Malware Analysis Report

2024-12-07 03:01

Sample ID 241113-rfqynataqa
Target Screenshot 2024-11-13 7.48.42 AM.png
SHA256 99a5938fc480970658f6a7823d41da49a0bce42862d54de92d6003b16791e611
Tags
discovery
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

SHA256

99a5938fc480970658f6a7823d41da49a0bce42862d54de92d6003b16791e611

Threat Level: Likely malicious

The file Screenshot 2024-11-13 7.48.42 AM.png was found to be: Likely malicious.

Malicious Activity Summary

discovery

Downloads MZ/PE file

Drops file in Windows directory

Enumerates physical storage devices

Browser Information Discovery

Modifies data under HKEY_USERS

Suspicious use of SendNotifyMessage

Suspicious use of FindShellTrayWindow

Enumerates system info in registry

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of AdjustPrivilegeToken

Suspicious use of WriteProcessMemory

NTFS ADS

Suspicious behavior: EnumeratesProcesses

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-11-13 14:08

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-11-13 14:08

Reported

2024-11-13 14:11

Platform

win11-20241007-en

Max time kernel

147s

Max time network

150s

Command Line

cmd /c "C:\Users\Admin\AppData\Local\Temp\Screenshot 2024-11-13 7.48.42 AM.png"

Signatures

Downloads MZ/PE file

Drops file in Windows directory

Description Indicator Process Target
File opened for modification C:\Windows\SystemTemp C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Browser Information Discovery

discovery

Enumerates physical storage devices

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133759805292031397" C:\Program Files\Google\Chrome\Application\chrome.exe N/A

NTFS ADS

Description Indicator Process Target
File opened for modification C:\Users\Admin\Downloads\Unconfirmed 593590.crdownload:SmartScreen C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 3384 wrote to memory of 5072 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3384 wrote to memory of 5072 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3384 wrote to memory of 412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3384 wrote to memory of 412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3384 wrote to memory of 412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3384 wrote to memory of 412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3384 wrote to memory of 412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3384 wrote to memory of 412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3384 wrote to memory of 412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3384 wrote to memory of 412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3384 wrote to memory of 412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3384 wrote to memory of 412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3384 wrote to memory of 412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3384 wrote to memory of 412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3384 wrote to memory of 412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3384 wrote to memory of 412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3384 wrote to memory of 412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3384 wrote to memory of 412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3384 wrote to memory of 412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3384 wrote to memory of 412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3384 wrote to memory of 412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3384 wrote to memory of 412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3384 wrote to memory of 412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3384 wrote to memory of 412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3384 wrote to memory of 412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3384 wrote to memory of 412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3384 wrote to memory of 412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3384 wrote to memory of 412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3384 wrote to memory of 412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3384 wrote to memory of 412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3384 wrote to memory of 412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3384 wrote to memory of 412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3384 wrote to memory of 3724 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3384 wrote to memory of 3724 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3384 wrote to memory of 2968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3384 wrote to memory of 2968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3384 wrote to memory of 2968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3384 wrote to memory of 2968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3384 wrote to memory of 2968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3384 wrote to memory of 2968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3384 wrote to memory of 2968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3384 wrote to memory of 2968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3384 wrote to memory of 2968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3384 wrote to memory of 2968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3384 wrote to memory of 2968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3384 wrote to memory of 2968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3384 wrote to memory of 2968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3384 wrote to memory of 2968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3384 wrote to memory of 2968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3384 wrote to memory of 2968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3384 wrote to memory of 2968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3384 wrote to memory of 2968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3384 wrote to memory of 2968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3384 wrote to memory of 2968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3384 wrote to memory of 2968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3384 wrote to memory of 2968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3384 wrote to memory of 2968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3384 wrote to memory of 2968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3384 wrote to memory of 2968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3384 wrote to memory of 2968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3384 wrote to memory of 2968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3384 wrote to memory of 2968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3384 wrote to memory of 2968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3384 wrote to memory of 2968 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Windows\system32\cmd.exe

cmd /c "C:\Users\Admin\AppData\Local\Temp\Screenshot 2024-11-13 7.48.42 AM.png"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffdf719cc40,0x7ffdf719cc4c,0x7ffdf719cc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1828,i,4610168417684968932,15862048248864511554,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1824 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2112,i,4610168417684968932,15862048248864511554,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2124 /prefetch:3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2188,i,4610168417684968932,15862048248864511554,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2204 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3112,i,4610168417684968932,15862048248864511554,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3268 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3256,i,4610168417684968932,15862048248864511554,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3304 /prefetch:1

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4500,i,4610168417684968932,15862048248864511554,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3548 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4320,i,4610168417684968932,15862048248864511554,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4744 /prefetch:8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4812,i,4610168417684968932,15862048248864511554,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4740 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5060,i,4610168417684968932,15862048248864511554,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4804 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5084,i,4610168417684968932,15862048248864511554,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4740 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5028,i,4610168417684968932,15862048248864511554,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5092 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5080,i,4610168417684968932,15862048248864511554,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4972 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=5100,i,4610168417684968932,15862048248864511554,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5092 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=4740,i,4610168417684968932,15862048248864511554,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4800 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=3828,i,4610168417684968932,15862048248864511554,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3380 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=5304,i,4610168417684968932,15862048248864511554,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3484 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=4980,i,4610168417684968932,15862048248864511554,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5380 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=3536,i,4610168417684968932,15862048248864511554,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5328 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --field-trial-handle=3104,i,4610168417684968932,15862048248864511554,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3320 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --field-trial-handle=5204,i,4610168417684968932,15862048248864511554,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3452 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --field-trial-handle=3592,i,4610168417684968932,15862048248864511554,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3412 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffdf7873cb8,0x7ffdf7873cc8,0x7ffdf7873cd8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2036,10004475206297127692,9672348161585713232,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=2056 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2036,10004475206297127692,9672348161585713232,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2112 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2036,10004475206297127692,9672348161585713232,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2736 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,10004475206297127692,9672348161585713232,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3320 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,10004475206297127692,9672348161585713232,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3376 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,10004475206297127692,9672348161585713232,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4912 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,10004475206297127692,9672348161585713232,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4140 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,10004475206297127692,9672348161585713232,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4728 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2036,10004475206297127692,9672348161585713232,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5336 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,10004475206297127692,9672348161585713232,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4700 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,10004475206297127692,9672348161585713232,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3496 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,10004475206297127692,9672348161585713232,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5596 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,10004475206297127692,9672348161585713232,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4036 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=2036,10004475206297127692,9672348161585713232,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5580 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,10004475206297127692,9672348161585713232,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5548 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,10004475206297127692,9672348161585713232,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5720 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,10004475206297127692,9672348161585713232,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3608 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,10004475206297127692,9672348161585713232,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5536 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,10004475206297127692,9672348161585713232,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5652 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,10004475206297127692,9672348161585713232,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5688 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2036,10004475206297127692,9672348161585713232,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4660 /prefetch:8

Network

Country Destination Domain Proto
GB 216.58.201.100:443 www.google.com tcp
GB 216.58.201.100:443 www.google.com udp
GB 216.58.204.78:443 clients2.google.com tcp
N/A 224.0.0.251:5353 udp
GB 142.250.179.225:443 clients2.googleusercontent.com tcp
GB 142.250.200.10:443 content-autofill.googleapis.com tcp
GB 128.116.119.3:443 roblox.com tcp
GB 128.116.119.3:443 roblox.com tcp
GB 128.116.119.4:443 www.roblox.com tcp
US 8.8.8.8:53 static.rbxcdn.com udp
US 8.8.8.8:53 js.rbxcdn.com udp
GB 88.221.135.219:443 css.rbxcdn.com tcp
GB 88.221.135.219:443 css.rbxcdn.com tcp
GB 88.221.135.219:443 css.rbxcdn.com tcp
GB 88.221.135.219:443 css.rbxcdn.com tcp
GB 88.221.135.219:443 css.rbxcdn.com tcp
GB 88.221.135.219:443 css.rbxcdn.com tcp
GB 88.221.135.209:443 static.rbxcdn.com tcp
GB 2.19.252.154:443 js.rbxcdn.com tcp
GB 2.19.252.154:443 js.rbxcdn.com tcp
GB 2.19.252.154:443 js.rbxcdn.com tcp
GB 2.19.252.154:443 js.rbxcdn.com tcp
GB 2.19.252.154:443 js.rbxcdn.com tcp
GB 2.19.252.154:443 js.rbxcdn.com tcp
GB 2.19.252.154:443 js.rbxcdn.com tcp
GB 88.221.135.219:443 css.rbxcdn.com tcp
GB 216.58.201.100:443 www.google.com udp
GB 128.116.119.4:443 ecsv2.roblox.com tcp
GB 88.221.135.219:443 css.rbxcdn.com tcp
GB 2.18.190.145:443 apis.rbxcdn.com tcp
GB 142.250.200.10:443 content-autofill.googleapis.com tcp
GB 88.221.135.81:443 images.rbxcdn.com tcp
GB 88.221.135.81:443 images.rbxcdn.com tcp
GB 88.221.135.81:443 images.rbxcdn.com tcp
GB 88.221.135.81:443 images.rbxcdn.com tcp
GB 88.221.135.81:443 images.rbxcdn.com tcp
GB 88.221.135.81:443 images.rbxcdn.com tcp
DE 172.217.16.131:443 beacons.gcp.gvt2.com tcp
DE 172.217.16.131:443 beacons.gcp.gvt2.com udp
GB 88.221.135.48:443 www.bing.com tcp
GB 88.221.135.56:443 th.bing.com tcp
GB 88.221.135.50:443 www.bing.com tcp
GB 88.221.135.50:443 www.bing.com tcp
GB 88.221.135.56:443 th.bing.com tcp
SE 20.190.181.6:443 login.microsoftonline.com tcp
SE 20.190.181.6:443 login.microsoftonline.com tcp
GB 92.123.26.216:443 www.hitmanpro.com tcp
GB 92.123.26.216:443 www.hitmanpro.com tcp
US 104.18.87.42:443 cdn.cookielaw.org tcp
US 104.18.87.42:443 cdn.cookielaw.org tcp
US 104.18.87.42:443 cdn.cookielaw.org tcp
US 104.16.243.229:443 pricingapi.cleverbridge.com tcp
US 172.64.155.119:443 geolocation.onetrust.com tcp
GB 92.123.26.216:443 www.hitmanpro.com tcp
US 172.64.155.119:443 geolocation.onetrust.com tcp
FR 3.165.136.7:443 scripts.demandbase.com tcp
US 216.239.32.36:443 region1.google-analytics.com tcp
US 8.8.8.8:53 36.32.239.216.in-addr.arpa udp
US 8.8.8.8:53 23.249.124.192.in-addr.arpa udp
US 216.239.32.36:443 region1.google-analytics.com udp
US 35.201.112.186:443 edge.fullstory.com tcp
US 35.201.112.186:443 edge.fullstory.com udp
US 35.186.194.58:443 rs.fullstory.com tcp
US 35.186.194.58:443 rs.fullstory.com udp
US 35.201.112.186:443 edge.fullstory.com udp
US 35.186.194.58:443 rs.fullstory.com udp
GB 2.23.221.234:443 download.sophos.com tcp
GB 2.23.221.234:443 download.sophos.com tcp

Files

\??\pipe\crashpad_3384_BTGWHILOIUIBFQUV

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Temp\scoped_dir3384_1621359970\fd784092-8a6a-456a-9df6-ff44c0fa4619.tmp

MD5 da75bb05d10acc967eecaac040d3d733
SHA1 95c08e067df713af8992db113f7e9aec84f17181
SHA256 33ae9b8f06dc777bb1a65a6ba6c3f2a01b25cd1afc291426b46d1df27ea6e7e2
SHA512 56533de53872f023809a20d1ea8532cdc2260d40b05c5a7012c8e61576ff092f006a197f759c92c6b8c429eeec4bb542073b491ddcfd5b22cd4ecbe1a8a7c6ef

C:\Users\Admin\AppData\Local\Temp\scoped_dir3384_1621359970\CRX_INSTALL\_locales\en_CA\messages.json

MD5 558659936250e03cc14b60ebf648aa09
SHA1 32f1ce0361bbfdff11e2ffd53d3ae88a8b81a825
SHA256 2445cad863be47bb1c15b57a4960b7b0d01864e63cdfde6395f3b2689dc1444b
SHA512 1632f5a3cd71887774bf3cb8a4d8b787ea6278271657b0f1d113dbe1a7fd42c4daa717cc449f157ce8972037572b882dc946a7dc2c0e549d71982dcdee89f727

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.83.1_0\dasherSettingSchema.json

MD5 4ec1df2da46182103d2ffc3b92d20ca5
SHA1 fb9d1ba3710cf31a87165317c6edc110e98994ce
SHA256 6c69ce0fe6fab14f1990a320d704fee362c175c00eb6c9224aa6f41108918ca6
SHA512 939d81e6a82b10ff73a35c931052d8d53d42d915e526665079eeb4820df4d70f1c6aebab70b59519a0014a48514833fefd687d5a3ed1b06482223a168292105d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.83.1_0\_locales\en_CA\messages.json

MD5 07ffbe5f24ca348723ff8c6c488abfb8
SHA1 6dc2851e39b2ee38f88cf5c35a90171dbea5b690
SHA256 6895648577286002f1dc9c3366f558484eb7020d52bbf64a296406e61d09599c
SHA512 7ed2c8db851a84f614d5daf1d5fe633bd70301fd7ff8a6723430f05f642ceb3b1ad0a40de65b224661c782ffcec69d996ebe3e5bb6b2f478181e9a07d8cd41f6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

MD5 db348e8b0151257456885df4ecda1613
SHA1 f4e51ffb728bb0b551724ce21eda5b1094fe6957
SHA256 18bab99f87c46631b98240c4bed3efec0512e1787f0072148a4f3daf6db117c2
SHA512 6cf997393581fb6edd96771ebf2b24b8eaee3cd8c330bd06d1482262260b1be97b1ad6f44d52f6a7d323a4f20f869e1b44dbda4aaa57b13ddeb4f2da387f88f2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000005

MD5 e579aca9a74ae76669750d8879e16bf3
SHA1 0b8f462b46ec2b2dbaa728bea79d611411bae752
SHA256 6e51c7866705bf0098febfaf05cf4652f96e69ac806c837bfb1199b6e21e6aaf
SHA512 df22f1dff74631bc14433499d1f61609de71e425410067fd08ec193d100b70d98672228906081c309a06bcba03c097ace885240a3ce71e0da4fdb8a022fc9640

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 06f650b7410555dc5428b88c67a10410
SHA1 80e40a2133b0c9ae1f176717e06d80d44279e804
SHA256 442811e7ad8f452425366aab239868a6b785a828a26adfa3fb9158e9a38afb36
SHA512 fef203bb5c66c9d0add8469c1c69b54e7974eb2bb944f87a2f93f909ab5ee84deb0c196f280ddd937fb7ba545f2250bf0378414d975ea945dfe3bd9eabb6cbe8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3ff520b2af39245ff9f9c0bb03bde71d
SHA1 88613974bab9b7829f6936a89b7525cebbff3b3d
SHA256 2e30bd3624118ea58c886b4d092d5ad94ce6c26a9d740acb833eb8a960336250
SHA512 4f186182864c5133d47c3cf2d03a3e53b0cbc5915c9b14ba3e0c6a9b304f69d37baa9976bb1835f1d26327bc855ad7a50fd74de0e5a67671fad6d404f0974805

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 8b8b0a4d83ef1152fb1da41cb4dd7b91
SHA1 e99846e536e09e7522467352b1b348c8e6867003
SHA256 87230db331910589858a980d3e0b97968198ed96fa3ca1224b89b03e1c27b1b1
SHA512 f3218b4051604dce71d6b2e93271b8d647bb3e602c4215c5492f645986f1267a1f8fa7877559b58acda30b1596203ddb696b5c1012e4d11e75ed3d3761a2a526

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

MD5 1870a57d11ceb40a697605f2359704ce
SHA1 5c97c3ca08a068bfd41d2e184a04899062eccd09
SHA256 365a06b5b431bbe05b35aa9892cea22049b67a8110088194e2f314db3004a05f
SHA512 3ade285f3727ab62faf4127bb2a120e23981c6dcba72e272bb0dd89cb3d613348a841b6cb68899e25f6c24133ca17cd9f38f08e3592510eb475082f3978ab297

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 cdb2630eb8e4a166129a7e952b744273
SHA1 436df933955453d94bf2e42c6d4e2ece873f879d
SHA256 a4f194f95469f799676ed139e9ae132a83325b6675e964381c846d889dd0c990
SHA512 c921baaf4385e5b8a79bd0a7f950067b5d4bb2214265c5e0373a66632d7b610774f9b899fe74c37be0d9c9ee270ff59d2122743786647b1faadf1428ba725bdf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 bccc15f4cc447ecbd4276027a730f444
SHA1 7c449f8dcf06f9f8dea3d49cbac763fd54938330
SHA256 fa7569d5b61f52e03577b679818dfd9ae0c6a431d0f19cddcbd25180029a4e0a
SHA512 203fa4d50b2cb3918f66de4fcd19ed3d1d4355e2ff9e83f4bfdf656b6824709b40993818604c56453d073502ca4d2f62bcf54a93ec07a7f18cf777bf73a3110e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 9bfb06a7f4ff99c1b5489e3ee688ffb4
SHA1 e2a5a14f3f743b4480d1850cde20fd721d031e04
SHA256 8ad78ef8e204a58ef9c3726082ea252b44c1e516b5e263aafe186e460fe484cf
SHA512 fd671689d02a7eb90834ae990b0f1315ea1662835bba6fdaef5686a392ef9e556e5855217b7540fe40b1bfae92b404c306dec06cc9f97460ec0f0167d6a5a69f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006

MD5 503766d5e5838b4fcadf8c3f72e43605
SHA1 6c8b2fa17150d77929b7dc183d8363f12ff81f59
SHA256 c53b8a39416067f4d70c21be02ca9c84724b1c525d34e7910482b64d8e301cf9
SHA512 5ead599ae1410a5c0e09ee73d0fdf8e8a75864ab6ce12f0777b2938fd54df62993767249f5121af97aa629d8f7c5eae182214b6f67117476e1e2b9a72f34e0b4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\25508b0b-5254-4574-8ee9-f69c708d452a.tmp

MD5 f4830e23f6369fe327af05ad27693eeb
SHA1 51d1db5a0883cdcf50a8ce2df97c3ab9938a4980
SHA256 1c756a220f77978bac642fe6e71126043499f9907e53794b60796cf5e5b77156
SHA512 57e59e3aa377cb85c5d9c945f5e2e803283eb55cf921e9924c6ed18f899d5cb7ddd6b1280f4f8894a408c16ee45d7e2583b4a2cfa9223ba10a6dc1231cf697a0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 c796fa69581b7bfecf9992dac13bf8b0
SHA1 6b2714361665733ad21703d9f9083a091be6392d
SHA256 9010b186ea7c7b61c11ac324bdd473f3953c6aa28892ed11b08f267c9323e22d
SHA512 b122ea90d51fa19a6a7b382b62d1cfe2eff683be4cc072c053ae6b79dccd4aa61ffd102b27762041ef27c38e269287a3eabe2931a514e9e2713a739a51537aa3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 4c8f6d5b6edd751af6d83eb5189f597f
SHA1 349e1a7305e5fe24751aca03adbc8607b7c5d10c
SHA256 8156bb7a698658f24f4829bd6a010e075f7f8bca096bd04d45002146a1e19c71
SHA512 e404dd6beddfa4de39f5680f4b736555761cdff1c5774e40b5f3b6973e8c7153bff29ae79a6162f9e71456aa58390cf21a63d3226742eae55875cca40ad478e8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\4b4bfcdbca80cfd9_0

MD5 014a3a181c8f388377a4f345ad254e66
SHA1 3a64d4b1f3dd8466e0c66366fb5e925160245a1b
SHA256 56263d90af9d44b369d50f10b377e7c97df012112a55a43f6b72660f099ee3bc
SHA512 1fac26268456f350fbf7c1e48261b6e4ef3bf261e6e2d21a6ce89b3c3910499156c7b444823f638752a1d6dea93839c6b58ece08fb301939cc547ccf5bafbd5d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\2299b5f5b587bac5_0

MD5 a4f9c8a39f151e23c85a10d56543e6d4
SHA1 c3acf7842f372c69f52b78138c04ba108e27a030
SHA256 7b0ec281427883ec67c90dd0021324183145092a03b1fd296e5e1888da6965d0
SHA512 5d5fbfe1a88a57b7bb4ea147857870216ffb1dceeade56b45913e663f40ac8c53bdcab3d8e9d09b801101519e7e6cbbd6e081652bf3df166209226f51dd74bfa

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 032379c848c113103479500cd64f2e34
SHA1 7f3f59042c29013e9852472eea8f7cdccd481ca8
SHA256 2fc0698bf179746e70afde1b058d25e8263374f78222adaa36807c8b512ef60f
SHA512 2e7bf774d00e453bc10d6b5de8ca4e9dd2dbb8736efb9d719d5070ff2660e84eb123c641b844d2e54febcbc52b8abb3d0a0331df91a056ffad033b2b4804e736

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 854b88883e48d89940fc9ba8e20a3d81
SHA1 bffe36df3bed7f6e69522ab9c8eb77811217cc7e
SHA256 38947e82195a293908cb6db02e9c8b2092112aef8af8771a978a0ecdfe41297e
SHA512 770c3c62ad5aa46171056226c22593c689c222c2bf68ed456b28087c01475f747333e78587ce71ecd4f2dcd48c58d9612f9309a0303f2f0698fc830e579de711

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

MD5 357e6de803aca3557f2c3630d96bf2bd
SHA1 d27b7f98985beaf0c7704639a83e26df5e7a9ce3
SHA256 9ef25460e4bdc32a536194587a08fc273cbc11a44050ab659492ce64dc5384a3
SHA512 0f48ff640de9376579135f98174f9cdbebb6ca7b3aa8a676345fa4682e6724995efa08b58287ce22974866579019a0cf6f1081bd18508241453d0983ab9384af

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

MD5 6541f49dca8e5b42a088d134507bc484
SHA1 9fdf0af3e9600fc1c6cece5f45052c9ef4e0c35c
SHA256 e71aa987f4f9dc934d0d6651f79e5f122248bd0597061893cc0b0a21e55d47f3
SHA512 f44aacc86af2dbe99075d81023bb5d208b7b55b6c4645d4dece40174c1db06fa898e3b39891744103d74ce04ea21838c3c6b91a0c17ba839539a5e313b4dcac6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 face66a5ce3c3c41a984d4e973933eaf
SHA1 b69005459382cc3b713b496f5f1205b1c4f12400
SHA256 4858523b0772a2e4d4c7b542a2f03bc410c3256d315ec79fb139449bb158ffd2
SHA512 e2c1cfb3e0e50fff43e12be270479142ae6763f4a33defd9947fb57b5cbcccd2b15716de8e6a21304f61ea5466da191cdfe730ec645411859a8d9ace1c376625

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\90f51a37-afb2-4160-a64d-440467691f6d.tmp

MD5 c7f4714ec6f78b7acb1f22fbbe562c0c
SHA1 7e73f72daf12ff5db6826a052de2016922334414
SHA256 0fb4396b94449abe5be245b608ef045510804334abfe8cdcc1e3d6921c35e67b
SHA512 e2b2148b607bac331ec521fcc29a640e1cdb52f5a873a5b28d6b6b48499c7ef45c6ad2f515c55e56ea7afdc6cda4ab7dfb71cb2cff322f50a5989773ddf5ae50

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 cd013a44c664f5b220dd082bcc914ae7
SHA1 79799743df4a00a27110e8f812e80bfaa367bfa1
SHA256 0320437e4275ec78bc875bc08cee337b869e6897da0605f381279763f7c2e4d7
SHA512 724cfc3b355f216c72379a989a5c97fbeb9bdb313fe54454fedf00aaeb78992630067a74f652016be26d379ba57b76b1ab046961f8593b593a8599dec337848b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 423d2b4c41709e9de17a78e5ba15cbac
SHA1 34d5106f19a1ed5276ac13987375f3f9379ce4df
SHA256 aa19817c12f256f0f163ce8217c1e62fafaf2731af5f0f84461b33b09299af41
SHA512 80c5628ef5615b6113111c3359bbc6707cdf4e523807fc9cfb7e502d9e092824bcb65cd463edbea6563c8bd0e9d4481881b38d5cc85558f25fea7079a5272e82

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 8f31cc4490aa5571bf1338b779c2ad3f
SHA1 d3ebd1cc154f8a3e31bb41ca2b1e50e092e237a0
SHA256 556a6476e46e83c1e9f94c2de1a95bd87368dcf2c7eaa60bf5d998f3e225c881
SHA512 ef53e799ed62b0dccdb2c21782b0891be89d4eb6a01faf17a597df4acbb1bb55afc9c5a36fac7b7d35a71b02074e292e69b53d0b4ef32894f3d19fda5dd90119

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 11ff7f01fe51f5a501e8ec0cb6d0ed62
SHA1 a152ea05be0aafeeacea965356255df7db003082
SHA256 e7531c729500e3d38b6bb72f4ce5a387facb832b52a0f2f848e68d8fafdbcd35
SHA512 b307d44522973174b272e17bf0b8fe3c57be7543d7668be13339b18936c796195a997d543494185c1a3bbd34356e768425aaca4399a4594ccf044599e6c6001b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0aec79710e013840ccc755b7f9f86e1c
SHA1 1e775439ce3d2d8a73661aa546f09e54aa4c7208
SHA256 dd375e644cb1c6c6037fbbfc432b840fd16410cda07dd38bcec0cb4229df1eba
SHA512 37ba986f352cc035c79afb13da327a5af981e5c02573579c0f9d190c8d080e6eed71adcfb771813a9ae7d8aea7dc30db66d3c0af7aa2d28878ee020e079d8055

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 582b8f2f8c3cd1ef4c1cf77bc22c5351
SHA1 4b5e4d7642765e8c61c013b4b403fd763e37de40
SHA256 632d8072aae2b16b62bd5a42ab32857fc36d6c44c6b1080b3b8aee01f8c7035a
SHA512 701bb1268b429f4645893a8dfcbe29cfce1998a7195223f0b1eeaaf2bd4d74f5f386fc219300f8c446c15f9a3de5b28413d2e5a063280e718fef9cc2b98ca288

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1

MD5 2ae0c4d5152af8a2028bbbd80ca42237
SHA1 0a366ddf3e44f9ad5a4646701468f79e0ba295c1
SHA256 17fe61297de5009a8e9aa7c36e8baa4a79a02406344236c8fab5ab369871f446
SHA512 7e85527eed735147e7e1e913febfa4b443912ffb9c9a6d0d7ddcdbb9a05834bcd5f614fd351ad5dba80de0023a1612e60b8f8f9c304342323dd53e1b9f644a7c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 f1d2c7fd2ca29bb77a5da2d1847fbb92
SHA1 840de2cf36c22ba10ac96f90890b6a12a56526c6
SHA256 58d0f80310f4a84f687c5ce0adaa982eb42fe4480510399fa2ae975d40bb8bc5
SHA512 ede1fafea2404f16948fe0b5ea5161ccee3ee6e40c55ff98c337eac981a6776b9c73dc030a5c59e4347aec91259f497539206e71949c33adcecbf2c846709e14

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\aeb6b52d-61ce-42e6-949a-06afe8f71ed4.tmp

MD5 5058f1af8388633f609cadb75a75dc9d
SHA1 3a52ce780950d4d969792a2559cd519d7ee8c727
SHA256 cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8
SHA512 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 4c1a24fa898d2a98b540b20272c8e47b
SHA1 3218bff9ce95b52842fa1b8bd00be073177141ef
SHA256 bbcc378fcbf64580e7a48b4e7ca9be57fa0a1f2e747f488325685bdb18d73a95
SHA512 e61f196e7f1c9a5fe249abe9b11eea770fb2f4babc61f60b12c71f43e6fe9354cf14869daf46abc2c2655bce180252acd43c10562a2dcd31fa7d90d33253820e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 18ffcf98cef1c704078cdb0fed60a083
SHA1 6806fa8f05cad771680f2d79cfcd5c33efeaadd7
SHA256 9665ce956f0810e8712063d8de5e9b5e11fcd9e7cb095ee07ad040ce5aae8e1f
SHA512 18bd2f129439bf0e85100b4b92d5270c9eb2e4bb4195d677c4f78e5e9b195ee057f1d5101e537a0ae9116164b9fd0244f39329a68af677c225eceaa0e3b7fa1a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\MANIFEST-000001

MD5 5af87dfd673ba2115e2fcf5cfdb727ab
SHA1 d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256 f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512 de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 206702161f94c5cd39fadd03f4014d98
SHA1 bd8bfc144fb5326d21bd1531523d9fb50e1b600a
SHA256 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167
SHA512 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 5b32d44b0d301d315885dc8a20e9879b
SHA1 d128ced9709c53abdabae42dccc8e420d4d3b58a
SHA256 cc8cc691b50fa52285a0b56b5fd775026212bd40a9cd725ff6fcb77be3e312cb
SHA512 201d3d0a4f31275f688e7ff1edff94c0b0835edec0016e0a12593e7e69740cf4d63e5c8fa8c24da21d3e9cd5c963f872f2032253122735ec4c44e6904ab2b202

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 95743eba3e3d166b8d6833ad25ce287a
SHA1 753625896c5d3c9c1c7221ae6c9576671183c676
SHA256 3f7e5eeb8d6fc4fcc6f324ac0b1112b697f0ecb8e4f223e53a98464c9f41a0aa
SHA512 034158257e8d1bdd4421dd1b5a377525b9cf4f5d9c63330718ec4e37799f28feba69cf3a5b5fc5f4127f471a35dd627df0e2c4c890f7158ec7a08fbaa336df1c

C:\Users\Admin\Downloads\Unconfirmed 593590.crdownload

MD5 10dc710dd495e9078ce79b26e18591e0
SHA1 aef434d6b77158dd2accd746bbc727bbc3367adc
SHA256 be5389a28e952d7ab2d9447c1bdb8eb7d11b24cb02e4b18da367715c2acfdd15
SHA512 959c5cb47b9d1c21ddfe2eaac14e0c99c758aab85036705c072525e70255957abc97412ab0ceadd2adbebc1b176699614f71bf50689cf9ff97891e6216a15dc5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe596c3d.TMP

MD5 89dcfc3098a1680ed7568a5da6a7ffe7
SHA1 959192d10ed473de8fd0b728f664630e05492a11
SHA256 720c023cd35ea2d3c8ed5146b0035d835f3cf65f564d8af54028109a6e18461d
SHA512 4d3c28cc333922946a5766ee04a86659d7417da3e5842aaec2a548c0e5e56fb030d721c56378e645f214ac4e64ed512c42ca8143cae4d8a1cca0edaea13b9788

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 c12b809b13ada2f609d4dd6622fff284
SHA1 8a02ee99dacb527994deb28a180f2f2a939fa485
SHA256 9c17bad7dd13eacd6f208f43a4ae0ea81884f0282b51ecc00db52f525ef83d2c
SHA512 bb6b5f6635675515d4e9b825aa164cb39622fbd13353dbb5d3aff2e90ecc6a5da8b282ba77066f71f90e1bc3e800c3ab814ea91cd06733677f34521e0148281e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 f4c95b8965b4854bc408689d8df29948
SHA1 f5466fcb79bd8facaeb1233c2eb70ba479d719aa
SHA256 af65b9a5d00e2a5fecb6fdd1334d58c26f894b9510f4ce80e6cd15b00ed47287
SHA512 4298d630aec6df15ffe80fc8546717eced5e6fe87f3dcc6bff0e280229b7525b410a036004aa0a789c0981561e2a544a8b820da214b529142a9a4e1185e2da48

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 d6af57ff6bb494e4b27b220c033489ad
SHA1 5f0f67367a2e20c3b907261dfba04b56718e0311
SHA256 e654a3537c10c216238e5b90ecfc0bd09ac293f22062d4dc1d29acc72f0667f9
SHA512 57ce822fcdbb851efd17a0d25cba9d33e4b0b1a9b54f4f8341e7009bb06ce671589aaf6b0792a5de4eddc44340c71e281aa7894ac1638366a28d52db94b4928e