Malware Analysis Report

2024-12-07 03:01

Sample ID 241113-trs89svgrp
Target Screenshot 2024-11-13 7.48.42 AM.png
SHA256 99a5938fc480970658f6a7823d41da49a0bce42862d54de92d6003b16791e611
Tags
discovery
score
7/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
7/10

SHA256

99a5938fc480970658f6a7823d41da49a0bce42862d54de92d6003b16791e611

Threat Level: Shows suspicious behavior

The file Screenshot 2024-11-13 7.48.42 AM.png was found to be: Shows suspicious behavior.

Malicious Activity Summary

discovery

Checks computer location settings

Drops file in Windows directory

Browser Information Discovery

Enumerates physical storage devices

Modifies data under HKEY_USERS

Enumerates system info in registry

Modifies registry class

Suspicious behavior: EnumeratesProcesses

Suspicious use of AdjustPrivilegeToken

Checks processor information in registry

Suspicious use of FindShellTrayWindow

Uses Task Scheduler COM API

Suspicious use of SetWindowsHookEx

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of SendNotifyMessage

Suspicious use of WriteProcessMemory

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-11-13 16:17

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-11-13 16:17

Reported

2024-11-13 16:51

Platform

win10ltsc2021-20241023-en

Max time kernel

188s

Max time network

189s

Command Line

cmd /c "C:\Users\Admin\AppData\Local\Temp\Screenshot 2024-11-13 7.48.42 AM.png"

Signatures

Checks computer location settings

Description Indicator Process Target
Key value queried \REGISTRY\USER\S-1-5-21-641261377-2215826147-608237349-1000\Control Panel\International\Geo\Nation C:\Windows\system32\cmd.exe N/A

Drops file in Windows directory

Description Indicator Process Target
File opened for modification C:\Windows\SystemTemp\Crashpad\metadata C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\Crashpad\settings.dat C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe N/A
File opened for modification C:\Windows\SystemTemp C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File opened for modification C:\Windows\Debug\WIA\wiatrace.log C:\Windows\system32\mspaint.exe N/A
File opened for modification C:\Windows\SystemTemp C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File opened for modification C:\Windows\SystemTemp C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe N/A

Browser Information Discovery

discovery

Enumerates physical storage devices

Checks processor information in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133759901041090587" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-641261377-2215826147-608237349-1000_Classes\Local Settings C:\Windows\system32\cmd.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Windows\system32\mspaint.exe N/A
N/A N/A C:\Windows\system32\mspaint.exe N/A
N/A N/A C:\Windows\system32\mspaint.exe N/A
N/A N/A C:\Windows\system32\mspaint.exe N/A
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 4720 wrote to memory of 1284 N/A C:\Windows\system32\cmd.exe C:\Windows\system32\mspaint.exe
PID 4720 wrote to memory of 1284 N/A C:\Windows\system32\cmd.exe C:\Windows\system32\mspaint.exe
PID 3508 wrote to memory of 2788 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3508 wrote to memory of 2788 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3508 wrote to memory of 4928 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3508 wrote to memory of 4928 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3508 wrote to memory of 4928 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3508 wrote to memory of 4928 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3508 wrote to memory of 4928 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3508 wrote to memory of 4928 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3508 wrote to memory of 4928 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3508 wrote to memory of 4928 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3508 wrote to memory of 4928 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3508 wrote to memory of 4928 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3508 wrote to memory of 4928 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3508 wrote to memory of 4928 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3508 wrote to memory of 4928 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3508 wrote to memory of 4928 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3508 wrote to memory of 4928 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3508 wrote to memory of 4928 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3508 wrote to memory of 4928 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3508 wrote to memory of 4928 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3508 wrote to memory of 4928 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3508 wrote to memory of 4928 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3508 wrote to memory of 4928 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3508 wrote to memory of 4928 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3508 wrote to memory of 4928 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3508 wrote to memory of 4928 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3508 wrote to memory of 4928 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3508 wrote to memory of 4928 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3508 wrote to memory of 4928 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3508 wrote to memory of 4928 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3508 wrote to memory of 4928 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3508 wrote to memory of 4928 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3508 wrote to memory of 832 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3508 wrote to memory of 832 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3508 wrote to memory of 2980 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3508 wrote to memory of 2980 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3508 wrote to memory of 2980 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3508 wrote to memory of 2980 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3508 wrote to memory of 2980 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3508 wrote to memory of 2980 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3508 wrote to memory of 2980 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3508 wrote to memory of 2980 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3508 wrote to memory of 2980 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3508 wrote to memory of 2980 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3508 wrote to memory of 2980 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3508 wrote to memory of 2980 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3508 wrote to memory of 2980 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3508 wrote to memory of 2980 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3508 wrote to memory of 2980 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3508 wrote to memory of 2980 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3508 wrote to memory of 2980 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3508 wrote to memory of 2980 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3508 wrote to memory of 2980 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3508 wrote to memory of 2980 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3508 wrote to memory of 2980 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3508 wrote to memory of 2980 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3508 wrote to memory of 2980 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3508 wrote to memory of 2980 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3508 wrote to memory of 2980 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3508 wrote to memory of 2980 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3508 wrote to memory of 2980 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3508 wrote to memory of 2980 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Uses Task Scheduler COM API

persistence

Processes

C:\Windows\system32\cmd.exe

cmd /c "C:\Users\Admin\AppData\Local\Temp\Screenshot 2024-11-13 7.48.42 AM.png"

C:\Windows\system32\mspaint.exe

"C:\Windows\system32\mspaint.exe" "C:\Users\Admin\AppData\Local\Temp\Screenshot 2024-11-13 7.48.42 AM.png"

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DeviceAssociationService

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x220,0x224,0x228,0x1fc,0x22c,0x7ffe72d2cc40,0x7ffe72d2cc4c,0x7ffe72d2cc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=2000,i,3595707176437453838,5231591471432897201,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=2004 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1940,i,3595707176437453838,5231591471432897201,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=2136 /prefetch:3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2292,i,3595707176437453838,5231591471432897201,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=2488 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3160,i,3595707176437453838,5231591471432897201,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=3176 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3152,i,3595707176437453838,5231591471432897201,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=3368 /prefetch:1

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3740,i,3595707176437453838,5231591471432897201,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=3680 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4892,i,3595707176437453838,5231591471432897201,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=4908 /prefetch:8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc

C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe" --reenable-autoupdates --system-level

C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\Crashpad --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x298,0x29c,0x2a0,0x274,0x2a4,0x7ff7048f4698,0x7ff7048f46a4,0x7ff7048f46b0

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4824,i,3595707176437453838,5231591471432897201,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=4816 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=5128,i,3595707176437453838,5231591471432897201,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=4924 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe"

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe"

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=1952 -parentBuildID 20240401114208 -prefsHandle 1868 -prefMapHandle 1860 -prefsLen 23681 -prefMapSize 244658 -appDir "C:\Program Files\Mozilla Firefox\browser" - {b3f0a337-2576-409a-82ff-1e23b3002b2c} 3988 "\\.\pipe\gecko-crash-server-pipe.3988" gpu

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2360 -parentBuildID 20240401114208 -prefsHandle 2352 -prefMapHandle 2340 -prefsLen 23717 -prefMapSize 244658 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {43381c7f-bff4-421a-9b75-35c2ce784a0f} 3988 "\\.\pipe\gecko-crash-server-pipe.3988" socket

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe"

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe"

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=3188 -childID 1 -isForBrowser -prefsHandle 3104 -prefMapHandle 3012 -prefsLen 23858 -prefMapSize 244658 -jsInitHandle 1276 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {84924662-1f70-4952-924c-4e920f679346} 3988 "\\.\pipe\gecko-crash-server-pipe.3988" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4440 -childID 2 -isForBrowser -prefsHandle 4432 -prefMapHandle 4428 -prefsLen 29091 -prefMapSize 244658 -jsInitHandle 1276 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {3dbc328f-4089-49c9-a821-e19539496341} 3988 "\\.\pipe\gecko-crash-server-pipe.3988" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4908 -parentBuildID 20240401114208 -sandboxingKind 0 -prefsHandle 4796 -prefMapHandle 4996 -prefsLen 29091 -prefMapSize 244658 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {ac5dd1e3-5199-4d80-a078-5517a150bd47} 3988 "\\.\pipe\gecko-crash-server-pipe.3988" utility

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5436 -childID 3 -isForBrowser -prefsHandle 5432 -prefMapHandle 5440 -prefsLen 27051 -prefMapSize 244658 -jsInitHandle 1276 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {f1dbf161-9015-4c72-ac82-58133339e7ab} 3988 "\\.\pipe\gecko-crash-server-pipe.3988" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5664 -childID 4 -isForBrowser -prefsHandle 5584 -prefMapHandle 5588 -prefsLen 27051 -prefMapSize 244658 -jsInitHandle 1276 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {3a97580e-05a4-45fa-8aed-f5bca8231045} 3988 "\\.\pipe\gecko-crash-server-pipe.3988" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5788 -childID 5 -isForBrowser -prefsHandle 5864 -prefMapHandle 5860 -prefsLen 27051 -prefMapSize 244658 -jsInitHandle 1276 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {9e32570d-f316-4981-9949-0fa007484f67} 3988 "\\.\pipe\gecko-crash-server-pipe.3988" tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=6164 -childID 6 -isForBrowser -prefsHandle 6200 -prefMapHandle 6196 -prefsLen 27132 -prefMapSize 244658 -jsInitHandle 1276 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {cb86948a-9be9-41cb-a252-17a7d3fa184f} 3988 "\\.\pipe\gecko-crash-server-pipe.3988" tab

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x21c,0x220,0x224,0x1f8,0x228,0x7ffe72d2cc40,0x7ffe72d2cc4c,0x7ffe72d2cc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=2060,i,3942546791734208956,11873531133278833203,262144 --variations-seed-version=20241113-050113.727000 --mojo-platform-channel-handle=2052 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1892,i,3942546791734208956,11873531133278833203,262144 --variations-seed-version=20241113-050113.727000 --mojo-platform-channel-handle=2092 /prefetch:3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2220,i,3942546791734208956,11873531133278833203,262144 --variations-seed-version=20241113-050113.727000 --mojo-platform-channel-handle=2228 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3176,i,3942546791734208956,11873531133278833203,262144 --variations-seed-version=20241113-050113.727000 --mojo-platform-channel-handle=3192 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3212,i,3942546791734208956,11873531133278833203,262144 --variations-seed-version=20241113-050113.727000 --mojo-platform-channel-handle=3224 /prefetch:1

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4576,i,3942546791734208956,11873531133278833203,262144 --variations-seed-version=20241113-050113.727000 --mojo-platform-channel-handle=4460 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4852,i,3942546791734208956,11873531133278833203,262144 --variations-seed-version=20241113-050113.727000 --mojo-platform-channel-handle=4884 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4888,i,3942546791734208956,11873531133278833203,262144 --variations-seed-version=20241113-050113.727000 --mojo-platform-channel-handle=4896 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=4484,i,3942546791734208956,11873531133278833203,262144 --variations-seed-version=20241113-050113.727000 --mojo-platform-channel-handle=5172 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.4355 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=5204,i,3942546791734208956,11873531133278833203,262144 --variations-seed-version=20241113-050113.727000 --mojo-platform-channel-handle=5192 /prefetch:8

Network

Country Destination Domain Proto
US 8.8.8.8:53 8.8.8.8.in-addr.arpa udp
US 8.8.8.8:53 196.249.167.52.in-addr.arpa udp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
US 8.8.8.8:53 2.159.190.20.in-addr.arpa udp
US 8.8.8.8:53 57.110.18.2.in-addr.arpa udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
US 8.8.8.8:53 checkappexec.microsoft.com udp
GB 13.87.96.169:443 checkappexec.microsoft.com tcp
US 8.8.8.8:53 217.106.137.52.in-addr.arpa udp
US 8.8.8.8:53 169.96.87.13.in-addr.arpa udp
US 8.8.8.8:53 www.google.com udp
GB 216.58.201.100:443 www.google.com tcp
GB 216.58.201.100:443 www.google.com udp
US 8.8.8.8:53 35.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 234.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 100.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 clients2.google.com udp
N/A 224.0.0.251:5353 udp
GB 216.58.204.78:443 clients2.google.com udp
GB 216.58.204.78:443 clients2.google.com tcp
US 8.8.8.8:53 78.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 172.217.169.42:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 67.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 42.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 99.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 53.210.109.20.in-addr.arpa udp
US 8.8.8.8:53 15.164.165.52.in-addr.arpa udp
N/A 127.0.0.1:50019 tcp
US 8.8.8.8:53 spocs.getpocket.com udp
US 8.8.8.8:53 firefox-api-proxy.cdn.mozilla.net udp
US 34.149.97.1:443 firefox-api-proxy.cdn.mozilla.net udp
US 8.8.8.8:53 firefox-api-proxy-prod.pocket.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 prod.ads.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 firefox-api-proxy-prod.pocket.prod.cloudops.mozgcp.net udp
US 8.8.8.8:53 prod.ads.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 8.8.8.8:53 prod.content-signature-chains.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 shavar.prod.mozaws.net udp
US 8.8.8.8:53 prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 firefox-settings-attachments.cdn.mozilla.net udp
US 34.117.121.53:443 firefox-settings-attachments.cdn.mozilla.net tcp
US 8.8.8.8:53 attachments.prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 attachments.prod.remote-settings.prod.webservices.mozgcp.net udp
US 8.8.8.8:53 115.230.163.35.in-addr.arpa udp
N/A 127.0.0.1:50026 tcp
US 8.8.8.8:53 www.google.com udp
GB 216.58.201.100:443 www.google.com tcp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.com udp
GB 216.58.201.100:443 www.google.com udp
US 8.8.8.8:53 172.214.232.199.in-addr.arpa udp
GB 216.58.201.100:443 www.google.com tcp
GB 216.58.201.100:443 www.google.com tcp
GB 216.58.201.100:443 www.google.com tcp
GB 216.58.201.100:443 www.google.com udp
GB 216.58.204.78:443 clients2.google.com udp
GB 216.58.204.78:443 clients2.google.com tcp
US 8.8.8.8:53 19.229.111.52.in-addr.arpa udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
DE 216.58.212.131:443 beacons.gcp.gvt2.com tcp
US 8.8.8.8:53 131.212.58.216.in-addr.arpa udp

Files

\??\pipe\crashpad_3508_PTXWAYDZQAHTLCZZ

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

MD5 1a005756e49c2fd6f180f9d7ebfce88a
SHA1 ef230aff2f6dd56f847d1787a78dbae3cc9f6357
SHA256 18253afcabe76f71575599bfda8efb70d13ed88e158ee335d44e9ba565dc15cb
SHA512 42663ec9bd716aa933b259ace1e59f17cd5ad6888515985d791d6510a626264b96a086ca730e810cce3544e81533ea94504a62746e10cc43622280e4494fbe52

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 24b700959c227c07f2cbd2c329a520aa
SHA1 54e7eb760128f721403461b375eb2b2340ef62cd
SHA256 d6bf673d50653e777fecca40239b8ce5781dd218823c37dd2a63cb6113e17256
SHA512 f591c9eb3e6d88f396fc5021ec2620621530b66dedad740d61dfbb31cc9ac087f9a90283d551269fdbf6d7e5a429eb16f98b40c200402cd1b0a1ca15a4529f55

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 22b12cfd60d8a34c71c8b23fa0cbca75
SHA1 09120fec56829cc1a55ed154fcf15579a8b02955
SHA256 b1727015dae9fa9c0ebe0f8090100a4766ec9c0e0a906538a2676123923e9739
SHA512 79dc153adf2227c678c31f48cca5a9aa380a63ebef27536f0ae5ad48d05e8f3511c06d6c97231ff21f7ef1b559f6e3b71ee3b792a413395343c54d8e2ea71691

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000005

MD5 e579aca9a74ae76669750d8879e16bf3
SHA1 0b8f462b46ec2b2dbaa728bea79d611411bae752
SHA256 6e51c7866705bf0098febfaf05cf4652f96e69ac806c837bfb1199b6e21e6aaf
SHA512 df22f1dff74631bc14433499d1f61609de71e425410067fd08ec193d100b70d98672228906081c309a06bcba03c097ace885240a3ce71e0da4fdb8a022fc9640

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 0ce3c8cd1bc9f818983c199644fbd67d
SHA1 137e9e90d84e357655c15aabeaa0cf1bcf3e4549
SHA256 f88e3fc292d9988123a16f85473b8b88634748d8d0ef2e902a5af2e2513eab31
SHA512 cf9ecda28aeae04d88806c6006ad753cf58852e2ab90876ab1d8b45a2dd677ce549db5570a6094695e87ae57bb845ebab87ddb219569e810f1983780aeda3a4f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

MD5 8857c4f8d6db688bbecb1e231d6daf3e
SHA1 8c371a7cc160cf92ca8cc8b65ce634d006e776d8
SHA256 620f9342de94bb4afd69968b2782b9d638fd61a94b61d1c3dcdbe8ce8d370c67
SHA512 690f8bf77ba3bb699edda7ede18fb5e94f63689d576cbb4194b719a06257e30bd72baeddeb8d39c8d9f52e11eb1a1bcecb32165ebe9140031bd7b0fb58178c34

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 e1ed8b3f8813cabce9d3b50de1e38903
SHA1 a91425ccac4092a273993b8d8fc5d55b1ae3e17d
SHA256 f32a283e12231e8eb0fcd977e660663b7bb46aa2c0335215f3effc69f1fe75b1
SHA512 205d316f2f6afaa9154acf34179b8dca47d6159e5bcd5df45fef6508bda295d5e5f9f2851c2d2a938956cb1350e4e595956bf9ba6eff7f92e5fb2db8de946f43

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9e5994738cfa605fdf1e97adc15ce10c
SHA1 5148ff45c77c301854baa86df78ffdbc203aee10
SHA256 8e2250ebe062debc4fd1ed56a0c975404f659c1c676babb0e26b52ba77005929
SHA512 5e3139c78f8d7a88e52ce8f5b78affcf813c82ef05b1e20865e0344ac3ccac5845e464468e87b24e0410837cc2a2106885c07440ba4b94bb0aa0f216caa451f1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 12cf9403d2f9195c421beeadad291424
SHA1 10a2159a511c06123fd1175304545c2a075b3b31
SHA256 c10f6a7d09db17ba27edde2199ac0746383c78aaebb23c091ee8a5d823204750
SHA512 a3993262fade2b6210d3e9fd5a14dcb4c245142cc7011088e0ac8f4d044770653b8fb8a4e42b70936c01688263e14b63bb0ab784c091467cac727da9261eb0c1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 6834c8f50bad09094b34b039d05371b1
SHA1 c38c77860d75af53813701984afcb2ecedda9a94
SHA256 2f51e7800fd2694549bbf595991d118d1e45ac0b3881030647038089cd13bf5f
SHA512 2a94c7d57cf4f190d586c9ec7e562dd5686e81a22679bb3d76d386b30460615374952d72c081381a65bca8033813ac8c98b8090176896eca8b095d1f0ab9b4e4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1

MD5 f50f89a0a91564d0b8a211f8921aa7de
SHA1 112403a17dd69d5b9018b8cede023cb3b54eab7d
SHA256 b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec
SHA512 bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dly1kncb.default-release\datareporting\glean\pending_pings\2709e772-7a46-47c7-885f-743dfb90d03f

MD5 2a97449edac07bfde2403b9973584d20
SHA1 0484417b8183b9312318ad179eee24bf47d8e3ec
SHA256 e43bd844a1b10d4bf2ac166eaa783dc1fd1ec0dc10d4e58433cd11b6912595f4
SHA512 f62e238cfc0f163ef1d142e23589ee1de5b3642fe6ddc88bacfab90900334c1c34bee0fff7849cb179c0228c8597804f87387fb0e0c84326975379295755bc06

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dly1kncb.default-release\datareporting\glean\pending_pings\1f9ca283-1e94-44ec-b4b4-90339847b174

MD5 d192d2ecdc51baa142d71ca681aac0a3
SHA1 bc1875ea0dcf344c7d35fcea0c1c947131918043
SHA256 1b030c0a9e23e4b38c2ba7bd218bf6e467f1904a0e8a37c53670987fbf61ea26
SHA512 06ebb009be70eeb22a47d3d89ea97fdd2d265f64349d0a4dd144f04b65dac990888fbec880382db9b86a801d7d178b77337ebccfb260ae978918ee976826b134

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dly1kncb.default-release\datareporting\glean\pending_pings\e7c60456-6abb-45ce-a944-2428004323ae

MD5 3d65e0ea3b706ae2e22bed01aa5233a7
SHA1 b0cc12548e11619b66131306bec49290303553dc
SHA256 5b343443f3efb1df814746f1500c40d0076a32534c9792774b6513cd734bed94
SHA512 413d3ae000d0cdd6e77f0947009186154ff6ee8d2e71a81b72a2af3359e5e514a11940bd9ddc8ead7a68e932eda455404fdcff5b83fe7003dc8fede93c79f5fb

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dly1kncb.default-release\datareporting\glean\db\data.safe.tmp

MD5 2bcb40ee8e369b187f547408a1b4c503
SHA1 45eb48be3cd8f78d74b7fb672b33acfad32edfdb
SHA256 03f4b8cc78ee174037e5dbac473940432792cafd9791531533625dabdf28bbe9
SHA512 0995df613a331729e8e83bcd9c9717860ade7c33c5b5fae55b407dce25d7ec8468b748a24f282c11ee2630c47b302e0407b78b23dd443a4c8fb8467f415ed80e

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dly1kncb.default-release\activity-stream.discovery_stream.json

MD5 462e0e375dca814d3466c6d0c4c2e1da
SHA1 dae2a56b7b9f1e6c723a2d9dcba9b0d03a6b68b9
SHA256 dac0304a5886e0808346554884b2867554ff9b5eeb8266b6a5aecb17e55ca1fc
SHA512 384d261b060ad2163a8aec789dabda4d1a2cdfcdfa129645d831d61f836b3ee1ab889f2025d26056a818442a6fbb96ae87652eb9b02a8d717c21a1441e24c4f2

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dly1kncb.default-release\datareporting\glean\db\data.safe.tmp

MD5 5efe617cd8aee949d0499194f66cfcdd
SHA1 c21d93b440ba99c7f44e047036ce0c36cbbf05fa
SHA256 c4bd524c7645c730b2f4067f5208d4663472ebbf083f4eb868f3272a3d34edcd
SHA512 2c8fb426e2a186f5c4fc9a971c877c1930c2a222bec0c7700a49e634962d902ac8a5565865990467a3ce40d8fa9aacf6887ae726d31aee6448e3577aaea72c67

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dly1kncb.default-release\prefs.js

MD5 a0bb8344fd9e798095693a3704700e37
SHA1 ea8327ec7617bbbc2087b4892819fc639fefb44e
SHA256 f6f3b0298a1e6e47c094ccb1fd273db3335be4ebb44dc2e7e5aa3e84308ed723
SHA512 94aebc5afd9e33bf3c08671402806c19c8396b38289116648721aad695a7050ad0e78bed3d8b3043658baed510d9567b86b9e25f00a1cc632e4a2c3195e05d48

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dly1kncb.default-release\AlternateServices.bin

MD5 7b5d18cd81cc77c10b88c80b9faf12b4
SHA1 fe2de9594c5821291477d90af73edb4a4abd9e2a
SHA256 8ef7d1f13f1d01a11f9253d48353021d80b815ef8437e67ff1469d6dfcec1c44
SHA512 9bf602987d1a527bfecdad4b88286e53a252ff90479d6c87547e1ef07e5194e8a5873e0cd93b031fcea9fa0efc6f0bdab6d98cea85de8a8ea09fb8b4e7e0ac84

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dly1kncb.default-release\cache2\entries\AE6C91A7A94F8219B78F6FB4AEBCFA5DD3A78D91

MD5 1f36c08d6cc1b46942af2e7d8513066b
SHA1 9190bc3589e2e8935e1f415edfdf7206922d7591
SHA256 f251546ace2060cc2cdd307f8e7f09953811053c933b51a155f6f28207369bd6
SHA512 2b70d04e50d7abf701bdb78b7b734e743d3dc73a331d6e4a8c8ef9f0797e5887c5a1278d41267f71a61311251dc410fbc692ef23f1ca20be797cf337b6d617bf

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dly1kncb.default-release\datareporting\glean\db\data.safe.tmp

MD5 420dd21625e552ef506ec7cd68f19ac3
SHA1 a6d0b7fc16ea8cbf68761c1ed81f230b955fa9a4
SHA256 2245af68559af5050655b8b55d4d97e7865200c43ec10d5c362dcdf918f5df8f
SHA512 f20a09a7cbef2c745996582806ab7eb48e6efa42edc39106e17570baf479bef89d1b672482461325f7723c376db6d65c086aa69e437508c0c0bbfeeff4dc3196

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dly1kncb.default-release\datareporting\glean\pending_pings\af2e90e6-2415-493e-bf39-a84956facade

MD5 1ec45613d0a4c0337359f8a2f165f5a3
SHA1 a1a03bd2d543addd91e1d83803e21901266d3c11
SHA256 cbaff6280c6626fbf3c680d4324696e2d53ef6ea507c72c3b3e147d4a94527c4
SHA512 7960bc09731b2e526f6a0d58266bd54729e11ed34dda8fa0cb000a0fff1aafd0b84a8ae2c381d0e370fbff60a33775db2a507e4ef6b1f0d423211e2609a3f393

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dly1kncb.default-release\prefs-1.js

MD5 ede07489046c2817a4d43356cb5047ef
SHA1 ea3a5309869eeb9bf0c11e9b5143bb9427f3d5f4
SHA256 a03f2a59c3bb10640a32166cea867eb11547c813e2e70304b2bb94d8bab31d8f
SHA512 137fa25958a60fa4694e8b8a3473d6e0d59c9ef92174bcad71186aae6fa5b636fb3fee2d7e9e4f015eb744b2b0e5512307ec2c13e7a2f68189189b4c2622c33e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

MD5 b26aa6867056811b2c2e77d26f30fec3
SHA1 4d7be071609f51f64e38528a763114e75820d4e0
SHA256 6553fff2d483bdde30c4f221cfcfc22450fb51d9e35547995acdf9cf0df61312
SHA512 4772d0611193c636073b142ef0b680fe6e531ee9a7df82f56e97dae0619c125d99a07cd81f9370a785439bfd784769c0cab7886e78b49af0bac372dcb67a1418

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 bc6142469cd7dadf107be9ad87ea4753
SHA1 72a9aa05003fab742b0e4dc4c5d9eda6b9f7565c
SHA256 b26da4f8c7e283aa74386da0229d66af14a37986b8ca828e054fc932f68dd557
SHA512 47d1a67a16f5dc6d50556c5296e65918f0a2fcad0e8cee5795b100fe8cd89eaf5e1fd67691e8a57af3677883a5d8f104723b1901d11845b286474c8ac56f6182

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Version

MD5 ef48733031b712ca7027624fff3ab208
SHA1 da4f3812e6afc4b90d2185f4709dfbb6b47714fa
SHA256 c9ce8dbbe51a4131073db3d6ceef1e11eaca6308ad88a86125f221102d2cee99
SHA512 ce3a5a429e3796977a8019f47806b8c0671b597ead642fcbfbe3144e2b8112d35a9f2250896b7f215d237d0d19c5966caf3fe674165a6d50e14cb2b88c892029

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\segmentation_platform\ukm_db

MD5 ebd7656209ea48d6600461d2bb0182b7
SHA1 4d19bf1b36f7139e6e79a921a65cbc967dc5220b
SHA256 bb285850cc5bc9078baa5dc776d72f9ff62f78342c89d57b09d4b924a56f9241
SHA512 021c1d91a4ccdd17f8a74ac064b4fbe0a48fd9b29cbcb8e77fc6416555d8be746e6aa3bf3aa850ed7e7866ab1ad7eb7c0ba1a3fdc3cd47900b54e7ae418d101d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Data

MD5 57448574dba556f1b4cd411fd16659d6
SHA1 b1195ea86b29b0ecf930ec09ae35a4aea741630d
SHA256 eae97b57e6421cc64e6ceb6da483ee55756a3d476f5887127b8ba466d0baf541
SHA512 d40c3f54e4054646f6d3eae703f0c6496e47f3af46491164232a4ecd9f3ab1fa545dd32e97209cf8015c6870022c3ef557b3692b9603f00a6556046e10c9be3b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG

MD5 3ae108a095a44dcf38f899b09d5e1c65
SHA1 9f49d1ee7af9622569f19e68b057bf521ee0b3bd
SHA256 2ce9adc050115735ae2e4f6991a1a01fc7b9ebc6bc814c6eb5049e8cccb85762
SHA512 6369e6cd07841fe98582452b2569986c1f763488f6055a25619dbf2a2add98267e34c008c97f9fa11d11a1d5f9878ddf820cd28e4803ddefcb9618e131d3567c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\000003.log

MD5 a7d31fd603c21d439893a5d9a9fe40f8
SHA1 078030ea2676127a57d2d3226fd223154301c116
SHA256 baf84493113e692724554066e3fba7e77f13ce7f18bdd86f1c920bec2dddfd2b
SHA512 23a8fec62c74cec826f426eb228ac0cc1574fa5238823ff99f263b7a854178f43f5deec460f740a233411b9f59aee48e900df8357b8c65684121eb3826d16b54

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\000003.log

MD5 5d023b639a7056d95668953cd6e9dc4a
SHA1 d3090a921a558f2fd1d420a0ab35078cfe0a3189
SHA256 31b7924f8f5b4fe5404ab73cd83c4873057e6aae510621f0f1e500e3a3f63749
SHA512 cab3eacdb6c8244520b9c15cf6cf4178b0178fe050e674bd1bf860dec884b030b29ed77cc990e827aefb8b95c0dcf31f3ae97f7d4e79b91782ae7e9ed7629642

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG

MD5 fd5d5c408d7bd4a69997fb42d61eb4c7
SHA1 df5786bf7db655c3256c612ba4f274667934b82c
SHA256 7f1b9396e1817456237e61c80b7a6953d445a63a9d2796ea95f2caa5ce1768d5
SHA512 4145157e0cfaafde86d65d33299f1509f6acd17a740d20a00d1947c458935b91e5b9f8862271c60f6b3cde61bfbbea13a51d646397fa404e9e71ae9239d1053c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sessions\Tabs_13375990117240003

MD5 1e03e0ee6b401b56e88a23c91e89fac7
SHA1 90c78b756b95bd4df9b7ca6e73f24791ab15dbd4
SHA256 dc4c7c2fa29369bae400d4725183f798747d4eff6867bdd0b7ef8e7538649ffb
SHA512 1b10879fff9cb517134e5bf4ab29d184d91793dab6f68ef5f53d71bf6a651692b6a2cdb049d1b07ca05c32376c32b7cbc49d730e1ca7db17b6bb6ba79609c62e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Visited Links

MD5 761f5cac20d9d5d6ad13b4978b86b09e
SHA1 41fb74ae4186dcd307b4d594d1161adc26b965e7
SHA256 043a74a38b6016712b50913ce952d14422dd67f47151ef22442a6977152a7449
SHA512 09099774677b756da012471b86b346b8af5ac56c4b52a2fc6c1f219313a829c33847b81dc8867045a3d7ec3d7f6dfa2d18f9504d3c4240f6b8bca5188858fa27

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Reporting and NEL

MD5 48f2da1cd44c616d95ffee4e759d786c
SHA1 353e8f08336ad4104344c100ca00e66f4646b4de
SHA256 fadb5e4d991fd4dcfa8a19c0f803958e961a576acaae097c3d898bb9cbf68910
SHA512 53be8c965fe5e84eeda8a14c46c03a89e3ae8169c5e12b0380c9937b22c01704ff9f65bc4ead2630e3efca56f23d376a298d582067713ba7f62e844a284c56f0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Cookies

MD5 e9ffcb2c16a11e448651c48f7c102bb5
SHA1 61df3d2a647b70dfadbc3bd2c868db36a9856da5
SHA256 6efba8b199f16ae1a3cc362fa65c0a61d6542dedf5e6fe5788cc9b1933abbb18
SHA512 39353e785b951e02006d0b7f0b178927c365d233190db6edbbb53e61796674a57b481525d4a98a4a89b085b29c7a228e598ec4ab80d1a0d728b435bf31f7b9dd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000007

MD5 df659ec7b143018e746afaa601a631d4
SHA1 5afadad7241617eb7e06bd974da1aabaeb4bbfc3
SHA256 1a92826a6db319782cfbfe2f535bd443e205253b323182ca3bcd56e6ebac42b7
SHA512 9078356e3ec30966d59c48efa77c96dfc7a778c6c424b3079c6c517c50d7fb5221dce8e342206e556f771578848550c3a07db4638ff09da61d2d9ffd4661b330

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006

MD5 503766d5e5838b4fcadf8c3f72e43605
SHA1 6c8b2fa17150d77929b7dc183d8363f12ff81f59
SHA256 c53b8a39416067f4d70c21be02ca9c84724b1c525d34e7910482b64d8e301cf9
SHA512 5ead599ae1410a5c0e09ee73d0fdf8e8a75864ab6ce12f0777b2938fd54df62993767249f5121af97aa629d8f7c5eae182214b6f67117476e1e2b9a72f34e0b4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_3

MD5 db28ecce2da4b71147794953b0ae0f5a
SHA1 11dee7298b93f7fd837f2048ac58a38c1173d6d2
SHA256 3974f813bde5bfb42c54e27c4d2da17daccc050ea86f23ce11add23b493d3262
SHA512 6781621daf85e1d7ad069a2dadd40958c412b35bb0000f753c6423eda305cdbd1d72660d2551b30580dc56d955c8c7a8bbb5c4d49f3692f880ab736e34277190

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\LOG

MD5 9f118366cec996760f14706044dd5963
SHA1 5bf0128d19795fdffeae70092eae58d6f827b997
SHA256 c81b6e9fb73a0d87dad4ef41ddfbca5a38089c10e6e7db76ce3204136e05f258
SHA512 c826479cab60a4b47938132855c342f490653f1567b985ea9158804de623d590588185434c6e483df8f84fbfb475004a53f622aca1597f6acee7bc9ed696cd97

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_2

MD5 76a15725ffe966bdb770e38539bf214b
SHA1 1bd4e87e5cc2a511ae71d449db21c2f13d69a641
SHA256 7f83804a06f47aa6a4caa8fd149d7f4106fbf16519a1cdd888ef7c0868809b6a
SHA512 8fc0db95f2966b28d76a09188f4aad00cba1a4c382332173a6e88eac66d25be3ce8def8e17e59b14088c568d3b7fa62207a6ce6b8c6e92cddf76a7ee95825f01

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_1

MD5 4527c54e78efb9a28b062a76b0200add
SHA1 c51e5d08bdd43836c52e1b9969c3686939fcf210
SHA256 9bd160f414feb3fad4c2e03ed7d5ddb3126a18cfe227706daa1b6e75d85262f0
SHA512 921cfab182447953bd861a314fb24a6995fa938ff50066d1383d58bacddf00214f7711516ec2ccb414175a4608e2390b7d399441391ef249c41538d199661f3d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_0

MD5 b7a49c0a2f9de104e380a76ed06271a6
SHA1 40e2048fd31aaefbc99860301d3325ae9e6c72e0
SHA256 2e4ea5432c905d91cbcbe15e89793c2fb35eef00155238e47dcd15970f8a13fd
SHA512 aa624a5dde77288036b7d003036364d9f04dbfb824721c71db734b0ad302901de396258fe2c5f171f607ce6ccb6874a7cad31e0781cebbce901ff0d6e87c54d9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\History

MD5 a4b3afcc06d037fed0238b10e8014dd6
SHA1 2c0440d9b746d36208917275f612912a4a631b19
SHA256 4d74773cd8cce5539c0dea9e99551f9840c0b6fb8d65c5e72c277ebb8cc1d68a
SHA512 bae0cc2675bd51e9de66fe138edbdb433aafd907e403f9904539606250ed51f97f5fe394a7d958829bf076755be6b075c25ada58da0028dcb8d0068fe78452dc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG

MD5 953908fb00689ffbccf82cecf48c26f3
SHA1 3e9bf6bfd42406249041748e49791cec3fa5d57c
SHA256 913fc8e6c33ddfc61c0cc10c3175ed3b765c599c21755f702a7e8b302cc18f22
SHA512 65f23530b078b912aef067b4c45f1f303063a62cb17d520452ff61cb28cc14954c05c6f1cb108c29557f4f3fde8df7b98c3ac4ed5cb89f304e8728718b2a654d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Favicons

MD5 0b07bf88d347685be45a440e833ead32
SHA1 6464118700ed47768ccff8f8fbcdc4453bf820ad
SHA256 e0bda0f16a18a1aed6d7e9694798cb996545eee837ad245207aed26f27cd5dc8
SHA512 8f95fa3ab20e543a8eee8bfedeab2f0e7f76254f165bba4999b622fbc9c664b15ce03e3ac8ee98e45f973351b32ab6e3ecc7850c8e9788a52e743f9156c6d42c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_0

MD5 002b77e3fd1d0f7fa6eaee7fec10915a
SHA1 95033542670c4b82d9cc8c1ee4e0df814e0c3f50
SHA256 4456bb6d35853c1b1f186d7eb7a2d1cf75ed57429db4b646778ac833ff4552c7
SHA512 d5924593ba76c335f289db2443b968dc7f2fa853704084ee7f327ad44a4e9b015827bdb4bb92e7d1f0d8e8ce00ad12f6f9c438f429a25bf2373ac1d04d570787

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_3

MD5 b6fefcfc8f9113e7b48b40e89e031864
SHA1 de208207302fecbf0ec1ad090e7b6cf3d09acce1
SHA256 43dffcbc48c1c1eb166348c3e88bf452f83aef7a91422aece8b43fc7bd6db0a1
SHA512 bc3d336152db9e50b5018cc4f254a5b631705ca162c7f26eb2d3c66d0951e49dfb684554168773ce757ee4d34ae4970552c3d3c5a376004c5e834796c106eeb2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_2

MD5 0b83bfa75511c3cb8b526c844486e404
SHA1 f8a5caa6e985e26c282b2d53f4495715224d771f
SHA256 b23f475f13485b2dd2ffcdef9a80800667bac37dbc82e097189b6065953c5adb
SHA512 ea9640b918eb1f88faaa6fc492917e6fb81851d35450f27b3986f77d6fcc8f0dc11796ee6294c444bc070565532a29245bd85e1bb7cf0ca18eb9bc0916445def

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

MD5 adfbafe9a7939a602400935d3b591a10
SHA1 b2b9d77724ad86a7b515a7730ccf12b78b28ed2a
SHA256 e71a8931285bd40d5ff36bd15677d601ac887b0766ab70918a1c40f94c38b40f
SHA512 0cec6caabdfb15e645ef77dc1d09bbec099bcdd272a320d12d8a9bf6d3fb0e18a18cfc62e9f6828857b8fd12b3e495abe0f99c5b9578dc9a368e8503d4f6ce5a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\data_0

MD5 5f6719870e7b1949ed8e0d89182f9aa1
SHA1 eafe7bba00fdc4d8183e2abb6c09ddb0e5a34a06
SHA256 fcb0b78772deb9daef513b17abde3292902c6086c9b01b807e3b13268b5b25b5
SHA512 27bbf166ea5cd5aacee5aa8dd8a925dd625201d7e50b0148791c96b46239230a5cff8abe9c58518aa4f3079023df0fff62adbf9a38fc547696376956e93d3017

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000003.log

MD5 5be5120ee185f7ebb3e6bed400264577
SHA1 e847dc8563bec92992f225819afe9129870c0363
SHA256 38671a24b3f0925809fa94cbb34e0bdb8d79901e512e81adfe3ccd4246759489
SHA512 a6c14e077ed64f9008638952b3407f6250034c2fb2d03896ea284b845cdd97996bbf22badae86b1118cdd64a25d0d71c94939ef84a8867072a10f0ac6e4ff8ce

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG

MD5 bc5296c226fa923201dd56f02fc8e12a
SHA1 4ce0561aac28fb43ab03ebf42565b5bca6124b52
SHA256 31cf8ac6df9e3dc8471f38f92547e72d2b5d0e0884c0d39d7010c9deeaac7a92
SHA512 e2128ece92d4eee366029113ed76310e729fd094ef0f542fef8c636ae4f7715af23d9cae14a9db7fcc072efe6542957a2973ab8b60c66f864ff37f0e1e10be10

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG

MD5 11ddeeea71cf4be804f76196742f0ba7
SHA1 af2825725290fdc9e2749bdf4639b06a21edb6d9
SHA256 6a2d59d88b4a481e7fadb6e1960680533dbb3d52c1cc81827471ef48ab814264
SHA512 21df58f67ff573570b34082a058d6d5af92fe770ca52b27279ba3ce700b2d21188135d2d2c29ac0d0883c424749d9c29da6e2d2aea2b9ffc7c423e49d5177880

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\data_3

MD5 70cd5c93c111b98645dc6ff95f6b26d9
SHA1 97d4e03ab399741953c500f750cfe77035a32e86
SHA256 df1563f44b38220ac95fefdf74c85a1cbf76121b1e23042abc02e474ff89c258
SHA512 71a19307542255e79d628d8e2fd83e62e98c1fb6378bd25529e62d961e348dc39c482b601985c9b450e41634dfb14aae3d85db6364e0a90ae894474aa5f6e59a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\data_1

MD5 da824ea39a98817a88d11b1ee8f79bea
SHA1 a959ba633b8326b2cfdacee0b06800f32df4f5b4
SHA256 bba6120fa11fa9d2fe58c5f27da05b13b6706a088ae1c55921c26e88f3e02091
SHA512 5a7db76ca0b6883f6cd79d5c541a819507c2c4bf1917d1d25122533722a5a25882c031cdcb22ecd33b120f70aa3d3ae1b1a31f41060b95e431ca18da054650b8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\000003.log

MD5 8a2b198a2f6ff203e3b4fdd1c21a7588
SHA1 2fdf965cfb4d6b2b866c0cb054d679397ae17326
SHA256 655f1f5c0ad3d8693599afcb3a3e68bdad2de85825fb4d35d7f5991b086af7f1
SHA512 4e3b3a5ea7dbf9a89eb43b1b9c22e10ffc72033baf561656ff340c2ea193b414f78fb3b7ac1dfa12e6ea4b98998d4a534b5d2d972f3ff66ca134f9248beef335

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\LOG

MD5 de104838afb6dc618cd8437af7ef25a1
SHA1 71ad6c101ab38340a184f91d7da6cec27a25f0bb
SHA256 3c3893b2725b1c3a9076e54d84a82ae373a985a31c615a77ba76edbf23884720
SHA512 5bb4cfcc45b5f19856ce3b353d4b00fa96713bc7b49295a3c791e4a1e2e1ea70fe00070224b7b5325474da1909e1ce89ca712582e593386ba97b4bb6ce6a2aa2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\QuotaManager-journal

MD5 2c718fea4f376db5469170ccc1d583fb
SHA1 63f9768b825e6ff3304f1ef2b1dd03f6fa91eaec
SHA256 06f083a2e9207f285b2322f53b15a0230e61e3c5b5249f7bcafc4547fb023b4b
SHA512 7f3ed43535239484c3ed8c3a34e9bf25f10d45735cb6fc2f9aa419bea7c4537ec322eb924bd14414e5c5033e896e8ef3bef752a6e077a902831acf9830f2be77

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\000003.log

MD5 531fa0d2132f709c0f20e53fef3185f4
SHA1 61691f5dd9bccfbc9c5ce0b704a28bc2df354e6d
SHA256 d0ea08ae992488fb5b9a4d126bb33f6696afcd73099061a8fc20b7d9a3032564
SHA512 6649ec92d29c630e14ab4635adf331691087a5fc205916a615a7d6bf1cbc74793601ab2f40a67103aaf1ef3687abcc4dfbe157a2ab488fbb8ad0f107cda680e7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG

MD5 0fdff9576dde1b394d6c2dbabf99d57d
SHA1 cfdc6c5f9d72efe8c50d5d78f943154848497982
SHA256 b203d44d1d576bdea5d071b060768510988b688bb522f7568ca605a06e10716a
SHA512 da35df5bab9b1890ab558b11cb16877afcf63574ea3d7c7d3291153051ee3c1f89d08f72181fa0cb451557873d670d83f9fb0f587265ed18a828640d0a978c1b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\QuotaManager

MD5 caad11465222df1fb1f1c3896642ffd9
SHA1 a98fe987edf3c76e9e8ea24d8cbe92f50fe1e454
SHA256 b46b9bebb14b46d10695ae5069707cd1b35424da43e62e2454a1d1712d4dc123
SHA512 9db4ca94ea8f514fc143d4276d34db5852bc35e59ae2c2cf4dc7146858053374d74754a91fe330ac38ea69e6dee14caf50eb8384ce123a61b1b576e3b65efb11

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 a791307ccfe11c68f73a71b5c8a3ea60
SHA1 5f828f092953c83bde23c2f456b9133933a9da65
SHA256 21a6353e12948011ed8586dc7615d4e126aa6606d9563f0590efa645bae49472
SHA512 25b29922065463274b476710fe007ee924ef80a9c1cffd66ae34fcf1afafd0b4b13112de0364d0357f310e953b9abdefd619262f910ffd443eb914d4723c7fce

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 93ea73050e6bc2d81d41f858150cd1ee
SHA1 4280215413e888bb399275b781b2ff723302ae68
SHA256 2252bd45706ad96a15beb3c2d3b612987e4238791dc101b44cda3f957a6f42a3
SHA512 48f44eb4b1c5ea6dc6713d74b3013942062b4736de6d72ef9cfec82267625c554e54e0f8852d054760576c3475e6afca82839c7e3cfa970cf69e8033c637c9b4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 57ea4e838e11f20ae0568f6b28c32ff8
SHA1 6a0d63e75d29443f7636231b69c08175b2255fde
SHA256 c43652be4e7dc9e6c181bcd04fcd00c3db67d051d3beaf3ec7a4aea4dff585e3
SHA512 df97a50c2475cddf77d377a9f3ab63e6c1ec6108e05799a7ec6e4977e0b5ea1c49d094ab49a928d6da0c68b38142f3521a704436631af642dd8dca6a8b3b4a2b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0a2503e7872a67700e808d08000f832d
SHA1 e53165a1bcf9bc1991df34fb85f783b4b94ebdf6
SHA256 34e2d12ac0ceb0a44c341b5d42112acf0115abf693c2a65923c75e2fe5b45b93
SHA512 ac76a44f164d60dd176698ef71abf48d3ae38148071426820748b20b56733378d99e516c5ebc62e372c8e35829d89aca9fa2161f4c546c7a8bd04c27b4b7294c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 98ee0478691d7197adfe77a518b854f3
SHA1 4edc10a3f431d714c6c9b600c9237178ddd27acc
SHA256 b98287c7f1b8e6c230d97ff63ebabc07ffceb35eb51c95a7b2bb6f95b2075eee
SHA512 0139998f0eca7fa019e65c96510f4d028b63448333c2b00e24ef75f1f45950d2ac01c8a985411d1856a5703f3d9bb50e0013a88be4969ecb9f0f3412a316f8d4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 cd17a50f4e273b8effe1c61e09e02070
SHA1 0cb694bec3ae0126ce740aa211f77ceda9f063ad
SHA256 c9292582d9c9c8b45a455be3da2cbb3be5903f0acf82b951ba399c67670921f0
SHA512 e2679b31248f0295fc1a88acc426efc94630afff0d2f5ba95d3279c647ec6cbccd8f0251859e60b171552254a9fcf0d6fcdd2bd926d9fa2acdca739781318035

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 090c3a85ec4252dcf5689b480439bd08
SHA1 eb97d096a834eef7bd0b6b03b5b6cae32b12feb8
SHA256 587a9b808c597072f7287d02eea38d935b1229c3e0a383f676603c04f45e7038
SHA512 b6e9437129f7ef778920a6f413f29ec4263cf63dcb78a4462f98eba0fe82ed75f880f5a5ae7bd268f0b8ffab1a62fbe81776cae3533b3aa85a54c45dd90f6119

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 845154c1dc2cd81b7632ddcfa5f7905f
SHA1 95ed95ea15f0dd5e66251fda3e52883e526c73bd
SHA256 b2bd7c897aba5dfca8412b634b2bf1120bb4012bcadfd20ffa5ecc2f84a12218
SHA512 0d1b2a0fd24dbab5fa7f1c05377add389d91f2172f54e988f9673023c194941b74fb966b762d5fea7942a743233fd09e7d0cacc3677ba3452e2b316c7389333c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8e0731de257b73386e72a4fc770487f4
SHA1 ae9372ea484f549de9b62ce56d9896e30515f64e
SHA256 273ae9fe21314717d74d618f021fc486d57d55963b13b52d2620b132b939c5d6
SHA512 f3a0b6ccd6b7baf7a2f178fd6267fae201793ac098e7d26361556a4d732751ab78818d7251248af90dd6b125b2b5eb7d794f7a7600a636ac6705fa9507e15258

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 2d01b54d092c469f263f5a3dd97d9b81
SHA1 bba755e33622aae3db743579aa51e07efb1d0ed4
SHA256 f90ec3f765e8109d04d248a3b5826f699815e3d4e9bdffa05ae6aad9ae7799f6
SHA512 40117f1ab162f05fddb1ae9bd3e030d0951469b563c99fa3c3abf89e426c0b59fc42fc44c5d1b4489bab28291354f26fdd2130775816491fbb76181982743d2b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c1d0d45f4ed8293149f726174713aa9a
SHA1 453741d5109015bc8e0e3cf6e201e10b387219c0
SHA256 3fbc9025519356a7ef722ef75849c11d8a386e14be082f25d63cd77896e9695a
SHA512 11e495c0ce5352579a88255631014b46969825cc59b4750e918b6f602f36d32c5a97387483c5a416a5291081c93241984c803c062abde0408f7ce5906f2703e9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 6bbf562171fb13c95b8275f78951591a
SHA1 91abe7c8fb0bc38f5249756e898af30078e5aa92
SHA256 0209d03658d19dfdd3fdcb056ae8e2a87a193cc20501c0b3bdbf87e16b84d03a
SHA512 8bf2ed1360f6dbdcb2c31bb07df85fb8f0e039e1db062af7536cd2caf2abf281f01e525dbd2b7241ceb8cab50bd54bdd6a05d678e244382390b1ac885019fb26

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3f2543d533c34d26f8f2ed890689c888
SHA1 6c0b0cd863edd33f93903f26a0a9b5f716d30040
SHA256 e7e0842d17f0fbc3b64d73fbda4dbf3f49501aa71457ac55733245b99529f836
SHA512 d63926b4d7a777cb50102d6f89e60d18cf4f1fe25abc0b2ea3d6a6967b906f6aafdee1fb33228fdf923385734ca2d76d23ac0413ed48ab1871c69f5f30fb8c44