Analysis Overview
Threat Level: Likely malicious
The file http://adjustclient.com was found to be: Likely malicious.
Malicious Activity Summary
Modifies boot configuration data using bcdedit
Legitimate hosting services abused for malware hosting/C2
Drops file in Windows directory
Browser Information Discovery
Uses Volume Shadow Copy WMI provider
Enumerates system info in registry
Uses Volume Shadow Copy service COM API
Suspicious use of SendNotifyMessage
Suspicious behavior: EnumeratesProcesses
Suspicious use of WriteProcessMemory
Suspicious use of SetWindowsHookEx
Uses Task Scheduler COM API
Modifies data under HKEY_USERS
Opens file in notepad (likely ransom note)
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Modifies registry class
Suspicious behavior: GetForegroundWindowSpam
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-11-12 14:47
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-11-12 14:47
Reported
2024-11-12 14:54
Platform
win10ltsc2021-20241023-en
Max time kernel
394s
Max time network
397s
Command Line
Signatures
Modifies boot configuration data using bcdedit
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\bcdedit.exe | N/A |
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\SystemTemp | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| File opened for modification | C:\Windows\SystemTemp | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Browser Information Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Themes\History\AutoColor = "0" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent\StartColorMenu = "4288567808" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent\AccentColorMenu = "4292311040" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\AccentColor = "4292311040" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133758964537718349" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationAfterglow = "3288365271" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationAfterglowBalance = "10" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationBlurBalance = "1" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationColorBalance = "89" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\EnableWindowColorization = "70" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationGlassAttribute = "1" | C:\Windows\system32\LogonUI.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent\AccentPalette = a6d8ff0076b9ed00429ce3000078d700005a9e000042750000264200f7630c00 | C:\Windows\system32\LogonUI.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Themes\History | C:\Windows\system32\LogonUI.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationColor = "3288365271" | C:\Windows\system32\LogonUI.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-2319007114-3335580451-2147236418-1000_Classes\json_auto_file | C:\Windows\system32\OpenWith.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2319007114-3335580451-2147236418-1000_Classes\json_auto_file\shell\edit\command\ = "%SystemRoot%\\system32\\NOTEPAD.EXE %1" | C:\Windows\system32\OpenWith.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2319007114-3335580451-2147236418-1000_Classes\json_auto_file\shell\open\command\ = "%SystemRoot%\\system32\\NOTEPAD.EXE %1" | C:\Windows\system32\OpenWith.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2319007114-3335580451-2147236418-1000_Classes\json_auto_file\shell\edit | C:\Windows\system32\OpenWith.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2319007114-3335580451-2147236418-1000_Classes\json_auto_file\shell | C:\Windows\system32\OpenWith.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2319007114-3335580451-2147236418-1000_Classes\json_auto_file\shell\open\command | C:\Windows\system32\OpenWith.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2319007114-3335580451-2147236418-1000_Classes\ef\ = "json_auto_file" | C:\Windows\system32\OpenWith.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4336a54d-038b-4685-ab02-99bb52d3fb8b}\Instance\ | C:\Program Files\Java\jre-1.8\bin\javaw.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2319007114-3335580451-2147236418-1000_Classes\Local Settings | C:\Windows\system32\OpenWith.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2319007114-3335580451-2147236418-1000_Classes\.json\ = "json_auto_file" | C:\Windows\system32\OpenWith.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2319007114-3335580451-2147236418-1000_Classes\ef | C:\Windows\system32\OpenWith.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2319007114-3335580451-2147236418-1000_Classes\Local Settings | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4336a54d-038b-4685-ab02-99bb52d3fb8b}\Instance\ | C:\Program Files\Java\jre-1.8\bin\javaw.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2319007114-3335580451-2147236418-1000_Classes\.json | C:\Windows\system32\OpenWith.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2319007114-3335580451-2147236418-1000_Classes\json_auto_file\shell\edit\command | C:\Windows\system32\OpenWith.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2319007114-3335580451-2147236418-1000_Classes\json_auto_file\shell\open | C:\Windows\system32\OpenWith.exe | N/A |
Opens file in notepad (likely ransom note)
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\NOTEPAD.EXE | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\OpenWith.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Uses Task Scheduler COM API
Uses Volume Shadow Copy WMI provider
Uses Volume Shadow Copy service COM API
Processes
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://adjustclient.com
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x21c,0x220,0x224,0x1f8,0x228,0x7ffd0288cc40,0x7ffd0288cc4c,0x7ffd0288cc58
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1948,i,9502560507982818150,251694709962952259,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=1944 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2008,i,9502560507982818150,251694709962952259,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=2020 /prefetch:3
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2272,i,9502560507982818150,251694709962952259,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=2460 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3108,i,9502560507982818150,251694709962952259,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=3140 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3112,i,9502560507982818150,251694709962952259,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=3168 /prefetch:1
C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4564,i,9502560507982818150,251694709962952259,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=4580 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4076,i,9502560507982818150,251694709962952259,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=3440 /prefetch:8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=5064,i,9502560507982818150,251694709962952259,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=4980 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-appcompat-clear --field-trial-handle=5188,i,9502560507982818150,251694709962952259,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=3760 /prefetch:8
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x450 0x3e4
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=3916,i,9502560507982818150,251694709962952259,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=5412 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2308,i,9502560507982818150,251694709962952259,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=5620 /prefetch:8
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\Adjust\" -spe -an -ai#7zMap19226:74:7zEvent27991
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\Downloads\Adjust\launch.bat" "
C:\Program Files (x86)\Common Files\Oracle\Java\javapath\java.exe
java -jar Adjust.jar
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
C:\Windows\system32\NOTEPAD.EXE
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Downloads\Adjust\configuration.json
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=3144,i,9502560507982818150,251694709962952259,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=3312 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=5676,i,9502560507982818150,251694709962952259,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=3152 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5164,i,9502560507982818150,251694709962952259,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=5692 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.4355 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=5620,i,9502560507982818150,251694709962952259,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=5664 /prefetch:8
C:\Program Files\Java\jre-1.8\bin\javaw.exe
"C:\Program Files\Java\jre-1.8\bin\javaw.exe" -jar "C:\Users\Admin\Downloads\jd-gui-1.6.6.jar"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://java-decompiler.github.io/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x140,0x144,0x148,0x11c,0x14c,0x7ffd0a6c46f8,0x7ffd0a6c4708,0x7ffd0a6c4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2124,9010178170490154295,2417585518789852177,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2132 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2124,9010178170490154295,2417585518789852177,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2288 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2124,9010178170490154295,2417585518789852177,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2948 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,9010178170490154295,2417585518789852177,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3676 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,9010178170490154295,2417585518789852177,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3708 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files\Java\jre-1.8\bin\javaw.exe
"C:\Program Files\Java\jre-1.8\bin\javaw.exe" -jar "C:\Users\Admin\Downloads\jd-gui-1.6.6.jar"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x220,0x224,0x228,0x1fc,0x22c,0x7ffd0288cc40,0x7ffd0288cc4c,0x7ffd0288cc58
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1928,i,8717485440087374476,13139330626971067337,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=1924 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2188,i,8717485440087374476,13139330626971067337,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=2204 /prefetch:3
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2276,i,8717485440087374476,13139330626971067337,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=1788 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3140,i,8717485440087374476,13139330626971067337,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=3148 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3172,i,8717485440087374476,13139330626971067337,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=3180 /prefetch:1
C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4424,i,8717485440087374476,13139330626971067337,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=4532 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4544,i,8717485440087374476,13139330626971067337,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=4664 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4804,i,8717485440087374476,13139330626971067337,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=4808 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4716,i,8717485440087374476,13139330626971067337,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=4700 /prefetch:8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5040,i,8717485440087374476,13139330626971067337,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=5076 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=5096,i,8717485440087374476,13139330626971067337,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=5064 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=5072,i,8717485440087374476,13139330626971067337,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=5168 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=3540,i,8717485440087374476,13139330626971067337,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=4516 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=3512,i,8717485440087374476,13139330626971067337,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=3460 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=3256,i,8717485440087374476,13139330626971067337,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=3216 /prefetch:8
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\Downloads\pcKill.bat" "
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c wmic os get TotalVisibleMemorySize
C:\Windows\System32\Wbem\WMIC.exe
wmic os get TotalVisibleMemorySize
C:\Windows\system32\bcdedit.exe
bcdedit.exe /set removememory 4193744
C:\Windows\system32\shutdown.exe
shutdown /r
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=5320,i,8717485440087374476,13139330626971067337,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=5128 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=4692,i,8717485440087374476,13139330626971067337,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=5528 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=4596,i,8717485440087374476,13139330626971067337,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=3292 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4468,i,8717485440087374476,13139330626971067337,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=5820 /prefetch:8
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\Downloads\Disable Windows Defender.bat" "
C:\Windows\system32\reg.exe
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender" /v "DisableAntiSpyware" /t "REG_DWORD" /d "1" /f
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\Downloads\Disable Windows Defender.bat" "
C:\Windows\system32\reg.exe
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender" /v "DisableAntiSpyware" /t "REG_DWORD" /d "1" /f
C:\Windows\system32\LogonUI.exe
"LogonUI.exe" /flags:0x4 /state0:0xa39ee055 /state1:0x41c64e6d
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | adjustclient.com | udp |
| US | 104.21.4.78:80 | adjustclient.com | tcp |
| US | 104.21.4.78:80 | adjustclient.com | tcp |
| US | 104.21.4.78:443 | adjustclient.com | tcp |
| US | 8.8.8.8:53 | riseclient.com | udp |
| US | 104.26.15.124:443 | riseclient.com | tcp |
| US | 8.8.8.8:53 | 104.219.191.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 107.209.201.84.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 78.4.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.187.250.142.in-addr.arpa | udp |
| US | 104.26.15.124:443 | riseclient.com | udp |
| US | 8.8.8.8:53 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | 124.15.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 71.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | userstat.net | udp |
| US | 8.8.8.8:53 | 1.80.190.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.200.250.142.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 200.163.202.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | fd.api.iris.microsoft.com | udp |
| IE | 20.223.36.55:443 | fd.api.iris.microsoft.com | tcp |
| US | 8.8.8.8:53 | 55.36.223.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.187.3.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | adjust.club | udp |
| US | 104.21.17.168:443 | adjust.club | tcp |
| US | 104.21.17.168:443 | adjust.club | tcp |
| US | 104.21.17.168:443 | adjust.club | udp |
| US | 8.8.8.8:53 | 168.17.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | checkappexec.microsoft.com | udp |
| GB | 172.165.61.93:443 | checkappexec.microsoft.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | 68.209.201.84.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 93.61.165.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| GB | 216.58.213.3:443 | beacons.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | adjust.club | udp |
| US | 8.8.8.8:53 | 3.213.58.216.in-addr.arpa | udp |
| US | 172.67.177.180:443 | adjust.club | tcp |
| US | 8.8.8.8:53 | 180.177.67.172.in-addr.arpa | udp |
| N/A | 127.0.0.1:50137 | tcp | |
| N/A | 127.0.0.1:50139 | tcp | |
| N/A | 127.0.0.1:50141 | tcp | |
| N/A | 127.0.0.1:50143 | tcp | |
| US | 8.8.8.8:53 | 172.214.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | java-decompiler.github.io | udp |
| US | 185.199.109.153:443 | java-decompiler.github.io | tcp |
| US | 185.199.109.153:443 | java-decompiler.github.io | tcp |
| US | 8.8.8.8:53 | ssl.google-analytics.com | udp |
| GB | 216.58.204.72:443 | ssl.google-analytics.com | tcp |
| GB | 216.58.204.72:443 | ssl.google-analytics.com | udp |
| US | 8.8.8.8:53 | 153.109.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 72.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | objects.githubusercontent.com | udp |
| US | 185.199.109.133:443 | objects.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | 215.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.109.199.185.in-addr.arpa | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| GB | 216.58.213.3:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | nav.smartscreen.microsoft.com | udp |
| GB | 51.140.244.186:443 | nav.smartscreen.microsoft.com | tcp |
| US | 185.199.109.153:80 | java-decompiler.github.io | tcp |
| US | 185.199.109.153:80 | java-decompiler.github.io | tcp |
| GB | 51.140.244.186:443 | nav.smartscreen.microsoft.com | tcp |
| US | 185.199.109.153:80 | java-decompiler.github.io | tcp |
| US | 185.199.109.153:80 | java-decompiler.github.io | tcp |
| US | 185.199.109.153:80 | java-decompiler.github.io | tcp |
| US | 185.199.109.153:80 | java-decompiler.github.io | tcp |
| US | 8.8.8.8:53 | 186.244.140.51.in-addr.arpa | udp |
| US | 216.239.34.178:80 | www.google-analytics.com | tcp |
| US | 8.8.8.8:53 | data-edge.smartscreen.microsoft.com | udp |
| GB | 13.87.96.169:443 | data-edge.smartscreen.microsoft.com | tcp |
| GB | 13.87.96.169:443 | data-edge.smartscreen.microsoft.com | tcp |
| GB | 13.87.96.169:443 | data-edge.smartscreen.microsoft.com | tcp |
| US | 8.8.8.8:53 | 203.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 178.34.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 169.96.87.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | search.maven.org | udp |
| US | 54.161.203.229:443 | search.maven.org | tcp |
| US | 8.8.8.8:53 | 229.203.161.54.in-addr.arpa | udp |
| US | 54.161.203.229:443 | search.maven.org | tcp |
| US | 8.8.8.8:53 | 171.117.168.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 216.58.201.100:443 | www.google.com | udp |
| US | 8.8.8.8:53 | ogads-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | 195.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 100.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 227.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 172.217.16.238:443 | play.google.com | udp |
| GB | 172.217.16.238:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| GB | 216.58.213.14:443 | clients2.google.com | udp |
| GB | 216.58.213.14:443 | clients2.google.com | tcp |
| US | 8.8.8.8:53 | 14.213.58.216.in-addr.arpa | udp |
| US | 104.21.17.168:443 | adjust.club | udp |
| US | 8.8.8.8:53 | adjustclient.com | udp |
| US | 172.67.131.203:80 | adjustclient.com | tcp |
| US | 172.67.131.203:80 | adjustclient.com | tcp |
| US | 8.8.8.8:53 | riseclient.com | udp |
| US | 172.67.72.82:443 | riseclient.com | udp |
| US | 8.8.8.8:53 | 203.131.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 82.72.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tunnel.googlezip.net | udp |
| US | 8.8.8.8:53 | dns-tunnel-check.googlezip.net | udp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 8.8.8.8:53 | 226.16.217.172.in-addr.arpa | udp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 8.8.8.8:53 | 157.34.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 172.217.16.238:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | consent.google.com | udp |
| US | 8.8.8.8:53 | github.com | udp |
| US | 8.8.8.8:53 | github.githubassets.com | udp |
| US | 8.8.8.8:53 | avatars.githubusercontent.com | udp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 185.199.111.133:443 | avatars.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | user-images.githubusercontent.com | udp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 8.8.8.8:53 | 154.109.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.111.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| GB | 172.217.169.10:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 140.82.113.22:443 | collector.github.com | tcp |
| GB | 172.217.169.10:443 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | 10.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.113.82.140.in-addr.arpa | udp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | api.github.com | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | 210.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | raw.githubusercontent.com | udp |
| US | 185.199.109.133:443 | raw.githubusercontent.com | tcp |
| GB | 216.58.201.100:443 | www.google.com | udp |
| US | 8.8.8.8:53 | id.google.com | udp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 142.250.200.22:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | 22.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| GB | 142.250.187.238:443 | www.youtube.com | udp |
| GB | 142.250.187.238:443 | www.youtube.com | tcp |
| GB | 142.250.187.238:443 | www.youtube.com | udp |
| GB | 142.250.200.22:443 | i.ytimg.com | tcp |
| GB | 172.217.16.238:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | 238.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| GB | 172.217.169.2:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| GB | 142.250.180.6:443 | static.doubleclick.net | tcp |
| GB | 172.217.169.74:443 | jnn-pa.googleapis.com | tcp |
| GB | 172.217.169.2:443 | googleads.g.doubleclick.net | udp |
| GB | 172.217.169.74:443 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 172.217.16.238:443 | play.google.com | tcp |
| GB | 172.217.16.238:443 | play.google.com | tcp |
| GB | 172.217.16.238:443 | play.google.com | udp |
| US | 8.8.8.8:53 | 2.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 6.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.169.217.172.in-addr.arpa | udp |
Files
\??\pipe\crashpad_2332_KXNOMFZWAIRGFMOH
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState
| MD5 | 634d6a1c0df3b8cfc5faa1e451b6d456 |
| SHA1 | fafaa08047aa4aa2ca555d29f22ee887c5b96f1a |
| SHA256 | 011580ef4ed557e295ba60a50a558893627226fd8c93f2d5f678046340f9f907 |
| SHA512 | fc756a3e6655022266a54f9eeb34c4e6ac716b840333214b04312e953df36ca6eb03f943afdc29cb8a8bdae46c2914ab0fb4c0a60d7f6547c4868a4a3652ec58 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000c
| MD5 | 83e782356ef4f63e48f0377344fade93 |
| SHA1 | b748f9856103a17e73a8ac3cbd488411f853940e |
| SHA256 | 80aaa3552b0c143cf8430111936a13468065f5ee2f2200594ab041c7c5b0b56d |
| SHA512 | 3c9876c205de60e97ca3b26e47f6bb35f1ffc9a0ec8a344c0d959baabe006e21164af9d22bd0d757e16127827a0f5c708600c2934741a922a65744641505da10 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 8116e288bf732e300304af6c06ea1071 |
| SHA1 | e0b38cadefaf3c11d69a28ace385132ba57fd21e |
| SHA256 | 875f43ad375267cdbb383a85a87d71a98981a8cb14fb0a74bb66a8dc9e52538e |
| SHA512 | 8b67bd0310453dcc32bfcfcb12ff5c5471577964b16780716b785313bde48fd6201814b338f37954b274f333004d1b4c639bf909e07c979a0b6e5319938a9b40 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 978a463fcb3e5743bde923c6bc614400 |
| SHA1 | 10a54ef13a698685ab342e6920b9f433c5840ccb |
| SHA256 | df535f8010bc82da3b00e2ce3b2346768575c4150654323d8ba286d7820f87ec |
| SHA512 | 943933a3fef0e1ef3dc8fc4e341f98839a4d6780dc7f72e980caafee288a5303c6e7c58aa52c26c2851179b5076e28a03864c28653da5006080be270be9fe1a8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 213a9e405f089684b6be64cece3132dc |
| SHA1 | 91312a2dad9412bfd3f50697c9df155482d49fce |
| SHA256 | 6b130a9ace5b5d6e8ffae7aa1d1916d9758a4b3d299aadb02329ad9c43647284 |
| SHA512 | 405782b6866d6fa26da317f5ba57004adcb7dac6e2ae2166af88b1ad1257f49703d83d029ecb0bfec28b6432979aca075a675b8a31e2b0bdafd719d098790502 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7fd2181a8c88fdafafa0c6cfe22102e4 |
| SHA1 | 0d1052c57f0c964e4e8559a81f72f59fae673396 |
| SHA256 | 08663d9d1cf7c1f7e121531862182d6b8c7c576de876d3fa763af59969475cf7 |
| SHA512 | cd477c56be7991d617a58f17e5b6a3ec21cfcab1f349fa9077aafa9fa71e3ac43eee09a49553da936378f072ad7a7b4f4745300ceb270dfa10161d4ed8df349c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | e66ecb41cc0388b8c5e378f3e2cf5cab |
| SHA1 | ed6f368d81f6a8c953ded39206daec68d106f125 |
| SHA256 | 0cee59735821a70ab39a4e731ba25d54cdd1082153230949cf9c7ca36c8c4053 |
| SHA512 | 19c74568a034d622ef13873f228e2b84e537afa298209bc18f1a3ec0c26b639a1591525158846c42d2e5ce47ee3293a63fd6606fec599b1302a1403c397824e5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a
| MD5 | 7978ff6b461b0b9aa23da30b7c1a718a |
| SHA1 | 820013931204f6f0bfaa321c41251322732d6ef1 |
| SHA256 | 3c35955e042c63cd23afe6f28f1f0be67e880a7ecef655159984adfe5551036d |
| SHA512 | 9ee1198f7c9c754128701504a6a3762d327cb2da9cce4854ed6eb54500d010f332175fbc0f14d126d6840463b29d710cdc8908a7126e1884e4d88cfc82a0d5d7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000b
| MD5 | 9d3efce8e141e4ea88d25443ff7fce79 |
| SHA1 | 02a736679325bbc111fb027648bdfdce44982c1e |
| SHA256 | a59d06eb1a7ee16b33e3da78159484f3d7000686b23b7e0b657197a3b0c053c6 |
| SHA512 | 15afebc918e7a343356dabb0404363cd7e4c592993440c52ba2bc68bf6bb37f1f9053d450b656f4f3d5e58ac25a93fc28a889c6a207097827de79f73b954c200 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 23c54eec49071e25ff88a7c40e6f658e |
| SHA1 | 2bc7572ddc00da6e25b45f5167661f1ab1bffaf3 |
| SHA256 | 026a35d9780fee08a314f5c535b848da0a5fb5f91dce8774f760a234c344e99d |
| SHA512 | 98336254d386044127c7bf1b87e566c30e200139b8b07ba187c51202d7fe8f29b4f7238d7f07455502d437629f12b9257b47d20576430e1cde21d0d0ffaca2f7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f9da37d88992080e3ae09975540bd7f4 |
| SHA1 | fe3640697cea6509f07782e0c3bcfc7867f0fbad |
| SHA256 | 16278fd7a569a9532e75481031724d1c891d51dd5ab8a41b5a69769b64497969 |
| SHA512 | dcad98d28373a5c0d8388de2c2ce6adaed3c8d35951cea2e0400b2bdbad4cead6315314439060ab4017ca379ad69c0a25fc5b01a4a9dce734a18a1e23aeb9759 |
C:\Users\Admin\Downloads\Adjust.zip.crdownload
| MD5 | c8477a0f195d94e4fcc490e82015ce1f |
| SHA1 | 48efa15f8e1dce2079c1520d55be983c5c6cdbfe |
| SHA256 | 54faddb279bc76961a18f7b23ac661b335f9aa946d4a84fea3885118a9ba1a23 |
| SHA512 | f8039aa6ca0ef01fc338d99b06a2c6ebf08df8a001eb6c9efd4a8619f74598449804c531d5de927c0ea503de0663ed22710bf25180eb5daa83339580d21bae89 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | cb0ac65b338eadecf72016390e13282a |
| SHA1 | 83f0919b8ee4d45e007063b5be4ab4500795408e |
| SHA256 | 448c00ba4047995a70f0f288598126f0ce43618ec66ceb3caad9bcba1607d998 |
| SHA512 | db9e5476ce6eb890ce3173db6ffd7ae17618d3eff9b316e2de099cef104f1ea81a32ccf85353e2eebeb613335faa7f1f932eb17e5dae6ece448aa3d67a7870b8 |
C:\Users\Admin\Downloads\Adjust\launch.bat
| MD5 | 11f888c721558d771d9d7e203146102e |
| SHA1 | 87b76b891ea646de40798dcd2522065f68aaea0d |
| SHA256 | 9fd1f058d59563dd1dd723608304d989f5ee91b20166755b77a8aa87c795e295 |
| SHA512 | 6023860eeca2a817b3c4866ec74e39bce008a16f6a6fc11bfc63acc2d346f371af579b9ffc2655ad953e2379d3edefb4f1ad658bf2dd99ce7f87efe7407d33bd |
C:\Users\Admin\Downloads\Adjust\Adjust.jar
| MD5 | 90fe08b9d7540a0f2a77707b731c3a96 |
| SHA1 | 1c414406229302db5a1ab9efd7bb12c4d2f0f4dc |
| SHA256 | 2721848247230ff1d79fb6e3b431bf5b1ea1924c9023b8b9f5ed59b066e0ccda |
| SHA512 | 76957dcfffa6b4464a1221ffb81a9bba2ab8ab8c6005001dd657e42b889be65f25feec257756e9ec8c1393bd520efca11f6b06d724b2f8ed628e6ab5a06e1a24 |
memory/4652-204-0x0000017992CC0000-0x0000017992CC1000-memory.dmp
memory/4652-205-0x0000017992CC0000-0x0000017992CC1000-memory.dmp
memory/4652-235-0x0000017992CC0000-0x0000017992CC1000-memory.dmp
memory/4652-237-0x0000017992CC0000-0x0000017992CC1000-memory.dmp
memory/4652-267-0x0000017992CC0000-0x0000017992CC1000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7e4491b0b79beaa609edc5cd8be4d045 |
| SHA1 | 74b339fd37b6c02b3a9f1a3855c5aaf88246d6fa |
| SHA256 | 3fc659c119ddf12f24ae2b53237077eb9bf499d5117f81eb60476dd10e670220 |
| SHA512 | 4041bb6d706b1bcc87d7bb2dac4293625937cfb22b3afeaa037f5092a5ad1ad8d11633641660536fa061829d2108a4319163297535cf6045288cd01b014f007e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 4018f5802c0494ba85c38392d0388e6d |
| SHA1 | f0618b76c0800d85301c90d6b1815771f1b6d2c6 |
| SHA256 | 1c60194bfc75cc494e39c132fb61c510a04eff8f34f18b2ea02dedfb5a0e9a36 |
| SHA512 | 0e8ba796182465ffe9ce86bae269643e2496096fca84dff7c04ec6258d287c4d3f4735bd8a020b79d410adafee6469454592a4a3509c34a4e62745e5c370f8cd |
memory/4652-334-0x0000017992CC0000-0x0000017992CC1000-memory.dmp
memory/4652-337-0x0000017992CC0000-0x0000017992CC1000-memory.dmp
memory/4652-342-0x0000017992CC0000-0x0000017992CC1000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 158af30eabbb31e5624358f509e98e94 |
| SHA1 | fe393910603c8c8ca185b7f073bfed19d838028f |
| SHA256 | 26e2cbe0ac975e73ebb120449c9a541646c0a345eddb58abdc941cc3e65a588d |
| SHA512 | 4d9bfe4b60b4d3cb342d1f2c2e219ff313f47e67de07a02cad84b2bc887637e95189f209e20d198b24d8d01e97a54fcdcac0e2290efae3ee18dced818dc1cb29 |
C:\Users\Admin\Downloads\Adjust\configuration.json
| MD5 | b4bc7a19df6d800d72faf549a12e2d88 |
| SHA1 | 5ddd2be788bc1423ab34ddc5719a3d8eec2d8f91 |
| SHA256 | d35bf7e8f951b21ae1fd0093b30309553f856df15c23db5187fefc7ed74e02e3 |
| SHA512 | b5c0fa35dc4976805bec32a246157c93e9575f77e15f0d324bdd51f789bd0560a0e136fc14253023ef5ff99445aaf4c5da1364ddb2dc469eb63ee8c83f8fe233 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8f14d856f23e62713156bca80d83dee6 |
| SHA1 | aaae4829dd167d98a9ea7edd9c3fe6fde16d1ca8 |
| SHA256 | 79c453e77064e46a586f6528a728950da0b74fd3dd94b024d4a8c51579580491 |
| SHA512 | eff67b5437c0f16653dcb4f8e191354df9f62febe4df7a77b23477a36b76e2dec4da2f00e26b355a9ac18da7f8af6dfd21687dde8d8e26898d0e88f2ec2c6850 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | bb84345c3a4ad5a548bd957cb39649a6 |
| SHA1 | 450aac45a131716c20766a7c9546c4bd67974111 |
| SHA256 | c5c3acaefd98f7131714dc426ab1745c19294cbd9f3841c00d4d9b135a1858b5 |
| SHA512 | f3a8828aaf48ff1b33dd62a196df7fcdb0149a8dc85380dab5c0d637269109016345b512168ae8ca263e4f1b97731284c99bc441f61dc25f286b6edb8b5b5602 |
C:\Users\Admin\Downloads\Unconfirmed 158024.crdownload
| MD5 | 5b1e5dfb3f38d089a092e2079289155f |
| SHA1 | bd4fc400c2e41e31a8b516f4d15be726eb44b386 |
| SHA256 | 2c9d3efa8b06438a7284139f68f6efcbfb2a11e0b9d20a3370d50189685afc0b |
| SHA512 | ac05eade3bc70ac72fe92d52f178a4a8a028f00430fa709bcbd4e43564589339e731eb2111c9ef64c0bed26f2edbb510afafc73a4891d0bd018e813539ac1227 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | f1290823b9b6583fcce12b6b1cf6a8f2 |
| SHA1 | ba20585d7a682f1e8cfc28c07dd1c8bcaffa85af |
| SHA256 | 244fe8f99e21953dfc05a7182915fdce8782b47a2dd6a75f6cd435218c049367 |
| SHA512 | 4052c452475de47a4035585268935e1d01ff813ece3abe140e7f5d746c5bcf4aff0ce194babbe1ae50010c80733fdac4365e12551695d53af74e05e27ffa0598 |
C:\ProgramData\Oracle\Java\.oracle_jre_usage\3903daac9bc4a3b7.timestamp
| MD5 | edeaefbd828db2d8f97d8f9b33f39ab4 |
| SHA1 | 22d63ec48858c240b694c6815f985c350381b214 |
| SHA256 | 23bda39447afa4d911bfb692beecee59b902e502d99a73fa681e6f6bb528d7cc |
| SHA512 | 242fcda5da095bd3114beea452c1f101873c083748abacd6bddb17ab97bed6f4527d1ed03f64b4d1a7dcc27b9171a11d2fb2d2bceb664508abaead13664bd9d4 |
memory/5640-429-0x000001BA91480000-0x000001BA91481000-memory.dmp
memory/5640-439-0x000001BA91480000-0x000001BA91481000-memory.dmp
memory/5640-453-0x000001BA91480000-0x000001BA91481000-memory.dmp
memory/5640-462-0x000001BA91480000-0x000001BA91481000-memory.dmp
memory/5640-501-0x000001BA91480000-0x000001BA91481000-memory.dmp
memory/5640-519-0x000001BA91480000-0x000001BA91481000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 0472983a6048a794838e44cd3abe0c24 |
| SHA1 | b0173edebb8dd0e3d8fe71442ff12906263eda58 |
| SHA256 | 491b97355c8a2cf50386c99fd2e7e0a5e7d97da7bf1b68603f61f7b293a03ada |
| SHA512 | 1c2d97f498c5660843ef7843dda9a3cae51b2e8b582ddeaff07d195df2537b7844e14e81293d58bf3c0d751b8daa9198e6bae0792cfe6328848c9b6266c5ba05 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | a60dba916b98ddc58aa8dc013dc1eff2 |
| SHA1 | eb723865b953d9c59f4f10a43807eb742eaf36a1 |
| SHA256 | c191a5f59cc5a7c2e54f582bfb274e67c63d94283e97b34ca3d46e2b5cf1b5a1 |
| SHA512 | 1dbb21ae87c5d2d5765d18110f067d22d6458645705f2c3e3209075519309d73feeb418fa21b33d7758d4cbb18cf048088e56b84e32a264bf4e9f9967f87e961 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 3963b92f9906984249093ebc45769f6c |
| SHA1 | c60d3d83cf45b64dc8aadc280d51665d8f46f232 |
| SHA256 | ed17d09e5cd2400874a46b4ea1695d7808d253839553b4a74c30838fb7a30880 |
| SHA512 | c8cfba843abf125b53a86075ce7c094d5fed80db49d778a3389737f1da429da7eeccae965a66edc1db35fdc28f093af1279b2efb528a273df5d0b89687ca4704 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 32d05d01d96358f7d334df6dab8b12ed |
| SHA1 | 7b371e4797603b195a34721bb21f0e7f1e2929da |
| SHA256 | 287349738fb9020d95f6468fa4a98684685d0195ee5e63e717e4b09aa99b402e |
| SHA512 | e7f73b1af7c7512899728708b890acd25d4c68e971f84d2d5bc24305f972778d8bced6a3c7e3d9f977cf2fc82e0d9e3746a6ccb0f9668a709ac8a4db290c551c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Edge Profile.ico
| MD5 | e5e3377341056643b0494b6842c0b544 |
| SHA1 | d53fd8e256ec9d5cef8ef5387872e544a2df9108 |
| SHA256 | e23040951e464b53b84b11c3466bbd4707a009018819f9ad2a79d1b0b309bc25 |
| SHA512 | 83f09e48d009a5cf83fa9aa8f28187f7f4202c84e2d0d6e5806c468f4a24b2478b73077381d2a21c89aa64884df3c56e8dc94eb4ad2d6a8085ac2feb1e26c2ef |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | a6e9bb3d5ce6a816f8c2df5c8a316195 |
| SHA1 | af5d442cd3b5942e526c51e035ae62f2dba25c10 |
| SHA256 | 1a692738f4e041a09436fd11d5a1b205699e37de97a9c0ef4b7f53e6bf32c906 |
| SHA512 | 8dd5c793ef906e66b177064339fd8fb9751922070d5cfef7793353bbcc779066beee96b290444934ce54e5d59f0620b58d39f4d7f0f4ae3356a12f0a3a521ee2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | b5fffb9ed7c2c7454da60348607ac641 |
| SHA1 | 8d1e01517d1f0532f0871025a38d78f4520b8ebc |
| SHA256 | c8dddfb100f2783ecbb92cec7f878b30d6015c2844296142e710fb9e10cc7c73 |
| SHA512 | 9182a7b31363398393df0e9db6c9e16a14209630cb256e16ccbe41a908b80aa362fc1a736bdfa94d3b74c3db636dc51b717fc31d33a9fa26c3889dec6c0076a7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences
| MD5 | 6e466bd18b7f6077ca9f1d3c125ac5c2 |
| SHA1 | 32a4a64e853f294d98170b86bbace9669b58dfb8 |
| SHA256 | 74fc4f126c0a55211be97a17dc55a73113008a6f27d0fc78b2b47234c0389ddc |
| SHA512 | 9bd77ee253ce4d2971a4b07ed892526ed20ff18a501c6ba2a180c92be62e4a56d4bbf20ba3fc4fbf9cf6ce68b3817cb67013ad5f30211c5af44c1e98608cb9e3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\MANIFEST-000001
| MD5 | 5af87dfd673ba2115e2fcf5cfdb727ab |
| SHA1 | d5b5bbf396dc291274584ef71f444f420b6056f1 |
| SHA256 | f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4 |
| SHA512 | de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 59cb78967f768b667ae54ad1ce4ffd94 |
| SHA1 | 69e58b4c88a3154e1d33c9cc01485de699452de0 |
| SHA256 | 93fdf2aa8b7b816733f298c915c32af18bba2cdefbb23a7c208cc2fda26c8985 |
| SHA512 | 6c6cf9d0f0b6acb98a039584e0d4c797b9addb68349bec2401b0a1c627326268129ca261c402d32db8bf9c71884fcbd8bca394384d920982df79663759530ae4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | b3d6626153af9d5c2c18591bc2fb75b2 |
| SHA1 | 2fbf46d74ae994265a8aecf78b9ca811855702ff |
| SHA256 | a7de665fcbf623a484dd272af834a9b5d723921821ed26cdab3be827b6aeb8cd |
| SHA512 | eb7f75aa6f6aa7aa35f218443d607d22b055dbe5c56f26caadf8bb798a418b5c4f6a6a136222c08150bcea4eae4c35dd75dd362e11b6ad4f960e84d8c32dde93 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | ed3ba7dc6308cd40c5c5567650cdfc78 |
| SHA1 | a275a5122d5481b51fd10f90ec49003a89ebc764 |
| SHA256 | fee167d59484fd10ea0c0f954565514f2b361b59edebc2ea48cd34207df60235 |
| SHA512 | 9dacd9590872393f1cfbe27cdb86fce10a00e7dac62de8cd55f9c624e146f7a368b49625a9294846706dc52e551c590df741f77c1311bd1d1c4e98ecd1fd90a3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 4e09f255609a0b4da4750742199cb350 |
| SHA1 | 368309cd0c779183a50aa76e466d59e334e08036 |
| SHA256 | bb8b53324d5f3e68b7321eac997b97e854ffc5be043768fb13c7b602d9ba8e17 |
| SHA512 | b12e6ca62e93c314609c482bb04b376885ce626153805da32beabd64d5b2201d6d3f07071253d98593d47f79eff060c8a567b747af69ad5dd843b2062a80b353 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences
| MD5 | 8d97ac65c35acc2a4db41c029f23d1b6 |
| SHA1 | ce80016b5268436e332d39de26a1d08c46e0319f |
| SHA256 | 535f78b19014b6a4412df37250262332869c74fbe4f63eb80c9a46d507c306f7 |
| SHA512 | 8f14210be7b8a85ca4edf54c8f6a4a80c9cdb5abbdb3a500463db2225a0c39f89977f523da327e725cd8d1fdb73b055a44900b704f33a8e7ba0797a554adaffd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 94a769adb3363a8dad4459d027b1116f |
| SHA1 | 0e6f434487804e1c1ef0cc97e9f9975ba70d0100 |
| SHA256 | 458f1f43b0f2e04804d3559bf78c8bbec64b820f2dd1fd3ed4bff0ca7285db0f |
| SHA512 | b86f9f01fb5ef723f12e79de3168c1874379c20b5d6074cfef428d0a02053bb5274959317679b7289f4665160207eb9cbb68a11ecba05af047d37224cad6ef6a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache\data_1
| MD5 | f50f89a0a91564d0b8a211f8921aa7de |
| SHA1 | 112403a17dd69d5b9018b8cede023cb3b54eab7d |
| SHA256 | b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec |
| SHA512 | bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b04c748055416c7ff1aeb26901f3bee1 |
| SHA1 | 7d825bafb2854f53bd12618ed18685fc1d4d7172 |
| SHA256 | 009ff3fd20c6daae4c663f420fac1117dc7e08ee8e09d9f8f2be2bd1b7a0349d |
| SHA512 | 058e7a55cea6c93cf7ea828e16c61424545634889212d0b936195f2c4ac9ca029053dd9978afc7c95024e5f01e395e1038c6c50418ae22bfcb09f2533013a83e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7f6916ac8521da9671cb22837b4ed3e8 |
| SHA1 | 5e1b777cfbd96a6db0cf2be189983d88528d02b9 |
| SHA256 | db66c75f570326ffb8e4a572fdbf861bad36d57bc319fb7b3714624f3258c535 |
| SHA512 | 0b74499733764659d442c4422c473500f935c667aed8119799d4ef2e7ba321c3d907d40f59120e6678249f4045385c62c2b120258ceea13ff75d7de82fe0aec6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 574e9b8ec6da9a601474a159d5aa8da6 |
| SHA1 | 2e6519380e654284170e8db4b1f67c8b6fc3d2d4 |
| SHA256 | 468953640f90c1d54369d65b1021a2df4cd37a9071ab84dcbb8a667440bb0cb3 |
| SHA512 | 36901ba56caddc639ac79be0c93f3cb47889926e108332b90c98d0f383eff23034b53b7120c46172b5127933b852e254b7045d5fec6fcaecf187580ca96f3fb2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 37adac9f7440df2ea39a3641d956efc4 |
| SHA1 | c21437926e2cc832da98ccb94cd2ce714c4246b3 |
| SHA256 | 4b9879a44724b31c2a2a21155bd8f29aa56f10e39ca277aab86939d868916536 |
| SHA512 | 6b4a823b414144bd7f8295451d3620f6d33b67c8f58e676eeb7a47c5d5418b9488dfea7ab4fa203be9a15fe1d4cb6cb42dc3cc6764143e0e341ef63a52cac273 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 32ffb6a25833ae24fb79dbf72a4aac5e |
| SHA1 | 05a14ff2ef1617b871464bf89a96d58bc174751a |
| SHA256 | 8014644ff28284d128443c654ef87b048bb9ccae535628ca98d37101036724ab |
| SHA512 | 9a76cb60d6e82b43157c62e676ade923ea4d754fee39c6b25cd0666ddf2a4c2a7cf43d528c7146d767f21089f690f0a98df7db11f64413b0e3e2d1b90523eadf |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3dde148c2c9fc8bdab6d87a3e4a2ad58 |
| SHA1 | f1939242591e62c78b390dbd52b52508dd76c6f7 |
| SHA256 | 09a6fb93f5e594d0d7470f5ccb93462a98ea55f3235e2446d5e2aaa7888f216b |
| SHA512 | 847e407e6f8c3389672eedc12412d8f2a76587deb03f3a9b18d51d02008367ac50a17aa6ad53841457bbfa2e5e587d3f35c253b4abcebadd3020b569773a266d |
C:\ProgramData\Oracle\Java\.oracle_jre_usage\3903daac9bc4a3b7.timestamp
| MD5 | 17e39e319f8832e83e56a5927fc1dede |
| SHA1 | 2dc94ea77b1eb6b678f811426eefbeca4b310c5a |
| SHA256 | cbec5e229088df0c67bdf970d30bb0eb15a3e41c15a1aa633a0af7e26e696421 |
| SHA512 | 52df08a4ce0d34773354c3eafa85e9e51abd5da187ceb719709a0801bdf25eaadc5773e3bedd555e2d94145d79484ae7f4ac6e98908d54ad10fb03f893f58fec |
C:\Users\Admin\AppData\Roaming\jd-gui.cfg
| MD5 | 04cd130d9da29e0afdb7be677b6e380b |
| SHA1 | 7edd14afcf62568775848e47c07ae0af81454956 |
| SHA256 | 26c67a8e770ec6c56dba270f42b179a4897a2545cc179ffa231beb5ea210fff4 |
| SHA512 | e34ee1428bd01a51a750c106ad5100818b37d5896d2f5388da806ba035805a118131d64841f88552255fba91a4f5c6fe23cd221166b21355601bd8dd1767e377 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | aee1e6470cb385c680b9f92c3de66098 |
| SHA1 | eaafb6a20aa627bdb37e9794aaf55b10136a9c8d |
| SHA256 | 13fbb30451812905c194ffa212dfaac53c4c82a09d7344ae63d0ef1cc3e8e25e |
| SHA512 | 6ca5e56c62c3b28f213c296426d18302082b62f1180508b00754028e5c19c202e6cbb7fe8e46c5b1c28ae8eb4f276e7917c78dcec1b829f956d0f9def4ecf988 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 77a98381937b73e24719d7a365f2f09a |
| SHA1 | 86ec258c25323f14ba589c8f73a49c4c6fd9cdde |
| SHA256 | 85c9cacbea4d5fbc1fc84034f847a754de408c7417d739a6544f2350b774eb8f |
| SHA512 | a28256ee20737104fea0137f75610ff2e3936b829d837f4fd23b2a55d7dead377dc717c94e9a6a4aeec15612fe8dcacffa258b699acebf3eb4ff1684851fbfdf |
C:\Users\Admin\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-2319007114-3335580451-2147236418-1000\83aa4cc77f591dfc2374580bbd95f6ba_80a3676e-3a1b-46a8-b68e-cfc55ef45206
| MD5 | c8366ae350e7019aefc9d1e6e6a498c6 |
| SHA1 | 5731d8a3e6568a5f2dfbbc87e3db9637df280b61 |
| SHA256 | 11e6aca8e682c046c83b721eeb5c72c5ef03cb5936c60df6f4993511ddc61238 |
| SHA512 | 33c980d5a638bfc791de291ebf4b6d263b384247ab27f261a54025108f2f85374b579a026e545f81395736dd40fa4696f2163ca17640dd47f1c42bc9971b18cd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 09a765f5f43f6bc06b940b8e5c8a6929 |
| SHA1 | 0b1e4d9d5c6edfea7bf7bed562e8b397eab01361 |
| SHA256 | 2bcc13bf64d539fa873d76b359d138a58932d30b4c76f98fbc067564da75d61a |
| SHA512 | 1dc0aa869581fdbe69bcbd89a69cd3a290bc498a588f449a1f7f4bf14a8f2d03e958139b3561ff58124f52e2340788065da8af03a30f9d57d147fac00ce89113 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | df75bf86a9762e0af37c137ef67ce142 |
| SHA1 | de64f15b736b454b795b467df1d7ccdb3d4557c0 |
| SHA256 | be89912f5dec97263fdbb3960203a740ea04441f50d703a6c45c5397b5018ec7 |
| SHA512 | 2e843b0dbc57b5fa5a93b3bb68b4438aba43625c0d2f39ac3cfe5c66105ff15201bbd5ca0e6ea59401208604f42810b1df0e9e346c620c6efa4190316f412dbe |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 59f3061394f9b544a7b2eddeae4340ac |
| SHA1 | 81da427ea3d17bd3733d19d488d33837043e3793 |
| SHA256 | 6599e428da8c2e40d6ca1e9d334b5e41313225d06fd430dfe9888fbfd2bf841a |
| SHA512 | 50db4a5e4a88ab3bc68b94198e92485d19122dd5048d82ae9200ec79ac958f7170fe1d2b3686e5f5c8c1ece2ee6c733f7bc3650e674314382bf0ad5193750fcd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 632634e445385bcffb4f445fa6638702 |
| SHA1 | 41c542b01ac62bf0ac15c9b4c9ce336d95867d7a |
| SHA256 | f65090568b3d5916a28bc771576852fdbeb069d5366de33633ea0bd70a48ac31 |
| SHA512 | 7ebede0bb5ca23ca8ffaa198518af79acaa074fb258e2d7284a952212633147168de1325ae97a72dc599958ca862bea53c98e860e37bc8d98e9fa4f1f1442ea0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f3ea7c026836613d35e19b2a91a71633 |
| SHA1 | 88b6a94185ca7f6edf3041ce688df016aedb389d |
| SHA256 | 8b0fa84de710dd1997e772bb88918e9fd2d098197e36eedd307a050bda97ce67 |
| SHA512 | e0227621613dad3db803b00c0611a4cf171596b7b456c795f7e8ad2cc75e66f2864ec41f6b19ee9a2e13d7ba14c740976aab9c2eb930d5c95acac1903476cb08 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
| MD5 | 816ce061ec49c6a23fb6b7c8128948d5 |
| SHA1 | 6fa4065b3a254f59150f2c8ed953909284d655d1 |
| SHA256 | f74a15ea907e169cf0e6cd72379f42f3b8fa77fa05db3b811bafec7e2e0dea66 |
| SHA512 | 747c98bcb115b0f29004935017bd260fec8572ecb5686951d569553d5ace19d7adb0ad4cb732112ab6aaca68f84cacd97e509360ea74d66e280bb52a9bb18f3f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations
| MD5 | bc6142469cd7dadf107be9ad87ea4753 |
| SHA1 | 72a9aa05003fab742b0e4dc4c5d9eda6b9f7565c |
| SHA256 | b26da4f8c7e283aa74386da0229d66af14a37986b8ca828e054fc932f68dd557 |
| SHA512 | 47d1a67a16f5dc6d50556c5296e65918f0a2fcad0e8cee5795b100fe8cd89eaf5e1fd67691e8a57af3677883a5d8f104723b1901d11845b286474c8ac56f6182 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1
| MD5 | dea7d3d2af642301a0703fc2b318fc71 |
| SHA1 | 2de977c68e886a4f620ec069ad02741090912382 |
| SHA256 | 5647e63c44be7832f1aa372534ea1a4529cb75191ed24d92b43f3b8fd76f305d |
| SHA512 | b11261e675b4485a21d4325e9b26f333de4492ae8ada03b7a91904980b96cc749b81616ed76b5aed86272ec79d44c5dae69bd9cea2abf28a58acd095c50d0218 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\segmentation_platform\ukm_db-journal
| MD5 | 66ee4288d4e99b0ebc4b483040212254 |
| SHA1 | ffbe105436b4b2cb7cc36f7567722e32a646ad4a |
| SHA256 | 62e9830dec84ae187ced9ed78fcb080ffb8d75d276adc9ec4aa5da987f4bbf58 |
| SHA512 | 79c48326d10b1b32eec56baec10a7cdd5a160b4c7dd8251dcdecaec7f7a0053805d8ee45edd1b6dbce31facab7a551c1906eb02628a2a49ae5bc39e1b1b8d512 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000013
| MD5 | 335ddddebb34a5b248f2f29feacae2f0 |
| SHA1 | 5dd3602a51109f2ea3a9d6a4837497040ed70fba |
| SHA256 | d36b6fd9462b1a3c3b7947dfe72c441dc37cc435c7241c64d229b1280710710c |
| SHA512 | ef04067922dc95bdecd98ae00f9eb13761313217e97dbbea70b3901ad19cf4dabea1dc7f433a761ceb53c05cdf0a8f9d6c36361cba49e0709c6170e10246d6cb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000012
| MD5 | 74816aef4c20535fb2fc6922d1d01b12 |
| SHA1 | 0e072d84d336acea3227bfbc55a4bf6134faf2aa |
| SHA256 | 8a28c64623bd239536d8b6211bc106bbf30bd192ebde02321338f1b838baba95 |
| SHA512 | 3843ade188947fd7f7713635052de7a61bb3368b017bd1587e539007a60e62735a5397d5171d40d1e116f4a593cbca72ef12da60f8636c9db8d9c16328f9d667 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000011
| MD5 | a56896678e0bfeaddc39405019663b51 |
| SHA1 | 1b4d614b6fef1f4485969f79029d3f2fe74b0849 |
| SHA256 | 9d3052c89fff6ae1affd6946134b0a527d79bd4e3923f9b6133e989c22c896ca |
| SHA512 | 40d767cea23cabce43668399eeae0fd93bb9581e0ee12d38010ca6868b2e2918ffdb6566de06f6f8a5d446b3536e1a20141456f5c6517e9be6760b1d9ef0b7dd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000010
| MD5 | 91fb7f406816398a7e50af967350d474 |
| SHA1 | d81a84354a77fbba92403fd75a71bd6ef063bba5 |
| SHA256 | a87588f64a619ba756802f132336789bb605e11370527f36e3fa574836aa19ca |
| SHA512 | 7493fda146b9ff7cb9c24e6f6b1c576371e893f636944044112cf9fd4d2d4b56db854d6dbeddd444a5993d29857cc788e3b20338a8a6a7d37274fc94270930a7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\1012231a-8ee3-40bb-a57d-ea8a7a568abf.tmp
| MD5 | 5058f1af8388633f609cadb75a75dc9d |
| SHA1 | 3a52ce780950d4d969792a2559cd519d7ee8c727 |
| SHA256 | cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8 |
| SHA512 | 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000e
| MD5 | 397f52c3c5465ab933e84822b4758aa4 |
| SHA1 | 512e07e4bb2c1f83708f6808c6632f49a58916f6 |
| SHA256 | 40c9769985a3247fd6c10b1f84b44d89d27815a732a038121f5365c73e52cef9 |
| SHA512 | 47565ea1af42e20d88633478064fa8ef62eaca02efe526fa7211024cdadd7be5ee6ed3a8d84997c58daa42f9d653aee80c93a79763a169880c11bafe7bbf4f27 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000d
| MD5 | 5aff83dc1f15681c63bac26750e098a6 |
| SHA1 | 71a30a6e8e613ee88b8efe5b594e79bc99e049d8 |
| SHA256 | 479b76736691935cdfc1cfcb4aec0e3b3d506f33b6ecc13e9d508586bec4da9e |
| SHA512 | dc3bb164965ee7d951f6fec0d9b38e4cbce567db05ec35ae46c37c247a48a650e09e96b94fdfcb4b95c5610b28322adeec0db3dc36dc34b00e4c630fec906455 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000c
| MD5 | af878bffd67074bfa9c0edb65a443c55 |
| SHA1 | 44cf15ba76650bba1716800a7f9791ddfa84b547 |
| SHA256 | 22ed8947cdd2cf93641e4f00142ad1207f4793b84bb0a92901209a260e74d371 |
| SHA512 | 3c2f20191617a950752b875f2779a721252ef7aa42eba2ece43006b1c17302058bece045011d2b8256ba21c07b4d149a1564141a26b291b4833ef1461c9f07f1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009
| MD5 | 6ede808b0a58d62880cf451709cc4ca7 |
| SHA1 | b859f940a858ec04518307c593b501fbc8cfd230 |
| SHA256 | d1bcf0f7cbdfd5bdd5b9b3986910fe4bdb4c595d5bf63c6cd2d7408bef6a0d4e |
| SHA512 | ca06c55593dcc6fd0130456deb2b8db386a4c4f2c3112997262ee098c54a612ae61a70e3c7ed628b820943216f6d47cce1cc87b83451a7792587b07eedd00617 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000008
| MD5 | 76fe1ffd0982dc085a93d022f6532345 |
| SHA1 | 20acbd80a24e54f8b2fd09ff2c188b208e0498d9 |
| SHA256 | 0e9b73f4a7f3ba34c6508de5ab61160603715a7d075aaf478d38b10fce22187b |
| SHA512 | cc3be624187894efb8eee27ac68ae93e2c53550c93a96b5700b704b858a5f0c3246e5bf77e3c21de3a9c4ad5eb5e90b3753de6c1a5a92d5befca1bf3ae1dbb6a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000007
| MD5 | 405b39c24297263124ce3549c2276806 |
| SHA1 | 636382f060da95df065633995a7a23c9b4f69d10 |
| SHA256 | 898f73acc6db9c2bc0fab7576ef2c741cd5889ac47da229198e2ad85e472f49c |
| SHA512 | 7f3405225bbc1d154991a869f633161367efc813e0d64270f8c6af0a8d4360f235a47b490f1cfac00696fa8a2c55ca12ac995bcec1263d1aaee66626898a4b16 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006
| MD5 | b11dfdd35ab1e018405b87128b7934e9 |
| SHA1 | e11c8b0ad5d1b2036fe6dc21812d9b0e5761e30a |
| SHA256 | 6ec68847cef6df44412c0366f341b0dc595ad1a9862a688a841aacd725253f08 |
| SHA512 | 7f6f9f3a8fd4e7d31f10d9ae0f21e163ca3f2d6cf1808a4621a93b55cf20e9ce6787ec4bdc29114c99eb4b6a572adbf91f69a220e5eb6f2a76066808d6d52216 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000005
| MD5 | 1213a1576548d2901b2f6a6bbc35daff |
| SHA1 | 04401399b6fc7afa39eedd77c5c82d18fcba7592 |
| SHA256 | ebd398386ca1a7c6cb1d964b22f1a107805d84083df97ff5f06202b4810f848f |
| SHA512 | 35a01e9494c973aede41dfcf46051ad3f416e995db7e0e0df5385867cbc1ab5f65118a97c36fe15aa87cfcafadb2bbc35d1eeb5d15a6e156bfcf3837760b1bca |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_3
| MD5 | b25c8af0746c1d63a665ea3ddc7edef2 |
| SHA1 | 121291f0e555a4900d8e63e411532e2effc6414a |
| SHA256 | 02fdbc959b3d5798e25fb4370cc7fca5bcb4c3e121af8210ff37d75b259b6c3c |
| SHA512 | c2425bd50a59bee2b05c6cd0af58af0a08d2e2d57b14003a7f2826702ebb1c2828c92018a42a6aba65e19e159bdb4e2809a1256607a87224cce606fb26e6d2dd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_2
| MD5 | db707aedf582813d12a4def4d29ce30e |
| SHA1 | d0c3d163f602b8a6c4eef87a8018cfa52a54cb71 |
| SHA256 | 2dd914b491fb3b4ca5f920cdb5c81ab2219a7909e2e5c24d5731e1b585d7cd0e |
| SHA512 | 9b8c2b40ee4923f65290a4e78fff3a6cf66ccd742c5dbf81aa928199b86f99f76ec61811dc6968dac42cc6b3446de579a43c20220c3071b58d2123f2a6f6a59f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Visited Links
| MD5 | 1534a1de9c76a889c82ac05a49338082 |
| SHA1 | caa89932198f12bbbd23992bf605222ae21e91ee |
| SHA256 | db4a81a8d31d6ca7290df681dd67b274d00849e343aba0586eb3db7a8659ee28 |
| SHA512 | cec8f928fba5891abf4c5f037dd8bf08a0a87282dca0e87a55221b2604ad7775e32a975c929400b22835579792469a1b590bd17f62149f99c06d59b686f99ea9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_1
| MD5 | b25778e74a215420a7b389d9986e8c37 |
| SHA1 | 7ff5f7652bc0f62bbef2e393172e0387be28726c |
| SHA256 | e84e8d45ca0ee729611141543b0e91eec2c8d84724a82c45eb4c4c77fbe470fb |
| SHA512 | de0bb01be6a8c6fa13a1a94f093f6b45147594d1ec281704a00ea0b78a7942e7991393188209d1553a770fb7e88534ee8b44395ff36202241af96e7acc4de5d9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_0
| MD5 | 4b351aee1859c2a72605be81a9d61ed9 |
| SHA1 | 73da0ce4c488301b9943c061c062ffca670c947f |
| SHA256 | e693fbc3cf9643d03685f738211ea6e660724f8ae56b24441758e5b6b521fbfe |
| SHA512 | 1fb451fe28f1ecb377e6f054a1e9f84eae3bce8768a4962cfa5f58733a96a7ccdaf96bc36433e442d19af0491b6d1e0d2ef9d9ad4aa593197f8345550fc9848b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\LOG
| MD5 | 86eb7bcf701a9d3cd13feb6e1f5f046e |
| SHA1 | dd40b2916f4c97a8eb14dbb211891dc34e2e27cd |
| SHA256 | c9c3115e6da6cf4de526fa63b892932cdd20414920ad11c4aaefe846fe4b5538 |
| SHA512 | 537eb631bc1494f705fd3b91c1c346d83263b3ea33ae5249a15668db070fa79d5fc397e32d52a49b9038dd49525a3889c883f34a029632edccd421ce00ee4226 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Favicons
| MD5 | e6613c616f7cec2d7784131bdcd568aa |
| SHA1 | e7105bd903c33e8d75275b9af84ff84756cebbc0 |
| SHA256 | 21e60f0983a5de9fb74b72436faed72a564bcdd65383f8a581fe7dafad9f620f |
| SHA512 | 9131998bb9c376e1d2649517a3e93b249b5b89c39203a733573a46bf5cf693fae4fd4f47072c5a38f746ff7941f968e1d8c1678cccc7fbe7b52d5a765c60dc07 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG
| MD5 | 604205ae63b87b699e699ebfccf75a85 |
| SHA1 | 425779def65673291c663888387a70c61b89bfed |
| SHA256 | 033cc57a68bca42662af172209489b5acdad37acfb204b33f02d7483e2f87493 |
| SHA512 | b3f06416ef49a0569db4bfa68ce2100cae86ff61d4e9980d6ac59f845de82da0e2c10bf448905321a53e9d06a0b12d934f3054c1ba63e0b16b0317503f580b70 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\segmentation_platform\ukm_db
| MD5 | 04e47f803657bc9f0a73338516da123a |
| SHA1 | 03fa10c2b7f7f8c9c272d87d31c1a854a37223e4 |
| SHA256 | 7240a62fbb76676891e341994417a84ea3681de28175f7243de4cf78dd409aae |
| SHA512 | 7c972c9c515a777a271638b46947d4e8d25cf8a274a8616290cadac38e30cb9db0272b1cc1a3beb6f15a7bc4a00b3bfedd4296e448ea28229756d5b20b453769 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\History
| MD5 | cbfd94d542f4accdd174610ae7957739 |
| SHA1 | 2402d5b34b3250ffb09efd23435862c86b452e02 |
| SHA256 | 396f6f49bb69c1b94b8a560cdbf0e241a636f86a2c73922b9f06513f4fe32f06 |
| SHA512 | e32f22c932f070f7a0a9c1df6fcc7ebe84553cb3e5e0d359df50d72470523d93b4206e43cf8724175b88e00e6a711a863831f8fd130d41f85163d2b445a74f43 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Version
| MD5 | ef48733031b712ca7027624fff3ab208 |
| SHA1 | da4f3812e6afc4b90d2185f4709dfbb6b47714fa |
| SHA256 | c9ce8dbbe51a4131073db3d6ceef1e11eaca6308ad88a86125f221102d2cee99 |
| SHA512 | ce3a5a429e3796977a8019f47806b8c0671b597ead642fcbfbe3144e2b8112d35a9f2250896b7f215d237d0d19c5966caf3fe674165a6d50e14cb2b88c892029 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 815b12cac4bfd620b0d4507d72dda660 |
| SHA1 | dbc348283640607e6cf08ef961985182a83078ca |
| SHA256 | 51a532d991fbe5c860950f4ef2ab36ad86114528f43c4599223c35133763a812 |
| SHA512 | e93c8a33aaad64d2fcebbcd80f01abbeb2a1b571eb3bb381687bf4e8c7fb4b0afda82c840f3ca33a09ada3a77f0c9b47368e1a22295f853899b6c61b2e566871 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\e399f349-7c33-4ce4-8567-d991c7bcebb7.tmp
| MD5 | d4715bf8a06157a7439f9b83797d8a27 |
| SHA1 | 051d2307c88b18ca98ddd58a0c4e09be7b081d50 |
| SHA256 | 14a1ce37045e3a9bbf24092374e8e29f68dd9a428bc3ff0024c0f30b772ef2d6 |
| SHA512 | c398e60b90f1322e6f2a1f3b82885ba4ff7e94c51c916dbfb25525e23acf79cc19fbe03cb2f9b85304bcdb304dd583b30c417bcf1470017fd623ead29fc13885 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | cff55d8aa24eb90144e1057986eca0f1 |
| SHA1 | ab59293841de31ba9f0eb14b5242c30a506b5daf |
| SHA256 | 9e72ab5d16582710dee491fcbbd47bf474ab65e59331a6530a58aad909419bd5 |
| SHA512 | 5a1ced4dce449940d0afc371a298ba78b9434a9500dc8739f66a1761dcb0768d791012b28cf4528f80f9207e5deb59bf10512b3ef493058f2ed5dadeb2b92e91 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
| MD5 | 7c6647e9bdcb28f2daa5d08a05d44936 |
| SHA1 | 9d530d207fb74bfba94a8e1e7149f6fadc627318 |
| SHA256 | d45c26cd6d4f23ca68617db473aa5766aab095806f3e6cb1840ffc9d658c86f0 |
| SHA512 | ed0d8026a4143d04bab12a876a49e840c148894fed68dafdccc7f82692aac430f51220fc432b704562fe05fe73d3d54ad3e7c086f12ccba628172f8afa4120c2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 521d7ceaf90318368a7f91f3a3800323 |
| SHA1 | c2297462a67df8d95985dde17d04be2ac45cc1ee |
| SHA256 | aa9edac4b091c323598069fdc60b290355d3ede4b4c0d406a777eb4862fad826 |
| SHA512 | eb5ce0d2ce3f2c4e96d9abf73ce40df0fd36d6cd6ebebbf31edcfc4cdd307634f55ab13a6b74c0412123b7cc50562aac2bfbc13bc38f3b0ace5c93e6f76cb5b8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 4d88095e77dc15cedab498487a6cc7dd |
| SHA1 | 7b1d74650bfaca518c77425461a57249454678a6 |
| SHA256 | 1e4d7d4fdd9d60541996dca2fd36db4fab16d63b739ca9fdc178385536e51111 |
| SHA512 | 307aee654e2bd2896de2ccbecdd622989251199c3dde8f75306849aa36ac2d64031eba635e3da950daa35d6abda4915e565fe75ce7c80bdda04da1d128b80c45 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 92cebb4466b5f18ad72f4dee85f8f71c |
| SHA1 | 3fc1ec119b378ce9ec6d7a1ed780d0dfabacbb7e |
| SHA256 | c746ec93a9f378063d0ad1b7da78d39127973abd0abfddd0eb74ffcd3cee69be |
| SHA512 | 32a6affe987dd23135b970d802ea5e3f3eea01a43caace0d5cfb008dfcc5d658b54f62a9d636993e38bda36caada71c18b501b9a15f66940ca2655aa8ec74c8e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | af7be8a4c536b785a2ac35abc1fecae7 |
| SHA1 | d485526a8c1dc8dd752227d6c0b89b31b5b9793f |
| SHA256 | 6195074c271ca49cae10e83f0f0781543ca9a1b9bc1bcc5a0c63f12568d0635e |
| SHA512 | 63b56761ea25dfa05f645ca563d670830c1ee105dd9699a13e9c526e21272557979b2ab56cec277159ff3a0204b09c2dbe7f2c947dfd66d7b8846b5365c8ddb3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 60b2ac8be8b28d849822a2f4da255f4e |
| SHA1 | 49c7180082c010ea0a662bdb351ffb6e80d407f4 |
| SHA256 | 7b9bf88f1d655a75bac3474be2c86186093acd2b90c8d792da9a02933fd13420 |
| SHA512 | 2c914b0b1b57fb360a6e6cfd6af2dc46ddaf6adb8b3c8fa2e748771c0f602ded7f762218f69393965e7064f5fb48cd55cfe4039aa19e4f645095d917e91b1b38 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 5ecc584e871f65d0c7062b0ac09afbd8 |
| SHA1 | 24f85408214db87cff340f667ae4eea41b4b6b29 |
| SHA256 | e56756faa6ac29bcaa50b4ae6b8ab46f3b57aa2cf826c0cf6345d22f4bbc02f0 |
| SHA512 | 0849ad84e4c205308cbf3bc83048ef621162aa1eee11fd4d2249180b8982026576cd04a799676cddbeef422609f90dbc9468ac11007ded8cf42e66143e25440e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\2\CacheStorage\index.txt
| MD5 | a7a2f6dbe4e14a9267f786d0d5e06097 |
| SHA1 | 5513aebb0bda58551acacbfc338d903316851a7b |
| SHA256 | dd9045ea2f3beaf0282320db70fdf395854071bf212ad747e8765837ec390cbc |
| SHA512 | aa5d81e7ee3a646afec55aee5435dc84fe06d84d3e7e1c45c934f258292c0c4dc2f2853a13d2f2b37a98fe2f1dcc7639eacf51b09e7dcccb2e29c2cbd3ba1835 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\2\CacheStorage\index.txt~RFe5d3f00.TMP
| MD5 | 19f015f23ebecfd026f2ab163f68f780 |
| SHA1 | f394cb4187c9fb288fd104a75a73e3bb1c7047c4 |
| SHA256 | 15f8e68e47d47a8f93e6330dbde47c0aecc668eb4f4743b4abdc23e91d3bc5b9 |
| SHA512 | 1d4ba8b11d21f59bd79beee23d54a99ea89bfbe8f2da857d255ac772174ab61c969d98362e98bf92a2fb450f828a5225fe9757d4b0fcc33d0cbff2215d5696e2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 96fd2f0ac6173ce9a704be2f30eeb354 |
| SHA1 | 17e337f9eceb115749457d1d0ee6f61e68ae8847 |
| SHA256 | 8ba004cd65edfe184cfcf03dbf0c6321825d8da074136889c68681dbee19ffc2 |
| SHA512 | 550e77f5dfcfd1e41fc1893a5801980d5cc03314e5bbb7aa526205156a1fda368749178f8954e8372b2dbb298405206a9b2f8483aa9891a0941f523a3e040053 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 8f82d7de1b44ac63efa9b18adadf95e7 |
| SHA1 | 8a41cdcf6fb24a17a7127bb0f8be6e2570d3549d |
| SHA256 | 12c189d37a0ed7d82ed503d8a70d7ec73308e18037155e53cce2db51f1cc9c06 |
| SHA512 | d552805288e9c36f24d8137b01d1631855930059b7580b0573392a34377d7335aeb5b086a3061b9fe595e58efddb7059be173e5655ccbb7d9fab7959d49b3c54 |
C:\Users\Admin\Downloads\Disable Windows Defender.bat
| MD5 | 606064bf64d4431c11bb515e6af6cae7 |
| SHA1 | 8e6821e4ba614a44792b0dc1bdb49520be5f8547 |
| SHA256 | b118432ae179089c91f451e54b8cb275c2a8e3afe36651fb558e29d6f797bf87 |
| SHA512 | ca891d2fb98a11590cd36ae43d897212c84c562cb741983338b5330dc58a4eb9167d5362acfb78beae9c1c40ea929dfe9b3724075c87b192ce6b2952dc3d1bdf |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 03a1b9ff7d630e3d493689b90388da0c |
| SHA1 | bf36d6f222535b5a15ac02153eb69d7ee2838fdc |
| SHA256 | 22ac5b887bdeba6441a6acf700226738a431741d35fc7e7390ca0ce0f7b7794e |
| SHA512 | 678b8c4ac416dda0eaffc154facd8b1233d1fd4ed9fc0b8342fb2c0e92f682610ebcd154c1ef2b820fea97db3a56973890125899233a8c1f01047b567309be3c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c8bff6bd0b4d002a0fd4e77809e3549f |
| SHA1 | 8e8909ae194e192379e74e8890efa02e2fd2fe4e |
| SHA256 | 9e23cf11b16fbcc33d5b67c44bbd83895fb64cebb11020bbf125f579799e50e7 |
| SHA512 | 578bea76816f8defa91e6415c1ae07cb425a52c699b928f36e31acf35dd074e1bf979ee5bd9922ac7fd99feba70625da4e643334732d74b18a73d4f3d5948b3d |