Malware Analysis Report

2025-06-16 00:20

Sample ID 241112-vc2grsxarn
Target OperaGXSetup.exe
SHA256 e4119a413cec64090b250487d80612c9dab11e6d68d50ea8ee35a3d3899276ad
Tags
discovery spyware stealer
score
7/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
7/10

SHA256

e4119a413cec64090b250487d80612c9dab11e6d68d50ea8ee35a3d3899276ad

Threat Level: Shows suspicious behavior

The file OperaGXSetup.exe was found to be: Shows suspicious behavior.

Malicious Activity Summary

discovery spyware stealer

Executes dropped EXE

Loads dropped DLL

Reads user/profile data of web browsers

Enumerates connected drives

Drops file in Windows directory

Unsigned PE

System Location Discovery: System Language Discovery

Browser Information Discovery

Modifies data under HKEY_USERS

Enumerates system info in registry

Suspicious use of WriteProcessMemory

Suspicious use of SendNotifyMessage

Suspicious use of AdjustPrivilegeToken

Suspicious use of SetWindowsHookEx

Modifies registry class

Modifies system certificate store

Suspicious behavior: EnumeratesProcesses

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of FindShellTrayWindow

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-11-12 16:51

Signatures

Unsigned PE

Description Indicator Process Target
N/A N/A N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-11-12 16:51

Reported

2024-11-12 16:54

Platform

win11-20241007-en

Max time kernel

150s

Max time network

149s

Command Line

"C:\Users\Admin\AppData\Local\Temp\OperaGXSetup.exe"

Signatures

Reads user/profile data of web browsers

spyware stealer

Enumerates connected drives

Description Indicator Process Target
File opened (read-only) \??\D: C:\Users\Admin\AppData\Local\Temp\7zSCF236DE7\setup.exe N/A
File opened (read-only) \??\F: C:\Users\Admin\AppData\Local\Temp\7zSCF236DE7\setup.exe N/A
File opened (read-only) \??\D: C:\Users\Admin\AppData\Local\Temp\7zSCF236DE7\setup.exe N/A
File opened (read-only) \??\F: C:\Users\Admin\AppData\Local\Temp\7zSCF236DE7\setup.exe N/A

Drops file in Windows directory

Description Indicator Process Target
File opened for modification C:\Windows\SystemTemp C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Browser Information Discovery

discovery

System Location Discovery: System Language Discovery

discovery
Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\OperaGXSetup.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\setup.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202411121651401\assistant\Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202411121651401\assistant\assistant_installer.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\7zSCF236DE7\setup.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\7zSCF236DE7\setup.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\7zSCF236DE7\setup.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\7zSCF236DE7\setup.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202411121651401\assistant\assistant_installer.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133759039796965915" C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-2584844841-1405471295-1760131749-1000\{A588DD89-3A47-4A1E-B755-C6AF1CE6C5E8} C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies system certificate store

evasion spyware trojan
Description Indicator Process Target
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\5FB7EE0633E259DBAD0C4C9AE6D38F1A61C7DC25\Blob = 5c000000010000000400000000080000190000000100000010000000ba4f3972e7aed9dccdc210db59da13c90300000001000000140000005fb7ee0633e259dbad0c4c9ae6d38f1a61c7dc251d00000001000000100000008f76b981d528ad4770088245e2031b630b0000000100000012000000440069006700690043006500720074000000140000000100000014000000b13ec36903f8bf4701d498261a0802ef63642bc36200000001000000200000007431e5f4c3c1ce4690774f0b61e05440883ba9a01ed00ba6abd7806ed3b118cf090000000100000034000000303206082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030106082b06010505070308530000000100000040000000303e301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c00f0000000100000014000000e35ef08d884f0a0ade2f75e96301ce6230f213a8040000000100000010000000d474de575c39b2d39c8583c5c065498a2000000001000000c9030000308203c5308202ada003020102021002ac5c266a0b409b8f0b79f2ae462577300d06092a864886f70d0101050500306c310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312b30290603550403132244696769436572742048696768204173737572616e636520455620526f6f74204341301e170d3036313131303030303030305a170d3331313131303030303030305a306c310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312b30290603550403132244696769436572742048696768204173737572616e636520455620526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100c6cce573e6fbd4bbe52d2d32a6dfe5813fc9cd2549b6712ac3d5943467a20a1cb05f69a640b1c4b7b28fd098a4a941593ad3dc94d63cdb7438a44acc4d2582f74aa5531238eef3496d71917e63b6aba65fc3a484f84f6251bef8c5ecdb3892e306e508910cc4284155fbcb5a89157e71e835bf4d72093dbe3a38505b77311b8db3c724459aa7ac6d00145a04b7ba13eb510a984141224e656187814150a6795c89de194a57d52ee65d1c532c7e98cd1a0616a46873d03404135ca171d35a7c55db5e64e13787305604e511b4298012f1793988a202117c2766b788b778f2ca0aa838ab0a64c2bf665d9584c1a1251e875d1a500b2012cc41bb6e0b5138b84bcb0203010001a3633061300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e04160414b13ec36903f8bf4701d498261a0802ef63642bc3301f0603551d23041830168014b13ec36903f8bf4701d498261a0802ef63642bc3300d06092a864886f70d010105050003820101001c1a0697dcd79c9f3c886606085721db2147f82a67aabf183276401057c18af37ad911658e35fa9efc45b59ed94c314bb891e8432c8eb378cedbe3537971d6e5219401da55879a2464f68a66ccde9c37cda834b1699b23c89e78222b7043e35547316119ef58c5852f4e30f6a0311623c8e7e2651633cbbf1a1ba03df8ca5e8b318b6008892d0c065c52b7c4f90a98d1155f9f12be7c366338bd44a47fe4262b0ac497690de98ce2c01057b8c876129155f24869d8bc2a025b0f44d42031dbf4ba70265d90609ebc4b17092fb4cb1e4368c90727c1d25cf7ea21b968129c3c9cbf9efc805c9b63cdec47aa252767a037f300827d54d7a9f8e92e13a377e81f4a C:\Users\Admin\AppData\Local\Temp\7zSCF236DE7\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\D4DE20D05E66FC53FE1A50882C78DB2852CAE474 C:\Users\Admin\AppData\Local\Temp\7zSCF236DE7\setup.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\D4DE20D05E66FC53FE1A50882C78DB2852CAE474\Blob = 0f0000000100000014000000ce0e658aa3e847e467a147b3049191093d055e6f53000000010000007f000000307d3020060a2b06010401b13e01640130123010060a2b0601040182373c0101030200c0301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c009000000010000003e000000303c06082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030906082b0601050507030106082b060105050703080b0000000100000030000000440069006700690043006500720074002000420061006c00740069006d006f0072006500200052006f006f007400000062000000010000002000000016af57a9f676b0ab126095aa5ebadef22ab31119d644ac95cd4b93dbf3f26aeb140000000100000014000000e59d5930824758ccacfa085436867b3ab5044df01d0000000100000010000000918ad43a9475f78bb5243de886d8103c7f000000010000000c000000300a06082b060105050703097e000000010000000800000000c001b39667d601030000000100000014000000d4de20d05e66fc53fe1a50882c78db2852cae47420000000010000007b030000308203773082025fa0030201020204020000b9300d06092a864886f70d0101050500305a310b300906035504061302494531123010060355040a130942616c74696d6f726531133011060355040b130a43796265725472757374312230200603550403131942616c74696d6f7265204379626572547275737420526f6f74301e170d3030303531323138343630305a170d3235303531323233353930305a305a310b300906035504061302494531123010060355040a130942616c74696d6f726531133011060355040b130a43796265725472757374312230200603550403131942616c74696d6f7265204379626572547275737420526f6f7430820122300d06092a864886f70d01010105000382010f003082010a0282010100a304bb22ab983d57e826729ab579d429e2e1e89580b1b0e35b8e2b299a64dfa15dedb009056ddb282ece62a262feb488da12eb38eb219dc0412b01527b8877d31c8fc7bab988b56a09e773e81140a7d1ccca628d2de58f0ba650d2a850c328eaf5ab25878a9a961ca967b83f0cd5f7f952132fc21bd57070f08fc012ca06cb9ae1d9ca337a77d6f8ecb9f16844424813d2c0c2a4ae5e60feb6a605fcb4dd075902d459189863f5a563e0900c7d5db2067af385eaebd403ae5e843e5fff15ed69bcf939367275cf77524df3c9902cb93de5c923533f1f2498215c079929bdc63aece76e863a6b97746333bd681831f0788d76bffc9e8e5d2a86a74d90dc271a390203010001a3453043301d0603551d0e04160414e59d5930824758ccacfa085436867b3ab5044df030120603551d130101ff040830060101ff020103300e0603551d0f0101ff040403020106300d06092a864886f70d01010505000382010100850c5d8ee46f51684205a0ddbb4f27258403bdf764fd2dd730e3a41017ebda2929b6793f76f6191323b8100af958a4d46170bd04616a128a17d50abdc5bc307cd6e90c258d86404feccca37e38c637114feddd68318e4cd2b30174eebe755e07481a7f70ff165c84c07985b805fd7fbe6511a30fc002b4f852373904d5a9317a18bfa02af41299f7a34582e33c5ef59d9eb5c89e7c2ec8a49e4e08144b6dfd706d6b1a63bd64e61fb7cef0f29f2ebb1bb7f250887392c2e2e3168d9a3202ab8e18dde91011ee7e35ab90af3e30947ad0333da7650ff5fc8e9e62cf47442c015dbb1db532d247d2382ed0fe81dc326a1eb5ee3cd5fce7811d19c32442ea6339a9 C:\Users\Admin\AppData\Local\Temp\7zSCF236DE7\setup.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\D4DE20D05E66FC53FE1A50882C78DB2852CAE474\Blob = 19000000010000001000000068cb42b035ea773e52ef50ecf50ec529030000000100000014000000d4de20d05e66fc53fe1a50882c78db2852cae4747e000000010000000800000000c001b39667d6017f000000010000000c000000300a06082b060105050703091d0000000100000010000000918ad43a9475f78bb5243de886d8103c140000000100000014000000e59d5930824758ccacfa085436867b3ab5044df062000000010000002000000016af57a9f676b0ab126095aa5ebadef22ab31119d644ac95cd4b93dbf3f26aeb0b0000000100000030000000440069006700690043006500720074002000420061006c00740069006d006f0072006500200052006f006f007400000009000000010000003e000000303c06082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030906082b0601050507030106082b0601050507030853000000010000007f000000307d3020060a2b06010401b13e01640130123010060a2b0601040182373c0101030200c0301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c00f0000000100000014000000ce0e658aa3e847e467a147b3049191093d055e6f20000000010000007b030000308203773082025fa0030201020204020000b9300d06092a864886f70d0101050500305a310b300906035504061302494531123010060355040a130942616c74696d6f726531133011060355040b130a43796265725472757374312230200603550403131942616c74696d6f7265204379626572547275737420526f6f74301e170d3030303531323138343630305a170d3235303531323233353930305a305a310b300906035504061302494531123010060355040a130942616c74696d6f726531133011060355040b130a43796265725472757374312230200603550403131942616c74696d6f7265204379626572547275737420526f6f7430820122300d06092a864886f70d01010105000382010f003082010a0282010100a304bb22ab983d57e826729ab579d429e2e1e89580b1b0e35b8e2b299a64dfa15dedb009056ddb282ece62a262feb488da12eb38eb219dc0412b01527b8877d31c8fc7bab988b56a09e773e81140a7d1ccca628d2de58f0ba650d2a850c328eaf5ab25878a9a961ca967b83f0cd5f7f952132fc21bd57070f08fc012ca06cb9ae1d9ca337a77d6f8ecb9f16844424813d2c0c2a4ae5e60feb6a605fcb4dd075902d459189863f5a563e0900c7d5db2067af385eaebd403ae5e843e5fff15ed69bcf939367275cf77524df3c9902cb93de5c923533f1f2498215c079929bdc63aece76e863a6b97746333bd681831f0788d76bffc9e8e5d2a86a74d90dc271a390203010001a3453043301d0603551d0e04160414e59d5930824758ccacfa085436867b3ab5044df030120603551d130101ff040830060101ff020103300e0603551d0f0101ff040403020106300d06092a864886f70d01010505000382010100850c5d8ee46f51684205a0ddbb4f27258403bdf764fd2dd730e3a41017ebda2929b6793f76f6191323b8100af958a4d46170bd04616a128a17d50abdc5bc307cd6e90c258d86404feccca37e38c637114feddd68318e4cd2b30174eebe755e07481a7f70ff165c84c07985b805fd7fbe6511a30fc002b4f852373904d5a9317a18bfa02af41299f7a34582e33c5ef59d9eb5c89e7c2ec8a49e4e08144b6dfd706d6b1a63bd64e61fb7cef0f29f2ebb1bb7f250887392c2e2e3168d9a3202ab8e18dde91011ee7e35ab90af3e30947ad0333da7650ff5fc8e9e62cf47442c015dbb1db532d247d2382ed0fe81dc326a1eb5ee3cd5fce7811d19c32442ea6339a9 C:\Users\Admin\AppData\Local\Temp\7zSCF236DE7\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\5FB7EE0633E259DBAD0C4C9AE6D38F1A61C7DC25 C:\Users\Admin\AppData\Local\Temp\7zSCF236DE7\setup.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\5FB7EE0633E259DBAD0C4C9AE6D38F1A61C7DC25\Blob = 040000000100000010000000d474de575c39b2d39c8583c5c065498a0f0000000100000014000000e35ef08d884f0a0ade2f75e96301ce6230f213a8530000000100000040000000303e301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000034000000303206082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030106082b060105050703086200000001000000200000007431e5f4c3c1ce4690774f0b61e05440883ba9a01ed00ba6abd7806ed3b118cf140000000100000014000000b13ec36903f8bf4701d498261a0802ef63642bc30b00000001000000120000004400690067006900430065007200740000001d00000001000000100000008f76b981d528ad4770088245e2031b630300000001000000140000005fb7ee0633e259dbad0c4c9ae6d38f1a61c7dc25190000000100000010000000ba4f3972e7aed9dccdc210db59da13c92000000001000000c9030000308203c5308202ada003020102021002ac5c266a0b409b8f0b79f2ae462577300d06092a864886f70d0101050500306c310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312b30290603550403132244696769436572742048696768204173737572616e636520455620526f6f74204341301e170d3036313131303030303030305a170d3331313131303030303030305a306c310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312b30290603550403132244696769436572742048696768204173737572616e636520455620526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100c6cce573e6fbd4bbe52d2d32a6dfe5813fc9cd2549b6712ac3d5943467a20a1cb05f69a640b1c4b7b28fd098a4a941593ad3dc94d63cdb7438a44acc4d2582f74aa5531238eef3496d71917e63b6aba65fc3a484f84f6251bef8c5ecdb3892e306e508910cc4284155fbcb5a89157e71e835bf4d72093dbe3a38505b77311b8db3c724459aa7ac6d00145a04b7ba13eb510a984141224e656187814150a6795c89de194a57d52ee65d1c532c7e98cd1a0616a46873d03404135ca171d35a7c55db5e64e13787305604e511b4298012f1793988a202117c2766b788b778f2ca0aa838ab0a64c2bf665d9584c1a1251e875d1a500b2012cc41bb6e0b5138b84bcb0203010001a3633061300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e04160414b13ec36903f8bf4701d498261a0802ef63642bc3301f0603551d23041830168014b13ec36903f8bf4701d498261a0802ef63642bc3300d06092a864886f70d010105050003820101001c1a0697dcd79c9f3c886606085721db2147f82a67aabf183276401057c18af37ad911658e35fa9efc45b59ed94c314bb891e8432c8eb378cedbe3537971d6e5219401da55879a2464f68a66ccde9c37cda834b1699b23c89e78222b7043e35547316119ef58c5852f4e30f6a0311623c8e7e2651633cbbf1a1ba03df8ca5e8b318b6008892d0c065c52b7c4f90a98d1155f9f12be7c366338bd44a47fe4262b0ac497690de98ce2c01057b8c876129155f24869d8bc2a025b0f44d42031dbf4ba70265d90609ebc4b17092fb4cb1e4368c90727c1d25cf7ea21b968129c3c9cbf9efc805c9b63cdec47aa252767a037f300827d54d7a9f8e92e13a377e81f4a C:\Users\Admin\AppData\Local\Temp\7zSCF236DE7\setup.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: 33 N/A C:\Windows\system32\AUDIODG.EXE N/A
Token: SeIncBasePriorityPrivilege N/A C:\Windows\system32\AUDIODG.EXE N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zSCF236DE7\setup.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 764 wrote to memory of 3304 N/A C:\Users\Admin\AppData\Local\Temp\OperaGXSetup.exe C:\Users\Admin\AppData\Local\Temp\7zSCF236DE7\setup.exe
PID 764 wrote to memory of 3304 N/A C:\Users\Admin\AppData\Local\Temp\OperaGXSetup.exe C:\Users\Admin\AppData\Local\Temp\7zSCF236DE7\setup.exe
PID 764 wrote to memory of 3304 N/A C:\Users\Admin\AppData\Local\Temp\OperaGXSetup.exe C:\Users\Admin\AppData\Local\Temp\7zSCF236DE7\setup.exe
PID 3304 wrote to memory of 1180 N/A C:\Users\Admin\AppData\Local\Temp\7zSCF236DE7\setup.exe C:\Users\Admin\AppData\Local\Temp\7zSCF236DE7\setup.exe
PID 3304 wrote to memory of 1180 N/A C:\Users\Admin\AppData\Local\Temp\7zSCF236DE7\setup.exe C:\Users\Admin\AppData\Local\Temp\7zSCF236DE7\setup.exe
PID 3304 wrote to memory of 1180 N/A C:\Users\Admin\AppData\Local\Temp\7zSCF236DE7\setup.exe C:\Users\Admin\AppData\Local\Temp\7zSCF236DE7\setup.exe
PID 3304 wrote to memory of 1544 N/A C:\Users\Admin\AppData\Local\Temp\7zSCF236DE7\setup.exe C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\setup.exe
PID 3304 wrote to memory of 1544 N/A C:\Users\Admin\AppData\Local\Temp\7zSCF236DE7\setup.exe C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\setup.exe
PID 3304 wrote to memory of 1544 N/A C:\Users\Admin\AppData\Local\Temp\7zSCF236DE7\setup.exe C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\setup.exe
PID 3304 wrote to memory of 2068 N/A C:\Users\Admin\AppData\Local\Temp\7zSCF236DE7\setup.exe C:\Users\Admin\AppData\Local\Temp\7zSCF236DE7\setup.exe
PID 3304 wrote to memory of 2068 N/A C:\Users\Admin\AppData\Local\Temp\7zSCF236DE7\setup.exe C:\Users\Admin\AppData\Local\Temp\7zSCF236DE7\setup.exe
PID 3304 wrote to memory of 2068 N/A C:\Users\Admin\AppData\Local\Temp\7zSCF236DE7\setup.exe C:\Users\Admin\AppData\Local\Temp\7zSCF236DE7\setup.exe
PID 2068 wrote to memory of 1908 N/A C:\Users\Admin\AppData\Local\Temp\7zSCF236DE7\setup.exe C:\Users\Admin\AppData\Local\Temp\7zSCF236DE7\setup.exe
PID 2068 wrote to memory of 1908 N/A C:\Users\Admin\AppData\Local\Temp\7zSCF236DE7\setup.exe C:\Users\Admin\AppData\Local\Temp\7zSCF236DE7\setup.exe
PID 2068 wrote to memory of 1908 N/A C:\Users\Admin\AppData\Local\Temp\7zSCF236DE7\setup.exe C:\Users\Admin\AppData\Local\Temp\7zSCF236DE7\setup.exe
PID 3304 wrote to memory of 3960 N/A C:\Users\Admin\AppData\Local\Temp\7zSCF236DE7\setup.exe C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202411121651401\assistant\Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe
PID 3304 wrote to memory of 3960 N/A C:\Users\Admin\AppData\Local\Temp\7zSCF236DE7\setup.exe C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202411121651401\assistant\Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe
PID 3304 wrote to memory of 3960 N/A C:\Users\Admin\AppData\Local\Temp\7zSCF236DE7\setup.exe C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202411121651401\assistant\Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe
PID 3304 wrote to memory of 832 N/A C:\Users\Admin\AppData\Local\Temp\7zSCF236DE7\setup.exe C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202411121651401\assistant\assistant_installer.exe
PID 3304 wrote to memory of 832 N/A C:\Users\Admin\AppData\Local\Temp\7zSCF236DE7\setup.exe C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202411121651401\assistant\assistant_installer.exe
PID 3304 wrote to memory of 832 N/A C:\Users\Admin\AppData\Local\Temp\7zSCF236DE7\setup.exe C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202411121651401\assistant\assistant_installer.exe
PID 832 wrote to memory of 3976 N/A C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202411121651401\assistant\assistant_installer.exe C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202411121651401\assistant\assistant_installer.exe
PID 832 wrote to memory of 3976 N/A C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202411121651401\assistant\assistant_installer.exe C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202411121651401\assistant\assistant_installer.exe
PID 832 wrote to memory of 3976 N/A C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202411121651401\assistant\assistant_installer.exe C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202411121651401\assistant\assistant_installer.exe
PID 4880 wrote to memory of 1808 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 1808 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4628 wrote to memory of 3936 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4628 wrote to memory of 3936 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 2116 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 2116 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 2116 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 2116 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 2116 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 2116 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 2116 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 2116 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 2116 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 2116 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 2116 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 2116 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 2116 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 2116 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 2116 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 2116 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 2116 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 2116 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 2116 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 2116 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 2116 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 2116 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 2116 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 2116 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 2116 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 2116 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 2116 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 2116 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 2116 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 2116 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 3736 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 3736 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 2944 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 2944 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 2944 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4880 wrote to memory of 2944 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Users\Admin\AppData\Local\Temp\OperaGXSetup.exe

"C:\Users\Admin\AppData\Local\Temp\OperaGXSetup.exe"

C:\Users\Admin\AppData\Local\Temp\7zSCF236DE7\setup.exe

C:\Users\Admin\AppData\Local\Temp\7zSCF236DE7\setup.exe --server-tracking-blob=ZmM3NDQzZGMwODNlZjc0MGUwZDJkMjc3MTc3OTRlMjVmM2RiN2NlZDFiNzY4MWZhY2JlYWI4MWJiMDRlOThjMDp7ImNvdW50cnkiOiJJVCIsImVkaXRpb24iOiJzdGQtMiIsImh0dHBfcmVmZXJyZXIiOiJodHRwczovL3dvcmsuaW5rLyIsImluc3RhbGxlcl9uYW1lIjoiT3BlcmFHWFNldHVwLmV4ZSIsInByb2R1Y3QiOiJvcGVyYV9neCIsInF1ZXJ5IjoiL29wZXJhX2d4L3N0YWJsZS9lZGl0aW9uL3N0ZC0yLz91dG1fc291cmNlPXdyayZ1dG1fbWVkaXVtPXBiJnV0bV9jYW1wYWlnbj1PcGVyYV9HWCIsInRpbWVzdGFtcCI6IjE3MzE0MzAyMzQuNzQ3OSIsInVzZXJhZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMzAuMC4wLjAgU2FmYXJpLzUzNy4zNiIsInV0bSI6eyJjYW1wYWlnbiI6Ik9wZXJhX0dYIiwibWVkaXVtIjoicGIiLCJzb3VyY2UiOiJ3cmsifSwidXVpZCI6IjhmMDkzMDlkLThmMmItNDY2Yi05OThlLTQ4ZTk2ZTcxNDhkYSJ9

C:\Users\Admin\AppData\Local\Temp\7zSCF236DE7\setup.exe

C:\Users\Admin\AppData\Local\Temp\7zSCF236DE7\setup.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\crash_count.txt" --url=https://crashstats-collector-2.opera.com/ --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktopGX --annotation=ver=114.0.5282.159 --initial-client-data=0x338,0x33c,0x340,0x310,0x344,0x74828c5c,0x74828c68,0x74828c74

C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\setup.exe

"C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\setup.exe" --version

C:\Users\Admin\AppData\Local\Temp\7zSCF236DE7\setup.exe

"C:\Users\Admin\AppData\Local\Temp\7zSCF236DE7\setup.exe" --backend --install --import-browser-data=0 --enable-stats=1 --enable-installer-stats=1 --consent-given=1 --general-interests=1 --general-location=1 --personalized-content=1 --personalized-ads=1 --vought_browser=0 --launchopera=1 --installfolder="C:\Users\Admin\AppData\Local\Programs\Opera GX" --profile-folder --language=en --singleprofile=0 --copyonly=0 --allusers=0 --setdefaultbrowser=1 --pintotaskbar=1 --pintostartmenu=0 --run-at-startup=1 --server-tracking-data=server_tracking_data --initial-pid=3304 --package-dir-prefix="C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_20241112165140" --session-guid=11b5cca8-bb7e-4c3e-bca5-412c863fcecf --server-tracking-blob="NTJkN2E0YjUzN2JkMDA4NjJkYzBmNjQ5ZDI5Y2NhZWJjOTI0Y2I4OGI0ZjA1NDk2NTJhZTE4Y2JlM2QzY2NmODp7ImNvdW50cnkiOiJJVCIsImVkaXRpb24iOiJzdGQtMiIsImh0dHBfcmVmZXJyZXIiOiJodHRwczovL3dvcmsuaW5rLyIsImluc3RhbGxlcl9uYW1lIjoiT3BlcmFHWFNldHVwLmV4ZSIsInByb2R1Y3QiOnsibmFtZSI6Im9wZXJhX2d4In0sInF1ZXJ5IjoiL29wZXJhX2d4L3N0YWJsZS9lZGl0aW9uL3N0ZC0yLz91dG1fc291cmNlPXdyayZ1dG1fbWVkaXVtPXBiJnV0bV9jYW1wYWlnbj1PcGVyYV9HWCIsInN5c3RlbSI6eyJwbGF0Zm9ybSI6eyJhcmNoIjoieDg2XzY0Iiwib3BzeXMiOiJXaW5kb3dzIiwib3BzeXMtdmVyc2lvbiI6IjExIiwicGFja2FnZSI6IkVYRSJ9fSwidGltZXN0YW1wIjoiMTczMTQzMDIzNC43NDc5IiwidXNlcmFnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEzMC4wLjAuMCBTYWZhcmkvNTM3LjM2IiwidXRtIjp7ImNhbXBhaWduIjoiT3BlcmFfR1giLCJtZWRpdW0iOiJwYiIsInNvdXJjZSI6IndyayJ9LCJ1dWlkIjoiOGYwOTMwOWQtOGYyYi00NjZiLTk5OGUtNDhlOTZlNzE0OGRhIn0= " --desktopshortcut=1 --wait-for-package --initial-proc-handle=CC09000000000000

C:\Users\Admin\AppData\Local\Temp\7zSCF236DE7\setup.exe

C:\Users\Admin\AppData\Local\Temp\7zSCF236DE7\setup.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\crash_count.txt" --url=https://crashstats-collector-2.opera.com/ --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktopGX --annotation=ver=114.0.5282.159 --initial-client-data=0x328,0x32c,0x330,0x304,0x334,0x72238c5c,0x72238c68,0x72238c74

C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202411121651401\assistant\Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe

"C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202411121651401\assistant\Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe"

C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202411121651401\assistant\assistant_installer.exe

"C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202411121651401\assistant\assistant_installer.exe" --version

C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202411121651401\assistant\assistant_installer.exe

"C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202411121651401\assistant\assistant_installer.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktopGX --annotation=ver=73.0.3856.382 --initial-client-data=0x288,0x28c,0x290,0x264,0x294,0xcd4f48,0xcd4f58,0xcd4f64

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa5105cc40,0x7ffa5105cc4c,0x7ffa5105cc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa5105cc40,0x7ffa5105cc4c,0x7ffa5105cc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1800,i,18202182159278714031,1114017811501395642,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1792 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2084,i,18202182159278714031,1114017811501395642,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2140 /prefetch:3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2176,i,18202182159278714031,1114017811501395642,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2192 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3056,i,18202182159278714031,1114017811501395642,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3092 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3100,i,18202182159278714031,1114017811501395642,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3244 /prefetch:1

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4488,i,18202182159278714031,1114017811501395642,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3520 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4444,i,18202182159278714031,1114017811501395642,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4224 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4308,i,18202182159278714031,1114017811501395642,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4340 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4312,i,18202182159278714031,1114017811501395642,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4696 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4900,i,18202182159278714031,1114017811501395642,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4304 /prefetch:8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4696,i,18202182159278714031,1114017811501395642,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4932 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4708,i,18202182159278714031,1114017811501395642,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5176 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4324,i,18202182159278714031,1114017811501395642,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4976 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5000,i,18202182159278714031,1114017811501395642,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4996 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=5028,i,18202182159278714031,1114017811501395642,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4720 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=4220,i,18202182159278714031,1114017811501395642,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5356 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=5452,i,18202182159278714031,1114017811501395642,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5504 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-appcompat-clear --field-trial-handle=5400,i,18202182159278714031,1114017811501395642,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5500 /prefetch:8

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x00000000000004D8 0x00000000000004E8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5212,i,18202182159278714031,1114017811501395642,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5252 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5856,i,18202182159278714031,1114017811501395642,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5860 /prefetch:8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalService -p -s NPSMSvc

Network

Country Destination Domain Proto
US 8.8.8.8:53 desktop-netinstaller-sub.osp.opera.software udp
NL 82.145.217.121:443 desktop-netinstaller-sub.osp.opera.software tcp
US 8.8.8.8:53 121.217.145.82.in-addr.arpa udp
US 8.8.8.8:53 88.210.23.2.in-addr.arpa udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
NL 185.26.182.123:443 autoupdate.geo.opera.com tcp
NL 82.145.216.46:443 autoupdate.opera.com tcp
NL 185.26.182.112:443 features.opera-api2.com tcp
US 104.18.25.17:443 api.config.opr.gg tcp
GB 142.250.187.227:80 c.pki.goog tcp
NL 185.26.182.122:443 download.opera.com tcp
GB 2.22.249.200:443 download3.operacdn.com tcp
NL 82.145.217.121:443 desktop-netinstaller-sub.osp.opera.software tcp
US 104.18.11.89:443 download5.operacdn.com tcp
GB 142.250.180.4:443 www.google.com tcp
US 8.8.8.8:53 apis.google.com udp
GB 172.217.169.10:443 ogads-pa.googleapis.com tcp
GB 216.58.201.110:443 apis.google.com tcp
GB 172.217.169.10:443 ogads-pa.googleapis.com tcp
GB 216.58.201.110:443 apis.google.com tcp
GB 172.217.169.10:443 ogads-pa.googleapis.com tcp
US 8.8.8.8:53 67.169.217.172.in-addr.arpa udp
GB 172.217.169.10:443 ogads-pa.googleapis.com udp
GB 142.250.200.14:443 play.google.com tcp
US 8.8.8.8:53 14.200.250.142.in-addr.arpa udp
GB 142.250.178.14:443 clients2.google.com tcp
N/A 224.0.0.251:5353 udp
GB 216.58.213.1:443 clients2.googleusercontent.com tcp
GB 216.58.213.1:443 clients2.googleusercontent.com tcp
GB 142.250.180.4:443 www.google.com udp
GB 142.250.187.234:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 ogads-pa.googleapis.com udp
US 216.239.34.157:443 tunnel.googlezip.net tcp
GB 142.250.179.234:443 ogads-pa.googleapis.com udp
US 216.239.34.157:443 tunnel.googlezip.net tcp
GB 142.250.200.14:443 www.youtube.com tcp
GB 142.250.200.14:443 www.youtube.com udp
GB 172.217.16.238:443 www.youtube.com tcp
GB 216.58.213.14:443 www.youtube.com tcp
GB 216.58.213.14:443 www.youtube.com tcp
GB 216.58.213.14:443 www.youtube.com udp
GB 216.58.212.246:443 i.ytimg.com tcp
NL 173.194.69.84:443 accounts.google.com tcp
NL 173.194.69.84:443 accounts.google.com udp
GB 142.250.187.234:443 ogads-pa.googleapis.com tcp
AU 173.194.28.73:443 rr4---sn-ntq7yner.googlevideo.com tcp
AU 173.194.28.73:443 rr4---sn-ntq7yner.googlevideo.com tcp
AU 173.194.28.73:443 rr4---sn-ntq7yner.googlevideo.com tcp
GB 142.250.180.4:443 www.google.com tcp
GB 142.250.200.14:443 www.youtube.com tcp
GB 142.250.179.238:443 www.youtube.com tcp
GB 142.250.200.14:443 www.youtube.com udp
AU 173.194.28.73:443 rr4---sn-ntq7yner.googlevideo.com tcp
GB 142.250.200.14:443 www.youtube.com tcp
AU 173.194.28.73:443 rr4---sn-ntq7yner.googlevideo.com tcp
GB 142.250.187.234:443 ogads-pa.googleapis.com udp
AU 173.194.28.73:443 rr4---sn-ntq7yner.googlevideo.com tcp
GB 142.250.187.238:443 www.youtube.com tcp
GB 142.250.187.206:443 www.youtube.com tcp
GB 142.250.187.206:443 www.youtube.com udp
GB 142.250.187.206:443 www.youtube.com udp
GB 142.250.180.4:443 www.google.com udp
GB 216.58.212.246:443 i.ytimg.com udp
GB 142.250.187.225:443 yt3.ggpht.com tcp
GB 74.125.175.103:443 rr2---sn-aigl6nzk.googlevideo.com tcp
GB 173.194.138.201:443 rr4---sn-aigzrn7d.googlevideo.com udp
GB 74.125.175.103:443 rr2---sn-aigl6nzk.googlevideo.com udp
GB 142.250.187.225:443 yt3.ggpht.com udp
GB 216.58.213.3:443 beacons.gcp.gvt2.com tcp

Files

C:\Users\Admin\AppData\Local\Temp\7zSCF236DE7\setup.exe

MD5 dcc0d15e77a7872758e65deb0bfc6745
SHA1 1efb89e143bf5edd34d46ae8370ecc13d4c3339f
SHA256 87a168a04a254b1cf1adfe732e8b7b08d5c3e76ddca4e8b7fb4e58ebef85fe64
SHA512 9cb972bcd99fd03a924bbff79e8989a040d1202a77c9d8f62ea862cc6b1d258778410ad9a4de5f2aab43062f5e9fe17d7ab9baa000de98d22a47f1471d1de778

C:\Users\Admin\AppData\Local\Temp\Opera_installer_2411121651389673304.dll

MD5 1b07ce60bc1c77f0cadf13c2e62b1383
SHA1 ca70d0ef99ae5d1ebf85880ee669ad1145e4d79d
SHA256 e48eb19ca0210f9063f4e77c2f14293ee940eeaef2ecb9efceac7f6336cc203f
SHA512 94c358b6dfef0fcb0012a3a43235292b18ebf897043baef0c110570e91cc73721b12f1f771df6d000b4097f3c0cc22dcc65330a9153c7a9643787d24da6108f0

C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports\settings.dat

MD5 acfba93e6f682b392831e0f454ee6d35
SHA1 3ff448a32aeaf03e3dabd998ef2770cdd315fe38
SHA256 244f63b38673425f2eda1fdbc5d1c8360dbeaf797ae798feebf672a10c8c15a8
SHA512 ee4d83b10153ea02f90a2b725e2fc47964f0e54d22d32bbdc77119e2943322ceaac2f3901266a73f516739941d4ebee59131b853ac3ae347099d6b80ee7109d6

C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202411121651401\additional_file0.tmp

MD5 e9a2209b61f4be34f25069a6e54affea
SHA1 6368b0a81608c701b06b97aeff194ce88fd0e3c0
SHA256 e950f17f4181009eeafa9f5306e8a9dfd26d88ca63b1838f44ff0efc738e7d1f
SHA512 59e46277ca79a43ed8b0a25b24eff013e251a75f90587e013b9c12851e5dd7283b6172f7d48583982f6a32069457778ee440025c1c754bf7bb6ce8ae1d2c3fc5

C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202411121651401\assistant\assistant_installer.exe

MD5 4c8fbed0044da34ad25f781c3d117a66
SHA1 8dd93340e3d09de993c3bc12db82680a8e69d653
SHA256 afe569ce9e4f71c23ba5f6e8fd32be62ac9538e397cde8f2ecbe46faa721242a
SHA512 a04e6fd052d2d63a0737c83702c66a9af834f9df8423666508c42b3e1d8384300239c9ddacdc31c1e85140eb1193bcfac209f218750b40342492ffce6e9da481

C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports\settings.dat

MD5 37b5ef50ad23b49623a993fa93b53d9a
SHA1 ab221638904467e8aaede3b4d64d6f23057bfa42
SHA256 1673c6c18f956cf4fa720cc39d9bcfe08bcd7d0f184526a2d8cabca33055c30b
SHA512 a0682c0d4737a9faf248a262b2ff6543135875eb3908bac65b1a59fa3635983cebfce8a1b864f816a2cf2ed5f1b6edd4856b53c5ca5d6b41103ab9d81703d56d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

MD5 79e90b79849ab24f7077995c4e45f1d5
SHA1 3dae744f25bcaa1b690d61b789a8b1e58a790953
SHA256 3d2a7a2b6c89618f30d26fd5dac9ff7d52d6cf1d3651fd7aaa1d1229464b1507
SHA512 6169379e245102bc4b1ff74bc2c7cf356f24fdef55e5f3f8a7323da36f6ca92f1ec38bf230cacecc89c33e12e1b201de417a570a998f31cb281bed3ae8f8deb1

\??\pipe\crashpad_4880_FPUEUCBTKFFETYFO

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Temp\scoped_dir4880_1534442604\14484b76-6ea9-42e9-9bef-20d0249cecb7.tmp

MD5 da75bb05d10acc967eecaac040d3d733
SHA1 95c08e067df713af8992db113f7e9aec84f17181
SHA256 33ae9b8f06dc777bb1a65a6ba6c3f2a01b25cd1afc291426b46d1df27ea6e7e2
SHA512 56533de53872f023809a20d1ea8532cdc2260d40b05c5a7012c8e61576ff092f006a197f759c92c6b8c429eeec4bb542073b491ddcfd5b22cd4ecbe1a8a7c6ef

C:\Users\Admin\AppData\Local\Temp\scoped_dir4880_1534442604\CRX_INSTALL\_locales\en_CA\messages.json

MD5 558659936250e03cc14b60ebf648aa09
SHA1 32f1ce0361bbfdff11e2ffd53d3ae88a8b81a825
SHA256 2445cad863be47bb1c15b57a4960b7b0d01864e63cdfde6395f3b2689dc1444b
SHA512 1632f5a3cd71887774bf3cb8a4d8b787ea6278271657b0f1d113dbe1a7fd42c4daa717cc449f157ce8972037572b882dc946a7dc2c0e549d71982dcdee89f727

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.83.1_0\_locales\en_CA\messages.json

MD5 07ffbe5f24ca348723ff8c6c488abfb8
SHA1 6dc2851e39b2ee38f88cf5c35a90171dbea5b690
SHA256 6895648577286002f1dc9c3366f558484eb7020d52bbf64a296406e61d09599c
SHA512 7ed2c8db851a84f614d5daf1d5fe633bd70301fd7ff8a6723430f05f642ceb3b1ad0a40de65b224661c782ffcec69d996ebe3e5bb6b2f478181e9a07d8cd41f6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.83.1_0\dasherSettingSchema.json

MD5 4ec1df2da46182103d2ffc3b92d20ca5
SHA1 fb9d1ba3710cf31a87165317c6edc110e98994ce
SHA256 6c69ce0fe6fab14f1990a320d704fee362c175c00eb6c9224aa6f41108918ca6
SHA512 939d81e6a82b10ff73a35c931052d8d53d42d915e526665079eeb4820df4d70f1c6aebab70b59519a0014a48514833fefd687d5a3ed1b06482223a168292105d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

MD5 1d63541606fa8d23bac556e00e62beb0
SHA1 09203b72598b3cc6fc1279dd2fa8ad3f12b1eafc
SHA256 e1fcd3741f292b712fc06e866fa9df2b8ffe8be735dddfefb67d889abdd65a0d
SHA512 0ef18bf26301672af2e89ded8734c31342b361d10aca085e5b6fef78c68bcbfaee077a04a850b3b2c26b595e55a09f53c0a4fe0d816ea715050f7444e21324ab

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 dd271e62b0917e51cfa3eea08424b5a5
SHA1 693c8db9ba033364edc5a528a2940187963fd642
SHA256 69237207882afa1da44adc89501e00786d41d4d383962fbc46c71a00d3c59f55
SHA512 c6c37c000a59faf3e992a0ff080336a0b6f2af39a6cd498fad185e9eb8819fa9b78b64b2017dd0a06f058ae7f78f3a6e2dc1f11f13314bcde62be993461c7dcd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 222cfa2efad8b7a5de4032be69bce5b4
SHA1 ff2c8dc3c24e4f4ba90ae35cc4f8f2a4a8d5e726
SHA256 cf5435588aa3dc1c84fc39f7dae02e9f4fae5e7c65d5cb1a5db281446e09e5dc
SHA512 31e3095b83630d49d6bdffee22ad04cf23593ec7ddeebf9169df352dbeb904d7ca917a3bd98da61eaa860079f91e99be830f447635f2d17a1f435174bc040bcd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000008

MD5 e579aca9a74ae76669750d8879e16bf3
SHA1 0b8f462b46ec2b2dbaa728bea79d611411bae752
SHA256 6e51c7866705bf0098febfaf05cf4652f96e69ac806c837bfb1199b6e21e6aaf
SHA512 df22f1dff74631bc14433499d1f61609de71e425410067fd08ec193d100b70d98672228906081c309a06bcba03c097ace885240a3ce71e0da4fdb8a022fc9640

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 1e0521e108eba85d0ab0ea9d7abdc06e
SHA1 6c139939cbcf3b418ad395a60dde97ab7af14231
SHA256 04a622a79c097fe36b7e25d88ccbffd86ff3cb1128b75195e7241adf8baae014
SHA512 e2f1c5121c7a76c214723f5655612ca18f59c0d22c28f856553230d2349990ca2a45c2894b9524787c1442424aa1e71fe6cf508e726e5f82952be966c3796cd2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

MD5 063b576d1590e628dbad86f8adec2165
SHA1 189fbea2f870bc2414bd33fbdc5688a2e0aa9203
SHA256 084c173b486b8f0a153559fe2f6212bc5aeb121be7391bf84d41e520633bc840
SHA512 52a2dc0f6c5864a28c157e6e0e85c067b472827cd6f4f173a7aeb861451286b47daaa2ce7da8dd1cfb3b7e364f64c04524acd97d6866f28ffd22c15fe069ac7d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3706886f4650dd361abe7b3d40c335ac
SHA1 4a30ddc3a2cd6ec368fd0c12c98ec6ab22be878e
SHA256 f0c6449fb3c0f5fa84793d6aa71c0d4ff16132e0942899a978ba740ae6d9bedb
SHA512 5b38be61feeac39ba37145960a7ddabaa094e4fcb0aa66b1fba76d57b461563b727b3c2904909f4c52b60b8d70d8074d6fd077e241e26b82f219d7625bbd0e03

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 926441f564e012e270225584be52b5fb
SHA1 9df6072552e54eb281508aea4dcf88793457aa4e
SHA256 f9108ccfea1e7cd95cf8d6122711e496837459d249c0b9fe1e166fde43614e27
SHA512 49b3949b24bfe2d4ea38ac603bc908d0e9fcc6c335fe5e7bf4d681990802b22602afc4d9b5624bb87b01e529a5925fb9c5a08a02b109c4b5e3c5dab0cdeceffe

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 a9f8380be6d4e0d9e2080a83dccf8426
SHA1 742df85f8bc92dec293eec9bc31edbd6c8b47e72
SHA256 9720488f5a151dbd29396cc68e7dcd5ccae7ab1bce5e96d51ffa19c1acab2a01
SHA512 e33db7caedefc784a14f80d7434c7e3938243387dcebd5e0eadc7ee7efd7d93fa77cfa2cf0652b150a41c5ebfca90d538508cc62d7ef5cd7a39b9c672e306a85

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 6e4c2723a13580e844e2cb085b86e717
SHA1 5e207e87047771c178445f81c954987b20ae6f68
SHA256 9bf0032f1de91048016657958ebcb1bbe1a6d97482312f8b9719c27d33493155
SHA512 e1d1d2dc3c3ba10c91297c7bb448d98039919d44e7225d34131b523613699a58bfcaad73a1392d415da70618b398d1eccc535ef939ad73c73d366c0f9e3cd24e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe59a677.TMP

MD5 2283afdcdae5dc663dfd4b66309786b7
SHA1 0058925f459d181434437c55f6759928f37ed915
SHA256 6007c3092f10ef9d3dfb7369a52706bc497a9103cfd197c625716fd45307f32d
SHA512 86bf6a582b507701dc007d06397cd9520837103b6dfd1ecf6bffdae6026fe955a9677701806ea3200c0265247286db3f9e7b2378c83858273196e3e45711a4e2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8b3a8277cc2bcb9739320ddb7f46e3a7
SHA1 7cafcef44b859cbca897ec3dee2de304d4231b7c
SHA256 8121fbc08a58c7e049368ff7f3b6861d4127e40a70757ac8a84a150f29580f10
SHA512 110f2eefa9ea1b956d28fba669616157ec984bc27eb6f4a47062e07c429c0ad096157645ba32595b8713d9006520eee84b6794aa13bbfd74fab8ca318e664e23

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir4880_604994863\Shortcuts Menu Icons\Monochrome\0\512.png

MD5 206fd9669027c437a36fbf7d73657db7
SHA1 8dee68de4deac72e86bbb28b8e5a915df3b5f3a5
SHA256 0d17a989f42bc129aca8e755871a7025acb6292ce06ca2437e95bedbc328fa18
SHA512 2c89878ec8466edf1f214d918aefc6a9b3de46d06ffacff4fdb85566560e94068601b1e4377d9d2eabefdc1c7f09eb46b00cf4545e377cc84a69edf8e57e48b2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir4880_604994863\Shortcuts Menu Icons\Monochrome\1\512.png

MD5 529a0ad2f85dff6370e98e206ecb6ef9
SHA1 7a4ff97f02962afeca94f1815168f41ba54b0691
SHA256 31db550eb9c0d9afd316dc85cdfd832510e2c48e7d37d4a610c175667a4599c6
SHA512 d00e2d741a0a6321c92a4aab632f8f3bafd33c0e2875f37868e195ed5e7200a647b4c83358edcef5fc7acbc5c57f70410903f39eac76e23e88a342ac5c9c21cd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 9f8e60e535621636a48c5d6c38edbaab
SHA1 237440c2ffa28622d9e85d9d934176a34baf2059
SHA256 196263fe44f0e5be4a32d335cd695de1a7f6432a2541283b190737d0b4741afb
SHA512 bf124e730511d5407d8b7cd68b57c1a03b237af49b01b0ad318297bef218e3486b72a3be466434e255200c0ba93aec20c51540c13a7dfd9efe2cf9ee9c46c423

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 ae0145640f15bfc30d991b38715a589d
SHA1 ee9efbbc9ab28076ef4e397d163882e27cbcc314
SHA256 e28337230b1253afdce4a535850208918842a9f73c9a8eb556042735231414c8
SHA512 8c0e70a4c57a181c38ad3692830fc5c57a5985d31855801e87b65cfd7d147e35505c843d6c13c89cc9c37ed919ad78ce4948ac28b9f9bb45cb312e2325829fca

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 dbb4f8bbf03df87daf6521dabcb085ef
SHA1 82cb79b286f3dce9cdf98c1be2ba610ddea81b3c
SHA256 58528821f09f260f4ea43b527955237258e48a582d56b4d968a153d525ad7c73
SHA512 3ea30aa3c688a0522991c0b2c892dfd6e2d5a0c2b887d1c392b322e459aab079c82ff781b46389c7dafd65902d62cf9e332ec622704db7a5b955aa07a26329c6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 c858a6db23b1e3c0435d346a69d51f54
SHA1 f3c6d555e0fba07aca06dccfe09694726cf0fee3
SHA256 4986c1c3ecd8da354ac49172bbb6d74871c285bef045a5725551e0e70b7226e4
SHA512 263439bfd3237bb77bc1e8d5e2c5c6e07c892eab1156000a96eb084bbf648996270b653cdfe8ebd563d045c1d2d7e31138767b0f314631021fa7e54b77551b66

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 9fe701e47001308639654ca5cde78c77
SHA1 71074b3bc9d4d489026f34ad592c571d1bf9bd47
SHA256 ff210041b18182557e5cc1ba906a894b26cb5b0a803ac33a0fec9ab2b7c36b80
SHA512 c528c3721ff18af9d0c1c98de6b2fa8dec92343773c3396f7b53be6cf22f6fac81c7dea4c9a798ee85985e2b177d9b79f0d56896472c10fe80deaace243b79f9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 734ae290fd62d6a2b4d9804eab8ea4c8
SHA1 cd25e0d7f517d668f64f5e8a0c564976bae208d0
SHA256 75a2990c009f120299785aafadcfb7254423d1e3cd6eab723ad2cf8f502403c8
SHA512 cda6721a903768b2089d184d6377655ff7b98e9eeb5738728ddfb57fe74cc5118e731ee090c9a032953f5f54f44c2e4712379a589b5cb6da318707a4e32ab75b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\238620e4-ae0b-44b4-8523-66b8cd0c3033\index-dir\the-real-index~RFe5a3162.TMP

MD5 4d39414607d0e795f303299d4a6d007c
SHA1 70eb26b1fea019237bf02a10eb35dd9c1e1f1533
SHA256 ddef3a127641c0ef3e91e9acf2ce9debf468c89a9c8e66e9b4674f7fdc5d646d
SHA512 a2586a685088d5bb3942b8ba06e7a0a4c3c7f42cc42bdf1b53b0d8268a106893d01baea07fc423f783a98abfe924ca68b50975329a1ccff497c8c69f9725de2b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\238620e4-ae0b-44b4-8523-66b8cd0c3033\index-dir\the-real-index

MD5 781ba051cb20150ce2c6241558cc5183
SHA1 75345d0b679ba09e9d310bd4fb1e42868fc151c8
SHA256 daec1c2d2bdcf52ff1116937ce345a932f5fee355907c9f744ba5429a3a81da3
SHA512 f23591b49af4e915b8c4b0d573599f9ab632b95e7752895bbc262644f6e6d21164cca3535544d2702b3583e9a79b155a587bb60cc0a1851da36a3ccb3d1c3a75

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e4a9e14803c9c48aa7ee90cce603c992
SHA1 e89dc70a016bcedc199362aeffbc186c4c32db80
SHA256 b9738c802633c8d1d435567fe741100a713a21c8de7b40c11cbc3c1ce2b4a261
SHA512 00d1d34c2ae84b506d2b0ed8a273f3db6592ee4a0382944a3fc1b78ea53c69d96496cabdb8965490d69b5d2543cc0a62dac7bbafd6b8859eaf2e370874fd0403

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 62f65cca2dd688c131adb70e3367a40b
SHA1 e6821fc8a77ce44f55ba84fac8a20416977ddefb
SHA256 9a48966cf56729bd44cd64bff5986f5c1c010c32ebb60e8ecd0c577aca0ef8d5
SHA512 bfefbb2576f8ffb231b358118fcfc9a68f38ede4a35c0f4d08144cb4f4f3e8fe8abdac86a74098626f8ec258a65cee7730f24fe54522926791465a63719ac85e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 52000480551c245c37661d89a7da8cc9
SHA1 44509f62c1eb13fe05f331a5380039318b0b2200
SHA256 55a0162e383a7f9de8d39ac0c24240cc8e37b4ea57630ee1b774192625c08df3
SHA512 24a7616e6887e7f77b82ea44b6341c8b8283c7a7d62ed033f9b405467f1e0f30509089f0c38dc71352365e6c62cb456b68cff68076fbf6d96ef80d976d1d1a1f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 75ef8f361f21fa4f4231609fbe2ebda4
SHA1 40af9daf2bcbc0c02d7d177c250db08e137cf024
SHA256 4c4eb44e82b677790736033e7a29e5be48bf580bd6e01be854d006f19cdb7fae
SHA512 408fbb9d92fc9f8337e307ed86067dd74c0ea50b30dc2b4c926198598affc73d3d8822fb6d9555c54721f5b0ffc2707f02c337e9ac8a028ceab68c09e5cc2b92