Analysis Overview
SHA256
99a5938fc480970658f6a7823d41da49a0bce42862d54de92d6003b16791e611
Threat Level: Likely malicious
The file Screenshot 2024-11-13 7.48.42 AM.png was found to be: Likely malicious.
Malicious Activity Summary
Downloads MZ/PE file
Drops file in Windows directory
Enumerates physical storage devices
Browser Information Discovery
Modifies data under HKEY_USERS
Suspicious use of SendNotifyMessage
Suspicious use of FindShellTrayWindow
Enumerates system info in registry
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of WriteProcessMemory
NTFS ADS
Suspicious behavior: EnumeratesProcesses
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-11-13 14:08
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-11-13 14:08
Reported
2024-11-13 14:11
Platform
win11-20241007-en
Max time kernel
147s
Max time network
150s
Command Line
Signatures
Downloads MZ/PE file
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\SystemTemp | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Browser Information Discovery
Enumerates physical storage devices
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133759805292031397" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 593590.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Windows\system32\cmd.exe
cmd /c "C:\Users\Admin\AppData\Local\Temp\Screenshot 2024-11-13 7.48.42 AM.png"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffdf719cc40,0x7ffdf719cc4c,0x7ffdf719cc58
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1828,i,4610168417684968932,15862048248864511554,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1824 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2112,i,4610168417684968932,15862048248864511554,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2124 /prefetch:3
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2188,i,4610168417684968932,15862048248864511554,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2204 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3112,i,4610168417684968932,15862048248864511554,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3268 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3256,i,4610168417684968932,15862048248864511554,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3304 /prefetch:1
C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4500,i,4610168417684968932,15862048248864511554,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3548 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4320,i,4610168417684968932,15862048248864511554,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4744 /prefetch:8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4812,i,4610168417684968932,15862048248864511554,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4740 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5060,i,4610168417684968932,15862048248864511554,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4804 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5084,i,4610168417684968932,15862048248864511554,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4740 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5028,i,4610168417684968932,15862048248864511554,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5092 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5080,i,4610168417684968932,15862048248864511554,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4972 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=5100,i,4610168417684968932,15862048248864511554,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5092 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=4740,i,4610168417684968932,15862048248864511554,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4800 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=3828,i,4610168417684968932,15862048248864511554,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3380 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=5304,i,4610168417684968932,15862048248864511554,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3484 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=4980,i,4610168417684968932,15862048248864511554,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5380 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=3536,i,4610168417684968932,15862048248864511554,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5328 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --field-trial-handle=3104,i,4610168417684968932,15862048248864511554,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3320 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --field-trial-handle=5204,i,4610168417684968932,15862048248864511554,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3452 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --field-trial-handle=3592,i,4610168417684968932,15862048248864511554,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3412 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffdf7873cb8,0x7ffdf7873cc8,0x7ffdf7873cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2036,10004475206297127692,9672348161585713232,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=2056 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2036,10004475206297127692,9672348161585713232,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2112 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2036,10004475206297127692,9672348161585713232,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2736 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,10004475206297127692,9672348161585713232,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3320 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,10004475206297127692,9672348161585713232,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3376 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,10004475206297127692,9672348161585713232,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4912 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,10004475206297127692,9672348161585713232,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4140 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,10004475206297127692,9672348161585713232,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4728 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2036,10004475206297127692,9672348161585713232,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5336 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,10004475206297127692,9672348161585713232,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4700 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,10004475206297127692,9672348161585713232,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3496 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,10004475206297127692,9672348161585713232,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5596 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,10004475206297127692,9672348161585713232,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4036 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=2036,10004475206297127692,9672348161585713232,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5580 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,10004475206297127692,9672348161585713232,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5548 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,10004475206297127692,9672348161585713232,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5720 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,10004475206297127692,9672348161585713232,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3608 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,10004475206297127692,9672348161585713232,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5536 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,10004475206297127692,9672348161585713232,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5652 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2036,10004475206297127692,9672348161585713232,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5688 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2036,10004475206297127692,9672348161585713232,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4660 /prefetch:8
Network
| Country | Destination | Domain | Proto |
| GB | 216.58.201.100:443 | www.google.com | tcp |
| GB | 216.58.201.100:443 | www.google.com | udp |
| GB | 216.58.204.78:443 | clients2.google.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 142.250.179.225:443 | clients2.googleusercontent.com | tcp |
| GB | 142.250.200.10:443 | content-autofill.googleapis.com | tcp |
| GB | 128.116.119.3:443 | roblox.com | tcp |
| GB | 128.116.119.3:443 | roblox.com | tcp |
| GB | 128.116.119.4:443 | www.roblox.com | tcp |
| US | 8.8.8.8:53 | static.rbxcdn.com | udp |
| US | 8.8.8.8:53 | js.rbxcdn.com | udp |
| GB | 88.221.135.219:443 | css.rbxcdn.com | tcp |
| GB | 88.221.135.219:443 | css.rbxcdn.com | tcp |
| GB | 88.221.135.219:443 | css.rbxcdn.com | tcp |
| GB | 88.221.135.219:443 | css.rbxcdn.com | tcp |
| GB | 88.221.135.219:443 | css.rbxcdn.com | tcp |
| GB | 88.221.135.219:443 | css.rbxcdn.com | tcp |
| GB | 88.221.135.209:443 | static.rbxcdn.com | tcp |
| GB | 2.19.252.154:443 | js.rbxcdn.com | tcp |
| GB | 2.19.252.154:443 | js.rbxcdn.com | tcp |
| GB | 2.19.252.154:443 | js.rbxcdn.com | tcp |
| GB | 2.19.252.154:443 | js.rbxcdn.com | tcp |
| GB | 2.19.252.154:443 | js.rbxcdn.com | tcp |
| GB | 2.19.252.154:443 | js.rbxcdn.com | tcp |
| GB | 2.19.252.154:443 | js.rbxcdn.com | tcp |
| GB | 88.221.135.219:443 | css.rbxcdn.com | tcp |
| GB | 216.58.201.100:443 | www.google.com | udp |
| GB | 128.116.119.4:443 | ecsv2.roblox.com | tcp |
| GB | 88.221.135.219:443 | css.rbxcdn.com | tcp |
| GB | 2.18.190.145:443 | apis.rbxcdn.com | tcp |
| GB | 142.250.200.10:443 | content-autofill.googleapis.com | tcp |
| GB | 88.221.135.81:443 | images.rbxcdn.com | tcp |
| GB | 88.221.135.81:443 | images.rbxcdn.com | tcp |
| GB | 88.221.135.81:443 | images.rbxcdn.com | tcp |
| GB | 88.221.135.81:443 | images.rbxcdn.com | tcp |
| GB | 88.221.135.81:443 | images.rbxcdn.com | tcp |
| GB | 88.221.135.81:443 | images.rbxcdn.com | tcp |
| DE | 172.217.16.131:443 | beacons.gcp.gvt2.com | tcp |
| DE | 172.217.16.131:443 | beacons.gcp.gvt2.com | udp |
| GB | 88.221.135.48:443 | www.bing.com | tcp |
| GB | 88.221.135.56:443 | th.bing.com | tcp |
| GB | 88.221.135.50:443 | www.bing.com | tcp |
| GB | 88.221.135.50:443 | www.bing.com | tcp |
| GB | 88.221.135.56:443 | th.bing.com | tcp |
| SE | 20.190.181.6:443 | login.microsoftonline.com | tcp |
| SE | 20.190.181.6:443 | login.microsoftonline.com | tcp |
| GB | 92.123.26.216:443 | www.hitmanpro.com | tcp |
| GB | 92.123.26.216:443 | www.hitmanpro.com | tcp |
| US | 104.18.87.42:443 | cdn.cookielaw.org | tcp |
| US | 104.18.87.42:443 | cdn.cookielaw.org | tcp |
| US | 104.18.87.42:443 | cdn.cookielaw.org | tcp |
| US | 104.16.243.229:443 | pricingapi.cleverbridge.com | tcp |
| US | 172.64.155.119:443 | geolocation.onetrust.com | tcp |
| GB | 92.123.26.216:443 | www.hitmanpro.com | tcp |
| US | 172.64.155.119:443 | geolocation.onetrust.com | tcp |
| FR | 3.165.136.7:443 | scripts.demandbase.com | tcp |
| US | 216.239.32.36:443 | region1.google-analytics.com | tcp |
| US | 8.8.8.8:53 | 36.32.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.249.124.192.in-addr.arpa | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | udp |
| US | 35.201.112.186:443 | edge.fullstory.com | tcp |
| US | 35.201.112.186:443 | edge.fullstory.com | udp |
| US | 35.186.194.58:443 | rs.fullstory.com | tcp |
| US | 35.186.194.58:443 | rs.fullstory.com | udp |
| US | 35.201.112.186:443 | edge.fullstory.com | udp |
| US | 35.186.194.58:443 | rs.fullstory.com | udp |
| GB | 2.23.221.234:443 | download.sophos.com | tcp |
| GB | 2.23.221.234:443 | download.sophos.com | tcp |
Files
\??\pipe\crashpad_3384_BTGWHILOIUIBFQUV
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Temp\scoped_dir3384_1621359970\fd784092-8a6a-456a-9df6-ff44c0fa4619.tmp
| MD5 | da75bb05d10acc967eecaac040d3d733 |
| SHA1 | 95c08e067df713af8992db113f7e9aec84f17181 |
| SHA256 | 33ae9b8f06dc777bb1a65a6ba6c3f2a01b25cd1afc291426b46d1df27ea6e7e2 |
| SHA512 | 56533de53872f023809a20d1ea8532cdc2260d40b05c5a7012c8e61576ff092f006a197f759c92c6b8c429eeec4bb542073b491ddcfd5b22cd4ecbe1a8a7c6ef |
C:\Users\Admin\AppData\Local\Temp\scoped_dir3384_1621359970\CRX_INSTALL\_locales\en_CA\messages.json
| MD5 | 558659936250e03cc14b60ebf648aa09 |
| SHA1 | 32f1ce0361bbfdff11e2ffd53d3ae88a8b81a825 |
| SHA256 | 2445cad863be47bb1c15b57a4960b7b0d01864e63cdfde6395f3b2689dc1444b |
| SHA512 | 1632f5a3cd71887774bf3cb8a4d8b787ea6278271657b0f1d113dbe1a7fd42c4daa717cc449f157ce8972037572b882dc946a7dc2c0e549d71982dcdee89f727 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.83.1_0\dasherSettingSchema.json
| MD5 | 4ec1df2da46182103d2ffc3b92d20ca5 |
| SHA1 | fb9d1ba3710cf31a87165317c6edc110e98994ce |
| SHA256 | 6c69ce0fe6fab14f1990a320d704fee362c175c00eb6c9224aa6f41108918ca6 |
| SHA512 | 939d81e6a82b10ff73a35c931052d8d53d42d915e526665079eeb4820df4d70f1c6aebab70b59519a0014a48514833fefd687d5a3ed1b06482223a168292105d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.83.1_0\_locales\en_CA\messages.json
| MD5 | 07ffbe5f24ca348723ff8c6c488abfb8 |
| SHA1 | 6dc2851e39b2ee38f88cf5c35a90171dbea5b690 |
| SHA256 | 6895648577286002f1dc9c3366f558484eb7020d52bbf64a296406e61d09599c |
| SHA512 | 7ed2c8db851a84f614d5daf1d5fe633bd70301fd7ff8a6723430f05f642ceb3b1ad0a40de65b224661c782ffcec69d996ebe3e5bb6b2f478181e9a07d8cd41f6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState
| MD5 | db348e8b0151257456885df4ecda1613 |
| SHA1 | f4e51ffb728bb0b551724ce21eda5b1094fe6957 |
| SHA256 | 18bab99f87c46631b98240c4bed3efec0512e1787f0072148a4f3daf6db117c2 |
| SHA512 | 6cf997393581fb6edd96771ebf2b24b8eaee3cd8c330bd06d1482262260b1be97b1ad6f44d52f6a7d323a4f20f869e1b44dbda4aaa57b13ddeb4f2da387f88f2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000005
| MD5 | e579aca9a74ae76669750d8879e16bf3 |
| SHA1 | 0b8f462b46ec2b2dbaa728bea79d611411bae752 |
| SHA256 | 6e51c7866705bf0098febfaf05cf4652f96e69ac806c837bfb1199b6e21e6aaf |
| SHA512 | df22f1dff74631bc14433499d1f61609de71e425410067fd08ec193d100b70d98672228906081c309a06bcba03c097ace885240a3ce71e0da4fdb8a022fc9640 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 06f650b7410555dc5428b88c67a10410 |
| SHA1 | 80e40a2133b0c9ae1f176717e06d80d44279e804 |
| SHA256 | 442811e7ad8f452425366aab239868a6b785a828a26adfa3fb9158e9a38afb36 |
| SHA512 | fef203bb5c66c9d0add8469c1c69b54e7974eb2bb944f87a2f93f909ab5ee84deb0c196f280ddd937fb7ba545f2250bf0378414d975ea945dfe3bd9eabb6cbe8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3ff520b2af39245ff9f9c0bb03bde71d |
| SHA1 | 88613974bab9b7829f6936a89b7525cebbff3b3d |
| SHA256 | 2e30bd3624118ea58c886b4d092d5ad94ce6c26a9d740acb833eb8a960336250 |
| SHA512 | 4f186182864c5133d47c3cf2d03a3e53b0cbc5915c9b14ba3e0c6a9b304f69d37baa9976bb1835f1d26327bc855ad7a50fd74de0e5a67671fad6d404f0974805 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 8b8b0a4d83ef1152fb1da41cb4dd7b91 |
| SHA1 | e99846e536e09e7522467352b1b348c8e6867003 |
| SHA256 | 87230db331910589858a980d3e0b97968198ed96fa3ca1224b89b03e1c27b1b1 |
| SHA512 | f3218b4051604dce71d6b2e93271b8d647bb3e602c4215c5492f645986f1267a1f8fa7877559b58acda30b1596203ddb696b5c1012e4d11e75ed3d3761a2a526 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
| MD5 | 1870a57d11ceb40a697605f2359704ce |
| SHA1 | 5c97c3ca08a068bfd41d2e184a04899062eccd09 |
| SHA256 | 365a06b5b431bbe05b35aa9892cea22049b67a8110088194e2f314db3004a05f |
| SHA512 | 3ade285f3727ab62faf4127bb2a120e23981c6dcba72e272bb0dd89cb3d613348a841b6cb68899e25f6c24133ca17cd9f38f08e3592510eb475082f3978ab297 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | cdb2630eb8e4a166129a7e952b744273 |
| SHA1 | 436df933955453d94bf2e42c6d4e2ece873f879d |
| SHA256 | a4f194f95469f799676ed139e9ae132a83325b6675e964381c846d889dd0c990 |
| SHA512 | c921baaf4385e5b8a79bd0a7f950067b5d4bb2214265c5e0373a66632d7b610774f9b899fe74c37be0d9c9ee270ff59d2122743786647b1faadf1428ba725bdf |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | bccc15f4cc447ecbd4276027a730f444 |
| SHA1 | 7c449f8dcf06f9f8dea3d49cbac763fd54938330 |
| SHA256 | fa7569d5b61f52e03577b679818dfd9ae0c6a431d0f19cddcbd25180029a4e0a |
| SHA512 | 203fa4d50b2cb3918f66de4fcd19ed3d1d4355e2ff9e83f4bfdf656b6824709b40993818604c56453d073502ca4d2f62bcf54a93ec07a7f18cf777bf73a3110e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 9bfb06a7f4ff99c1b5489e3ee688ffb4 |
| SHA1 | e2a5a14f3f743b4480d1850cde20fd721d031e04 |
| SHA256 | 8ad78ef8e204a58ef9c3726082ea252b44c1e516b5e263aafe186e460fe484cf |
| SHA512 | fd671689d02a7eb90834ae990b0f1315ea1662835bba6fdaef5686a392ef9e556e5855217b7540fe40b1bfae92b404c306dec06cc9f97460ec0f0167d6a5a69f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006
| MD5 | 503766d5e5838b4fcadf8c3f72e43605 |
| SHA1 | 6c8b2fa17150d77929b7dc183d8363f12ff81f59 |
| SHA256 | c53b8a39416067f4d70c21be02ca9c84724b1c525d34e7910482b64d8e301cf9 |
| SHA512 | 5ead599ae1410a5c0e09ee73d0fdf8e8a75864ab6ce12f0777b2938fd54df62993767249f5121af97aa629d8f7c5eae182214b6f67117476e1e2b9a72f34e0b4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\25508b0b-5254-4574-8ee9-f69c708d452a.tmp
| MD5 | f4830e23f6369fe327af05ad27693eeb |
| SHA1 | 51d1db5a0883cdcf50a8ce2df97c3ab9938a4980 |
| SHA256 | 1c756a220f77978bac642fe6e71126043499f9907e53794b60796cf5e5b77156 |
| SHA512 | 57e59e3aa377cb85c5d9c945f5e2e803283eb55cf921e9924c6ed18f899d5cb7ddd6b1280f4f8894a408c16ee45d7e2583b4a2cfa9223ba10a6dc1231cf697a0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | c796fa69581b7bfecf9992dac13bf8b0 |
| SHA1 | 6b2714361665733ad21703d9f9083a091be6392d |
| SHA256 | 9010b186ea7c7b61c11ac324bdd473f3953c6aa28892ed11b08f267c9323e22d |
| SHA512 | b122ea90d51fa19a6a7b382b62d1cfe2eff683be4cc072c053ae6b79dccd4aa61ffd102b27762041ef27c38e269287a3eabe2931a514e9e2713a739a51537aa3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 4c8f6d5b6edd751af6d83eb5189f597f |
| SHA1 | 349e1a7305e5fe24751aca03adbc8607b7c5d10c |
| SHA256 | 8156bb7a698658f24f4829bd6a010e075f7f8bca096bd04d45002146a1e19c71 |
| SHA512 | e404dd6beddfa4de39f5680f4b736555761cdff1c5774e40b5f3b6973e8c7153bff29ae79a6162f9e71456aa58390cf21a63d3226742eae55875cca40ad478e8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\4b4bfcdbca80cfd9_0
| MD5 | 014a3a181c8f388377a4f345ad254e66 |
| SHA1 | 3a64d4b1f3dd8466e0c66366fb5e925160245a1b |
| SHA256 | 56263d90af9d44b369d50f10b377e7c97df012112a55a43f6b72660f099ee3bc |
| SHA512 | 1fac26268456f350fbf7c1e48261b6e4ef3bf261e6e2d21a6ce89b3c3910499156c7b444823f638752a1d6dea93839c6b58ece08fb301939cc547ccf5bafbd5d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\2299b5f5b587bac5_0
| MD5 | a4f9c8a39f151e23c85a10d56543e6d4 |
| SHA1 | c3acf7842f372c69f52b78138c04ba108e27a030 |
| SHA256 | 7b0ec281427883ec67c90dd0021324183145092a03b1fd296e5e1888da6965d0 |
| SHA512 | 5d5fbfe1a88a57b7bb4ea147857870216ffb1dceeade56b45913e663f40ac8c53bdcab3d8e9d09b801101519e7e6cbbd6e081652bf3df166209226f51dd74bfa |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 032379c848c113103479500cd64f2e34 |
| SHA1 | 7f3f59042c29013e9852472eea8f7cdccd481ca8 |
| SHA256 | 2fc0698bf179746e70afde1b058d25e8263374f78222adaa36807c8b512ef60f |
| SHA512 | 2e7bf774d00e453bc10d6b5de8ca4e9dd2dbb8736efb9d719d5070ff2660e84eb123c641b844d2e54febcbc52b8abb3d0a0331df91a056ffad033b2b4804e736 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 854b88883e48d89940fc9ba8e20a3d81 |
| SHA1 | bffe36df3bed7f6e69522ab9c8eb77811217cc7e |
| SHA256 | 38947e82195a293908cb6db02e9c8b2092112aef8af8771a978a0ecdfe41297e |
| SHA512 | 770c3c62ad5aa46171056226c22593c689c222c2bf68ed456b28087c01475f747333e78587ce71ecd4f2dcd48c58d9612f9309a0303f2f0698fc830e579de711 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms
| MD5 | 357e6de803aca3557f2c3630d96bf2bd |
| SHA1 | d27b7f98985beaf0c7704639a83e26df5e7a9ce3 |
| SHA256 | 9ef25460e4bdc32a536194587a08fc273cbc11a44050ab659492ce64dc5384a3 |
| SHA512 | 0f48ff640de9376579135f98174f9cdbebb6ca7b3aa8a676345fa4682e6724995efa08b58287ce22974866579019a0cf6f1081bd18508241453d0983ab9384af |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms
| MD5 | 6541f49dca8e5b42a088d134507bc484 |
| SHA1 | 9fdf0af3e9600fc1c6cece5f45052c9ef4e0c35c |
| SHA256 | e71aa987f4f9dc934d0d6651f79e5f122248bd0597061893cc0b0a21e55d47f3 |
| SHA512 | f44aacc86af2dbe99075d81023bb5d208b7b55b6c4645d4dece40174c1db06fa898e3b39891744103d74ce04ea21838c3c6b91a0c17ba839539a5e313b4dcac6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | face66a5ce3c3c41a984d4e973933eaf |
| SHA1 | b69005459382cc3b713b496f5f1205b1c4f12400 |
| SHA256 | 4858523b0772a2e4d4c7b542a2f03bc410c3256d315ec79fb139449bb158ffd2 |
| SHA512 | e2c1cfb3e0e50fff43e12be270479142ae6763f4a33defd9947fb57b5cbcccd2b15716de8e6a21304f61ea5466da191cdfe730ec645411859a8d9ace1c376625 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\90f51a37-afb2-4160-a64d-440467691f6d.tmp
| MD5 | c7f4714ec6f78b7acb1f22fbbe562c0c |
| SHA1 | 7e73f72daf12ff5db6826a052de2016922334414 |
| SHA256 | 0fb4396b94449abe5be245b608ef045510804334abfe8cdcc1e3d6921c35e67b |
| SHA512 | e2b2148b607bac331ec521fcc29a640e1cdb52f5a873a5b28d6b6b48499c7ef45c6ad2f515c55e56ea7afdc6cda4ab7dfb71cb2cff322f50a5989773ddf5ae50 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | cd013a44c664f5b220dd082bcc914ae7 |
| SHA1 | 79799743df4a00a27110e8f812e80bfaa367bfa1 |
| SHA256 | 0320437e4275ec78bc875bc08cee337b869e6897da0605f381279763f7c2e4d7 |
| SHA512 | 724cfc3b355f216c72379a989a5c97fbeb9bdb313fe54454fedf00aaeb78992630067a74f652016be26d379ba57b76b1ab046961f8593b593a8599dec337848b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 423d2b4c41709e9de17a78e5ba15cbac |
| SHA1 | 34d5106f19a1ed5276ac13987375f3f9379ce4df |
| SHA256 | aa19817c12f256f0f163ce8217c1e62fafaf2731af5f0f84461b33b09299af41 |
| SHA512 | 80c5628ef5615b6113111c3359bbc6707cdf4e523807fc9cfb7e502d9e092824bcb65cd463edbea6563c8bd0e9d4481881b38d5cc85558f25fea7079a5272e82 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 8f31cc4490aa5571bf1338b779c2ad3f |
| SHA1 | d3ebd1cc154f8a3e31bb41ca2b1e50e092e237a0 |
| SHA256 | 556a6476e46e83c1e9f94c2de1a95bd87368dcf2c7eaa60bf5d998f3e225c881 |
| SHA512 | ef53e799ed62b0dccdb2c21782b0891be89d4eb6a01faf17a597df4acbb1bb55afc9c5a36fac7b7d35a71b02074e292e69b53d0b4ef32894f3d19fda5dd90119 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 11ff7f01fe51f5a501e8ec0cb6d0ed62 |
| SHA1 | a152ea05be0aafeeacea965356255df7db003082 |
| SHA256 | e7531c729500e3d38b6bb72f4ce5a387facb832b52a0f2f848e68d8fafdbcd35 |
| SHA512 | b307d44522973174b272e17bf0b8fe3c57be7543d7668be13339b18936c796195a997d543494185c1a3bbd34356e768425aaca4399a4594ccf044599e6c6001b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 0aec79710e013840ccc755b7f9f86e1c |
| SHA1 | 1e775439ce3d2d8a73661aa546f09e54aa4c7208 |
| SHA256 | dd375e644cb1c6c6037fbbfc432b840fd16410cda07dd38bcec0cb4229df1eba |
| SHA512 | 37ba986f352cc035c79afb13da327a5af981e5c02573579c0f9d190c8d080e6eed71adcfb771813a9ae7d8aea7dc30db66d3c0af7aa2d28878ee020e079d8055 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 582b8f2f8c3cd1ef4c1cf77bc22c5351 |
| SHA1 | 4b5e4d7642765e8c61c013b4b403fd763e37de40 |
| SHA256 | 632d8072aae2b16b62bd5a42ab32857fc36d6c44c6b1080b3b8aee01f8c7035a |
| SHA512 | 701bb1268b429f4645893a8dfcbe29cfce1998a7195223f0b1eeaaf2bd4d74f5f386fc219300f8c446c15f9a3de5b28413d2e5a063280e718fef9cc2b98ca288 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1
| MD5 | 2ae0c4d5152af8a2028bbbd80ca42237 |
| SHA1 | 0a366ddf3e44f9ad5a4646701468f79e0ba295c1 |
| SHA256 | 17fe61297de5009a8e9aa7c36e8baa4a79a02406344236c8fab5ab369871f446 |
| SHA512 | 7e85527eed735147e7e1e913febfa4b443912ffb9c9a6d0d7ddcdbb9a05834bcd5f614fd351ad5dba80de0023a1612e60b8f8f9c304342323dd53e1b9f644a7c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | f1d2c7fd2ca29bb77a5da2d1847fbb92 |
| SHA1 | 840de2cf36c22ba10ac96f90890b6a12a56526c6 |
| SHA256 | 58d0f80310f4a84f687c5ce0adaa982eb42fe4480510399fa2ae975d40bb8bc5 |
| SHA512 | ede1fafea2404f16948fe0b5ea5161ccee3ee6e40c55ff98c337eac981a6776b9c73dc030a5c59e4347aec91259f497539206e71949c33adcecbf2c846709e14 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\aeb6b52d-61ce-42e6-949a-06afe8f71ed4.tmp
| MD5 | 5058f1af8388633f609cadb75a75dc9d |
| SHA1 | 3a52ce780950d4d969792a2559cd519d7ee8c727 |
| SHA256 | cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8 |
| SHA512 | 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 4c1a24fa898d2a98b540b20272c8e47b |
| SHA1 | 3218bff9ce95b52842fa1b8bd00be073177141ef |
| SHA256 | bbcc378fcbf64580e7a48b4e7ca9be57fa0a1f2e747f488325685bdb18d73a95 |
| SHA512 | e61f196e7f1c9a5fe249abe9b11eea770fb2f4babc61f60b12c71f43e6fe9354cf14869daf46abc2c2655bce180252acd43c10562a2dcd31fa7d90d33253820e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 18ffcf98cef1c704078cdb0fed60a083 |
| SHA1 | 6806fa8f05cad771680f2d79cfcd5c33efeaadd7 |
| SHA256 | 9665ce956f0810e8712063d8de5e9b5e11fcd9e7cb095ee07ad040ce5aae8e1f |
| SHA512 | 18bd2f129439bf0e85100b4b92d5270c9eb2e4bb4195d677c4f78e5e9b195ee057f1d5101e537a0ae9116164b9fd0244f39329a68af677c225eceaa0e3b7fa1a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\MANIFEST-000001
| MD5 | 5af87dfd673ba2115e2fcf5cfdb727ab |
| SHA1 | d5b5bbf396dc291274584ef71f444f420b6056f1 |
| SHA256 | f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4 |
| SHA512 | de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 5b32d44b0d301d315885dc8a20e9879b |
| SHA1 | d128ced9709c53abdabae42dccc8e420d4d3b58a |
| SHA256 | cc8cc691b50fa52285a0b56b5fd775026212bd40a9cd725ff6fcb77be3e312cb |
| SHA512 | 201d3d0a4f31275f688e7ff1edff94c0b0835edec0016e0a12593e7e69740cf4d63e5c8fa8c24da21d3e9cd5c963f872f2032253122735ec4c44e6904ab2b202 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 95743eba3e3d166b8d6833ad25ce287a |
| SHA1 | 753625896c5d3c9c1c7221ae6c9576671183c676 |
| SHA256 | 3f7e5eeb8d6fc4fcc6f324ac0b1112b697f0ecb8e4f223e53a98464c9f41a0aa |
| SHA512 | 034158257e8d1bdd4421dd1b5a377525b9cf4f5d9c63330718ec4e37799f28feba69cf3a5b5fc5f4127f471a35dd627df0e2c4c890f7158ec7a08fbaa336df1c |
C:\Users\Admin\Downloads\Unconfirmed 593590.crdownload
| MD5 | 10dc710dd495e9078ce79b26e18591e0 |
| SHA1 | aef434d6b77158dd2accd746bbc727bbc3367adc |
| SHA256 | be5389a28e952d7ab2d9447c1bdb8eb7d11b24cb02e4b18da367715c2acfdd15 |
| SHA512 | 959c5cb47b9d1c21ddfe2eaac14e0c99c758aab85036705c072525e70255957abc97412ab0ceadd2adbebc1b176699614f71bf50689cf9ff97891e6216a15dc5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe596c3d.TMP
| MD5 | 89dcfc3098a1680ed7568a5da6a7ffe7 |
| SHA1 | 959192d10ed473de8fd0b728f664630e05492a11 |
| SHA256 | 720c023cd35ea2d3c8ed5146b0035d835f3cf65f564d8af54028109a6e18461d |
| SHA512 | 4d3c28cc333922946a5766ee04a86659d7417da3e5842aaec2a548c0e5e56fb030d721c56378e645f214ac4e64ed512c42ca8143cae4d8a1cca0edaea13b9788 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | c12b809b13ada2f609d4dd6622fff284 |
| SHA1 | 8a02ee99dacb527994deb28a180f2f2a939fa485 |
| SHA256 | 9c17bad7dd13eacd6f208f43a4ae0ea81884f0282b51ecc00db52f525ef83d2c |
| SHA512 | bb6b5f6635675515d4e9b825aa164cb39622fbd13353dbb5d3aff2e90ecc6a5da8b282ba77066f71f90e1bc3e800c3ab814ea91cd06733677f34521e0148281e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | f4c95b8965b4854bc408689d8df29948 |
| SHA1 | f5466fcb79bd8facaeb1233c2eb70ba479d719aa |
| SHA256 | af65b9a5d00e2a5fecb6fdd1334d58c26f894b9510f4ce80e6cd15b00ed47287 |
| SHA512 | 4298d630aec6df15ffe80fc8546717eced5e6fe87f3dcc6bff0e280229b7525b410a036004aa0a789c0981561e2a544a8b820da214b529142a9a4e1185e2da48 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | d6af57ff6bb494e4b27b220c033489ad |
| SHA1 | 5f0f67367a2e20c3b907261dfba04b56718e0311 |
| SHA256 | e654a3537c10c216238e5b90ecfc0bd09ac293f22062d4dc1d29acc72f0667f9 |
| SHA512 | 57ce822fcdbb851efd17a0d25cba9d33e4b0b1a9b54f4f8341e7009bb06ce671589aaf6b0792a5de4eddc44340c71e281aa7894ac1638366a28d52db94b4928e |