Analysis Overview
Threat Level: Known bad
The file https://argunt.com/mjfjdf was found to be: Known bad.
Malicious Activity Summary
Kutaki
Kutaki family
Drops startup file
Executes dropped EXE
System Location Discovery: System Language Discovery
Browser Information Discovery
Enumerates physical storage devices
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Modifies data under HKEY_USERS
Suspicious use of SetWindowsHookEx
Suspicious use of SendNotifyMessage
Suspicious use of FindShellTrayWindow
Enumerates system info in registry
Kills process with taskkill
Modifies registry class
Suspicious behavior: EnumeratesProcesses
Suspicious use of AdjustPrivilegeToken
Suspicious use of WriteProcessMemory
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-11-21 14:41
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-11-21 14:41
Reported
2024-11-21 14:51
Platform
win10v2004-20241007-en
Max time kernel
600s
Max time network
601s
Command Line
Signatures
Kutaki
Kutaki family
Drops startup file
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\nkuajefk.exe | C:\Users\Admin\Downloads\Outstanding Invoice\Outstanding Invoice.bat | N/A |
| File created | C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\nkuajefk.exe | C:\Users\Admin\Downloads\Outstanding Invoice\Outstanding Invoice.bat | N/A |
| File opened for modification | C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\nkuajefk.exe | C:\Users\Admin\Downloads\Outstanding Invoice\Outstanding Invoice.bat | N/A |
| File created | C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\nkuajefk.exe | C:\Users\Admin\Downloads\Outstanding Invoice\Outstanding Invoice.bat | N/A |
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\nkuajefk.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\nkuajefk.exe | N/A |
Browser Information Discovery
Enumerates physical storage devices
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\taskkill.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\nkuajefk.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\Outstanding Invoice\Outstanding Invoice.bat | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\cmd.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\nkuajefk.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\Outstanding Invoice\Outstanding Invoice.bat | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\cmd.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Kills process with taskkill
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\taskkill.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133766737076082525" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\Local Settings | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-3756129449-3121373848-4276368241-1000\{34E7188D-B2C8-4E12-9E53-F5CE3DECC60D} | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Processes
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://argunt.com/mjfjdf
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffdcccbcc40,0x7ffdcccbcc4c,0x7ffdcccbcc58
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1848,i,2428510810195484228,12753180052157196474,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1856 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2120,i,2428510810195484228,12753180052157196474,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2176 /prefetch:3
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2216,i,2428510810195484228,12753180052157196474,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2420 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3124,i,2428510810195484228,12753180052157196474,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3152 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3128,i,2428510810195484228,12753180052157196474,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3260 /prefetch:1
C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4532,i,2428510810195484228,12753180052157196474,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3668 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4900,i,2428510810195484228,12753180052157196474,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4908 /prefetch:8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4676,i,2428510810195484228,12753180052157196474,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4516 /prefetch:8
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Users\Admin\Downloads\Outstanding Invoice\Outstanding Invoice.bat
"C:\Users\Admin\Downloads\Outstanding Invoice\Outstanding Invoice.bat"
C:\Windows\SysWOW64\cmd.exe
cmd.exe /c C:\Users\Admin\AppData\Local\Temp\
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\nkuajefk.exe
"C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\nkuajefk.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=3148,i,2428510810195484228,12753180052157196474,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4372 /prefetch:8
C:\Users\Admin\Downloads\Outstanding Invoice\Outstanding Invoice.bat
"C:\Users\Admin\Downloads\Outstanding Invoice\Outstanding Invoice.bat"
C:\Windows\SysWOW64\cmd.exe
cmd.exe /c C:\Users\Admin\AppData\Local\Temp\
C:\Windows\SysWOW64\taskkill.exe
taskkill /im nkuajefk.exe /f
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\nkuajefk.exe
"C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\nkuajefk.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=3408,i,2428510810195484228,12753180052157196474,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1448 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=5116,i,2428510810195484228,12753180052157196474,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5316 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=5516,i,2428510810195484228,12753180052157196474,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5640 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=5684,i,2428510810195484228,12753180052157196474,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4584 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-appcompat-clear --field-trial-handle=5816,i,2428510810195484228,12753180052157196474,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5832 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5812,i,2428510810195484228,12753180052157196474,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5804 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=5480,i,2428510810195484228,12753180052157196474,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5640 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=6024,i,2428510810195484228,12753180052157196474,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5256 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=6136,i,2428510810195484228,12753180052157196474,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5520 /prefetch:8
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | argunt.com | udp |
| IN | 103.21.58.156:443 | argunt.com | tcp |
| IN | 103.21.58.156:443 | argunt.com | tcp |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.168.11.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.214.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 202.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.dropbox.com | udp |
| GB | 162.125.64.18:443 | www.dropbox.com | tcp |
| GB | 162.125.64.18:443 | www.dropbox.com | tcp |
| US | 8.8.8.8:53 | 156.58.21.103.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 0.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | uc01b50ae2c4dfe5b6d53ed23e2c.dl.dropboxusercontent.com | udp |
| GB | 162.125.64.15:443 | uc01b50ae2c4dfe5b6d53ed23e2c.dl.dropboxusercontent.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 18.64.125.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 15.64.125.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.211.185.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 136.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 50.23.12.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.31.95.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 181.178.17.96.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.160.77.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 172.217.16.228:443 | www.google.com | tcp |
| GB | 172.217.16.228:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 228.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| GB | 142.250.200.10:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | 10.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 227.16.217.172.in-addr.arpa | udp |
| GB | 172.217.16.228:443 | www.google.com | udp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| DE | 142.250.185.99:443 | beacons.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | 99.185.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 24.173.189.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | dns-tunnel-check.googlezip.net | udp |
| US | 8.8.8.8:53 | tunnel.googlezip.net | udp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 8.8.8.8:53 | ogads-pa.googleapis.com | udp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 8.8.8.8:53 | 157.34.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.200.250.142.in-addr.arpa | udp |
| GB | 142.250.180.10:443 | ogads-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.187.206:443 | play.google.com | tcp |
| GB | 142.250.187.206:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | 10.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| BE | 142.251.173.84:443 | accounts.google.com | tcp |
| BE | 142.251.173.84:443 | accounts.google.com | udp |
| GB | 142.250.187.206:443 | play.google.com | udp |
| US | 8.8.8.8:53 | 84.173.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | accounts.youtube.com | udp |
| GB | 142.250.200.14:443 | accounts.youtube.com | tcp |
| GB | 142.250.187.206:443 | play.google.com | udp |
| US | 8.8.8.8:53 | 14.200.250.142.in-addr.arpa | udp |
| GB | 142.250.187.206:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | consent.google.com | udp |
| DE | 142.250.185.99:443 | beacons.gcp.gvt2.com | udp |
| GB | 142.250.180.14:443 | consent.google.com | tcp |
| US | 8.8.8.8:53 | www.virustotal.com | udp |
| US | 74.125.34.46:443 | www.virustotal.com | tcp |
| US | 74.125.34.46:443 | www.virustotal.com | tcp |
| US | 74.125.34.46:443 | www.virustotal.com | tcp |
| US | 8.8.8.8:53 | www.recaptcha.net | udp |
| GB | 142.250.200.35:443 | www.recaptcha.net | tcp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | tcp |
| US | 8.8.8.8:53 | 40.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 46.34.125.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | recaptcha.net | udp |
| GB | 142.250.179.227:443 | recaptcha.net | tcp |
| GB | 142.250.179.227:443 | recaptcha.net | tcp |
| GB | 142.250.200.10:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | 227.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.34.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 78.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.179.227:443 | recaptcha.net | udp |
| GB | 172.217.16.228:443 | www.google.com | tcp |
| US | 74.125.34.46:443 | www.virustotal.com | tcp |
| US | 8.8.8.8:53 | 234.212.58.216.in-addr.arpa | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
Files
\??\pipe\crashpad_1916_MDPKFRKWJQHJBBMR
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState
| MD5 | bd14a76e52943129465a490781c7fc16 |
| SHA1 | b13cd8a27abf08ca25fa2a1ecd8161b8b7ae7c69 |
| SHA256 | f536a89d6d9e7b7879f40442ef70426f3d7e22d1de62994fd1c3ffed08529388 |
| SHA512 | 6b1236815eaf55c51ea951ccde482a63db1dc9c9c6afa487aae46d04fc929ed6507274a6d0e4eeced2e36006a90b5f119ceffbd352d1813ebdbd0436549bad0a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 56606c2ac2e01844adeb921a72f538e9 |
| SHA1 | 2020e699c2e29e2f5e36df3a2d05cb410ec0f087 |
| SHA256 | b03dbe4e49bcd735442b907b5e3b77d41096b144621189cf87dead85d4d30e92 |
| SHA512 | 83e4b31ba5320d8d2681d660f547009bec6ad1a06d04dbb6954df0ed64608364b96e6132bacc8bc3337bcde1f764ef5f62dd35f61f47beff2a4805d9a1fd3148 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | fd6a488bed0b7318554a11268b16faaf |
| SHA1 | fc33f881ce90c3b6f9a87cc218ed66c16e5a2018 |
| SHA256 | ebe9e43b02fa528015242791ab8ca380e02f4836e6ae37e79d9446927e6a49b1 |
| SHA512 | 670a8d0bebd347f138ce317622ac1f95b53530f51e98c62b0c18058e8d0c325136f53ed8b84622f72bd11ef36bec2863e9282726fa631029751f86e1f74d82e0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | f87d49dd07bf6acef37a397ef17d131b |
| SHA1 | 284df84f70168012670ad76d90e9de4088dd70ac |
| SHA256 | 218af028d65f737d47f83550eaebed46bb8cbf44dfc96b0e04b15eea7c40c45a |
| SHA512 | 5c22a0c8c16c7850704ebe26e4813028797866065adde7bd616d6c4201bfd9885f704e4e793c6c9e383940c3480f7ecd8786c97896d76690fac434a26d80d18b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 619234b4dda6eb095570d2208eb80f19 |
| SHA1 | e07e952f6580d9ae4b487771756b74e9a65d9627 |
| SHA256 | 927ec2751d7ef2fece953d9dffdf2770088dd5fe485d3011e6d4dd12cdfbe1ef |
| SHA512 | a04619da5d46808e7267c143818f1b699b4c4f44acaab0387efc23f721830328049f5b607cbdd098dddb912077ee6ea35b12cc109ad17d7bf5eefa51ff9f53d9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 591a5772b0151244ccaacf31941405db |
| SHA1 | 00e4d026ca398243cb2a2a71e8ab4ae9010dba69 |
| SHA256 | e54dd5ed09f0c6b35aa538f912df06703df01cc015ea7f4f04939dac10554187 |
| SHA512 | 3d8bde2eacbf88ada3ac21946d298f8b8f670c4677f20db379f8ed6a3f85afb60ab096e814c4e4afcdaed462b7e3bae50da96215f550a127ab51bcdfbc0f6813 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | c2fff8cde661cb678402a0404efc0fba |
| SHA1 | 8ada017dbfa0391a1e90fb8fdac028af5e4f3eb2 |
| SHA256 | aece48d29248c029dfe9835d7fd25ea5ff7281b8c7da512d05405802d1b67ca3 |
| SHA512 | b6bfb79c7f5ed368e310b4fe73b7353280d2f1418701e4b61a2108e72dee345878fb838e2b42c596c6768587bc86da07f67a1da3f241b742112cc8fc5d3faf5c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7b3aced70c477dad7f4f799e84891a0d |
| SHA1 | 35c4b0dc4549fee49dccce6ac9b72c2311a93a6b |
| SHA256 | 9b4750f98d6c4aeb1a7a6d3de06240dcea3fc0c26d33338a5830fd355a740f67 |
| SHA512 | 4bd4d0bb700adb05d30c17668a8ca79ae3ceb8c192ec8531479e75c0c998a4ee92fca968a6d0b8076f203e121cc312aa3a0d1d6cf9b50456032655082829ce8c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | a62462325183677b50494c4803896a95 |
| SHA1 | a2e8c9a41bf28796410855e0380ffd2ff7bb7721 |
| SHA256 | 8083a168564560fc1b864d67e869e025ab1e903120d476331c7b3cc19b6ae477 |
| SHA512 | 1ec7a8937ae7e7fdd02eeb8e7a8f59d48dc018814ae92117cdbc5cf35fa8e7aee9c076bb6c7840bc31d0a716ad33f52e3f5de1d55ca8545b4fd482657b9ead27 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 6378ff26886a8a4c9cd885570e6cc52f |
| SHA1 | 41de1c76526e84c94d55955010bcd3a9862946c7 |
| SHA256 | 5eb0f27d4eb0cd7ba340242fee60ac6ddd979b3893f4caa9daf3c9709184028e |
| SHA512 | 5bee181e5c2c884fa78fa1b929d014a458dcb3ef8e9c910bd8bff2f11343576daa5583e03c818f20f2cade9270635527943fa13b9cd36eaaa9aed4aace42cef1 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\nkuajefk.exe
| MD5 | cba659d7b9f33e9c4ce44b14555a81d9 |
| SHA1 | b61506e07b26df5a1d5f3fb600bcdb446c427331 |
| SHA256 | e5f99004d7a7bea0e06f7530090b44323217702ccf864005a11fc75404b38044 |
| SHA512 | df18ba1e70138b66ec0e4bb81fbc7296683155246cff06a8e472168bb672ac115eb47598eef97a2933ce623cea49b04a23436229c729346bce589de173d91697 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | a35f945bd672f918476a0c67c0472e71 |
| SHA1 | 8f8a96d7d26f83e9bb543e723e308ac67b232dd6 |
| SHA256 | 387d88ec8b2b9f2c8b15421ce169896cc0af4cc0960b870c352a4cddcc64da84 |
| SHA512 | d8cf4e5db315dc05eb2a80c91a8d55e4766047cbbdaaff92a5dc32a8780320bdc6936f745e52790f3ede4761e3fb6f3e0d40cd8b58b12f506a436d1655d52452 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 376cf2a1c86abe995632d5658720c914 |
| SHA1 | acaeab7a8606e8d0356a61e498a13ed2584ffeb6 |
| SHA256 | 1267f9668cba6a894083eb23a9f5892bdbc3fe693ef21c2ce477f8214c87a46d |
| SHA512 | 8d515615b029445684987e98416a301ddc32ccb855827b05a1c9fa4ec0d79f7665cd52f54637c0454ac98963d44f0edf5c98f6d3391a97ec05188c4a95bb2ff9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 03509dcb13371b119f0ef27c03d9c4ab |
| SHA1 | b4939cdb5a486fb1f68bec1663e2d65233b8cb01 |
| SHA256 | 067230c0bac094e526132800a9643baea4a0281566c79f99f90ec1ed865cafd6 |
| SHA512 | d2014019e3823fbac5c03ab9e77e53eb2c4b51a7581bcd372c5afa3b8308dbb7f9e7d1538a3d14e42b2828b2dc402782e94725b67cfe195a94fbbdd1def687df |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 78fc9bc4c0ea33d2b9195b889bc7abeb |
| SHA1 | bc55e6316f60b295bb56882cbb7dcec948b38da8 |
| SHA256 | b8110ee9d2acb3a7300a192ecdb4554b42efedefb7d8f8adabc9e9a65280e1ed |
| SHA512 | 5aa1d4c805b0cd554526661b8d91eb8543fa62aa5742375e07119119bbb65b1abed2b2288f3205fa8ff37d0a7843677ec843d610b582a56fe42acd61e2604287 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f97ffc4b916600aaede1c321f3768d56 |
| SHA1 | e04360b4206874d69208d08196e9d3155dd1031f |
| SHA256 | c8cd92862391d5171beef11ed3fdc21b0538036067d6780ea79ee30dbd4cd611 |
| SHA512 | 6b536b2c145048f9e79af64fec0715c7b65443c696b9b35315336d8b6db091059ac2bda9fab47b1f81a01fb2a92bc21144e7acfd41e95a94b4a9b7b8a3e11603 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 1d3d9d190dd85f34080fbb51043b13f9 |
| SHA1 | 782b56e4f0e0a138c7b74c06f8333f29bd2dab0d |
| SHA256 | 3283ee47246d44003553051a6106d50c929ec635c6a19b4c139185051e853c4f |
| SHA512 | 831c161292c41bfb8876503c30d8eba119131892fbf25aa803249dee62ede18942cc9d687a2095b5d257d57f47cc58f5f1174515a601c6ec8de181ad7075bf98 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006
| MD5 | e579aca9a74ae76669750d8879e16bf3 |
| SHA1 | 0b8f462b46ec2b2dbaa728bea79d611411bae752 |
| SHA256 | 6e51c7866705bf0098febfaf05cf4652f96e69ac806c837bfb1199b6e21e6aaf |
| SHA512 | df22f1dff74631bc14433499d1f61609de71e425410067fd08ec193d100b70d98672228906081c309a06bcba03c097ace885240a3ce71e0da4fdb8a022fc9640 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 13c1c3d878888a33ed8508293096d808 |
| SHA1 | d2c24891251b726e860694c901106ad065b2eb17 |
| SHA256 | 8b9b24f170dfd5aef03255c2f5cb4cd1e249e0695b324eb8251ec2cd9e0c5f87 |
| SHA512 | ab080520bd400c7a5137318066f4a34501b7e67a595d7f33732b90f9a81601f8f96e7ca4f9617282e02ee5595e228a4054b6043abf4e114acbcdfb8c10d5f994 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 7cba43f30ed320ff1dd304ea30fdd58c |
| SHA1 | 5bdf6a90616d0651aef4957352cd5869dbd3311c |
| SHA256 | 7953947aab9b59472f4aaf1163b17b3d7d7e4f893cd1fd548db29d6f8f12ea84 |
| SHA512 | de093847fd88790c263afd21c8ac96ed1b7368f2052ee5b7b9ca39456db93ab976150b68d05a7c57e807502d3bf0c5167d0ed516a278062b146f51357b537a66 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ea98bb23c405306cc0387d7cdbf8bb7b |
| SHA1 | ec7bcd726b9aa7713247fb4d9f8e6e064cbbbe01 |
| SHA256 | 819dbd4f151961f87308ed192d88e9d695ea3893281b6de45ada6f024097c19a |
| SHA512 | 9c559610aeb76860e264b76df23a506b9e6117c6aa9e05186121acfcbc138b849cc482578cc0e977df4501ce05b44dff129f0bf2ca71fa2b6a0d27defc457316 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 89c136179baac304c74fd734438bf884 |
| SHA1 | 759045db492ba247bdf820156ce1d7ab221bf892 |
| SHA256 | 13516e0432913f5c4d091d76faa18917e461af44900a40e126995337210648a5 |
| SHA512 | abc112eb57ac11d208ac2e47e74e0436d752e584a1b64f3017e0217512b70f5671ae85105253eec20fdd62e9f6502112f9cfa170e0bbfffd8497d8f4aa8e4943 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b15f02d21b569962c94a124f9957f624 |
| SHA1 | 92bea77d518e2188249b4cb2c817ba80f10b2c12 |
| SHA256 | aad69af2d54e558e18896920e5e122f4a2ef47e8ac9ac802979a8995b1044787 |
| SHA512 | ee6066463d2a77e4796024341b5bc8ed067add2e0c4bfb49ceceada52cb6f6f410f3767eba96f6200c0c2726bd15cf768f14869a8775c30eeb0d3f14e7464ba8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e4f0e62a1739fea408db95dd36a743b7 |
| SHA1 | 4fc0d07f39ae77c9c047eb5738305eb7d0d478a3 |
| SHA256 | 7323ab62e600f55260a972d29138c1cd7effb52f32eb98d32c33f4a6b01db36c |
| SHA512 | eab6fd963e3982cb3e4e3bea29fc887b3615169ceb341f3e16a53fa08e7754509923bf6c8bcaeb914723da81fda42eb5a22cdc68931fb5c8ca501c88557adb7c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c88727f521064c9ba172103ab1eec73f |
| SHA1 | 444d0f3557a4192cc913d018c2a39c1385491353 |
| SHA256 | f51a1dc1184512dfbbee7918fc23ad63361fcfe3238ba6a208bd1dc6e0e2e400 |
| SHA512 | df46d0c39553bab2b22ca89184948f5640c17bbbef6f1d68583291e8d44f5693c90afb1969eea7d4436616a322be54d7da989e7dc27bc2fd71a58a0750d105ee |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 4f39b6b5bfc335a8a00fedb3e7b05d14 |
| SHA1 | 16561fd382d52242808c92d5546ca99d74afeffe |
| SHA256 | c801d0be9e09b0d19d85ed05306aba11bfe1c207ac48e02d857ca6b4c87387f7 |
| SHA512 | ce08b0f5bb581783785a730a93d2c216332e232dc6fbc357dba8d2dd7a6a5e067d8d25e8520ef4a1e5a59fdd9d7c0fa02d539ae9bb6aa9182d5e4bda32e6b07c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 82cb9d4812810fdfa4498406571d06e9 |
| SHA1 | 0277c6d3e23b14682d50cc0ed7334a25a4cbb212 |
| SHA256 | 9d95abb441c8b7656a97e73671e16a54d03bdea96f5363954c41f5f66b9a1709 |
| SHA512 | 1364e2725ce917df0fb266db721c0d2bcb0292e44095f293b803de9f622e8e1046ca1dd50669c7c99fe753d779817798359aae0bb14ad126d3f99972f9ae0bfe |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 5454567c676c8bcebac03a46e9280a92 |
| SHA1 | b480c6b8e9e1557c3469ed5abcadd0b96f20e6f7 |
| SHA256 | 6b8439fbc579dd2615fa5fe2aa3eb47ef23d7171a7b7ac2ff5a8d26b5ced3621 |
| SHA512 | 01fd3bf57e5467e0c52d1fcff495c2fc361253cad7fdc978fab6ef8c341cd6279e40e47653111798de891af3c29c38593bf6f140aa38a3878f9bb583849c2a19 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | f4be7b1ec3e8605baa338ebb69d5f0cd |
| SHA1 | f876813dd5ab4c352f0e338d573f3a0c09483167 |
| SHA256 | 4ec0d95e038cbec4e753d5b57eb8c5e23f9658408209f781569c6b8b42603698 |
| SHA512 | 2477d959845bb21a8e0340287399a48b5d7a2511104edb1d08e092084e865bdca71322565817480e6a38b3f177ba4c24fd93c68b613c669d8b67ef5b95d88cac |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 24933d7cd0b24952244c0b6dfceac35a |
| SHA1 | 568b55f798482e6d597ab0a9c15eb3ff5d636a42 |
| SHA256 | d384e21779eb5178d1e3392a8e36f86e572d7643cf73fdcc78f04e8c9ca0b5fe |
| SHA512 | fcddb25657a434d778e46485ad31f2831b91e41f599777f947cbec39ea4a162f3a0a4d69c84e85c6c0cda030d7c5573d4760723c8551c424557fa08cdbe5eda2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8dd33dfa663f5cccace1049dbcabfd85 |
| SHA1 | 6d099e247fb1da4be462c17f13e4396284086e37 |
| SHA256 | ea03c026ec66dfa20ca8153b8a20aae0d6f336a6171eb7583d3723ba85aaf9ec |
| SHA512 | 07d53dc7a9e6464b4debf893f7f63f9b2af7abbeb7de808afedc95c754384f2a49b53ba0b71b2c0ad9b4903dfc95620030469d3a9b256f742101cc9412d3d0cb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | b455a22927cfc7e4729610a993df5a9c |
| SHA1 | fbf7677f22303c1c818ed7bddfe8fb1b62f3c702 |
| SHA256 | 9203b455c3daf13362e0064812918626e7096dbebd6013a1711b9e35d822e084 |
| SHA512 | e53dd43efcaabad11ca74f88ae2b450b19ae03d21e702ea006cf73639aa52a0e3064d1c362415619d2b65b8560281674ddb0473cd5331b89e3268e94e58fb4a4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 85a07d89ec834917fefd673f46a7ae1a |
| SHA1 | c35642968e182a99fde6b3b7eb155bf316b14ac7 |
| SHA256 | 4ad56011bf40c2b1c09251c8805e3f13049afb5a5320808e7f4f1831776b8760 |
| SHA512 | 237ae3ba6b763e76b4bd753409ea2c0ae7196f2fe012af50e6b2992de1d4b64bb13b6cb3b0d4dc29514754bb2405e097cf13ce9b8c1317e5c3eb36dc7e93da37 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2ca37e0be4c9e47d4de2e7561bc3200c |
| SHA1 | dafe26bcbe61dadd32350294bcf1ab8678991c8e |
| SHA256 | 05013d112b7518c958d30243636007f3c1a4817b8709a1b44a491a482307e0b2 |
| SHA512 | bf28486d9dbd3c47d66010b65bfd1bdf89504e4dabbae1d763f6f6f467683540b43ef3e8c8f1e3fbc8006ae0c94b0c57adf93ae40b4752c422d0ac4e1b697c8e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000022
| MD5 | e319c7af7370ac080fbc66374603ed3a |
| SHA1 | 4f0cd3c48c2e82a167384d967c210bdacc6904f9 |
| SHA256 | 5ad4c276af3ac5349ee9280f8a8144a30d33217542e065864c8b424a08365132 |
| SHA512 | 4681a68a428e15d09010e2b2edba61e22808da1b77856f3ff842ebd022a1b801dfbb7cbb2eb8c1b6c39ae397d20892a3b7af054650f2899d0d16fc12d3d1a011 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000024
| MD5 | 2be38925751dc3580e84c3af3a87f98d |
| SHA1 | 8a390d24e6588bef5da1d3db713784c11ca58921 |
| SHA256 | 1412046f2516b688d644ff26b6c7ef2275b6c8f132eb809bd32e118208a4ec1b |
| SHA512 | 1341ffc84f16c1247eb0e9baacd26a70c6b9ee904bc2861e55b092263613c0f09072efd174b3e649a347ef3192ae92d7807cc4f5782f8fd07389703d75c4c4e2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 3bffa1ffc3fff30ddd2811573783fb61 |
| SHA1 | 4bd0f22686b6ea3bcf1f27dfa27846cff831140c |
| SHA256 | d1e435906b06cacfa89220289027a0d63d52a74897432670832d2f5d1dd3a330 |
| SHA512 | 25e93adc54bdab546578f29f0154719a957b2a35fd782b6e56b8ddad2a693f35ab126c0c5e1bb0bef15be663e2bf577d7d82e2436936d8ff2e46163d0304dc70 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | fafbf55c97d0327b40c843ab55250c3e |
| SHA1 | d961ca097f31da37b5326f6e919068b42bb344c0 |
| SHA256 | 38100dd34ce2c80c3186dfaa0bbc37851a9ac38d82fd957ad5c6266461f0b9a3 |
| SHA512 | 662ebf33e3f884a4f821925d34e8b0368689d8fc044d0220af09b0eff9c6036ac163563c4f76b7bb416ce43ab739fbe9f93c23943c75cbd0fc04f1c5ba61dd89 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 452ca408dfaac56164c30ff02ee718b4 |
| SHA1 | 997c431d39e53f5e9073cf050bc43463a8688b17 |
| SHA256 | 64a4412f29a0d98613faf3c98906ac72a75d2e6b8a8136bf7749acdf5e29cdcc |
| SHA512 | 0a0a6c66bdfb85bae74541c3a08aaa75813444d2a8e3a22ee48361a2932bf4a7b1f8aef874d8bcf11da089800d8e490b6b0deea28c4f44483e51ec1f27aea764 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\ef3ba911-d3af-4afd-94ec-70274f40882c.tmp
| MD5 | 8218f808c0099d12d18b59800b720795 |
| SHA1 | c5d78aec215a94960e6c46391abfdf386152f1ec |
| SHA256 | 0d15e2b38c86f226d0f5ebe832c4ca7c6ca48848ac9e8696a8bdde3b637c4525 |
| SHA512 | 0ff1e4704d74519981c20414b978b24105cb43bd796332108ca53b63c0bfe7a77316ded20c27970686b30f7c7661d972363adae9d240faff4ee835427ffef71d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 89d9d8cb972162364aef2a361690efb9 |
| SHA1 | da40a8827e16bcb5be8b31ed6d29c190b8ac2952 |
| SHA256 | 91e9990d14a940ca3a93942e338dfdab1c9718a988de23e0d12867713754a55d |
| SHA512 | 331c537b2ac48f0eb005d4fd7ef109955c8c1c0a78bb4f0bb9f8024747c6799c3b6a5b763765498948b989da98578c22155f288c77e92ff9830ec02bfac16b7c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3fdaeefa16f79feeea6ca66c8fd7a832 |
| SHA1 | 7c7eaf961c40a2a42c76c421f1b2db7418eafb35 |
| SHA256 | eb9ddd82d3e21f465fddaa29bf082ab2c7084be56c84820345017917771f7faf |
| SHA512 | 53dbf6c95ffec4883ec99ef63502cf61a621ed02b426037714aa626b032be79db99a213f5afbd179edc139d352bc7689edfbd421ff06140cbed152f19ecd1388 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | f6cfe3182874ee7535dcba4b3cdb8a88 |
| SHA1 | 79eb640fabc75e0ca2eec7dc90153b07bb5b2168 |
| SHA256 | 774736ebbfdcf1fec9318d3e072a64214f668395b7a7083be436a090481e96d7 |
| SHA512 | 88170f4ad97a1943128b7965984cc2f8c1e42a52e578b782b651b2083d8d88d914d21efcc4aa64cb030b11294f118a52927bd6988c262c4f8371cee36468d539 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 10b69f6ab384aecfc15a5266cd46ae1a |
| SHA1 | d087c12443ff80dfed29a481ee7f0d21f75094aa |
| SHA256 | c4a3a01f3174349016f97045bfa6b4a29b0fe1288fd2f3f91f5ff36a5edd91cb |
| SHA512 | 312cb43dba0298f78be9bb3a2d5257c6f830c59c26a432afd26eb4ed11ed23866c62d939d00f5b91ff93d649f1df104f2b9d33b2ce76c9def5b1d6f71a1d0cdd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 47dc84e460e79e61088b75fcfbcce996 |
| SHA1 | 96e18d853ffc8595f141cfbdca8a57c805fe3a65 |
| SHA256 | 66955884ab1db3a0b5afbc28db8bb9a1f94fb93b55af4d88934c1ac225c33a44 |
| SHA512 | 3465d3e768ac8fcca0a14191730b45c7f030d0e9bb01a949bcbb06e1a77c100536f7e0b823c063514336d70049183f3e433093f588de766b5478860c39039d98 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | cb7e9c63c3056fb06415e5e819fa1650 |
| SHA1 | 2de08b49cc4470fac3a4223b178139de003b195c |
| SHA256 | 5ecfbf612ab919712cf46faa8ba79d30700bb1e81b2e0ea959cc01e20a77c062 |
| SHA512 | 82f10dc796e2cc2db71eb9236f478c1e89f8dc0955069370b9330b5c3d3dcbf6c8b4117aa51a3cdd737d54ecd2ed6f856b8266fe5c02c8413f2765d0f6a00d00 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | be45f0e95cf6ef2ed2f493f61c6f07ed |
| SHA1 | 06b0ca1f98a63c85ee009042c3f1c4405e0b77a2 |
| SHA256 | 155b3565b8810919371f699648df101a0e0159c045e7ac5240075275e34fc64a |
| SHA512 | 9fd421f97f748c0f008a802a04a54dbbfd5001cad2c7ec42b34adc0ed80c0b3363fa56c26060a7ff1dd61e3c00f9911bdf4c507286c19edc69f3af0b94e6f657 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c80b839b62e4ff3db6b054ab650862e3 |
| SHA1 | 1fb564bb7a538f85e4043f5667e107c806ad0667 |
| SHA256 | 7479072eaa6a4b9349984e2b605b29ab3cabc8f8ed3648834b56e105eec738d6 |
| SHA512 | 28d425499270d0e8e73b37ac04d13828328ba15aad8818ae4af040677fa2bfc3c21cca45fbedd603ee6d14baaaec0f4db02023e81405dd782ef9bd54d005bea9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | aab933f1f0e3e942ce7916d3e4d2f374 |
| SHA1 | 9a709012c8ece8aeb0c0fcd4c8d2f2845b1c1b66 |
| SHA256 | 8f3489bcb982ea2a498611dff32758cca9cfa2d43f59cb9ae42eb5c142efc452 |
| SHA512 | 05cd52baba02bd0fe231dddbcd24337da87047665f12c424f851f3da8bd3f58bc0aa402943d94937d562ef15b840b5ef461977678fe66a3039dc85c75d5c3a09 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 62ec35480ef032cee60525a29c481768 |
| SHA1 | bb0e0d5bb54b137763fb3b628e41030f50e79b55 |
| SHA256 | 873da898aa9d77dec5727925e229e29f61d63ca2b588cfac21341b8776dff36e |
| SHA512 | c4f4ee6487b468f7767f724233e7aa8ddf623504f97d5e3567710cca688e08ef5b55d649ed548590ab2f008ea5e7357b55ff503955add9713a642bd9b20e8949 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2cc54bc3593b486a934d277b28466fb1 |
| SHA1 | 8e91eb66296914375729f7553a1ff42ce8324d5c |
| SHA256 | c445a9582bfcb134dafff9fad27da4271a1406c2110cc5228777496259d8a323 |
| SHA512 | b551368bdada548dfd1402241aacfbf2e26f5f3ccdd7410c80259e1d6df21eff3fe14831cd230497a1362610ce60349cc63af3b8c453ed9c81f95b90d11bb352 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 256ef200395af79bc1d2ac94808027d5 |
| SHA1 | 193f3f5f801d83722ba665c29e97af0369d05b71 |
| SHA256 | b73fdac43806443e992374b78e84157b588d94b2b181bdabbacd20179bffcde0 |
| SHA512 | 2968ea98038d905ae6523f499578981240d4adcf805ecab279589117434475b7474771b3f1203505f7432465f4859f7c259f87b36b8d6b39534b783d1926efe3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | cf85ba548e3e8076d6434630896b58eb |
| SHA1 | 2055f26486d07376829633d2c7dd42af71ee27bd |
| SHA256 | b6047dbbcd867707cda415fbfea9023e0c2313cf67e0e66d8118a24e875abf14 |
| SHA512 | 308e5a8ac10d46eacf99f90e69d7f6540de51cf1b83e069c6d9e7043111f6270ad9ff71e1205ac059bd32cf0404555071f6b43f41210718e50d00979c9b0ef81 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 604ac4816025b3d4e0a5cce110ee5e63 |
| SHA1 | 033741584a722ba6f720d1d8f139b5859854b5ca |
| SHA256 | ce804dea7404af09a1d709d3e944182e359a42ff5890d39d18977aea05395435 |
| SHA512 | 7383254ddc44f754696779e741efcd7497a63d2e0d9b67b4de3d10dc7065e7ec88bcdc7012a7341326106295e77502045891c6aee640bc765c6a7d9716e8dbbf |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 29fe77329f8021ca905635adf749194d |
| SHA1 | 22695cb0cf28a331743b5e525cc54dd80f76bca3 |
| SHA256 | 9a2fb05c557cc2c9326f0680dbba43b07b9a17c9a0196be1cf032b77ec4e019f |
| SHA512 | 7a831d7f9944f7d537f82e2190ef329f09f0d9fdd6bb7ef23c3ba3827dde8278904c1d2752d5aae7dd643f5e84ad0af43b8322451d310d1f3c2311ce78cdced3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 31fddea6cf5a6a95eb2f3d80787ccced |
| SHA1 | 13835c9793c9db9b90332718107cc30effd9cbed |
| SHA256 | 4eb19a607d8d60ed70d3de5a2c1b48094f832c71b7b084e4d330084466eb3e41 |
| SHA512 | c77e534dcf0ee6468053a0d596de0f355b3ff8fb16d2067baf34bccecc57500ab1a96d95184a8ebd5717c8f5c51963032013e42c6022b8e68cbcdc196ac06c1b |