Malware Analysis Report

2024-12-01 02:52

Sample ID 241110-br273ayrbl
Target rat.txt
SHA256 e36a38079fbca9547e354ef4bda1ff4b8ba06948da7a2757c018fcef2e02d545
Tags
discovery phishing
score
7/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
7/10

SHA256

e36a38079fbca9547e354ef4bda1ff4b8ba06948da7a2757c018fcef2e02d545

Threat Level: Shows suspicious behavior

The file rat.txt was found to be: Shows suspicious behavior.

Malicious Activity Summary

discovery phishing

A potential corporate email address has been identified in the URL: [email protected]

Drops file in Windows directory

Enumerates physical storage devices

Browser Information Discovery

Opens file in notepad (likely ransom note)

Suspicious use of SendNotifyMessage

Suspicious use of AdjustPrivilegeToken

Suspicious use of WriteProcessMemory

Modifies registry class

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of FindShellTrayWindow

Modifies data under HKEY_USERS

Suspicious behavior: EnumeratesProcesses

Enumerates system info in registry

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-11-10 01:23

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-11-10 01:23

Reported

2024-11-10 01:27

Platform

win11-20241007-en

Max time kernel

251s

Max time network

253s

Command Line

cmd /c C:\Users\Admin\AppData\Local\Temp\rat.txt

Signatures

A potential corporate email address has been identified in the URL: [email protected]

phishing

Drops file in Windows directory

Description Indicator Process Target
File opened for modification C:\Windows\SystemTemp C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Browser Information Discovery

discovery

Enumerates physical storage devices

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133756754383899029" C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-556537508-2730415644-482548075-1000_Classes\Local Settings C:\Windows\system32\cmd.exe N/A

Opens file in notepad (likely ransom note)

ransomware
Description Indicator Process Target
N/A N/A C:\Windows\system32\NOTEPAD.EXE N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 3444 wrote to memory of 3508 N/A C:\Windows\system32\cmd.exe C:\Windows\system32\NOTEPAD.EXE
PID 3444 wrote to memory of 3508 N/A C:\Windows\system32\cmd.exe C:\Windows\system32\NOTEPAD.EXE
PID 2956 wrote to memory of 3388 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2956 wrote to memory of 3388 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2956 wrote to memory of 3888 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2956 wrote to memory of 3888 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2956 wrote to memory of 3888 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2956 wrote to memory of 3888 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2956 wrote to memory of 3888 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2956 wrote to memory of 3888 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2956 wrote to memory of 3888 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2956 wrote to memory of 3888 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2956 wrote to memory of 3888 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2956 wrote to memory of 3888 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2956 wrote to memory of 3888 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2956 wrote to memory of 3888 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2956 wrote to memory of 3888 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2956 wrote to memory of 3888 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2956 wrote to memory of 3888 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2956 wrote to memory of 3888 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2956 wrote to memory of 3888 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2956 wrote to memory of 3888 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2956 wrote to memory of 3888 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2956 wrote to memory of 3888 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2956 wrote to memory of 3888 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2956 wrote to memory of 3888 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2956 wrote to memory of 3888 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2956 wrote to memory of 3888 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2956 wrote to memory of 3888 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2956 wrote to memory of 3888 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2956 wrote to memory of 3888 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2956 wrote to memory of 3888 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2956 wrote to memory of 3888 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2956 wrote to memory of 3888 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2956 wrote to memory of 4572 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2956 wrote to memory of 4572 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2956 wrote to memory of 2020 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2956 wrote to memory of 2020 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2956 wrote to memory of 2020 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2956 wrote to memory of 2020 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2956 wrote to memory of 2020 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2956 wrote to memory of 2020 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2956 wrote to memory of 2020 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2956 wrote to memory of 2020 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2956 wrote to memory of 2020 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2956 wrote to memory of 2020 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2956 wrote to memory of 2020 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2956 wrote to memory of 2020 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2956 wrote to memory of 2020 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2956 wrote to memory of 2020 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2956 wrote to memory of 2020 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2956 wrote to memory of 2020 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2956 wrote to memory of 2020 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2956 wrote to memory of 2020 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2956 wrote to memory of 2020 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2956 wrote to memory of 2020 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2956 wrote to memory of 2020 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2956 wrote to memory of 2020 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2956 wrote to memory of 2020 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2956 wrote to memory of 2020 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2956 wrote to memory of 2020 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2956 wrote to memory of 2020 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2956 wrote to memory of 2020 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2956 wrote to memory of 2020 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Windows\system32\cmd.exe

cmd /c C:\Users\Admin\AppData\Local\Temp\rat.txt

C:\Windows\system32\NOTEPAD.EXE

"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\AppData\Local\Temp\rat.txt

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb6e07cc40,0x7ffb6e07cc4c,0x7ffb6e07cc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1872,i,3536788999234466510,9296660245630370753,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1868 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1836,i,3536788999234466510,9296660245630370753,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1904 /prefetch:3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2200,i,3536788999234466510,9296660245630370753,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2368 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3088,i,3536788999234466510,9296660245630370753,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3136 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3148,i,3536788999234466510,9296660245630370753,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3272 /prefetch:1

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4456,i,3536788999234466510,9296660245630370753,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4128 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4596,i,3536788999234466510,9296660245630370753,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4652 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4676,i,3536788999234466510,9296660245630370753,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4620 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4292,i,3536788999234466510,9296660245630370753,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4936 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5000,i,3536788999234466510,9296660245630370753,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5016 /prefetch:8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4932,i,3536788999234466510,9296660245630370753,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4412 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5072,i,3536788999234466510,9296660245630370753,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5096 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5060,i,3536788999234466510,9296660245630370753,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4964 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5264,i,3536788999234466510,9296660245630370753,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5228 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=4936,i,3536788999234466510,9296660245630370753,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4968 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=5184,i,3536788999234466510,9296660245630370753,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5216 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=4344,i,3536788999234466510,9296660245630370753,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5172 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=5560,i,3536788999234466510,9296660245630370753,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5480 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --field-trial-handle=3356,i,3536788999234466510,9296660245630370753,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3336 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --field-trial-handle=5472,i,3536788999234466510,9296660245630370753,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5500 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --field-trial-handle=5172,i,3536788999234466510,9296660245630370753,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5736 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --field-trial-handle=5892,i,3536788999234466510,9296660245630370753,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3296 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=3300,i,3536788999234466510,9296660245630370753,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4620 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4940,i,3536788999234466510,9296660245630370753,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6020 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --field-trial-handle=4632,i,3536788999234466510,9296660245630370753,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5824 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-appcompat-clear --field-trial-handle=4960,i,3536788999234466510,9296660245630370753,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4944 /prefetch:8

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x0000000000000500 0x000000000000048C

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --field-trial-handle=5896,i,3536788999234466510,9296660245630370753,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5540 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --field-trial-handle=5016,i,3536788999234466510,9296660245630370753,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3312 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --field-trial-handle=3336,i,3536788999234466510,9296660245630370753,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3344 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --field-trial-handle=4956,i,3536788999234466510,9296660245630370753,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5156 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --field-trial-handle=4900,i,3536788999234466510,9296660245630370753,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5028 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --field-trial-handle=5696,i,3536788999234466510,9296660245630370753,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3676 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --field-trial-handle=6092,i,3536788999234466510,9296660245630370753,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6128 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --field-trial-handle=5684,i,3536788999234466510,9296660245630370753,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5004 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --field-trial-handle=6124,i,3536788999234466510,9296660245630370753,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6280 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --field-trial-handle=6260,i,3536788999234466510,9296660245630370753,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6216 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=6084,i,3536788999234466510,9296660245630370753,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6288 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=6236,i,3536788999234466510,9296660245630370753,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4752 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --field-trial-handle=5368,i,3536788999234466510,9296660245630370753,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5604 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --field-trial-handle=5080,i,3536788999234466510,9296660245630370753,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5632 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --field-trial-handle=6188,i,3536788999234466510,9296660245630370753,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5056 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --field-trial-handle=3156,i,3536788999234466510,9296660245630370753,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5524 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=6320,i,3536788999234466510,9296660245630370753,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6368 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5736,i,3536788999234466510,9296660245630370753,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6036 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --field-trial-handle=6196,i,3536788999234466510,9296660245630370753,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1184 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4312,i,3536788999234466510,9296660245630370753,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5204 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --field-trial-handle=5132,i,3536788999234466510,9296660245630370753,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5880 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --field-trial-handle=5160,i,3536788999234466510,9296660245630370753,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5492 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=6488,i,3536788999234466510,9296660245630370753,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6500 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=6436,i,3536788999234466510,9296660245630370753,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5788 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --field-trial-handle=5928,i,3536788999234466510,9296660245630370753,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6076 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --field-trial-handle=5880,i,3536788999234466510,9296660245630370753,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4880 /prefetch:1

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalService -p -s NPSMSvc

Network

Country Destination Domain Proto
GB 216.58.201.100:443 www.google.com tcp
US 8.8.8.8:53 106.201.58.216.in-addr.arpa udp
GB 216.58.201.100:443 www.google.com udp
GB 142.250.178.10:443 ogads-pa.googleapis.com tcp
GB 216.58.201.110:443 apis.google.com tcp
GB 142.250.178.10:443 ogads-pa.googleapis.com udp
US 8.8.8.8:53 110.201.58.216.in-addr.arpa udp
GB 172.217.16.238:443 play.google.com tcp
GB 142.250.178.14:443 clients2.google.com tcp
N/A 224.0.0.251:5353 udp
GB 216.58.213.1:443 clients2.googleusercontent.com tcp
FI 65.21.166.30:443 iobitkey.online tcp
FI 65.21.166.30:443 iobitkey.online tcp
FI 65.21.166.30:443 iobitkey.online udp
US 192.0.76.3:443 stats.wp.com tcp
GB 216.58.212.202:443 ogads-pa.googleapis.com tcp
US 192.0.77.48:443 s.w.org tcp
US 192.0.77.48:443 s.w.org tcp
NL 37.48.90.246:443 bestsoftingwork.online tcp
NL 37.48.90.246:443 bestsoftingwork.online tcp
NL 37.48.90.246:443 bestsoftingwork.online udp
NL 37.48.90.246:443 bestsoftingwork.online tcp
NL 37.48.90.246:443 bestsoftingwork.online tcp
NL 37.48.90.246:443 bestsoftingwork.online tcp
NL 37.48.90.246:443 bestsoftingwork.online tcp
US 104.21.42.103:443 bradpitt.cfd tcp
US 104.21.42.103:443 bradpitt.cfd udp
US 151.101.66.137:443 code.jquery.com tcp
US 35.190.80.1:443 a.nel.cloudflare.com tcp
GB 216.58.212.202:443 ogads-pa.googleapis.com tcp
US 35.190.80.1:443 a.nel.cloudflare.com udp
GB 172.217.16.238:443 play.google.com udp
LU 31.216.145.5:443 mega.nz tcp
LU 31.216.145.5:443 mega.nz tcp
GB 216.58.212.202:443 ogads-pa.googleapis.com tcp
LU 31.216.145.5:443 mega.nz tcp
NL 66.203.127.13:443 eu.static.mega.co.nz tcp
NL 66.203.127.13:443 eu.static.mega.co.nz tcp
LU 66.203.125.16:443 g.api.mega.co.nz tcp
LU 66.203.125.16:443 g.api.mega.co.nz tcp
NL 66.203.127.13:443 eu.static.mega.co.nz tcp
N/A 127.0.0.1:6341 tcp
N/A 127.0.0.1:6341 tcp
LU 89.44.168.67:443 gfs270n357.userstorage.mega.co.nz tcp
LU 89.44.168.67:443 gfs270n357.userstorage.mega.co.nz tcp
LU 89.44.168.67:443 gfs270n357.userstorage.mega.co.nz tcp
LU 89.44.168.67:443 gfs270n357.userstorage.mega.co.nz tcp
NL 37.48.90.246:443 bestsoftingwork.online udp
NL 37.48.90.246:443 bestsoftingwork.online udp
NL 37.48.90.246:443 bestsoftingwork.online udp
US 104.21.42.103:443 bradpitt.cfd udp
US 35.190.80.1:443 a.nel.cloudflare.com udp
GB 216.58.201.100:443 www.google.com udp
GB 172.217.169.3:443 beacons.gcp.gvt2.com tcp
GB 142.250.178.10:443 ogads-pa.googleapis.com udp
GB 172.217.16.238:443 play.google.com udp
LU 31.216.145.5:443 mega.nz tcp
N/A 127.0.0.1:6341 tcp
N/A 127.0.0.1:6341 tcp
LU 89.44.168.67:443 gfs270n357.userstorage.mega.co.nz tcp
LU 89.44.168.67:443 gfs270n357.userstorage.mega.co.nz tcp
LU 89.44.168.67:443 gfs270n357.userstorage.mega.co.nz tcp
LU 89.44.168.67:443 gfs270n357.userstorage.mega.co.nz tcp
GB 142.250.200.10:443 translate.googleapis.com tcp
N/A 127.0.0.1:6341 tcp
N/A 127.0.0.1:6341 tcp
LU 89.44.168.67:443 gfs270n357.userstorage.mega.co.nz tcp
LU 89.44.168.67:443 gfs270n357.userstorage.mega.co.nz tcp
LU 89.44.168.67:443 gfs270n357.userstorage.mega.co.nz tcp
LU 89.44.168.67:443 gfs270n357.userstorage.mega.co.nz tcp
US 66.254.114.41:443 www.pornhub.com tcp
US 66.254.114.41:443 www.pornhub.com tcp
GB 64.210.156.18:443 static.trafficjunky.com tcp
GB 64.210.156.18:443 static.trafficjunky.com tcp
GB 64.210.156.18:443 static.trafficjunky.com tcp
GB 64.210.156.18:443 static.trafficjunky.com tcp
GB 64.210.156.18:443 static.trafficjunky.com tcp
GB 64.210.156.18:443 static.trafficjunky.com tcp
GB 64.210.156.21:443 static.trafficjunky.com tcp
GB 64.210.156.21:443 static.trafficjunky.com tcp
GB 64.210.156.18:443 static.trafficjunky.com tcp
GB 64.210.156.18:443 static.trafficjunky.com tcp
US 66.254.114.156:443 cdn1-smallimg.phncdn.com tcp
GB 64.210.156.18:443 static.trafficjunky.com tcp
FR 143.244.57.56:443 pix-cdn77.trafficjunky.net tcp
GB 216.58.212.202:443 ogads-pa.googleapis.com tcp
US 66.254.114.171:443 a.adtng.com tcp
GB 64.210.156.6:443 hw-cdn2.adtng.com tcp
GB 64.210.156.6:443 hw-cdn2.adtng.com tcp
GB 64.210.156.6:443 hw-cdn2.adtng.com tcp
US 216.239.32.36:443 region1.analytics.google.com tcp
GB 216.58.213.27:443 storage.googleapis.com tcp
US 216.239.32.36:443 region1.analytics.google.com udp
US 35.190.80.1:443 a.nel.cloudflare.com udp
GB 216.58.204.67:443 www.google.co.uk tcp
BE 66.102.1.155:443 stats.g.doubleclick.net tcp
GB 216.58.213.3:443 beacons.gcp.gvt2.com udp
GB 142.250.200.14:443 lens.google.com tcp
GB 64.210.156.21:443 static.trafficjunky.com tcp
US 216.239.34.36:443 region1.analytics.google.com udp
GB 64.210.156.21:443 static.trafficjunky.com tcp
GB 64.210.156.6:443 hw-cdn2.adtng.com tcp
GB 216.58.212.202:443 ogads-pa.googleapis.com udp
US 66.254.114.62:443 etahub.com tcp
GB 64.210.156.0:443 hw-cdn2.adtng.com tcp
GB 64.210.156.18:443 static.trafficjunky.com tcp
US 151.101.129.229:443 cdn.jsdelivr.net tcp
US 152.195.34.118:443 cv-h.phncdn.com tcp
GB 64.210.156.21:443 static.trafficjunky.com tcp
GB 64.210.156.18:443 static.trafficjunky.com tcp
GB 64.210.156.18:443 static.trafficjunky.com tcp

Files

\??\pipe\crashpad_2956_NGZAYBLMRFBWINLY

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Temp\scoped_dir2956_17645301\6dce64a6-8ab8-444f-a6b6-2666e5bdec0d.tmp

MD5 da75bb05d10acc967eecaac040d3d733
SHA1 95c08e067df713af8992db113f7e9aec84f17181
SHA256 33ae9b8f06dc777bb1a65a6ba6c3f2a01b25cd1afc291426b46d1df27ea6e7e2
SHA512 56533de53872f023809a20d1ea8532cdc2260d40b05c5a7012c8e61576ff092f006a197f759c92c6b8c429eeec4bb542073b491ddcfd5b22cd4ecbe1a8a7c6ef

C:\Users\Admin\AppData\Local\Temp\scoped_dir2956_17645301\CRX_INSTALL\_locales\en_CA\messages.json

MD5 558659936250e03cc14b60ebf648aa09
SHA1 32f1ce0361bbfdff11e2ffd53d3ae88a8b81a825
SHA256 2445cad863be47bb1c15b57a4960b7b0d01864e63cdfde6395f3b2689dc1444b
SHA512 1632f5a3cd71887774bf3cb8a4d8b787ea6278271657b0f1d113dbe1a7fd42c4daa717cc449f157ce8972037572b882dc946a7dc2c0e549d71982dcdee89f727

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.83.1_0\_locales\en_CA\messages.json

MD5 07ffbe5f24ca348723ff8c6c488abfb8
SHA1 6dc2851e39b2ee38f88cf5c35a90171dbea5b690
SHA256 6895648577286002f1dc9c3366f558484eb7020d52bbf64a296406e61d09599c
SHA512 7ed2c8db851a84f614d5daf1d5fe633bd70301fd7ff8a6723430f05f642ceb3b1ad0a40de65b224661c782ffcec69d996ebe3e5bb6b2f478181e9a07d8cd41f6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.83.1_0\dasherSettingSchema.json

MD5 4ec1df2da46182103d2ffc3b92d20ca5
SHA1 fb9d1ba3710cf31a87165317c6edc110e98994ce
SHA256 6c69ce0fe6fab14f1990a320d704fee362c175c00eb6c9224aa6f41108918ca6
SHA512 939d81e6a82b10ff73a35c931052d8d53d42d915e526665079eeb4820df4d70f1c6aebab70b59519a0014a48514833fefd687d5a3ed1b06482223a168292105d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

MD5 874d7161601dc19ffb4cacd9f8a14cc8
SHA1 87065e068b0d11e8161e83b9ff02e8af44563767
SHA256 c6d074a8a38f3a77e9e36d81e9d623f1ad4550f294c6021a7221d9047d0506be
SHA512 c2761c8c67f965ac76b4a540b9e805ca6290ee478847ca51bfac0a08a6617f13acc5165ebc4df2a529eaa851b630f437cb9c219289e4c4b50beacdebd4f0a76d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 4420264f720d8fe711f813e6ae3298b5
SHA1 86eefb5c382ecda13b5831db2d4a00c44644f8a6
SHA256 d824188f76b2c8a2398883924a7f411661a42957bee24a4b7b697ef32601ff80
SHA512 2180d70c89639dc056ac76e80a0499f5c457e5d112a1292bc27c7b9b20d131f0f1527f78e22840764f93b330631f39e48b191103a7f0da846e7d67772ea1f71c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2c937fa8ba640edfbd9767e945078e4d
SHA1 24b7b409411accf681b2f59f4264112fe40f1430
SHA256 2a333491215d5d383412074a7704ebec3d64a7aaf309b06caa4014beb9f97810
SHA512 e2ac2cba2a7469099f8fda28fbf2570bab447d5d2d9c614ef1547406659fb526268ab8be499ce7b74e1305b7a353ace1e9874b9206bf42106436813689d84076

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 1502fb7d57102f25ca3dfa73bc4d8c8b
SHA1 0e1b8c4a36dd018cfe13e0c5975e56ab21820908
SHA256 62d60d92d750e6425d46c6f2aadeabd9091a89cd9b5679be8459ae52bd9e45ce
SHA512 d7f375bc69a46c020307781c88f3e2b31fed2eecc6ddf9fb27188a0ba3a9043a4bd7b5f4d286188fface0466cccbc30682a702bbdf4185abba9f0bc246d9d783

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

MD5 6d0cf6b5fd5f7e9cf8f236da93a9d14d
SHA1 4aa72f78a412464c482d32e5fe1867d1d3e8674c
SHA256 00e53ef483bc26cccacd8369f93cbb69df8849e69e022542443544f6853afe40
SHA512 2fc91134a28dc7521b753a6cd720a995372324d37df5d1155520c004e44ec9dcdae56ba1685be18cf1ae39e22ee18aaf82a4eb40572166cf660230ac0707a2cc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7572e811ec3be3d4ed3fb03904a8ef88
SHA1 48cfacdc45b2b7e76418f59d31a325cd5336b9f4
SHA256 7480bf98f23d0f1ed07ef122c5a405e87da6fbff434bf0858194ca565d73491b
SHA512 4eaf60167c47e0aae2b7ba705e48b23ed5ad5ffd162822d46f784ec10a0035c70fa55ab70d640f2d47a9d8fa111d5337a9846779adafcc8014ccfa8830a55c13

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 c029e4e240a95de33fa3f983e5d253b8
SHA1 3cded4162e71781a2ad0c6231dbc18bc04fd7e81
SHA256 7dd03fda7b4df9a40f712daeafacec5b8015609f0d9c89634290072fa96bdc36
SHA512 4bd26c1ea805bcf1ed11706eb6e2df993b94b25778dc080f095dfd930f734173db5ba3f8d76cdd75821ae43f4eb67ecd788df063cda8da54de3996b1dcd9e1a9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 d8db9e768dff54b42e80120250aa75e4
SHA1 118feb47dfd835fe33982cf8aebd14bfb4b2ada4
SHA256 de0862ada4f0ad7cdc4eed23859ddd661bc4baed2c93759e68d5fa6e8e6c189c
SHA512 c9f109362723ea6e379c2fd20532f2e8025f124b9f467c7b913f0bf24639ed6f40f3ce0b7f4189fcbd332bd47860e0afee998960df59f30aeb92e00204b6f5a9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b06dad2be1aec1ee871a266666f45466
SHA1 a3d840c380bca90c116d089021de5731bfeb8407
SHA256 28fd2b3c71560b9b00e410f1dca77b61909bdc098a0d7341a9dbce205f0d5a62
SHA512 cc8ffef9ba1b81dbcb6ab82d770f1fbb7c01cdf7c7d9db0c92e2a822676f0e9dab849d97bdac73f403bf3c567ed4449c5167e8c55327ec61c52f0ea449fa6ece

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\Paths\MANIFEST-000001

MD5 5af87dfd673ba2115e2fcf5cfdb727ab
SHA1 d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256 f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512 de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 c4fa5497b1d547c03cf4d27e6fc96469
SHA1 74d44b9d16a98ea048855e97c9701e224406ff8c
SHA256 4607ea084cb73973e00bd9a4041f6ff9054535a07f5b5187b7dcf2ad34bab91c
SHA512 397813de7766e1bda9f88d07150d27f2cbc2f1ecdd915e241d1f4280dbd8a51bc7d13e1bbaa0ea5dbb2e8cdd9a2691a1e16f20449640d2780f8c5e2900f531cf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 3438aa5102586cf832cfa0e88888a7a5
SHA1 ea93ec6a18e5a260bc5b18d0c413e509deafb417
SHA256 d512eef73e7712b049b444267b7bb7c1ccd131123653ef72912af168476c7e87
SHA512 a7cd63197c98e91bab04fa9e33a3a9bc23a65d34f43c5045dfe28ad38dae639474fdbb929dbcd218e4b000075a1033a4661ce199583a2a28b40daf4a7819d125

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 be3500aeba314885a109065c9a4d4bcb
SHA1 7a1c0d1a3586009140ed1dec45ad8ca288c36018
SHA256 4ef34af93d207dbbc05389a47a4f4b004bbc6d8e57794c3837b907855afeaa57
SHA512 d5428fbbf8b8378bd65164f4735498223b45720d5b59d05081d7a0621e2c7ff143213a31e8976e540de00007598fb8028e3ba75b3d3caf1eb8c89cb349e6bc6a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 cf9bd5f95c2888f5cd186c5af05c54b7
SHA1 9f8dc8cc592d376ca47a3a2f860a20100e34c7fb
SHA256 47e616d4242be9d12cc42ddae8fd00e63d8095b3961793cc9942f6618d166162
SHA512 eb62a8dfccde679fda5b3ab388dc4d5033446ac5751c005e613ad4f9cfffdfb90c8321c53cd8718b9c96806b72df7799b2e080a7df57e6dd50cf0f7b409bbebc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 c579a3c4da3c7853fd05b0fa8995c523
SHA1 a3dda73f89bc1359e80f68f3ad6b41212f34e233
SHA256 0d2530347fbffdadc59bfbebf214513e4e55261788b4250b3c7c33daa3806946
SHA512 fcce8bdb44fd01520da2b58dcc10cc8f3d1352556510b99c224370efdf354473716400d5deda1435bc00b58b382bf918e17f7d811209616827ebe04533b68e31

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ad307826771fbd9287dba2050efcf171
SHA1 39c808192dd268d436f76496d748917fff0ff737
SHA256 0f90f76fb77bc8915180c2622125eb3ef505eebd4832d82a85ce2d59783127b4
SHA512 1b4b2715a1d6165bf5787f81c8c01f2d05c89ca9f7cb91f18c2565bcfc8cae3bd1229c89ffea819f51d99887f625b46d0eff06f5784d308a6a49fcebf16b2d34

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 ca41388f011e9814185b67359c62a551
SHA1 449cdb77e6d65346bdc740ec854aa5644bd76b33
SHA256 f9d983ced86d0d71641c9c93a3b6290873c3735f2890cbf9bb0f9358dcd0c6f1
SHA512 8bbab6b24459fee6abc5e06a3a5b2be4c90d1464bd130c81bc1ad9bbd14234f97bf51b284c1add5051acfe27fec257e7f7458a24f274400ad664aa30e10272b1

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

MD5 95cdcd7aebd9e526771173d7b1ee62c3
SHA1 e1ec97f061bed3962e7cefe13f96194279d38f38
SHA256 7e367c4305d6d4c612967f7926418386a76caf1330fb336e80acc714baebaa74
SHA512 c109429d6af1dd7f43acdf2981dcc60257d68f774825d3c5f2fec3c00b49f26036bd92a5c9d2a42897c24bf34040f3d9960bb72658086e67b1698426ff23759b

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

MD5 c7a30c7ddee09bf8768977830c845f4d
SHA1 f52d5498ceac274e3a090507b19bf200dd477aff
SHA256 e691e8c25b4fa2c11eac4d4d6e0e717b9d69fe95ca75d3430620f419505a1d97
SHA512 fc9905f627b11aaf7b4c900b675746e6c970d1befa153f89e5e22275ac24852e017b0ce38fcc5e9841f81cdb3e493777a3e6a6b2d8be05bcff68ab5219680d38

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 f762456e489f3756bc4ad045c1dcfea0
SHA1 7113028c3a4d9119d609ac1715491463113f464a
SHA256 f97aaa506ccfc9d95235c8eb480431068ce3b9f204f32530ce106ebc92c9eebc
SHA512 08d6dde527349deda11bd6d50e03d40913e84372e95bb1ca2f15533e2898fa75f8f60b06a90e509bbfc771c0cca49b4dfae21a3bf99c386a542c6bf9dc62f942

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000c

MD5 ffc507ab662c24424f3fcb9e8d2eecf9
SHA1 f447984c038d8ece67915c0492e8610894dbc255
SHA256 0468c9bba7e5bb67ac35bc4f4609a257e6fc542e4faddcb494e285e60e9bf170
SHA512 6cecb73607062e2f7280b2cd0f33c014b1fc5190c34120452bd297001b0ed585dc35a451fda300de6864098896a76006a6577ffcc98fd8c0b0d4ed7f961ebece

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b36a6b6d6f9503352fb9986bba16ff67
SHA1 4621f190c2abc376ab80b0514c747d72ed80ad4b
SHA256 392082787263e96f67764c0d320421b214f9d57af1cc409786223a465e24da8b
SHA512 479f1eef9b05d31bc1eb84b6700854db62a40ca3c9539141be4320c3d4342f719995f91f1e3114fb4d4f8ee895ed63b14fc487aada2adb2c51cacf6241b578d1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006

MD5 24393e2ccc4e7a164f062df993d27335
SHA1 c8f960244677439e72295d499440f295ae5be7c5
SHA256 3ecbdf289749ebf07b749a91eb3db3d1f8fc338e5cae2dae22730fb893736130
SHA512 a675af57b19197f17a1be1351c3cee6a291f23dc2614081bd7bd71adbe5eb0d191c4d50b295d43b3a002d48454a24ef9e4dc52510f2db54dcfe0c8e71948d10c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000007

MD5 d4586933fabd5754ef925c6e940472f4
SHA1 a77f36a596ef86e1ad10444b2679e1531995b553
SHA256 6e1c3edffec71a01e11e30aa359952213ac2f297c5014f36027f308a18df75d2
SHA512 6ce33a8da7730035fb6b67ed59f32029c3a94b0a5d7dc5aa58c9583820bb01ef59dd55c1c142f392e02da86c8699b2294aff2d7c0e4c3a59fce5f792c749c5ce

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

MD5 b47a789ba9a49fa1946426627bb02ac0
SHA1 42587bde5ed0ce8cb94bc365ccaf06d8531591d1
SHA256 e07f83e8bfc119892a9af9b14b7a681775281c5b861818bb491668445d2aa9e0
SHA512 811f2abdb2ac369e67a2a2ed883c6ceacbfa8ec2e4c5d4bbe0d3aaf7544020d327d4f6a4e72e2e30024c02e9200e9acb1f19003301c5d801691b4452d08e1b4a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c88d15c3f3519090907f09285e58e658
SHA1 c8d707bbb583c87d0c6c1073407e64ac387dd366
SHA256 b3f47db657dd799affe3cc616e2467766e745e8a91ad04d068b923105fdf3835
SHA512 0376f18d6f69c7be3419aee7c7939686fc1e5d3dea0d1edfc95f133b2411ae87e53d563ac2a221eb8599a68d15d56aaae3c44cd02f10958e4c02e3d1a82518a2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002e

MD5 c5037f5851c684ab7eba57f83fa75bbf
SHA1 1600b6700578e4917220a86c9c6c617bb3607460
SHA256 8613900a7ba81fa38d9e77db6136115f9d98f21d0376c7f73a54c91ff32abc85
SHA512 2de13380f3fd8898144b59dfd5a79c47b32cb298a97a3c6c0e6651fba77dee931904a297224b031c5a33b94803ad2b5f5a9df0046bd758a41fa7a0cb1bcea3a4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_mega.nz_0.indexeddb.leveldb\MANIFEST-000001

MD5 3fd11ff447c1ee23538dc4d9724427a3
SHA1 1335e6f71cc4e3cf7025233523b4760f8893e9c9
SHA256 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed
SHA512 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 51fb7c510ebec0a08cf84953794e2fd2
SHA1 aabd8374ec2e07050ff5abb444c4c58511fb1a69
SHA256 bdbc73e94bd742a57da8acd279ea3daabdc16713d5b4c10d08ecd94176d2634f
SHA512 ecc9ff1a5c7d9d80922d3aba1f093cc2d9c5d6f45fe5eafdead97be9f92d14f13ae72028b5d4dcfcd459b29ce55167bdfd0745978b15d6edd8d1464c4385d29c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 22d91002f5e057859e617d9667e1fcd6
SHA1 8377f2d4ff40612bfc322b9af2a1d5b988c8c255
SHA256 0e7052cce2c30a56cc98497e8976781f53b37a7a2edb555cb9ac76a883da09ad
SHA512 fba0de8a8d7579dc6753495f428d56bc2f0e726003185803aada962ec0db17f12b64b84e5e782d179db20b76148c963f6334d02023c1f66095fc5202b5389ea5

C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

MD5 f3b25701fe362ec84616a93a45ce9998
SHA1 d62636d8caec13f04e28442a0a6fa1afeb024bbb
SHA256 b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209
SHA512 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 dd392e6337b77f9f98b90cc80d5b961c
SHA1 4c752bce99202c1de33f1978753f06a5abbb04e7
SHA256 85ef1a8559f6e2bfd37c5efd1cb92ec828b66d7d319fb39c1ba419e0b499bbf3
SHA512 b03a19a0ec2f2fede88e5611d17797fbe502d1bbdc3903e005cc7228f3d8c2a1d2cca3427b83958d036adf3b745efbe76e79e16f93581ddcdbefec2ca3cf8397

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 da08c49a4059c9ef801746652f8cdd62
SHA1 537192793b662b062ca19b94f2a2aa0a51e372d7
SHA256 57fd000b3015f353450cbfb3dff07f17f768304e679acd8d383cf3f841197fbc
SHA512 e92bf2eea46834575d1b951195eca00720eddd95834eadffa2d8124da92f747c92d730a8f52f1e51e20c32839c6eac1ff95a39773c6d6ec1747bcc9df72ad867

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

MD5 e0a25045a5d6b46846b2b5ca4563e9ea
SHA1 c017ca926f07b40294922c882b201c547cc68041
SHA256 e774db35f98e6aee29e825122d440860a197c403c3be21c2f149d341ff9314fc
SHA512 a401f33966170ba4f7da1f6f07dc7358d4a9f014eb25ab4b97fbbb6b01b7669164535e5ba5e49332ff68b748b8fda00196aa6e3196323b0c201f83422a4feefc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000011

MD5 37e7b264b4cdf0efa8ca370c5dc8a78f
SHA1 7ab2e2cdd53ccba45c6ecac3c737929b034005e5
SHA256 6cde06372e7f5b8f7331ece1d43f220e3dfb8e53fd32bbdae5f078110a6ee79d
SHA512 d8bf259ee9b34f565614be8457f72a4be71b3a8aacddb70cf0c79b7bcbef9c2590ce672d9ae6b62b6a2f02475efb1873df220d2e0b641977bb61ec42ef73bfcf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000010

MD5 122ff7288fecd6356438ec1d83b26ab6
SHA1 36ab32a76cc730715ff099343557a7474a8ab61d
SHA256 d3551b0976380b08f2fa34e83db61ce47dd2d5dea0ebe44e303779c19d497c6a
SHA512 9cd94a3fd002c3d9c10a0b2e18d64fc12176df09613ac57698c20746f5bbd48fb2f360512028f633c0866dc6d36ef080996b8b1f4b71f534595e5fd536a60db9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000e

MD5 463575fd1e07a65b263748684c2f76f7
SHA1 b2667bf7a1ae5fe44d3e3f6ef21327f9c16d6a8f
SHA256 05a2f510013d9cb6db4801821e2e46bcd1803679fd67da006b27def1aeb61921
SHA512 394a781ab9c2388ad2a0d5929be93fec269b480bfc875166be10a8cb76cc2f0753039f67829be58494f07ebe17bf6c7fa2fb9a57a7073cfde99f1a428f40a186

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000f

MD5 71e4b829c6cea1fad85ea8afc4c2f81b
SHA1 90cac94547d8851c1b4ca3185e5771cdd33a9ad7
SHA256 11dd29313867b0ba33a1d07daa2c28b3e9941d7ccfdf810b46cebeea52a7e758
SHA512 d3773696fce807e490f49d99ad12e50b411112c2f841b9f48e95640ee535070c69aa6347bce257475af8f5cf65109f2e05a045f3881f54631cadb2e3d820a1f4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000018

MD5 a39f33b28758b3af6345e7b8e9a9cfc5
SHA1 911b0f1df5c658fc28e478507530c0b1e19fb33a
SHA256 a637ea5b26393a709e0bda430b3325ad67f37f64204fedb26f9cfd8492477206
SHA512 f26216fd474dac8749c93036c2b73f69d76ef665332923d56d85f52616385f2c943e8a9a38bd43a18ffc4e0d4528053f0075506185edb9385be4c3e6827e751e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000017

MD5 cf6043544b97108b867af2e1e283559b
SHA1 72591f96b09a5982b9cde9170227144786f7ae66
SHA256 61949003eb94a6b9d3f1879d2f2dc2f835dc043066e3fd06bfd370bce37d767d
SHA512 416e53e7db58d636eaee3f9e14e2f7dbfe63ef149dd3e94a8be7550d755366a4d129b239896246b60755bc1a625aa20a750e72b4876966b676b40771c358b578

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000016

MD5 d029506af4d1ec123624104a709fdd92
SHA1 6c1bbd49bf9cc5c1c8f541afb518607e7a6b5570
SHA256 eacb53bfc2baf6088661a7b47b8ffbcc8aacc508025c7ee4e67d6e5fe7c56f4f
SHA512 386e3a2d09f8e985c9bac76a2e84e9fd298ed4dac53827e05e77c6acaca0626e36db5fda2d4cb96d8bf4aa985421908872d7cb7034c0e25cd9d1bbbcbe6bfe65

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000015

MD5 4fc1b1fa3c2ba09bcaf7514d521dfa35
SHA1 d18e11273523ebf4416e9e5cdf73e0b510ef860c
SHA256 538a92f24e421db892f076cc2384ef7a98e5234add7f6ce0dd9cdf1b3c301f78
SHA512 1834f9c2992775d5ab702fd792e3c1485e1c0340d3e990d3535d07070acb1a65f809106fca221a97b8bbd075219e2b396099d8c711c46db40f238e3d619decd7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000014

MD5 0149b702f6efdfbc3ebd60301441556f
SHA1 350c527423afd0b8ff9aa970b64d559c4a159326
SHA256 99d3784776cbac3b7e803dd3b6881304d54fd7174c7a13b5fbae1233c79c330b
SHA512 4711d2e8020e7c2d3610a1fabbe993713d747ca1f4ad808c6e20a634d7000806e56fd2185d10bb783c0c9206138f9ac4a3c0aa65ce5db2eaec6a871c35c7db9a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000013

MD5 10f6623b6a8e9ba1359fe5a8f4ef1fd0
SHA1 cb9e1fd1c7608790c918d4e849e419c6016c4c45
SHA256 985ccdfa1d95d6601f559b1106b90f1efd663b26fa7cda8025af0e653b56c4e9
SHA512 e431ee8adb3608c66b94f9641d1fff6bb55654fab6da81bb0c519e8791b80e8aad697945df28cc57d931728f81a7d2416d96d4e5b6e3255cce9bc109b0617ff9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000012

MD5 37d10c555d869d46dbd1f887610b4918
SHA1 9c33ec1ba896bc8f86e71cf8f633db5108baf6e2
SHA256 ed5002e7a73c7425c54a0d176e085d15c46c82e5f50e70de68acfe1b2aee00f6
SHA512 4e68ddf335895974349357c0b248047b4bc33942a8bf06574a07e88c5f5ab08b4275d3d129da7c2e4557bbbc6bfe7cf02906b965c132c64ac6926f5c0f12afce

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001c

MD5 6cb1ff8985e196dc53925661040c3b63
SHA1 748a8f90dd2fe3ae6e6d133e9cdcc661b300ce53
SHA256 9d482cc39d112f1ccd97491fb47da427286eec0a8a21bb0f17562b0144881492
SHA512 ab28480a8426a2944bf3597a2869cf8390886dd8484905f392c3b5dd63a23254dc039ce26c524a1fc28299baa19303c550c23188eb5d67296fbc6c02fc7cb7b0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001a

MD5 c1ce227223944aa99204d42d2815f24d
SHA1 94bacf9e1a23e9651d5dac8e564df4684366642a
SHA256 1fd2df05e3503e88a6a9d1151e76297597e376877a642a9d699c142cf37848ce
SHA512 d06e4a8356905c5b7671b22c727f9b8a3a5e9d95f88df0e48fa8e56872b1d2938f99236a9e4ecd11188aabbe340810433aebe781d2a380bbfd9be49a0d54431e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000019

MD5 d402fdb9a1d0f4c960b9d03979139830
SHA1 c0342068812e194ca67f2d8373a1b3d82362441b
SHA256 296d22677ec2b09fc5c41c61294940e3c3125358c93f4903fb58bdbeddc0a8dd
SHA512 e2688d255af05138fe7ba9dfa617fe6b80bd8978edc26602af06443afe9e11a2d3cddfc7dce892cc43d5acc301af809e28a4be862745f1f9072a7029b5b2073b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001d

MD5 9d1a01ee2a56934d3b5612720a3dd0e0
SHA1 8aa493c2f56d10ae625d5a191cf1798fbf44b37f
SHA256 48cc38553dae47e8fd7c3a2753d108ddef5d49c752611aac1b3f2b2cf2801551
SHA512 759d08540a6fbd5109e8d071ff1129be568c36b0fc0374e9c9a7b3c5047bc5e62df897548262dcd988c79f0fc49702d21e60dd8513f1f90377f5120f07d5c6dd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001b

MD5 480d66d13221bbf0dcf77695f00da6aa
SHA1 c66ab82d600312e6fee4558d20e4b5de76c6be28
SHA256 43a17dfdaf577c33c838054e2e4172d9734c7c13eb31d32feb99b03ce0aec722
SHA512 eef5fed62dd2117845c351d7def05188bc2dceef4f22ef1985a2bd9a530b74deb55bdeb81f33f4edbbf4bccc767c5a60e6dfce3b537433e0d73f3aa6c9c7ef62

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001e

MD5 6b740bdb4804854a35e01c24ad42ecd9
SHA1 6cbb5389240664137fbe35ccf73cd26dcf573bbb
SHA256 cc987d603dec4d09b2596b4d427dbfb7d31ce3d70b636c336960091a7e2de549
SHA512 3d2ed4c8fd6186fe734a56c018cbf576e34e3b24a8b27bdda2c164b3e4d54a256c07572842ee065ef650e50d5925b136cd351af6a3ab8c93734f73dec6b5d291

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001f

MD5 53bec0709e0c252350b237b167640a5a
SHA1 e4fb4cf37de4ed3615660dd453668648b5a9deca
SHA256 b3eed4aab06eb74e9774ace18822f0a8c1337cd83b0b63b8a3105e6798d87c16
SHA512 4cfe4d2b3d9acfeef9663b9480b9d54f1d59a1a02f5669c5ece3ce9552d65549534e42f76177712cb87686defd361404b0be9b044ebf57bc34c5724cd2ef7ab9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000020

MD5 431c48edfeeca99c3769c79d56d2d116
SHA1 709a227c80e4d2323c26551d58d3c469d279da59
SHA256 2398615a501db7ab52b9ed38a98d71766c1798ab7f22f2f23c3ea45f96110f2b
SHA512 c2cb87c29abd84cf60a1aa8147accd1c37420378cb52fa7d8cf41069b0f69462001113453ca0260dc06385f5a9b1230f6ed9fcd7a1b30fd5b44768b8d5add83e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000024

MD5 aa82fc7241f57a1e3327d2381b748758
SHA1 02fb458b23e893bde880597c70e39984f8a340ff
SHA256 68ba830fa316b7ce8607353f984173baa766bb07e763be275228a6e9dc423e8e
SHA512 0742582d55edaf13320276ad0374ce0a925073e7c70749a49f5e4f5feb35c1678ead6da0355cc0cbe81774f18cec5edc8fda1daa8105b763b0e7087481b9d886

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000023

MD5 3f67a41fd633040ac5762f702daee62e
SHA1 ea7545ddcf59c8bfeb503ab3e288022443db4371
SHA256 242fa6006233e922267171bd4cd5a61e697a4255b07df95a2f8dd35d8b0771cd
SHA512 0854eb9c8d00f3e00c1a088a947ad635d8ab74c7bc485c37b944d96543d0cc4b4720484b71996ae47133ff99cef2a3d9a76117802ccda608dbb5a5274fe88316

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000022

MD5 095a247255df66138fafff4fdb312a20
SHA1 ca94613f6d06379116fc7d546c331ed28bdda9ae
SHA256 a18cec8a5418614b5a78293a422c4caa98762f98c0bd01b8536546cd9f191eec
SHA512 c707a1fe189a3a49fe666594fc2cd99779bbf02d3e3dbe9c754de547fd1b1eed6d6afffd0ce88045021da5fdce2c66f659da65fcf395d8663a35c7427aa75627

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000021

MD5 13c64e8a48f2b140e522e5d16e8ab1ea
SHA1 62f5de1c7c9c017e7ffe269d68201cb2cbff975d
SHA256 5340103d18fa16521675512ebe9a316aa47a38fa77eb1dd327915264ebc25938
SHA512 4f6781e8b208207863b8b8de4181fce294022d8543c7486f356faef034a85c15b93d5b43dc2cec262a38efa358e6ff3f1911ac4771907fd6c84277b6552ecbbb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000025

MD5 a0be78e86424c26106ea2fa5c3264393
SHA1 32d0550421d434a4b61d8ae1e5ea2383ec403ce3
SHA256 571b4ac1212e81c7fbaebb13ebb8b12ce366a9b8728803a0167a7d5ad080c747
SHA512 a61e046bc07f45d392faf2e1a2e2a2e5014054cb76a2bda0560458e8a50f8fa3a75f75993f62874910f4c0157bf6f6e96eb58ab7b6a3e6f6860cadf97acaee63

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 70c77c4a31ee8ca9c3686dcad9d2eac2
SHA1 c8f15e414cf28257ae4061c9313a8adc9e3fcf8c
SHA256 28d0d755822b3db1dfcb4221e044fc61446e29123913c869bc4f008d813ce583
SHA512 d0d3e972dc299f4e2b1f1ce54dec9f97be21140f25481cd28cfc79b73c4a839487ca3052df6c984df802a2f859543d14f8d1255c0a089a96abae85cc8d454a8b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000026

MD5 4126f90ba8665732e65c8377eae8c1bb
SHA1 f065e5652179be75ade12e8294b274cfd35ef1ed
SHA256 e88a17f670e58895c31d671ebd7e4a4a6ab7cca461abd84705b20b0e60781b24
SHA512 db061a8b5669ad1060922fbc5c8c16ae0244615549811428a4f22a6ee46998bdab4598d809e38be4c629e00aab4a18307c15195f75a5bf52eaef004a9d95527a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002b

MD5 1b1e562a8a9d6da52548dd17f41978da
SHA1 499db4d731b63e6292b2580eb58b2a0ef2f13325
SHA256 d3bf71d8c720eeb512583c62695470d9e82966c1cb0f3fe96d11609071ef0f7f
SHA512 6c07a43f2bc0070e7627e0c5ad957980f656459386622383c9d1711c7d1e4a80eb8b82249fb46643a638e0abcee1e868a90d858d65af7a5f855d1508de693177

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000029

MD5 d74c0efac1a9c59152b0325932d399f1
SHA1 a472eadb5b431a4ef40e78ed79eaed9bb8fc8135
SHA256 e8bedfbc203b2d09457d44a4ddfaadfb770d637e332f41487438fa9a7f5352f5
SHA512 8b54060e0a7fa219fb96ada3c4beae832727540d8872a231f71c2a0cddc3abaf061eb2687595be3f4fbfd996bbe0488f44e1e042b28c2aaa45d51f03d0b4e689

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000027

MD5 c53c4b781f53b21562990926425abfd3
SHA1 fff91c4acd5d0c187ad634b79b2619dae9af58ad
SHA256 1692f9c36f3aaa9d3e251a92fd2615b55d6f8e8e0bb286fa87184ecb4e20525c
SHA512 85041e7dd1eff82db0355a471ed64114d214bbf5d9b6b54f5f741e7a83b56f38dd591c854dc16c748db806ffedf896076c8a31af7664429c373497f68323c7b6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000028

MD5 af4dae79f9f397974c31e24f40f5e837
SHA1 1096fde4c71ada3db8464665e435f339d9af9330
SHA256 7b1093bdb910a92ce0ede1f014592464de48baa6ce797bcf39d52d1b6f8b4865
SHA512 f17fe1bb6fb5c69a209f08c4493dd7d6947274e5cd5e25ffa3f55b28e9dc286e83442766844cfb220ee1b800b3e5ccba3dd779d157d6c49622521f284b12fea6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002d

MD5 75f0b0436c11f6a07466c6da72f326ad
SHA1 d1041e5020c65dc8492f477cce31153852c312d3
SHA256 892648fae18931dbef99a5d868179de13cb8142256590cc5737638e3d2110559
SHA512 580c391a2f849c4fe8d4655b90541094f24127679ae598e2eb607d0db6fc62d5fbc13e6e6d78b86a4d95a89fc04858c0b4ac628b08283cfd5a19d493abbb6945

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002c

MD5 e34af9ddddf3e3592ce37babcc6ee9bc
SHA1 5053b73121ef52074a54b1290bfadd73b718f8dd
SHA256 28d7a05bcde9b7778b206dc568158f9f276f7132057bdf5c289aa86191e3e8e6
SHA512 3c4a0bac91880a78122185a7b3090af89e9e146166781e192614c4e2c21c9b98b6c38dd082fe6791857aaaa3de6ada4a526c55e59807516ce0c4c7afbc523d92

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002a

MD5 c75010d4d5c13ead3a962ba2c1f53bb9
SHA1 dab95a4b027ef70e36e139c92fc440f19343071b
SHA256 aff82b4fceb3dbf328b92d4f31fcb545c5ac9e8fe4bc47082a88550ed9a01ab1
SHA512 393a8456beeefceb226d54cdcb2638640360e8248a6c02a02982356cbd1c17ff8b8fda02ded6a2f4df5e7c73d923a72921a8b323dfda0ac0d83ad5cb4e0467bf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002f

MD5 ad998e9bd51907c3fc6bbc2cc1ca9847
SHA1 3005796ec2032f98da807596c13ba0465ed38c21
SHA256 dbe9cf2303df96153cbea3bfef7dc99010e6b9dc978ee3ad920a0ad2b697343a
SHA512 1337916a3bd9e37adce861110d6126ad31a32daa02d8bfc4e9d28d1d632123fa55df4a3e73c2c31ebdb1648eb4c251a9d5001a7e0ae6ccc830b1d16e15e04a15

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\File System\001\t\.usage

MD5 0edec5128c1ad9f14033aac67608f4a7
SHA1 9fbe0a845024186cd5f912f763456ae7e34f1aa2
SHA256 dd9d85694ffd4d6b18c0d6803e70b426d32f78b4324a5eded75c9be5a213f184
SHA512 a99de5ae88108896325a2e022ec63d996b0499197433a1b5381abf44219811571a379b3d9d004e5a65222f177a06bb74cf282ccc927b3b26281da27a45b83c7b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000030

MD5 0c84425225ce575aa5d7da38b5a448f5
SHA1 e16cfed98dcc4bbd8cecfe3c2ade5a09f392dfcb
SHA256 3f5cef20c00263dcde826647567a7b54e912c34b08f88bd5a7e1e4fecd342bd3
SHA512 cba9f8a5bfc20efd4a54665ef7392e822cc8087998295d0c80e241ea37ae3f4cc936e8f041e244dd9226ce07a9a6a838dd8b352df5ec569a6698e5cab332cf01

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock

MD5 f49655f856acb8884cc0ace29216f511
SHA1 cb0f1f87ec0455ec349aaa950c600475ac7b7b6b
SHA256 7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba
SHA512 599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx

MD5 b5ad5caaaee00cb8cf445427975ae66c
SHA1 dcde6527290a326e048f9c3a85280d3fa71e1e22
SHA256 b6409b9d55ce242ff022f7a2d86ae8eff873daabf3a0506031712b8baa6197b8
SHA512 92f7fbbcbbea769b1af6dd7e75577be3eb8bb4a4a6f8a9288d6da4014e1ea309ee649a7b089be09ba27866e175ab6f6a912413256d7e13eaf60f6f30e492ce7f

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val

MD5 d222b77a61527f2c177b0869e7babc24
SHA1 3f23acb984307a4aeba41ebbb70439c97ad1f268
SHA256 80dc3ffa698e4ff2e916f97983b5eae79470203e91cb684c5ccd4ff1a465d747
SHA512 d17d836ea77aeaff4cd01f9c7523345167a4a6bc62528aac74acde12679f48079d75d159e9cea2e614da50e83c2dcd92c374c899ea6c4fe8e5513d9bf06c01ff

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000031

MD5 7feed533c27085150087dc3d45bc131d
SHA1 063247304427213bd074391fbe6d1ff47d57c297
SHA256 60403257f973ce0c3f2cf52b94dcf06bfda863e056bc974be7ae1e0e28eb289e
SHA512 f6077d7537557de43791feda4d03927b5b8fe7a6486174fd9bae86d7f046480f717bd9d6f2648fa49176788f15aad0b3fef6a3e66981251d941038ac3b161910

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 62bd2a36fca7f65a35def95391c40372
SHA1 abc98dfb01886220a6d76a7ee581a88571798f96
SHA256 21824f19d8f9f398ea8183325d923023af1d10120ebfc8d7e6cc1a08f4a9a438
SHA512 629a00ba57ea61d6e4efb7fb4e732250298746f4c53d8f53babf173a123269209e75d951e7a8a393459424fea455c659f20f8beead685d7ee5fc2c130bdf9efc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 7461eae2f43213d7d17c48ca3889ed08
SHA1 bbf4e7cd80711ff4bcc30533841c65291ed462c0
SHA256 ddfa81f4592d26fd29580361876d60172503e8dba6a4a581c25c5f64a944dc70
SHA512 11ac22187e2e09bc076e06125fc6486f868d4c3aa2438a730fb19b820cc6ddd6715a757863c7694c195bd568d8589680b0e3d3a21927e7ae732560f31fea668e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\5cdb5695-21e2-4d48-89ea-baef5ac42e2a.tmp

MD5 29f861087caa9dafb9e8efaaef9c0392
SHA1 4abf062d8f1873675fdbead5f03b3a56cb687b40
SHA256 1dc39a6812612ab0f1ca3b794e67f27029d4fc75ddb3d80e3b873591fcb88c78
SHA512 fa35507343c4b22af5cfd3c9c0ab28a84b2d230966b7f5e78e43f0e42e35ac9a1493d1152a243f2bdb277c8d7a703eb7792cd3aa6f91551091f43ffa0f81937a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 9365f7d8a393e26fdd550988fe597ba9
SHA1 cedc03798ad6e4f75d818a9a6c5966f61ed215b1
SHA256 35e28331068b7558b69d6530e1b085cb9428ed1e401d6c4408d6b6fd02df2cf3
SHA512 018187c1a53209ef2f3b4d3ac72a89b667613a2ddbac2daf3bc7f1fe9cd66f8155a5e03651147986447929ff7f174be7c043d9afc89da1133350e9179d983c53

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 76b6c233a0dafe4d32e5648daabe58a2
SHA1 8851a8b3273a6e07ea7347d10d62e14a674fc9d2
SHA256 03e5ebf43854d782f89e27cf72abbb52a80dad7dafebb66008263bdbd99c2a37
SHA512 f85e6f29a52659653e42a5afd0587d11d92462f97448bde7b83ed71e90ca49a45fcbb8802f9c3f41f4ab78db47e4789a3c50e6197c136598b9f11167e7010462

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 f89a10699a636c2dcf86853bae62c5a5
SHA1 8fb2c6a5027a33eb2dafd4e044d74addc2f08bdf
SHA256 a0986999a10a49e66577a6abe8640c6738a7d469919bc00bdb70748650a41e58
SHA512 9bcb31ba9165920d0580513785219c80c0476f80acd1e20dee2694e162a8e27e39327a5ab72662ddf6bab53a038191d447aff9052742e58b96ffe08362eb899c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index

MD5 d75c2059e04c948e5d9f6b0c6ddc4ddd
SHA1 d5270ef35f811eb8624f418f170b34a901be6e7c
SHA256 6e512a1e8447025bb96973ef787cdac688ca8e8df1ab2a49a502308c1d15f8ba
SHA512 9f195fd5e027976194baf59306cd3cf5e7a2ccfe24a139e914fdf901f8c0c881dadd2c2e0c849062f9950adb78e8753682736426b7c247c122d0b176cb2eebfb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 b92f18f62f5863124e1c06889c9aa42f
SHA1 6c0512d14be308a6042def9d8b21eff63687d25a
SHA256 1d9d6f58c7eed1e153373d7c89e76411c25d2efdc2b1d919d993530775d9b8c9
SHA512 a7b300089bf25719058810e19f4439905efac0051430c6232be6d80e3f1e853b514aace241bb10cfbcf87fa58196cf309ce5af26965040ad672adfd9f574a921

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 e00310b871a11fc58da8fcb42311402b
SHA1 023976ab12de1be7c076fa75421c7e1f14c15732
SHA256 0d5d4e8bef1a2f8ce85b0ff8e91d333fa011312c25bdc56f3620bbec930c543e
SHA512 02de8f0ca5610c4ede8425b9da6b06da2ca8f135393ab28965c471960d464f5031719346614b1f68f389750b5ba432e7de3a189fa6bf254256b08aa110e9f400

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 052081ce96e8f083696a9021c4a5d3d8
SHA1 9135edd7b639b04153e85f77d61b04fad16a7744
SHA256 f36dc95f3fa06ce13120faf01df122a4103b3c55121a8fc8c3c61eb9f1d3d9ba
SHA512 6ca2e601d6fe9819665a449767715488b56d8cf630a600995fa6e678f7ec6d2fa38903760ac885baa3882a901c37bc3faac7290e01ce7b297b8d743616e61820

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 df4a8442773495ae7c404c22a73901d8
SHA1 d62fe9061641f3ca10cd13c49215dcd0549c7e77
SHA256 baa12a1ed5d58d1608a4ff84b03106135335e6ca5b8df191674ea668afabc8d5
SHA512 81b4d55b8e197509ae962d0ab6770b1e8807384920cdef7332f36e1ba267c802652d6ecc08ce4abd77eafd847d27b22f71822fcf7d6e618b3bb7fb58357beac8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\013888a1cda32b90_0

MD5 dfaa4bf01da473bf14d58636724b9e42
SHA1 5744d1282d0edc7c5158e0be31fb00892b0b2848
SHA256 182dd39232ca76f269144d6c8888cdca8c615632c160ee6e324aea8bb4085410
SHA512 175fa4116ea0cd7265ed5e16fbb5c052d0634450248a0bf76f3421375b82a6bbfe1dcffb650819e73f34431d121fdaf919d1867cc34e56718c83aca26eddc8dd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e5a475cf6e8e221716cf5618d677601c
SHA1 b796b2202aca16360f03038c1902426974f53738
SHA256 77bfb4a5e6c95bf82fe27dab8c97171b12b3f8b9b5764a785a3d7487a78ea8e2
SHA512 d4b5ca68687cf0cabe72becbc1456bf67b5b6b91cb6c961981a2f10e90421f23f66e4118e67526d5f66e2d726397a4bd56b2ad8504559fdb83cd62eb29b549cb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 57a5843f008c53836cb5c9d4f932cc79
SHA1 ed8141fbf5f9cf48849c57ce26f380bd95602a6d
SHA256 624b515c704164bf7efb969eaffc76605d5dda621453188eaf9dad453382e3bc
SHA512 c9dd7e1cf5092d5ceb564c805283ad53c450d66576a4ecab9acbeefb87804af112833ed7ff2ea52d58d5eee04798dd3b53553b1577b7c1eea1a9945ffefb25dc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\b6c28cea6ed9dfc1_0

MD5 4030c32ae40c8e9c9d1d00d30d2580af
SHA1 9261abed58fc028d4ac62f21871ea7b799e57da7
SHA256 2a12411f8d002fea72e494be26de63e99f18073c02cdb5404850060c0d3a953a
SHA512 1ff5b22d5b9958f0b3a05ef16010a1d75f9a876c2ad7148fcf011d94dac3fb899b75dbb4f8ea813267f7bb2f697e3b2bbfa7e1949e3081e6145f730fab8e54a6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\013888a1cda32b90_1

MD5 e3d84f376e8e9ea24f808d6785e9645c
SHA1 24e0baa1400a32fc52dc88df942b953e000060b7
SHA256 ee389c69244eae4a6c6df9a5115492184be16073542697a2771406261dd23389
SHA512 9b3d2b9fb81b2ade02238040aa20e3b20c5e6455e1640881c76ae564ddb13177944d044816b7b8789f6abedc8d10d409f27aca55c0748fedaf7d4b35333fb7b6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 df0142d89a05ad88a1d2febf5ade7182
SHA1 af4e43d9bf187da1948a185467d9a0ff273e29aa
SHA256 6cc715d1efea7a047690146660c9614abd090a20ddb0c8cd4c1e1c5d464b6b07
SHA512 4f6deaa03f2944f5264d061aa7c36c6410fdd59a925a43fbc49cc3e0d22669375466d3d7656f7c4ded58ce06eed8c6f0214e55c8c7c456860a412dd3b379dc6c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 88d970f614f56ab51d6fc52cac373d29
SHA1 640815225090c48600c3a1ef87c64ebd33f56723
SHA256 e12b3a8347247e5c03c0c02714c3c1c7db83aaf3cd6dfb859b64a2c107949127
SHA512 e792b9d8e98879eb7d28f7dba25ed09975fb7380786f7a66dc849998abd330cc6a5121574150331004728fdeac148a1c1158f1ef2f05e9a1d26e0f7826415288

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 1ab44b035e2cbc7cfcb50c5123648840
SHA1 690884888e4e7f0b888a613a8704a1fd23194d06
SHA256 a99cb9697350562ff0b5c494d9552f30ff234249912d093de1dc6173d7d79b9f
SHA512 aaaa0ae4c196118386eb1e5bbc8bbc9fada689a0aa778a2400c6a8220f929092ddcac0d1ef3120e2915936db905f02fcac508f89578d4d9e487d6d33feb1b471

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6d416a3eb5d639cad11788c15150d541
SHA1 dba75eb2b518c95000bf7049b8b6964a731fe262
SHA256 003a76463fcce0078fb0b91de0c9eff97d832310317a4da602ea11cc4502f4c0
SHA512 96cf27dc434d98da159e11b1c0ce1d6133bd9867cbe495dfde1bd2332498d4a3777f7f094761fa0e67ea8e58bf96aafa806356ddbf5f270d2a518c40e4e5d904

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 a8362795849b37722b59052afa196044
SHA1 c5fd1f2a337784b8478c81b2f66e6a9bea058cd7
SHA256 d7286993ddf3c200d12c2ad5d66cd1184f3ebbe730dd47dfbda3bead3bc848df
SHA512 2fa87409dedb2e48fc5c51555db3c6e485e6d698497eb02b3e612d8d88b57cbf91d5b361d437ed50b0a672f79baa2a8427b7babf9239566f72c92a2d057a4ade

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 bc1468c85edde2cc49b0ffb4704f00c5
SHA1 3184cd298cf198cde621f59dbc71e7f488dcd668
SHA256 14ec4ef23a2be2a569baf5eccaf0ea3375c0b066adb55d0b92b15c3b5b18aff7
SHA512 d571a53d6112b2e4d9cd58522ec0b01ff2bd24fd3ef8076e6e989458d02da145066f24359c154a48510ab845e254706b24ed8b3e4e98dda0f90f17b13818db25

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b476a9b2e7a6a6d14c96f1e90083e335
SHA1 4ed5e77c8b214b8640aa0fecd2f169bef37b127b
SHA256 a5009973a3a969db6dbaccc7a4609015f176daca0b450731090c202b49a5f75c
SHA512 d16f9c7b14474ece3e303b74b2e8f707b2fe49e664f40c2013190b63aea7215b3aaea377cc391fb8409372ddc85f46bdd570b13cec93816012b8358a9e338617