Malware Analysis Report

2025-01-18 23:01

Sample ID 241130-xa9fps1mgy
Target https://robloxi.com.tr/login?returnUrl=2098055606
Tags
discovery
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

Threat Level: Known bad

The file https://robloxi.com.tr/login?returnUrl=2098055606 was found to be: Known bad.

Malicious Activity Summary

discovery

Drops file in Windows directory

Browser Information Discovery

Suspicious behavior: EnumeratesProcesses

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of SendNotifyMessage

Enumerates system info in registry

Modifies data under HKEY_USERS

Suspicious use of AdjustPrivilegeToken

Suspicious use of FindShellTrayWindow

Suspicious use of WriteProcessMemory

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-11-30 18:40

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-11-30 18:40

Reported

2024-11-30 18:43

Platform

win11-20241007-en

Max time kernel

209s

Max time network

211s

Command Line

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://robloxi.com.tr/login?returnUrl=2098055606

Signatures

Drops file in Windows directory

Description Indicator Process Target
File opened for modification C:\Windows\SystemTemp C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Browser Information Discovery

discovery

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133774656240951626" C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 3892 wrote to memory of 1700 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3892 wrote to memory of 1700 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3892 wrote to memory of 1796 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3892 wrote to memory of 1796 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3892 wrote to memory of 1796 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3892 wrote to memory of 1796 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3892 wrote to memory of 1796 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3892 wrote to memory of 1796 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3892 wrote to memory of 1796 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3892 wrote to memory of 1796 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3892 wrote to memory of 1796 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3892 wrote to memory of 1796 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3892 wrote to memory of 1796 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3892 wrote to memory of 1796 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3892 wrote to memory of 1796 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3892 wrote to memory of 1796 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3892 wrote to memory of 1796 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3892 wrote to memory of 1796 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3892 wrote to memory of 1796 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3892 wrote to memory of 1796 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3892 wrote to memory of 1796 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3892 wrote to memory of 1796 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3892 wrote to memory of 1796 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3892 wrote to memory of 1796 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3892 wrote to memory of 1796 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3892 wrote to memory of 1796 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3892 wrote to memory of 1796 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3892 wrote to memory of 1796 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3892 wrote to memory of 1796 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3892 wrote to memory of 1796 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3892 wrote to memory of 1796 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3892 wrote to memory of 1796 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3892 wrote to memory of 3412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3892 wrote to memory of 3412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3892 wrote to memory of 4392 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3892 wrote to memory of 4392 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3892 wrote to memory of 4392 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3892 wrote to memory of 4392 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3892 wrote to memory of 4392 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3892 wrote to memory of 4392 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3892 wrote to memory of 4392 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3892 wrote to memory of 4392 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3892 wrote to memory of 4392 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3892 wrote to memory of 4392 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3892 wrote to memory of 4392 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3892 wrote to memory of 4392 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3892 wrote to memory of 4392 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3892 wrote to memory of 4392 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3892 wrote to memory of 4392 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3892 wrote to memory of 4392 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3892 wrote to memory of 4392 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3892 wrote to memory of 4392 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3892 wrote to memory of 4392 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3892 wrote to memory of 4392 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3892 wrote to memory of 4392 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3892 wrote to memory of 4392 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3892 wrote to memory of 4392 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3892 wrote to memory of 4392 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3892 wrote to memory of 4392 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3892 wrote to memory of 4392 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3892 wrote to memory of 4392 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3892 wrote to memory of 4392 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3892 wrote to memory of 4392 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3892 wrote to memory of 4392 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://robloxi.com.tr/login?returnUrl=2098055606

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x100,0x104,0x108,0xfc,0x10c,0x7ff85290cc40,0x7ff85290cc4c,0x7ff85290cc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1768,i,12965722507563149062,17077331098487805918,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1764 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2096,i,12965722507563149062,17077331098487805918,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2108 /prefetch:3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2132,i,12965722507563149062,17077331098487805918,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2364 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3076,i,12965722507563149062,17077331098487805918,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3112 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3092,i,12965722507563149062,17077331098487805918,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3148 /prefetch:1

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4460,i,12965722507563149062,17077331098487805918,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3080 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=4320,i,12965722507563149062,17077331098487805918,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4564 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=4292,i,12965722507563149062,17077331098487805918,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4532 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5080,i,12965722507563149062,17077331098487805918,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4960 /prefetch:8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=5368,i,12965722507563149062,17077331098487805918,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5336 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=4668,i,12965722507563149062,17077331098487805918,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4608 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=4724,i,12965722507563149062,17077331098487805918,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5480 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=5440,i,12965722507563149062,17077331098487805918,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5632 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=5660,i,12965722507563149062,17077331098487805918,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5656 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=5864,i,12965722507563149062,17077331098487805918,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5764 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=5204,i,12965722507563149062,17077331098487805918,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4800 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=5996,i,12965722507563149062,17077331098487805918,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5624 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=6056,i,12965722507563149062,17077331098487805918,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6100 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --field-trial-handle=4704,i,12965722507563149062,17077331098487805918,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3168 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4468,i,12965722507563149062,17077331098487805918,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=972 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ff851893cb8,0x7ff851893cc8,0x7ff851893cd8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1896,4621305659279401193,7628640316400053278,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1772 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1896,4621305659279401193,7628640316400053278,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2272 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1896,4621305659279401193,7628640316400053278,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2484 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,4621305659279401193,7628640316400053278,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3272 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,4621305659279401193,7628640316400053278,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3292 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,4621305659279401193,7628640316400053278,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4660 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,4621305659279401193,7628640316400053278,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4692 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,4621305659279401193,7628640316400053278,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3492 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,4621305659279401193,7628640316400053278,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4632 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,4621305659279401193,7628640316400053278,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3364 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1896,4621305659279401193,7628640316400053278,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5464 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1896,4621305659279401193,7628640316400053278,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5512 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,4621305659279401193,7628640316400053278,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5224 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,4621305659279401193,7628640316400053278,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4860 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,4621305659279401193,7628640316400053278,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5764 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,4621305659279401193,7628640316400053278,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4984 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,4621305659279401193,7628640316400053278,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5068 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,4621305659279401193,7628640316400053278,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4688 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1896,4621305659279401193,7628640316400053278,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5884 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --field-trial-handle=4804,i,12965722507563149062,17077331098487805918,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5484 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --field-trial-handle=5992,i,12965722507563149062,17077331098487805918,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5372 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --field-trial-handle=6012,i,12965722507563149062,17077331098487805918,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5708 /prefetch:1

Network

Country Destination Domain Proto
US 8.8.8.8:53 robloxi.com.tr udp
US 104.21.57.85:443 robloxi.com.tr tcp
US 8.8.8.8:53 roblox-api.arkoselabs.com udp
US 8.8.8.8:53 css.rbxcdn.com udp
US 8.8.8.8:53 static.rbxcdn.com udp
US 8.8.8.8:53 js.rbxcdn.com udp
US 8.8.8.8:53 images.rbxcdn.com udp
NL 18.239.83.2:443 css.rbxcdn.com tcp
NL 18.239.83.2:443 css.rbxcdn.com tcp
NL 18.239.83.2:443 css.rbxcdn.com tcp
NL 18.239.83.2:443 css.rbxcdn.com tcp
NL 18.239.83.2:443 css.rbxcdn.com tcp
NL 18.239.83.2:443 css.rbxcdn.com tcp
NL 18.239.50.82:443 roblox-api.arkoselabs.com tcp
GB 88.221.134.25:443 static.rbxcdn.com tcp
GB 88.221.134.25:443 static.rbxcdn.com tcp
GB 88.221.135.99:443 js.rbxcdn.com tcp
GB 88.221.135.99:443 js.rbxcdn.com tcp
GB 88.221.135.99:443 js.rbxcdn.com tcp
GB 88.221.135.99:443 js.rbxcdn.com tcp
GB 88.221.135.99:443 js.rbxcdn.com tcp
GB 88.221.135.99:443 js.rbxcdn.com tcp
GB 88.221.135.232:443 images.rbxcdn.com tcp
GB 88.221.135.232:443 images.rbxcdn.com tcp
NL 18.239.50.82:443 roblox-api.arkoselabs.com udp
NL 18.239.83.2:443 css.rbxcdn.com tcp
GB 142.250.200.8:443 ssl.google-analytics.com tcp
FR 104.85.23.70:443 cdns.gigya.com tcp
US 104.21.57.85:443 robloxi.com.tr udp
GB 128.116.119.4:443 ecsv2.roblox.com tcp
GB 172.217.16.228:443 www.google.com tcp
US 8.8.8.8:53 8.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 66.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 70.23.85.104.in-addr.arpa udp
US 8.8.8.8:53 4.119.116.128.in-addr.arpa udp
US 216.239.32.36:443 region1.analytics.google.com tcp
US 35.190.80.1:443 a.nel.cloudflare.com tcp
GB 142.250.187.226:443 ep1.adtrafficquality.google tcp
US 35.190.80.1:443 a.nel.cloudflare.com udp
GB 172.217.169.1:443 ep2.adtrafficquality.google tcp
GB 172.217.169.1:443 ep2.adtrafficquality.google tcp
GB 172.217.169.1:443 ep2.adtrafficquality.google udp
GB 142.250.187.226:443 ep1.adtrafficquality.google udp
N/A 224.0.0.251:5353 udp
US 216.239.32.36:443 region1.analytics.google.com udp
GB 2.20.12.94:443 tr.rbxcdn.com tcp
GB 2.20.12.94:443 tr.rbxcdn.com tcp
GB 2.20.12.94:443 tr.rbxcdn.com tcp
GB 2.20.12.94:443 tr.rbxcdn.com tcp
GB 2.20.12.94:443 tr.rbxcdn.com tcp
GB 2.20.12.94:443 tr.rbxcdn.com tcp
US 104.18.10.207:443 maxcdn.bootstrapcdn.com tcp
GB 142.250.179.227:443 www.google.co.uk tcp
BE 142.251.173.155:443 stats.g.doubleclick.net tcp
US 104.18.10.207:443 maxcdn.bootstrapcdn.com udp
US 35.190.80.1:443 a.nel.cloudflare.com udp
GB 128.116.119.4:443 ncs.roblox.com tcp
US 104.18.10.207:443 maxcdn.bootstrapcdn.com udp
DE 142.250.185.99:443 beacons.gcp.gvt2.com tcp
GB 172.217.16.228:443 www.google.com tcp
GB 172.217.16.228:443 www.google.com udp
US 8.8.8.8:53 google.com udp
US 8.8.8.8:53 google.com udp
GB 216.58.213.10:443 content-autofill.googleapis.com tcp
US 35.190.80.1:443 a.nel.cloudflare.com udp
DE 142.250.185.99:443 beacons.gcp.gvt2.com udp
DE 142.250.185.99:443 beacons.gcp.gvt2.com tcp
GB 92.123.128.170:443 www.bing.com tcp
US 8.8.8.8:53 google.com udp
US 8.8.8.8:53 google.com udp
US 104.21.24.3:80 roblojx.com tcp
US 104.21.24.3:80 roblojx.com tcp
US 104.21.24.3:443 roblojx.com tcp
GB 128.116.119.4:443 ncs.roblox.com tcp
NL 18.239.18.40:443 static.rbxcdn.com tcp
GB 88.221.135.219:443 css.rbxcdn.com tcp
GB 88.221.135.219:443 css.rbxcdn.com tcp
GB 88.221.135.219:443 css.rbxcdn.com tcp
GB 88.221.135.219:443 css.rbxcdn.com tcp
GB 88.221.135.219:443 css.rbxcdn.com tcp
GB 88.221.135.219:443 css.rbxcdn.com tcp
GB 88.221.134.145:443 js.rbxcdn.com tcp
GB 88.221.134.145:443 js.rbxcdn.com tcp
GB 88.221.134.145:443 js.rbxcdn.com tcp
GB 88.221.134.145:443 js.rbxcdn.com tcp
GB 88.221.134.145:443 js.rbxcdn.com tcp
GB 88.221.134.145:443 js.rbxcdn.com tcp
GB 88.221.134.145:443 js.rbxcdn.com tcp
US 8.8.8.8:53 crt.rootg2.amazontrust.com udp
NL 18.239.83.100:80 crt.rootg2.amazontrust.com tcp
US 8.8.8.8:53 40.18.239.18.in-addr.arpa udp
US 8.8.8.8:53 66.209.201.84.in-addr.arpa udp
US 8.8.8.8:53 145.134.221.88.in-addr.arpa udp
US 8.8.8.8:53 100.83.239.18.in-addr.arpa udp
US 8.8.8.8:53 83.39.65.18.in-addr.arpa udp
GB 128.116.119.4:443 auth.roblox.com tcp
GB 128.116.119.4:443 auth.roblox.com tcp
GB 88.221.135.219:443 css.rbxcdn.com tcp
GB 88.221.134.107:443 apis.rbxcdn.com tcp
NL 18.239.94.64:443 images.rbxcdn.com tcp
NL 18.239.94.64:443 images.rbxcdn.com tcp
NL 18.239.94.64:443 images.rbxcdn.com tcp
NL 18.239.94.64:443 images.rbxcdn.com tcp
NL 18.239.94.64:443 images.rbxcdn.com tcp
NL 18.239.94.64:443 images.rbxcdn.com tcp
US 8.8.8.8:53 107.134.221.88.in-addr.arpa udp
US 8.8.8.8:53 64.94.239.18.in-addr.arpa udp

Files

\??\pipe\crashpad_3892_XYCDRCQOLKQCIFRL

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

MD5 8267d0a134185659200e9291844a616d
SHA1 d5262fbaad87f1d68b2d52b45f9a690013e72740
SHA256 f19809ba568d336687ade9d5aa5b16e24aada4d4c1e41e813251bf81abdc2e9c
SHA512 1a1bb5938eeff381ba492e4151c04b75a3cadd19a2b26345e48f20807d6b617cb745c8d1146b9fcf6ca1121a76be64c185e0d2fd38fbdd51ffaefb13516ef50c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 ace840d49e35a0442582094dd1b293ec
SHA1 ad729bd6b584aba6fc1bfbdac0da8dd2fc41cfca
SHA256 b32ed9919b78306a55dd5c3625b473e51d2ff1578fbe385d8b8c0ac1e48f67a7
SHA512 1491066796fd5e2f8254501d34ef3fc48306274ecd526a388228ca20cdac353972482bbd844ee60cb5ddf3770cf6036f15c1c585c4f611517a8044074458d494

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 18d13373bfe56380a8c966f48b421ef4
SHA1 c68f2234f61b9d170a2c9c50b70b798d021943fe
SHA256 74cad6bab26d63cbe09f9babaae07354560af2e0113b4ba63bcd905200701df2
SHA512 ee137cfdb663ec687c2f5c787f3ce01601827157a7c5ce7e9f3d15d0b0ff19b87a8b16534860c5899c332cf8a2d308f7f9c67dc64eb58e2d150be62db8279b20

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 c4cdd24714575dcd00c7caf8b191df0c
SHA1 2b992c931b556b2d6c68248b7ee4d877945d557e
SHA256 4528fba28c1a1f4544e857035191190abce9f792084ad296ab1a6464aaad217d
SHA512 f0ea7a18656bbcb68287e629c575bddc078bef3aa5cfb2afe80c5b290641a982da22dd6d2aa3c72804396ceab871e4fe251c905a888a5b719092c1f9d24618d5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d3c25ffbb33da4fd223b5778e347f2e6
SHA1 3496a82ace569665ab33066e00665f55f95ce56f
SHA256 978cf42d1204fd5cc2b3bd8a585d643f61bc9549a27acfff312f6814a387d027
SHA512 4322198c44fa19208e5f26b2aae9106b7c3f29fa2142202b1467efcc756a419c0d4acb058f2ac5518f4086b08ce6b05b4800e789b20e44ce5581ece27384adb1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 a7e6e0a32d27e27155c37afbb28c51c6
SHA1 f1a73b4082a6cc3b397c0ff57fb026dd74072e5c
SHA256 2e659a3e8b2195e26653f78720b02a464e547dce168d322f0218f542130d5309
SHA512 d9076c43c92c1a4b0332180df9b2c760bfb82d40c5ca08e121dd6ddc96a7a9e80547ae76e6f71af640018ed05171cd3a2b9c886ec897b23b2ce9a90d5e795917

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 1207412fadaf442f82c35679f1aa30cb
SHA1 e32aff4302a612f1cae906b79d2e83dbb2ba95e7
SHA256 68df912ca92fceb874fc62c5d7f064520e8f7f962b507c59f58c65ae00c48077
SHA512 203e77af564d43362b44a62af139a5738948758e60ec0f01f98ecf265e6c974a455c3a8a862c2d4feec0324ad1f8465c697faf209c19ba266a328ed5ed94d34a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 af1ccac5f4c57980e09003af9efbda37
SHA1 6e08cdc2afd46719ffe1ce92bc1b707d654ab5ce
SHA256 7be4a824e3147e1b87aab176f11c839d15da9221bed9695456c966fdda7b73b0
SHA512 f1af613168bf1e568d8ce217c8f163b5dbe27a70adc3fdbded8728d9a81155919d56aa047d22929e1256440dfccea6c97067f7e43e5a30a5ec0b5f885b46641a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 6dd41eafad4404d6a2a9d9c89023c68d
SHA1 abc888b4ccee58dc19ee5bf343b0928e7ab60df0
SHA256 0d109c11a595668da44a90e99b2f5c41c2cd9fba0aeb96793119bf497d1029ce
SHA512 c63f1f281bb42bdb18bad961c4caef5ca48f58a0480ee5cce3ede0403a6e10230a6e607d479dc1243493f3f56f8f2dc4682940a4ca00dc2f55da9621138f1a8b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 362c78573325aa6c8ce51b8039fe3730
SHA1 56a0555db1bbe68da79055c13525a18f870eb79b
SHA256 69e686fde8128fb2c45a5d446ba930992a03c5077410b35757710f055b081d30
SHA512 e7b00c84438d732ce26c6f8ff5d28412fa1651f7921301186a07ae26de45abd39440f4d4b8b50de9582921f202d6225132c82ec1aa2930b82b9098854c1a9105

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0e60a1e667fb5abcd5297be611ef8f27
SHA1 2f2231bb2bce33cb7dc2b6e58f5be3fc7177212e
SHA256 8e3d1afcdc96081e2c98e48a539189f9b62c75ceec16a01a3561a3b39296995a
SHA512 e6e0b1c542215bf34223d1b7ee1f4dcd01e20caa0b3ba9969242d20ac21a851a785c14acb1636d54ae5befbeb4b058f8533b3e4df732218af8dfe9c617c8ac45

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 904fca697647fbab2e460a41b4caf04e
SHA1 a61e80e4f6768b88e68e599977088f55377968fa
SHA256 c92eb01d98f382e8541959c1dc168437a9e9578562b29be11d8ebc2c98d0f58e
SHA512 e0e8414e489f38f99847538f0af721246ebce166789a6053c3b3fe3d4035703ff1bd288239b3b67ff3bbdf5fa32b6c5f84ea035cf97340861946efe133b18a8d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1e7b32d15e79ebb4c547c363dbfc4cfb
SHA1 0eaf6a86ad4583b2229da0f161faefe28390c8f7
SHA256 d09d6c7667eb6e75c68a96293bc6a472f9d909f60dcda31ce59c689882f4ea43
SHA512 5db7cbbf6d049e0f711b75e8a00ffa9b90dff9f450fb1d283ceb8bfa90d73d03a4adae7d3e8175325e3679d00b453f51d06c78634f8f5994aa8c8e759a4d6271

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 db6d4e3173f787db04fd7261e5c37ac1
SHA1 848c5d26cc6d0e06ff5a34da069b7ca59881f550
SHA256 a6482d4750881ad059130508db651fe49655722d49397fb3ec7c7dfa060a08ce
SHA512 72de349836de84c63ac6744292a5a947f932e906668503823ad345331996fb3ce550adff6538eefa2e03dcd2e2f268454d7b23b450b819efbcdd7a851941e8e5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000044

MD5 6339ba21da359a65a29e56ac94b7f0be
SHA1 6ba7ca2681db103b390956def410047c2cac6a2c
SHA256 fb70f811af2914c1e67b67300a96f20e1bc2d4a884d65e2987fa45a368b095ef
SHA512 4f5361588029b77a5dfd71233b43685a29f19054a894e53d14eed4468bab10a61542b0d8c4df0bcd1cb24c67c86257d301254c23179adc1e7b3bde32e0873a94

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000045

MD5 87e8230a9ca3f0c5ccfa56f70276e2f2
SHA1 eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7
SHA256 e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9
SHA512 37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000046

MD5 ffaa3b4a16bf42bedda804cf1e14c014
SHA1 84fa73ce21b1c8018c5150e6aae17d596169aa5b
SHA256 5a2f214fd044c9408b875605caf02bb9dd60b727f128892fbb0e3ec6dc4de393
SHA512 91b68317125e23ae31bc6b68f29fc4e1a9f95d68ce4061b706fedabdfda5b1f155f29fc53f5df1942a68822b13e3f057a3d19025916afc5eed757714e353765a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 424d92a7c4e74e2413082ee24009647e
SHA1 e35a2d8ec81e3437d1e8f7a26b5068074802159d
SHA256 922f7325e9adf429c6af7318ae7d08f878e737facc409ed61a7226fe489688f3
SHA512 aa57a8c1048db2677e446f98e31578de51c00c9beb59a9621c09262a9a2125a61bc368a753c72c3e38439339b4784a9f8d48ec7c9314c4625af8d6c31fc10165

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001c

MD5 01d5892e6e243b52998310c2925b9f3a
SHA1 58180151b6a6ee4af73583a214b68efb9e8844d4
SHA256 7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
SHA512 de6ca9d539326c1d63a79e90a87d6a69676fc77a2955050b4c5299fab12b87af63c3d7f0789d10f4be214e5c58d6271106a82944d276d5ca361b6d01f7a9f319

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 67f15965b39cced917d153014c25f495
SHA1 65b323d4951607bf8c202407857f74da055d499c
SHA256 483d07101c58ff1cb9307e176be8853a63bb63e308fa0dd573cf6e742680e211
SHA512 8e2283b4139a46e5943441a03537125a1fa8065a2cc31ef8671fba62217db6ccab6494ca04a00d7ec10d34de0cbb9e6848f651e78ede78532a5eab5d32d8b502

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 817eb5d9e094a4bea31e3690df578ad3
SHA1 8a6bf80b3cb3049c7e333876cf1aa12bceac9f57
SHA256 ee8f208a7505f7da9f350e471a005a64993d55a41cf72c3126d7de0bfce46273
SHA512 fefebe9804bd5184066b564c6450b2ae71343fe2abdf58954b4b8cd76629acfef69bb9ca84acab88d6c6e854683e5d84292377d1960be6159e7987102bd810db

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 80f1ef4612c6e2f79811fa6c80485b3e
SHA1 984561ee8d0687b0d5bde4d5a51ab2ca0857b503
SHA256 7ff74dd8d56bf4ab94f890ef9e577393b44453af5dc6a8428adb605324d79fc8
SHA512 e31e82a1e0cac648f8e22c82a80a83731e0f50e26d837cc4d93ed795dfd46001d6b538e5b4aebfff53ee0f6fbd161aa798ad04d424e105ddbfcc24cbdfaf86c1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 631aa4afcf3e3b3e68a2b0635f335477
SHA1 bb6932c82e10948e1a33c83063644318c2d7effd
SHA256 2c08f5b2959a470babe82bcb50aad7a6d4086c365c8a990fc088847942e917b1
SHA512 bab35fedbe0a4050d6a6ad6080ccca2689d84b1fe2d58074cf13fccda5c54371b11013d6e84d0f17c8d48e275ebbb7cf4f0c7a1e76ef924ea90057e54c767154

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 2c57a41e94aede0e482e5cc25514dfbf
SHA1 a5d78a350fd7d2a52682d6d0e5d714abcbdb70b0
SHA256 5625a824c27c8c434bbb3ee7f95780925de854b4e80f82303007e557c2931036
SHA512 7e14d68b868354514683f65530f55a7ee84f38dc9ff320198ddcc7d3bcd58c2a091068737cf442e4c22831dc2444e9bd7fdd835caa969e73fdffcd6bd71f98b1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 9ce171b3ff9e81ae6c6fe083e2686736
SHA1 9016baa1b081d9f56e02a6264cee643c47317066
SHA256 0ee5f37199b63634e515aaef4b7784672d9fe78729915a9f8874bfa206029404
SHA512 63c077ba1abe1f14acc54d22d30d0dc39909a74077d87e8096aa5dba6d45bd5fec8a1df35839a55f4d2cd8ff0bd8f5c291a4fd2ffddae425812887ad16726dac

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a6cfde6f6b6461a3c83d1f01c60cbbb1
SHA1 8c0a4194db9af0c73d1ee605e08c9329c558aa22
SHA256 ea63fa8eab0d3109bc3f74478df9efd6463d30dc53f367ea443ac58a186e5ad8
SHA512 3922549248a787fc53cba79e0a078e099bc4e3507aa29335f3675b1235c40feb31cf1b43c02b973134e1be3c955e7990e76354e6001ad27609c6843d8438b9b4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 3eb1eac52dca0a458482e96773a57f83
SHA1 91b3e601f6fbf1c2f7964f03759091f920c0b72c
SHA256 833f90ee727918bc137cd55f1b516afe20c1aa4a496f53dba0ee2c5b5f3dc671
SHA512 7ad467ddc3134384b8b76e1c19e2f442b325742c4be93295afcbd57950d4a4bda5acf627bfc58ac046325f4ce8da9668b9ef69ccabf1c25db71b21f28505add9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 7aca7834e30582641d3b98981ab81c21
SHA1 7a0d0fbe0956b1e1ebd56bdf7ab5299c02a56d8d
SHA256 d2e4de5c5ed1d52909c5eae7bd6aec865de0bc4570f5af35dc8acf4e346965fa
SHA512 b311b29d7f8dd09bb85a7f6662595f60dc33a77142fc77e02e1315b58b165404f91d7e29cacc28a6df7a2b98ac26e51e5ca37f9fd9b4624cf629d9da685c7a63

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00004a

MD5 2be38925751dc3580e84c3af3a87f98d
SHA1 8a390d24e6588bef5da1d3db713784c11ca58921
SHA256 1412046f2516b688d644ff26b6c7ef2275b6c8f132eb809bd32e118208a4ec1b
SHA512 1341ffc84f16c1247eb0e9baacd26a70c6b9ee904bc2861e55b092263613c0f09072efd174b3e649a347ef3192ae92d7807cc4f5782f8fd07389703d75c4c4e2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c35ffec24e1d34174a6fd0b76708540d
SHA1 60e9e09e73d3a72745492053f2cb993c10cf7010
SHA256 57386154d5b996523335d37e7ebc656954bd282feda54e512faea82a9b69ae77
SHA512 559fa21c3d509d2af6a0c33c452c077f919d564410641eb231ac0639d09b634bc1c0991b36e8a46dc5667c75260f4c63195d067fdf98bd82cd046ff2ec245e5e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 c9d5c1a2fdb5b891e592402a04cd58f1
SHA1 28cb829c369e54eae50c1201c4df70454267cdce
SHA256 e979430eed41d07e83519b47b387d43a3867e2f036d8d9fcf373dd02195c3ff3
SHA512 6b0ba3cfa6d802d8ee41cc881ca6b58b8e7bb38f9c32ff436392579e5e8d21e009c68ef5fb48244e09fe698cfb8fe13a2072b01441e417b4f5bfef0f5074199d

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx

MD5 b5ad5caaaee00cb8cf445427975ae66c
SHA1 dcde6527290a326e048f9c3a85280d3fa71e1e22
SHA256 b6409b9d55ce242ff022f7a2d86ae8eff873daabf3a0506031712b8baa6197b8
SHA512 92f7fbbcbbea769b1af6dd7e75577be3eb8bb4a4a6f8a9288d6da4014e1ea309ee649a7b089be09ba27866e175ab6f6a912413256d7e13eaf60f6f30e492ce7f

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock

MD5 f49655f856acb8884cc0ace29216f511
SHA1 cb0f1f87ec0455ec349aaa950c600475ac7b7b6b
SHA256 7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba
SHA512 599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val

MD5 d222b77a61527f2c177b0869e7babc24
SHA1 3f23acb984307a4aeba41ebbb70439c97ad1f268
SHA256 80dc3ffa698e4ff2e916f97983b5eae79470203e91cb684c5ccd4ff1a465d747
SHA512 d17d836ea77aeaff4cd01f9c7523345167a4a6bc62528aac74acde12679f48079d75d159e9cea2e614da50e83c2dcd92c374c899ea6c4fe8e5513d9bf06c01ff

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2090d3a428c422d75df2f10b4e1f5231
SHA1 1799ce90d64441952c0c6be3e54f9bd5ab5e10d4
SHA256 73a02767c5062c475624713726661c3abb83fb67f6e58f8772b13d9bc0520cc8
SHA512 3b2523b2709b87ef55fff318682751b1a4d86d5faa724db258aa269d61fd8e246c9cf26c2590b692948513ad38824ea3d6ca61207a78652cd621758140797f6f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 51217d251cc5d847bea7f2f72e04483a
SHA1 08b36681cebb82bf39a9ec41ac8a8a5a14f29fc4
SHA256 2a776a60e3ab03f54efafb669cdbd63775a4110be36f2f3578c96c9666824e30
SHA512 08bc9005426257571328415b4f4a85e557913498a39c92a0072a265387ff61c771c32f0dd8b4f86ef1a4baf531e21c515af846e2a6459220334fad0237253338

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 660c140ecf883a99aa4ad04a5ad6dc98
SHA1 e82a5f45310bb22e8fa6f587a65f5095d67dc65a
SHA256 218612d2e6eb52938176a38a730ce5310e81c2580ed612d7e15e1fef336f2f8f
SHA512 dfa10036cce5414de8d860fd37fe8774909846f73577dc9386d48c4288008ef54152e777ace1446bef093b0616f0a9308428184e10d8b93d95225ea369424b0c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b08cf0656fee954573b07afc6b7b8df6
SHA1 0754accb55f1ae078c18a213a49793218444bbdd
SHA256 c32d7975aa40dc46d76e7242330c03ea0496fcb589087142db47c5ddb419d3fb
SHA512 31392795279c29d7a889efdf1185fd45443ceed976f7ad2b7b10ab4056a45f185af3213c9ed4ac8265bfc8f251ee11fde2520a3d38f8b0f39c95c7435e864431

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8b7c7c8b26297da415978145f309fa02
SHA1 b316ad780fdaeb9369c7c57c7aa84d8e04e616e6
SHA256 1cd0e9c9374a33efe91718c21a7c8542e31fdac5e90a0ecdfaf33822dd85b45f
SHA512 0cd476d1f3df00031f6ab3ec1e9061ca5cc145a28e82ecc7b2420e14e0df3b9e01c2d52c5c8d25b0495eb835cd6fa4901d722685a65c56de0ae6b4f1764e4cca

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 351a975409d22c7c145ca21059aa4032
SHA1 850de78afd1212d999d2f08be0dc434c53e81400
SHA256 a2a89b3f4725f9971a4c113853c15e02cf99c4ba0cd577391d69886a1bafd10d
SHA512 33af44ec2fe71154542fe0d064ff512ad9610877384bc5022c441bdb1ab41224929a39e6c389efacbfc71d38b3bebf3e646310f65bb23dfaf434cd708beba8ae

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 743f31244e691c1d0f09490c6366b90b
SHA1 c68fbc146cffed61c4d59df0f9c3fdb76cf7918d
SHA256 53d5930381af3313b59cb0b768cf14775814280db4bab97054c35800920d174a
SHA512 e4d93c8085a5ca6278d817bfb7213084db244f3e7b6d8566d94026eb95b144d785564b9c363df2ff1dd3fb1d7f83ad15db68de8accc6394c6c03cf572cdf9264

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c949e126f5260101ad6a0446e0f5f270
SHA1 3e9b36998547dddc48480604c1034e44c23a9f3a
SHA256 91fd8a0113bff866191867994f9d563c4980636a420f09532b75232f85e3dbc5
SHA512 06f48a2a3b7ad69ec189ed263c04e580f19f5874f58ac9acb8f6015f679c4df248f639097e4386425bedcbd4be150a0af945d55fac02c6df6b2e699d792d5101

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 02a4b762e84a74f9ee8a7d8ddd34fedb
SHA1 4a870e3bd7fd56235062789d780610f95e3b8785
SHA256 366e497233268d7cdf699242e4b2c7ecc1999d0a84e12744f5af2b638e9d86da
SHA512 19028c45f2e05a0cb32865a2554513c1536bf9da63512ff4e964c94a3e171f373493c7787d2d2a6df8012648bbefab63a9de924f119c50c39c727cf81bdc659f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 826c7cac03e3ae47bfe2a7e50281605e
SHA1 100fbea3e078edec43db48c3312fbbf83f11fca0
SHA256 239b1d7cc6f76e1d1832b0587664f114f38a21539cb8548e25626ed5053ea2ab
SHA512 a82f3c817a6460fd8907a4ac6ab37c2129fb5466707edcfb565c255680d7f7212a5669fe2a42976150f16e4e549ea8310078f22ed35514ee1b7b45b46d8cc96e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 9252a47f439f34b5946748026a0e9d6c
SHA1 9cf45a3e633076805ce86ccb34c1f869463a7a90
SHA256 839e055efe9ceaab373d17b12c9b54db1a374194ee651b379f594858356d8809
SHA512 6e3d9cb7cade3239a7e10955883ca86be463880e46e2987877ae36ea82af67f845f9aae2241abee9754a95dbc4ff5737a8cb7667d9a39960814e48c5e8b5e5f5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0edd58855e04ed106fc83730edce8884
SHA1 3abc1c061d9482f00d9049e593985ee2d31130f6
SHA256 6d6c2ef00a5cad1709c54f4e3fce1996b5bc63b90c84cb59fce80a8524695af8
SHA512 f9b1b740b719e8dbc7060cc4cd8379560873905abf6262f088ff03dc64a74a1eb6bd882a198ccf49fc5aa4bfb394bb4b3536ec5f5f6465cb5bcda15f730c4b12

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 056070d2c0d011018248d940ae7778a5
SHA1 52d42b102f4822f3d16ec40f0d098282979e9c1b
SHA256 7d70e951a13dc4fad677f7c6cc559fa08a6e3d8522f836870e92718164b35900
SHA512 e9dd02e5346343db13492ec699390a14bde4165a1e2fa07916cdae6f02ad1ddc6655edeac1e9011bd0589d3e4b67d0c64e776b5fa3af8baad0f04120eb1030e0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 206702161f94c5cd39fadd03f4014d98
SHA1 bd8bfc144fb5326d21bd1531523d9fb50e1b600a
SHA256 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167
SHA512 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 a1340e65d6e27596e7b4d1fcece0bde5
SHA1 63e1e5a5b52f9c03fc81582c78677043c81edd35
SHA256 d2881924d81b722da7348ab4e5cf454fba19c54372f7c9bebf2ef116b5d58c87
SHA512 2745cb9c7608dc2a52674ed6359c46024293fbf0d7ff10735f7aeee831e69de4d3e0b83cf8c4d8a7d4ee0f872b2b27cbaa26a464ecd278370666f9b7ae60bc6b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 75690aab51adae12d5be4ffdc6508b1e
SHA1 b50dcd07125c3462d6627737bc325ff8cffefe15
SHA256 74616df63b79052df645b1a1fa062f5e51c45fa89504e3ef0e3e2ecc9d46d5dd
SHA512 db81fefcfdf8d1926fd78c9826d9c878825c9d9c7baf3592d6e20264f6bb55dff1532956242f470678523a29f6e1a55ce7ac5346202004a355d49fd84a38caa3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 6831250bff963ebdb5acef480732ec6e
SHA1 c6786e456d8fdb295433eee9f6e39c89a699425c
SHA256 7a31f856547bd29ce9cd8eac3a4205570b52c9a0065eb8522ded2b0580ce5670
SHA512 8dabfbf3dae69bb1db393a5ecee4ee0de7b7efed2f5d5f4f66d466f5bbd67dfcc51dd0b8f0f5ef5bbc71a9a232b5a37bb791c990e3fd99025a5a136f6ab1399a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 49b9f3bfe26698f9b0667abd98e99bc1
SHA1 d55e28be8bb31f096f164249cc8792e89fc03997
SHA256 82b3263c71fa0c108579b50af156619dbee8a546e530386115405f708b8f3a0a
SHA512 e04bf67c91190517c09d9dbc7992c31cf86ddec2fe2941877016ceac1ba42a223d3f06101c5f0458f5d7d602da9f5e34efc2e3a47ddf75930dd3d04872ab8baf

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 0cbbc0e0ac7051b47a725aa218762eee
SHA1 196d2db15a367d1979994a21f19b4f72392edb94
SHA256 f92179ed59e688668c1d6a3e898fec303e56a6f31042c708a1fdf8f7e25de004
SHA512 f4701ed3c1d3811d2a3599416cd71ca82e57713cabcf0fe2784c074101689f7384d6bcac53c04f0264afa09f1499a572923dafd11c8d29a9ee12c11044344626

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 7c29f0677c64b16d34c3340c0e1efc94
SHA1 933e2c45e9a9520a9bded015b1d27f687fd5e267
SHA256 922416c42dfd76fef014e3cf051ff5759fa681e8e8f8a6582306ba6eb18ecd98
SHA512 360631e98413bbea400733fe1cc74b43c096a22c4b4f256a86a8b9799516849886bc1e14c26936b46c966a5f2bcd3f06d1359da37439638e06120986edeb8b57

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 937375d697190a0a20a7df2c63763359
SHA1 83dc27a9e51f7724543d54ea6fa9a2f5c4a05f79
SHA256 daa5613306176d2a1a0c2ff0fb518086ca91284b492a0841ad8cca9f8ab5c0d0
SHA512 3cc12fd461435896fc655e9ab968218ae81e5b2efc8134692c997702919d36500344abc3dfed776dbbf062861786989259f038c8bf086dd8f3e0522422f46cc1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1f7c81782c27327709e10b597fb30c40
SHA1 7f6c1c6e0868b743c7318eb444208605c097d70b
SHA256 a0e64bfd5b51c850df4a7fd806151a0e91e1737747d97796c8dd1a2922391bc2
SHA512 d43d2b30bdb8a49a9da00816a4998aa4a0847cb94d114a030e4988eb0111e6dbce2b524a695780ddeaeb9ee38e6d4b6a5e2c842f985f6f6238142ce9994d0212