8.8.8.8:53 | clients2.googleusercontent.com | udp |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 216.58.213.1:443 | clients2.googleusercontent.com | tcp |
| GB | 216.58.204.66:443 | ade.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 214.143.182.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | b.clarity.ms | udp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | google.com | udp |
| GB | 172.217.169.3:443 | beacons.gcp.gvt2.com | tcp |
| GB | 142.250.200.14:443 | google.com | tcp |
| US | 8.8.8.8:53 | 14.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| GB | 216.58.213.3:443 | beacons.gcp.gvt2.com | tcp |
| GB | 216.58.213.3:443 | beacons.gcp.gvt2.com | tcp |
| GB | 216.58.213.3:443 | beacons.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | 3.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | b.clarity.ms | udp |
| US | 4.153.129.168:443 | b.clarity.ms | tcp |
| GB | 216.58.213.3:443 | beacons.gcp.gvt2.com | udp |
| GB | 142.250.200.14:443 | google.com | udp |
| US | 8.8.8.8:53 | b.clarity.ms | udp |
| US | 4.153.129.168:443 | b.clarity.ms | tcp |
| GB | 216.58.213.3:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | b.clarity.ms | udp |
| US | 4.153.129.168:443 | b.clarity.ms | tcp |
| US | 8.8.8.8:53 | b.clarity.ms | udp |
| US | 4.153.129.168:443 | b.clarity.ms | tcp |
| US | 4.153.129.168:443 | b.clarity.ms | tcp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Windows Media\12.0\WMSDKNS.XML
| MD5 | 7050d5ae8acfbe560fa11073fef8185d |
| SHA1 | 5bc38e77ff06785fe0aec5a345c4ccd15752560e |
| SHA256 | cb87767c4a384c24e4a0f88455f59101b1ae7b4fb8de8a5adb4136c5f7ee545b |
| SHA512 | a7a295ac8921bb3dde58d4bcde9372ed59def61d4b7699057274960fa8c1d1a1daff834a93f7a0698e9e5c16db43af05e9fd2d6d7c9232f7d26ffcff5fc5900b |
C:\Users\Admin\AppData\Local\Microsoft\Windows Media\12.0\WMSDKNS.DTD
| MD5 | 90be2701c8112bebc6bd58a7de19846e |
| SHA1 | a95be407036982392e2e684fb9ff6602ecad6f1e |
| SHA256 | 644fbcdc20086e16d57f31c5bad98be68d02b1c061938d2f5f91cbe88c871fbf |
| SHA512 | d618b473b68b48d746c912ac5fc06c73b047bd35a44a6efc7a859fe1162d68015cf69da41a5db504dcbc4928e360c095b32a3b7792fcc6a38072e1ebd12e7cbe |
C:\Users\Admin\AppData\Local\Microsoft\Media Player\CurrentDatabase_400.wmdb
| MD5 | 987a07b978cfe12e4ce45e513ef86619 |
| SHA1 | 22eec9a9b2e83ad33bedc59e3205f86590b7d40c |
| SHA256 | f1a4a978ce1c4731df1594043135cf58d084fdf129dd1c8e4507c9e06eac5ea8 |
| SHA512 | 39b86540e4d35c84609ef66537b5aa02058e3d4293f902127c7d4eac8ffc65920cb5c69a77552fc085687eed66e38367f83c177046d0ecb8e6d135463cc142aa |
C:\Users\Admin\AppData\Local\Temp\wmsetup.log
| MD5 | 799fa3b2ba04bc2fc5aa5f500d80980c |
| SHA1 | 2fbcca7e0001c775538d0b760f4caa8852e29fa2 |
| SHA256 | db9b7ca8f9df89c06a459c94c148525049e83d4be9da51c234775400bca516e5 |
| SHA512 | d20d44faeb172f08be7c3bca27f421e632e00f89cb474a331277ab734c97fc058626d0174c35f414b9fe6ad331d3928e9e991b309a4686b4b5d161ffc1f14cd7 |
memory/3616-34-0x00000000044B0000-0x00000000044C0000-memory.dmp
memory/3616-33-0x00000000044B0000-0x00000000044C0000-memory.dmp
memory/3616-32-0x00000000044B0000-0x00000000044C0000-memory.dmp
memory/3616-31-0x00000000044B0000-0x00000000044C0000-memory.dmp
memory/3616-36-0x00000000044B0000-0x00000000044C0000-memory.dmp
memory/3616-35-0x00000000044B0000-0x00000000044C0000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Media Player\CurrentDatabase_400.wmdb
| MD5 | 8f8a36d205da4b3d4e9d2a79592e2c24 |
| SHA1 | 03e68a141d96fc9d89dde6293901f01c6189c0b1 |
| SHA256 | 8e1450935ac24b06549cfde8c820e034037b40399c9213ffde876981475a1f02 |
| SHA512 | 818f1138775f08a85d088c570f834e240d23829549db6ea37df1c24ed34da62c15be17e23ac9dad78e976a2e3e8a2414f4740823ef1b1f2018d5f83f3f3c0cff |
C:\Users\Admin\AppData\Local\Microsoft\Media Player\LocalMLS_3.wmdb
| MD5 | 8f24740ade845f23dca30524c6ff63cc |
| SHA1 | 92155785072a7eba32a6c836b08321fc03c3b5e6 |
| SHA256 | 1db8d5383d981c9c0aead3a5358c8497424e94847eb26636f2640c81bdcb6085 |
| SHA512 | 62187c4cc327efa47beccb2fe1af4e81f040063869fcd1c8fb14cc593b019d05dda635a5f212e57889a96b0d6e43f238c5af49aa7b0bf8dd35fd86209ee51a54 |
memory/3616-51-0x00000000048F0000-0x0000000004900000-memory.dmp
memory/3616-61-0x00000000044B0000-0x00000000044C0000-memory.dmp
\??\pipe\crashpad_3856_LRPPWXWAWULRQGCZ
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 83e47e19050d40e91d4d272ee93e6cb9 |
| SHA1 | db92e7542b88f753f3dee133f8b4ed39fa67c7bc |
| SHA256 | baf87aa4bd5cbb7b337b448600417d7003fec57f678e39f9015f625a810f880d |
| SHA512 | beda1d5c062eadf5179d77f88783b6265be8d7d6a3a58b4d1ac841d4b696d403801daf0c583e419933ca62b8667a210151cf4af7499832ee207e071847fbad26 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 502f04bee83874d9ee2400a4724842c0 |
| SHA1 | d8fe976963cce6b093f5216844df1ff363d7aa8a |
| SHA256 | 6d3ee8626278aaf120a52931fe83c77a97080c68fffd90f1dd2008bd9bfe5345 |
| SHA512 | e78910b9747c97140cdd272bdbb6ae4fc73aaff8680cf63be493ff1ad60a977b1317b5fdf6074e4459898c777cff8123e0bbe246e9bd3cb971fd74e523cd7a78 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | ce18f0c82b4c369b2d983eca6231f4f2 |
| SHA1 | b48086f65fd4b4ed6bd4a3af8438e464238edd0b |
| SHA256 | 75e825186084111205182e7b6327207a39078619981f54d4122926a0eae4d02f |
| SHA512 | 925c5762307f19d139e2efe6bb2cb52bab780070e497fa2d4a6aedc1eecb5f5d5de0eff11d86e32ec451d7a3efebb1129e87bea431517a27ba3c40b2139a1ca1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000036
| MD5 | d601b0ceec1510d30bd5ac20eac1ac87 |
| SHA1 | 637b806cbf15b2b23980293139717dec78b62e13 |
| SHA256 | 37bc4d715c6357db0dc736f86e50e249b8c8611419ca2763c3163356ec36f68d |
| SHA512 | c66fd2cd05437f7e113c09f87f872491cf215dceb82a366c96cb74a7d033e1a4ebedd58ddfdded4bfa3deb6a502b22249a2335b992df0b06a86c01a52e39ee70 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 6fd04ff322a3dfee012033f3be3e24e3 |
| SHA1 | 4b771aee07e4403f66f206b17feeaf7f5e39187e |
| SHA256 | 6d67998ec62c32d4b57ec530c146a1c934908644978bfc2a9b4ebaa740e11060 |
| SHA512 | 6f9b549aa00469ba5e50761b25999f44480e4b7c1f549062386bdc8548c47a9611c06af60f3e97e96813a0430156801c808eb117873615e823c5dfe1746774e8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 64454b7a7c04ba3c26be68dd5c249a62 |
| SHA1 | 597f4f557fcc71a55e4fb78b6a68b06c78bb35a7 |
| SHA256 | a71e2dacc8b0baa6c3e70d99b0ec3e9d308f56523d989961d0c9d83489ac6de3 |
| SHA512 | 5c6d68474c395725081517dd20ca4ab07278a79fe068b69f277087769d2aaeab818e98ed8274f745b0f61039606289fff3270241d69cf2ef0c3d9f5643d3e474 |
C:\Users\Admin\AppData\Local\Temp\1a4eb03a-acc7-44e3-a473-47079d7499b0.tmp
| MD5 | da75bb05d10acc967eecaac040d3d733 |
| SHA1 | 95c08e067df713af8992db113f7e9aec84f17181 |
| SHA256 | 33ae9b8f06dc777bb1a65a6ba6c3f2a01b25cd1afc291426b46d1df27ea6e7e2 |
| SHA512 | 56533de53872f023809a20d1ea8532cdc2260d40b05c5a7012c8e61576ff092f006a197f759c92c6b8c429eeec4bb542073b491ddcfd5b22cd4ecbe1a8a7c6ef |
C:\Users\Admin\AppData\Local\Temp\scoped_dir3856_1434920033\CRX_INSTALL\_locales\en_CA\messages.json
| MD5 | 558659936250e03cc14b60ebf648aa09 |
| SHA1 | 32f1ce0361bbfdff11e2ffd53d3ae88a8b81a825 |
| SHA256 | 2445cad863be47bb1c15b57a4960b7b0d01864e63cdfde6395f3b2689dc1444b |
| SHA512 | 1632f5a3cd71887774bf3cb8a4d8b787ea6278271657b0f1d113dbe1a7fd42c4daa717cc449f157ce8972037572b882dc946a7dc2c0e549d71982dcdee89f727 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.83.1_0\dasherSettingSchema.json
| MD5 | 4ec1df2da46182103d2ffc3b92d20ca5 |
| SHA1 | fb9d1ba3710cf31a87165317c6edc110e98994ce |
| SHA256 | 6c69ce0fe6fab14f1990a320d704fee362c175c00eb6c9224aa6f41108918ca6 |
| SHA512 | 939d81e6a82b10ff73a35c931052d8d53d42d915e526665079eeb4820df4d70f1c6aebab70b59519a0014a48514833fefd687d5a3ed1b06482223a168292105d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.83.1_0\_locales\en_CA\messages.json
| MD5 | 07ffbe5f24ca348723ff8c6c488abfb8 |
| SHA1 | 6dc2851e39b2ee38f88cf5c35a90171dbea5b690 |
| SHA256 | 6895648577286002f1dc9c3366f558484eb7020d52bbf64a296406e61d09599c |
| SHA512 | 7ed2c8db851a84f614d5daf1d5fe633bd70301fd7ff8a6723430f05f642ceb3b1ad0a40de65b224661c782ffcec69d996ebe3e5bb6b2f478181e9a07d8cd41f6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState
| MD5 | 7f4cd950b8a718611a1fffc30afbf55e |
| SHA1 | eb1863a96c3776ab53ab654f9de5987926a78a79 |
| SHA256 | 0ec5833e6bee87fac09714f14c10cdb2e8fcc02a5cc3eb7c3a803e9b0ed29401 |
| SHA512 | 218b5091b72dbe9e6b72f85bcdb1202905f781bccb145727d4d87adfbdf823bface7f89ea859bb07cbc224b48684bdb775043c125a8011ab4b895c4ae970fc71 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 02352deea2e2f8a7c6c00a0957ee4632 |
| SHA1 | 01d9f708097278e1228747377862f3400a59150d |
| SHA256 | a6a6d36edef90183efd5bce3786554b32b6460f540b4f97216604a4fdd2b9b71 |
| SHA512 | 71c47ebe4b98b37de7ee155811ae780121dbf388ea74072b70dbb017b727800163c57d1938b9026c1821a66cd4340a96471f742c4dd917d312a5ea47536636b8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
| MD5 | c71a654ef62dd0d89e0fec25995dc167 |
| SHA1 | d367ee46f75c55a39001470f7b8770c94a31139f |
| SHA256 | fe1321253fdf8aa368a9a9f140639f2303c416de5264916ec993aa6e8a669245 |
| SHA512 | 1783a91dc69d5053906e693f57772160afe9f2fa9f4a7a7cf6c9da6e738d27955857b43900edd83fcb5763185dd2bd9a2cecad4aca5ee1331c41c30735d846c8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 9a4d9bdc4ab2d518146744045eb29324 |
| SHA1 | 70bedac6f44c7b20e30c397fca6c47a28d14749d |
| SHA256 | 40f82dc5169d37eb83ae400d56d3a1ecc67e8aba0bc27bfe1255fba11cb9624c |
| SHA512 | 6c96d2de1cb355221e21f5ba790660f81996b7ab4b7a3317fed0d8a4fa229740d5e34b6a7c0975751384f7700eb160316623f954c2d6eb8bf290bcad1173e6ef |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_geometrygame.org_0.indexeddb.leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 685144b982407481f0abe72ba2cc8e77 |
| SHA1 | 88a8a5bca80211e89ea68c8c22e79b3135f93a90 |
| SHA256 | 2f5af25c3b7821cde4b05e2355ce0ad677a1b95e9848ff889820c689ffd6b482 |
| SHA512 | eb9eb5aefe3e305445a8de83596de0c9c66e131c18ab62cf6db6635247e1138ebcf526cf49b26ff5eb8034f89904d2be92db14f6d852d9a9df7299385a21d383 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e3b3323ed4416d390b7a7a93b846ec90 |
| SHA1 | 6d2adbe7c0707095faad49a18d54d9e9abdbb206 |
| SHA256 | b8d9fd60d6b74269b007742b00e58e1bf26652f7ce50e0be450af0cb1bd9efb2 |
| SHA512 | 82a2e257353dba852084fe1a4a0b7f5687da501b9b425f73aff18d4ec1fdc792da472a2a0eecb5a158a4079e0c6e150cde4ae59387b1a7779873f72618bc4138 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 512c3e0ac82b6948e1118878e5273d4e |
| SHA1 | 215a764368231ce0458f8cedd6a48b852d6516c6 |
| SHA256 | 877b9e4833ae7c7ef0681205e21f4ab18a84e3ae3219dbf8a2f891b46b0aba64 |
| SHA512 | 79a257fac2c34e49ed6c2def3c50d5587068a8e853a01f1d08cd264270fc8d4d8163453ea69719fdc717623b78424b80ce2a162069794b5773a650b61aa68014 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | cbd7fb014ee3ca20a2bc22b992350815 |
| SHA1 | 1bf506715e32857abcfb30be0d85ccfaacc2e610 |
| SHA256 | 218e63fe14d448ac4edc2e31a4393fc686fc7f750c9eecb5e433c5bb683f6a10 |
| SHA512 | 073100fea736bb3f362e48754fe55c8eb185b4647da3f01f8185fb233b4f9f2ec5b1d317b2f39db8ff831a0e171f32c50b9e65a946c904e2d6c14ed31c9c8826 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | f570fe1abe1e32b6bec7d2fa645220e5 |
| SHA1 | a5017acd193c5096996201751f0bdc8a37182979 |
| SHA256 | 22d944fa57518d87534f15c0c70f5e5bbfdf8e97fb58b4e34cb0f2b4b0ee692c |
| SHA512 | 366d776a3e120b1af5f75959e170f8ac9b006b64fd492e3bab5cf682a2f1fadf3a6e1257a3791b028fad80e8ab8d497aeeb404829ac95c2c40b840de130f5f0c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e5419030063653814e5e04cdba70384d |
| SHA1 | c93deef66e11bf255a0e492f6bcbc41e4f58bfee |
| SHA256 | 7992ff0a6bc54e9f1585459fb55d050ef9e56de0f47adf2d94185d3a9740d5cb |
| SHA512 | 57a38443422486cc52e3f2eb79dc164c4ce162efe0032e7b49fab9e1eabe8afe034d9f3fb0fef7f9927db21dd01af9e17ee1944eeff2a37ed5b0a6f54667e5cb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 24802c8f546e83f071fa1c907ca542c7 |
| SHA1 | ae3ac5d996cc8d0f1802637c1b2724fe113b948f |
| SHA256 | 22c854506609312f2d81bddecdda93f402324e9f9efb68f1380bdb5df1f47bff |
| SHA512 | 3bdaf1edbe562fd684f41d1bea97ea7db448b6ee4dce937517c1b62f7452db33e3334b83f069983a8303a5a5ef7d311cedc982d8744f1deadac8b34ea76a9988 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 5c45b6376e1e8c0cc3dc4b8164e7f542 |
| SHA1 | 92d27967f4bacb6752f9949d61aba9b98f0117ec |
| SHA256 | de0962bb5fd952f797695b87204a6441c445a4a0342da0dfbfcf49367414563d |
| SHA512 | 34b892e38ba161ac021410e9a649219913193f12df21e68e7a1b8dd5dc53bf1dc392a6393bf4f356c94725e84edbd28c5e667d0acb2f254ba71459ec75dcd0c5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2f4945d71e8795bc5c0cd27198076eae |
| SHA1 | 6990b76d41a7c1eda82c26598676eba56d94139b |
| SHA256 | c777cca1e191839c7c2655a916780183590ca7e4d727546843da56005fddfaf2 |
| SHA512 | c1358eb81bd186921634ba027ac9d256a478cedf08cc900757bda1af3efe00e144686fc4071997fec9741d13042a18baafebbb73bf58dff63be6bfcb2354f6ce |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 48ba542f62d99ddea31ebb3795f15f0a |
| SHA1 | 3c20ca0c578bd7aae8d3cabb0b122be6a9cbeab9 |
| SHA256 | 22d176c02dc39ddf04c96b447eae80b7f76c8ed4767deefd56d0d7fab8092d32 |
| SHA512 | d4a4d00a32411769ac2cacbde782732bf73a4d8a1909c5f8a9ace13528c0e7ff406777358a583f2927c41763ec21b83e9a06a9097037a33377f2669ba6a3a065 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 18c3c1d51cdac3acfa5b819df6dd9739 |
| SHA1 | a491bef0d2eec06895dc6b02d4fb454593c4d575 |
| SHA256 | f49007d8dc58dac3bb383a3d486e767c957284a3412b73b63486d65a128e9f38 |
| SHA512 | 838eaea480d2f73e9e78b03e0ab8412606331f240cba1c7f992dd254e01a5e0ae7a9f610ebf81a6e7f12480430abb2b8cfa347a27f5d467e88d3fdfcf6309300 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8c00510e189e4c4110d326f29df0a24b |
| SHA1 | f18046d649ba17a9e68c276a68f12086e28aa0c3 |
| SHA256 | 22cd344dafd7922254cc2e4cbba85f85cd2a92e269deeb7471b62716baa1f8b4 |
| SHA512 | 73f79d4a6e0aa32d67e4690ae5dd2fd62f609e62877b697fa06806d6d3432b68ebfabb59db982ba5accf45b4c5e1fc69bad7751432cf49fe40c1151c48a75c03 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ae309578c39e4abc013b05ca2ee72c52 |
| SHA1 | 1eb16de63ecb383a34dd6c2519c372bd4c430ce3 |
| SHA256 | 54ac46bd713e54b9398fb893865ed29804847e8501e2ab632e8c03a34dc2d0ab |
| SHA512 | 9b72b6fdaa77e944c0caace418b707f2893879533528b50faef1796ec816b302c8b8601cae785f0680f8904a871a85c58fe3f1af6c079094519ed3395f104797 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 79bb76398a6a396232d70237b6fd832c |
| SHA1 | 7d03c76ee9e4b213d740bc7badcb73c973e9c4f1 |
| SHA256 | 2117ae963d52fb243be3b10ab990c1e8ffc9dd20090308e4f1e849a55640ffac |
| SHA512 | ce272723c90f349d05d3299a13211226785aae065c0a3d281510d737f05083af3d288ca86c62b6bff3b036d2109abedecb2c193e60aabdd98022ef3ee915bd48 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 4464d407d68c93c2b16cfe417bb69b74 |
| SHA1 | 0560060dbb151bfd31fe75fe02d4bb989cca7af2 |
| SHA256 | 85bd55d43c03183dbfff08417f97ff724031cd83a74617dd56deac38b3c52602 |
| SHA512 | 32e8c9eb51236ae12b3a562b79c2a1379aea6f0175c0b061e4bdaa9313bb8086d84665f3057c111933b22293d25783dec8cbdea939238bdcc936dfc78fb52068 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 5549714364f2701e798ddbea5e9d441c |
| SHA1 | 0bb286bbcbb6ec7ec3c9b8fea7adc02e9650fdf1 |
| SHA256 | b618c3134107ea9ea0b6dc03c4b8f6a5a660d2fb5bd40a207e105e55c6f3f95c |
| SHA512 | a71624b4a563092d872a073085f73273d6e047e9c5b72f8b11f79e48384a520e910149b990ac884b357b9fc0b43e25f820c0b349881b3409e8d256b70cc7f1a0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 5c33237808239648edc68a0bc6641cdf |
| SHA1 | cfc370794e9ce6ffea61d5174a752e5965f6614e |
| SHA256 | bf80ce11f00119ff4391282c3f8b7108549a6a3ad2a4aa2bfe65c06a9a3af1af |
| SHA512 | ca987773e23856356880a2f943f3fc03ce74a6764b6c5f869c4669f6679717cef04cbb230821ea26f5f6816a6de4e9594057154d8b266527a180cdae0dca5a77 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 1bfab5254160fc557f169797f05b0544 |
| SHA1 | 68ddd44de56d18c74ec200785e8b9082f9d9b883 |
| SHA256 | d1b80d6197f224c3602fc81476a73c39f8dcee95ea521b68c8233c6685650786 |
| SHA512 | 943ffa2106075e3c2c6ce1856def6b8e51e1f69422c2a3a863ab239c8d6a624233f1fc58162e779e9a18606ac199296882e3d09da6aaa7ab1c8cf2a78c54ccaf |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3214fe350418f436f905294c394bc87c |
| SHA1 | 818a2fc7fff89abfb7bb0143f58369c224d1b3e9 |
| SHA256 | fe09b3c77170619de2213146c099d36ff243e092261e6d7e3f59a5afd7be2db0 |
| SHA512 | 7fb27cf20abc86ea24d2b5660a4d121f10165626ac0697f53003972a5526f3739fe25429dc1be44eb712719422f98e0ab240b2df8ee596e0f6686ee60461d2e8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 1aafdabb1d815b8a9e76d0209dc7527d |
| SHA1 | 702e3288b12d93efa9fbd936323d483965a65674 |
| SHA256 | 617522b9ab001e27d6138a26c17af8f6d68cce4e64b00a28d1ee16276a80272c |
| SHA512 | c75f7ff8c1badbce73c1e8444170a6257b1a11b496632b97811e7dce50cba678d60ba60dd35f45fc7e5548ab0741605e2ef117e7e21bedc2ad103533efe0e436 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 04dd26c6a9bc309d7fbbe77edac13d96 |
| SHA1 | 18e6ac728fdbcfa70331bafddf1ea21f01950c2b |
| SHA256 | 9d776128f3400d88ef6beed37702254a652848665d5972a93f08a94189e036bc |
| SHA512 | 7147a043a739a7a7667acaf8a10259324b89b1c6733c162930664f390c62e30e2b7ecd3dbe96d94e30ef59549e294cedcaba5e7bddf7784648ffcbd9673c65f5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 9113ca5c8c0a360d065a30b54363c420 |
| SHA1 | 6271abd67c382536d01cbcee8985124775e7588d |
| SHA256 | b1179ef3129318d8e48458f0d0c47fc03859db042dcfaba316e6c1f683608b92 |
| SHA512 | 139a7c50dd0aba68ef2d791800d68465fde5eec84ae853c9527404fb72f773c0d2b777b59086db9be37ba613dd308e8649f1590cfe6893f93e616f12cbeb3df0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7132a92d0eac93d9a15580f41ea95655 |
| SHA1 | 31bbf4903de3beef49624eefaf7e000a474ae219 |
| SHA256 | 163545409b97cbff42e44956fbfa8b55286c179348ca8495a702dc8bdc7b028c |
| SHA512 | 016da1025210c9c2a2afe05837acee5474ca1ea72c53096cb9fbc60c7b2c6350b551e2e06b21b9fcb2bac4a040ab4875b5e294d95373b84a4e884136a74da45e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 67fdda1b327e50852484bbd8db060094 |
| SHA1 | 18e27f2d5c1fe8fb286a90b4153dfc7d15146bcb |
| SHA256 | b90a1fc611866fce436a453ca0ccb4fe14df8281e3e10f712fef2ac71537fb49 |
| SHA512 | 664f57420f7fd5f6f27f4e1c5257a3ddbed723eb326ac7a338762345652c338dfa59402823ccc768bb178bee5edb622705b6b022fb88c6a8c5bac5fc55058535 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ca9e647032da4f041f73c9262581c7db |
| SHA1 | 1744ba6dd462534dbf87c93be8daf9333130ade1 |
| SHA256 | e46854b6fa94bc73604d52d87d9b8c8f1a4fee97b89a0bc3616bc895a2c1d9f6 |
| SHA512 | df2dce951e5cb3fede13e2786b7a341266a267e98a48ceb31dbd40005755d3272be4582723270d4c982f477534799c7037ca36d4587e0d5a0bf38ecfec395a86 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 1adca32c6d148acdd870e40ea9369bca |
| SHA1 | 59f5ca0764739d444eeed906b907bc9bfdaa082f |
| SHA256 | c730ed9597aa1da41d715e39edaebfdfcff59217e600668e16e37cd3796cfd94 |
| SHA512 | 94899a490b51737cf73c70e705f5e2e06f183fb0044c511f6789c2587947a7906d9840c732a7edddda2dce5a9162ee872f17e114c946e9127ff9f441dba526b4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e8240f63ae169df862b175aa1bdcda93 |
| SHA1 | ed54adc29408473cc0fbfba6d56df2ccd5144c34 |
| SHA256 | 065611e0520880afd442c9f43f77e8d91b81d2a203ad44de13f1fe97c83dd3a4 |
| SHA512 | f1e8798eabbfff5f74eb54dd9c5e52e8507a74a144dcf2ce65d7c417c5d6cb64d50e69baecf15bcad50ec1652792f6e7002eb8e63b7bd8e198fa4bc171047269 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | a47cebe12acf969a8c55bbc71c667124 |
| SHA1 | cfca568f287fe9d4a3e7f561c6ebf71609452812 |
| SHA256 | bc5b629f810c117c89c100c7cdcd11e243793fdaf6be26c09af1b0b975d3a225 |
| SHA512 | 67f49ab899f3bae569aa397a625b7abe41ad9526da38144074f8243f4d09028e5dc7a38d93721789f27724edeb8b1a3e791201a64bb135305e0b23c2d7291b67 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 60a05b829f510bdb19e65915b644380d |
| SHA1 | 0cebdb0bb1c28f8cc9054d6f5b5ee2356ce030d0 |
| SHA256 | f5d976ba1cd099bc7600b7ed0559ee7cd8f910287f0f83390c406f5a1dc2fbc9 |
| SHA512 | c1c359cbb458ac4a529ec4701abb11290a409c5107b63525598f118d19850359768b88a12e43a99dde80a679f5f8a978b093f8c40dc74553480b3f979b5c078e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 551c2bba10ea643a48a94572cd6c6063 |
| SHA1 | 589a0fb0c3a45ee6d79ed057dba2d47afacd7bdf |
| SHA256 | 52a0e2ded31fe53144248bd09357b60f6dccaea08d018f346305f9dcd60978d0 |
| SHA512 | 9d89f55829d9bdc0b38b6f384bd4f825978c38014554b6320e4708eca45f6c274f28ed39808b9022d2904cddbe69e5310b733232f5733e4534d0f6fa47449c84 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 0a60911b287073cbf0e4520dc5363745 |
| SHA1 | 0b9abf814ee761934e82185a247d22fbed13dc9d |
| SHA256 | 8c43e1bc0161d03e8bf8e631483b8c238cefd362c2829511cc468c10d9fea7ea |
| SHA512 | 1ae3569caf57eb971212c43af608e427a10891759c2f4a57d96d8c34ac02828c9dafc09da616185d043559dc9e60ab40290169582369156d824f6bc1a0fc8808 |