Malware Analysis Report

2025-01-18 23:01

Sample ID 241210-zb56saxngx
Target https://www.r.oblox.com.kg/games/89298961651739/UPDATE-Better-dont-play-this-game?privateServerLinkCode=639454715585395230358511284729
Tags
discovery
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

Threat Level: Known bad

The file https://www.r.oblox.com.kg/games/89298961651739/UPDATE-Better-dont-play-this-game?privateServerLinkCode=639454715585395230358511284729 was found to be: Known bad.

Malicious Activity Summary

discovery

Browser Information Discovery

Suspicious use of SendNotifyMessage

Suspicious use of WriteProcessMemory

Enumerates system info in registry

Modifies registry class

Suspicious behavior: EnumeratesProcesses

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Modifies data under HKEY_USERS

Suspicious use of AdjustPrivilegeToken

Suspicious use of FindShellTrayWindow

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-12-10 20:33

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-12-10 20:33

Reported

2024-12-10 20:36

Platform

win10v2004-20241007-en

Max time kernel

149s

Max time network

150s

Command Line

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://www.r.oblox.com.kg/games/89298961651739/UPDATE-Better-dont-play-this-game?privateServerLinkCode=639454715585395230358511284729

Signatures

Browser Information Discovery

discovery

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133783364495459447" C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-4050598569-1597076380-177084960-1000\{EAB1482A-15F8-47FF-BA10-CCFDF62C23E3} C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 4824 wrote to memory of 5048 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4824 wrote to memory of 5048 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4824 wrote to memory of 3424 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4824 wrote to memory of 3424 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4824 wrote to memory of 3424 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4824 wrote to memory of 3424 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4824 wrote to memory of 3424 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4824 wrote to memory of 3424 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4824 wrote to memory of 3424 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4824 wrote to memory of 3424 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4824 wrote to memory of 3424 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4824 wrote to memory of 3424 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4824 wrote to memory of 3424 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4824 wrote to memory of 3424 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4824 wrote to memory of 3424 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4824 wrote to memory of 3424 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4824 wrote to memory of 3424 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4824 wrote to memory of 3424 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4824 wrote to memory of 3424 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4824 wrote to memory of 3424 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4824 wrote to memory of 3424 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4824 wrote to memory of 3424 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4824 wrote to memory of 3424 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4824 wrote to memory of 3424 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4824 wrote to memory of 3424 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4824 wrote to memory of 3424 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4824 wrote to memory of 3424 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4824 wrote to memory of 3424 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4824 wrote to memory of 3424 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4824 wrote to memory of 3424 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4824 wrote to memory of 3424 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4824 wrote to memory of 3424 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4824 wrote to memory of 3504 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4824 wrote to memory of 3504 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4824 wrote to memory of 3704 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4824 wrote to memory of 3704 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4824 wrote to memory of 3704 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4824 wrote to memory of 3704 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4824 wrote to memory of 3704 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4824 wrote to memory of 3704 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4824 wrote to memory of 3704 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4824 wrote to memory of 3704 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4824 wrote to memory of 3704 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4824 wrote to memory of 3704 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4824 wrote to memory of 3704 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4824 wrote to memory of 3704 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4824 wrote to memory of 3704 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4824 wrote to memory of 3704 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4824 wrote to memory of 3704 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4824 wrote to memory of 3704 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4824 wrote to memory of 3704 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4824 wrote to memory of 3704 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4824 wrote to memory of 3704 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4824 wrote to memory of 3704 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4824 wrote to memory of 3704 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4824 wrote to memory of 3704 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4824 wrote to memory of 3704 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4824 wrote to memory of 3704 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4824 wrote to memory of 3704 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4824 wrote to memory of 3704 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4824 wrote to memory of 3704 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4824 wrote to memory of 3704 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4824 wrote to memory of 3704 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4824 wrote to memory of 3704 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://www.r.oblox.com.kg/games/89298961651739/UPDATE-Better-dont-play-this-game?privateServerLinkCode=639454715585395230358511284729

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ff83148cc40,0x7ff83148cc4c,0x7ff83148cc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1984,i,16861998201315295356,16433357486168717883,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1980 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1816,i,16861998201315295356,16433357486168717883,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2144 /prefetch:3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2260,i,16861998201315295356,16433357486168717883,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2272 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3116,i,16861998201315295356,16433357486168717883,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3152 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3124,i,16861998201315295356,16433357486168717883,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3192 /prefetch:1

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4740,i,16861998201315295356,16433357486168717883,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4732 /prefetch:8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=5000,i,16861998201315295356,16433357486168717883,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4996 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=5112,i,16861998201315295356,16433357486168717883,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5100 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=5288,i,16861998201315295356,16433357486168717883,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5244 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-appcompat-clear --field-trial-handle=5352,i,16861998201315295356,16433357486168717883,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5064 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4964,i,16861998201315295356,16433357486168717883,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3220 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4984,i,16861998201315295356,16433357486168717883,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4520 /prefetch:8

Network

Country Destination Domain Proto
US 8.8.8.8:53 8.8.8.8.in-addr.arpa udp
US 8.8.8.8:53 www.r.oblox.com.kg udp
DE 5.252.33.158:443 www.r.oblox.com.kg tcp
DE 5.252.33.158:443 www.r.oblox.com.kg tcp
US 8.8.8.8:53 97.17.167.52.in-addr.arpa udp
US 8.8.8.8:53 172.214.232.199.in-addr.arpa udp
US 8.8.8.8:53 234.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 css.rbxcdn.com udp
US 8.8.8.8:53 static.rbxcdn.com udp
US 8.8.8.8:53 inju.cc udp
US 8.8.8.8:53 js.rbxcdn.com udp
US 8.8.8.8:53 images.rbxcdn.com udp
DE 18.66.112.18:443 css.rbxcdn.com tcp
DE 18.66.112.18:443 css.rbxcdn.com tcp
DE 18.66.112.18:443 css.rbxcdn.com tcp
DE 18.66.112.18:443 css.rbxcdn.com tcp
DE 18.66.112.18:443 css.rbxcdn.com tcp
DE 18.66.112.18:443 css.rbxcdn.com tcp
DE 5.252.33.158:443 inju.cc tcp
GB 2.18.190.70:443 static.rbxcdn.com tcp
GB 2.18.190.70:443 static.rbxcdn.com tcp
DE 65.9.66.121:443 js.rbxcdn.com tcp
DE 65.9.66.121:443 js.rbxcdn.com tcp
DE 65.9.66.121:443 js.rbxcdn.com tcp
DE 65.9.66.121:443 js.rbxcdn.com tcp
DE 65.9.66.121:443 js.rbxcdn.com tcp
DE 65.9.66.121:443 js.rbxcdn.com tcp
US 8.8.8.8:53 69.31.126.40.in-addr.arpa udp
US 8.8.8.8:53 18.112.66.18.in-addr.arpa udp
US 8.8.8.8:53 70.190.18.2.in-addr.arpa udp
US 8.8.8.8:53 121.66.9.65.in-addr.arpa udp
US 8.8.8.8:53 158.33.252.5.in-addr.arpa udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
US 8.8.8.8:53 roblox.com udp
DE 18.66.112.18:443 css.rbxcdn.com tcp
GB 128.116.119.4:443 roblox.com tcp
US 8.8.8.8:53 metrics.roblox.com udp
GB 128.116.119.4:443 metrics.roblox.com tcp
GB 2.18.190.73:443 images.rbxcdn.com tcp
GB 2.18.190.73:443 images.rbxcdn.com tcp
GB 2.18.190.73:443 images.rbxcdn.com tcp
GB 2.18.190.73:443 images.rbxcdn.com tcp
DE 5.252.33.158:443 inju.cc tcp
US 8.8.8.8:53 ncs.roblox.com udp
GB 128.116.119.4:443 ncs.roblox.com tcp
US 8.8.8.8:53 lms.roblox.com udp
US 8.8.8.8:53 ecsv2.roblox.com udp
US 8.8.8.8:53 voice.roblox.com udp
US 8.8.8.8:53 4.119.116.128.in-addr.arpa udp
US 8.8.8.8:53 73.190.18.2.in-addr.arpa udp
US 8.8.8.8:53 locale.roblox.com udp
US 8.8.8.8:53 tr.rbxcdn.com udp
GB 2.20.12.94:443 tr.rbxcdn.com tcp
GB 2.20.12.94:443 tr.rbxcdn.com tcp
GB 2.20.12.94:443 tr.rbxcdn.com tcp
GB 2.20.12.94:443 tr.rbxcdn.com tcp
GB 2.20.12.94:443 tr.rbxcdn.com tcp
GB 2.20.12.94:443 tr.rbxcdn.com tcp
US 8.8.8.8:53 94.12.20.2.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.187.196:443 www.google.com tcp
US 8.8.8.8:53 154.239.44.20.in-addr.arpa udp
GB 142.250.187.196:443 www.google.com udp
US 8.8.8.8:53 196.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 200.163.202.172.in-addr.arpa udp
US 8.8.8.8:53 241.42.69.40.in-addr.arpa udp
US 8.8.8.8:53 228.249.119.40.in-addr.arpa udp
US 8.8.8.8:53 92.12.20.2.in-addr.arpa udp
GB 128.116.119.4:443 locale.roblox.com tcp
GB 128.116.119.4:443 locale.roblox.com tcp
US 8.8.8.8:53 www.roblox.com udp
DE 18.66.112.18:443 css.rbxcdn.com tcp
DE 18.66.112.18:443 css.rbxcdn.com tcp
DE 18.66.112.18:443 css.rbxcdn.com tcp
DE 18.66.112.18:443 css.rbxcdn.com tcp
DE 18.66.112.18:443 css.rbxcdn.com tcp
DE 18.66.112.18:443 css.rbxcdn.com tcp
US 8.8.8.8:53 static.rbxcdn.com udp
DE 65.9.66.121:443 js.rbxcdn.com tcp
DE 65.9.66.121:443 js.rbxcdn.com tcp
DE 65.9.66.121:443 js.rbxcdn.com tcp
DE 65.9.66.121:443 js.rbxcdn.com tcp
DE 65.9.66.121:443 js.rbxcdn.com tcp
DE 65.9.66.121:443 js.rbxcdn.com tcp
GB 2.18.190.70:443 static.rbxcdn.com tcp
US 8.8.8.8:53 apis.roblox.com udp
GB 128.116.119.4:443 apis.roblox.com tcp
GB 128.116.119.4:443 apis.roblox.com tcp
US 8.8.8.8:53 apis.rbxcdn.com udp
DE 18.245.60.9:443 apis.rbxcdn.com tcp
US 8.8.8.8:53 images.rbxcdn.com udp
DE 18.66.112.18:443 css.rbxcdn.com tcp
GB 2.18.190.75:443 images.rbxcdn.com tcp
GB 2.18.190.75:443 images.rbxcdn.com tcp
GB 2.18.190.75:443 images.rbxcdn.com tcp
GB 2.18.190.75:443 images.rbxcdn.com tcp
GB 2.18.190.75:443 images.rbxcdn.com tcp
GB 2.18.190.75:443 images.rbxcdn.com tcp
US 8.8.8.8:53 auth.roblox.com udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 172.217.169.10:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 9.60.245.18.in-addr.arpa udp
US 8.8.8.8:53 75.190.18.2.in-addr.arpa udp
US 8.8.8.8:53 10.169.217.172.in-addr.arpa udp
GB 172.217.169.10:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 90.210.23.2.in-addr.arpa udp
US 8.8.8.8:53 assetgame.roblox.com udp
US 8.8.8.8:53 arkoselabs.roblox.com udp
DE 18.66.112.34:443 arkoselabs.roblox.com tcp
DE 18.66.112.34:443 arkoselabs.roblox.com udp
US 8.8.8.8:53 34.112.66.18.in-addr.arpa udp
US 8.8.8.8:53 78.210.23.2.in-addr.arpa udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
DE 172.217.16.195:443 beacons.gcp.gvt2.com tcp
US 8.8.8.8:53 195.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 14.227.111.52.in-addr.arpa udp
US 8.8.8.8:53 ecsv2.roblox.com udp

Files

\??\pipe\crashpad_4824_HBOJNRFOFVPLTLSM

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

MD5 2bdcb26c0ce26b8b816af53519ca60f8
SHA1 e27b11ed9e3bce236569012e7b3662f0ffa911a6
SHA256 dd0ec9858e48b713c9a3cf32906a020e8ba7667f6da84440348024e7022de17e
SHA512 1c2d85b467efc165b17cf4a26c07fb654bef4ad5c30827ad77a354af617f77b9c94fa7f21c40f3859ddc30416295029242505039280a629ac7c0344cef6a873d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 bc19ea738e6c0dfac26cf5a177ca6396
SHA1 1f00c33bfaf0d07dfb6adc4e7968dc0bbc06194d
SHA256 534d5fda647d161e8c531bc4789fe42ef40f22571ec78974b51d5c37bfbbce56
SHA512 1a986cfb8cc2323edea5231c665e1bae0294859732cfcb8cbe67cd56a92ddcfef853df1b27b8967e8416ea9f8f029fc8694d97ee9db9c94a064a6e45f6f18a01

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4c4d60d9a8477e0f6a5d3aeedfbc7fb5
SHA1 68a952b22d7be7f687ab4b6af5895f4a15752ceb
SHA256 583bff9a0910ef9b8a617406476e7d746aba1a28a4938df5731402914b7ad952
SHA512 89e22d561719ce23f825b681515c113e19735c9675e1443ec144f0e3c67b9a1f6eee13060a725f7e34794e6c1a6e642d274c7f8b1f9caa72b01a37cf4ea5f757

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 d14095e4100a2c57fafa5f84e16a52b1
SHA1 af7d37b3d3d532c4dbf3450e955f8197bfa3df16
SHA256 97697ba9c6e1941e867b72ba46f474c5ac6126479d6be729327a4ccd59dbdf3e
SHA512 a7a42510e6c20fc5b93f034812e1f2bdb0a736ad6f66f5b2d1a824126a19ae91e2da478b4f4d0246c1779ce41a3ab1fb73f763286021ca3ffebe38294f57e021

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 fabfa7a6a464b665773c8c5754c3bab4
SHA1 4acbcb486c3fa165388ad0153b61fcfacdb988d0
SHA256 662c02a75898a3523195bf75ba5c5f09e64fbd98652a69b42cea2124a03fbb95
SHA512 5508f3d4da32e49051f6626f151b58dbf5849b7d7186b76a37cf55c1c411293b010759b3ec2b2479708893af75a1048d347a7556cb6e602a98aea02da25b52c9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 a728f55fb8ed5398ecffc6699f5eec47
SHA1 e66747a5de0aee32a0ba6049d526120c5f42be67
SHA256 bacd4038be08ffac268516915705773170b953fc0b01a828944895ce0bc3f825
SHA512 82943ce734cca18b7d593257b57c7fda3fb4b60e486f9d63728b10d47065f6b83c364ad1368d50e5f6cbd614c608a2d8fdc0261bc7cfc3dce218eeb40be46561

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9ef30c2bfb68adca9c3fded982b463ef
SHA1 15aaab6110de19ffb81a0e86390d5151d6586918
SHA256 46eccb0ff7b18805f0d76e97a7e8d3a3f7f3f80f4249ba0343c05ce8be41c388
SHA512 f2d74a59f089f1e6b334a4fc957d078f45b46754ced9a9402f1b3c4403a2f79f32a3f64a1f6cb4c156e5616fc4b3b201def51e00ab17c056934acd29a59fe17e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 082c4cbb3b3013f8c507f4d62133323c
SHA1 ca4bd97e149684404be95fb5d92e1f4639f9ffdd
SHA256 016d4c9eee4396bfc2ad9e2ecfed6451fa6fc2e1e5ae869e14f4f9139f627aa5
SHA512 d7ec2bbb527f2dce0ee23e8a01d8e438bfc2db954345be6837feb70e17c40115df94ef931074158b60579bdc3ff12b06850106fa66fee066198eaf1d3949d9c1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 a358f05bf18c936e57ce6dc545bc7b22
SHA1 712e7221a3446fb8a9663039f7d5a9ba916a3765
SHA256 c36df78d30656a056ee72cb9ed0259aba0c634bf34677b04ef65d3036b0492ed
SHA512 1c5152eebb81381bab750c2a0363d66aa77716facb5e1c60542a5d961a1a3a7222266ddf20aa153901257c7e2e29b66852c9fdf0b0260d7be0745b134a9cad79

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 887e77a1c0fac4094b996b1fb0a9b531
SHA1 f4b76d5d61238431fd6b14bd268836dbb25e5dd3
SHA256 c9bd4c7e8d3454c72f87a8fa7e727364dc0a63ad2160299a8641a5143d9d7455
SHA512 751e3307659b303e78c94798405f7c6e9230c1be03d3000b90e63f76096dce5fe76eca7ebc243c797b1f3d1a2389aab4d1a544a1d40965f217ffdd61110253f4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002e

MD5 700db95cfa2fcac3be6b694fecd627cf
SHA1 a2a1223671a8bb5c88f330a481587235930a4ced
SHA256 2914ec7a29ee658022d985263799842db3916cec965a0ef2829be1957d33e482
SHA512 b6b096bc026b0a8ed3c796c4ed3a6fb73995065ad6a7013bba8b61426ff1fd69c275cb96de6fad0ed26175ebefd5f7d220538403c4c6b13e5d06c0e65d1991c5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 7ee9109221fac30a3ed92ca4936d0927
SHA1 6643d62e19f7a37a1f57cdf73ad41e544c6be5ea
SHA256 edaccdd6e18a3a7f1552045f049195b3c9963347c92827039735f793467cca6f
SHA512 87bfb8433d03d7ed9eaa9a40223774d521554035b14b6f0aa04b1fb4a8b381df5236a63e62e8f07c99f258d5bb439d40020d059259d2128ec0821656b5772142

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7e7efdf99a1d71a9e8716877eae7691f
SHA1 50674e4949e71a0e5d6abafda92d489557f97b93
SHA256 1ed3f75537145d4959f67917551de233e11d1ef7fa98df8cf090b6916c2a7b93
SHA512 9cf31b3a49ea33844d7965a7b5e5de09a1fb737a55e69dc2d19cbd7a1f762a467fff0f003090bff9474440f2122ddc436588bbaf76416f6f9a7bac7b5856507e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 35e217b55c1a2ceb47c5cc836041ae5a
SHA1 0350c9de0cf89489870bbea2fee7c3d7378475b3
SHA256 514513666d5cff55aad7ed0a9d4e43adf93e6b8a8952b8f801b0cb187877c413
SHA512 af7c9331c2fa4e96c5f531e43559e5ddc79231a53673da7e128a71b9ca2bdee9f65854343d573f7814d55d4a1580e086bb4c750f1446ff2bb1b7046c863409fe

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 192ac3344af9cacded479ffba00bb269
SHA1 ea946870ba65a26125c497b4cfb7507dd1c64021
SHA256 c7541aaabcb3ea347eb94a3be00beb3fcdb43bb393ffda2de733053b70e21222
SHA512 2d57bac6f0580708311e23ed70b4bbc2accb5342bf456383800f89205ebd173268c19d33b629226333aadb6e9627f0709781b245d984f7b9a19ba0d6be6c2f58

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 65dd18dd2cf20187e75c6258ac1a93d8
SHA1 4e0d876efc390cfe31230d00f49e60472656326b
SHA256 3b791f00e5aee47dcd868d281d42e494a2abf8d474839fa62512f1ed6f0ffa78
SHA512 c15766dfadacbf22e3b7f3a5aa4003f51336039a34b1db5cb4c4a928c3007bc9b115f8ddf6e259c6c9fa9744f0b8927fd95153e8576847a4c15fb0c380e49268

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 c93cadd3bb1597a13109d5804e6993f5
SHA1 5e2aa35f233ef87c56027fee077936c564df3f1e
SHA256 4f88266122b28818609bade377d4b81b5340f55daac62b6117db73f0666a6384
SHA512 5c5cbf90514bb8599d46733760c366120cbfdd537ca85db0112a9ebf1fed825d55463a60ff8d4e764ba7d5aee298f7f173ab85e1b2e977baacf8c03110e286dd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 fff12bb668f57ce89c13ed5007b27e84
SHA1 3082a558785cd78d0dcde108621dbe529545858c
SHA256 dc6846887d26738a96585e9cf8f2ea427a9e7c82e3c6ca754edf1c05fd826c5d
SHA512 512ee015310fec5645bdbd750de0e08028d39ecbde4fbfe8f859e45fb7eb763d3b4c5cca9d226e0fd07d7fb6350888e7fda6c5c77ec74a5b267b69a482d02aa9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 45772007b85cd373a18be00a19dfc04b
SHA1 fabf179881a072c769deb77352d5f2ac5397ae1d
SHA256 03d01a7184725fa1578c57b35bd287bab1a19f1627ac0f45c6cf5214f805acce
SHA512 6fac99563571d61d04d9674e86e104516628dc4c376e63bd6ed5bce39cd5cf941b2e74ee65afe422103cde0a05a0565868033d98d163fe7df2276a46c14860fe

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 29799f021a2fcf1e3b83de29cfde6d0c
SHA1 ace301fbc9e2e818ebdbae069cf4347e94cabc80
SHA256 da264aa7a7a40e12f492da8daf99a936b8deeb23ec8ea1551bdb02471d22b204
SHA512 9425b0fe691049ea4a476c14accdc9c72aeca6b1800ad8319bf601485cab350aaee27088107cebe7c9e1a4d419edf966c7d1f786ce546fdc21a357e566ac4d34

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 61ea36ccd4e18342b6cd379e1b9aff6c
SHA1 1e67b88a5a53f19885de22623116ac3a9ff4c4ee
SHA256 0c907ffca5829bd70bf0c048a3c8e565774400c6ccfcc2334a3bf1c91bb84103
SHA512 ce8c5aa4640fab82a69934cce1e4b8fb9d2b1f341b9154bc4f258c2f7255142222fecc7b0dc0bcef5d3b019ba4f82598748a5ee921057e0bdede86a17188ddbe

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\f1239660-2f17-4420-b1ef-22705e8a047f.tmp

MD5 0c478e293b11304516160871838e189d
SHA1 061768f03a7ae228bb1bedb8a6251e842495f133
SHA256 19af2148c1f903d261f78a8f1f002431f1cd7cf75a86a4e3af3ed0b100391fff
SHA512 6f6f05a7ba3ee01713a4bf9fd84c6206c309791bbdb93c88dcbce0ddf34e0d335ddfd350c7444b4175d42f396cd8251623652df026f6290c27c99b2920cc9455

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 94936354259346ab90872d10bbaedef4
SHA1 9b23c245ce80b83cbe2021e4d28e4af9a5a5a090
SHA256 d6378c9e31760ca52476e10d38e7aac682f96e76e19a9c8896eeb15ccdb53ec1
SHA512 cddeba55e539ff296c4a9741e96ad6b400a95ad8c44aea52c079ed41652810366ea0b277b424a4f56be99ba043eadf86ac154224b2d09745a3e48ad9fd4cbd2d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0a2ff49edaef6f74392b0c87eaa4e52e
SHA1 dd63516b28df25c7b71a6ae44abc110d12b1ecd7
SHA256 0f7877cd05dd47bd209418247e6abcc408ba2c2154038ceab4b6c573d317a759
SHA512 15c01f1d30279fb221d722c95792412069d0ff47ba2be71eaee2f468438cef7aaa8fc7c6c1d02b756f3a743a0a693b7255e329ad8ce8d941a480a537d2aed6f1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 8aba7caf654f8c28ca9f5e7b6d769661
SHA1 4e7f5fc9f9d4500bcd7ca0052ad3b36c93ef8917
SHA256 1ec037de03c36b260e8ab6a6446dcc112c67acb6cae04a1fcfeb774e6d05b3b2
SHA512 f65ca62a0ca24b80ab6be93d33fc46c759dbf77e23aed092f8b882ff2687f1e86c3a55014fce46cc15a3235720664804425ff0c79bd67bd5d6e0af94268c3012

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7dd8c3bc0b659ab420c1d514f3d0fee9
SHA1 39a583ed870d52a1978be79f4994896c1d3c8767
SHA256 6427661b38276a5db51e3fbde7bc7741ee9ab501c3c51202adf89d71b1ef80fc
SHA512 b4627c0e8685d71f3de09b0f35fc31cbd4f5a2f83b3582e84d6e2fceee26bc1be3ba69d09d0e6283531f73c2a5ae56795a49661a1e10eb82148c5927bef18aea

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 290377003263ee9600a4bf2234dd485f
SHA1 2af4bb11fa55d2630b7095b61dedc9ba29fe5f35
SHA256 f5a77937b8b89e1506e6ecf5c1561b07e5a6bae6cfdf287869d8dfdee0fcfce4
SHA512 e72b0111eb163f1873ee8a9481eaa3632be78fe8de8a960d60f428777266a3469c852d61532adab387f5076a8c630f46c471e152714ba9e866227a853ae04558

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 7494739d51c3e62e2f6290d491bd1fc7
SHA1 750de0b9af354adafd3d8694840c65aa827e9945
SHA256 b26c7436eb69f773844c47be0c7ec7c5ebdf1c1d08f1d7eeff1984401ee4e53b
SHA512 317713ee414079fd44bc946bd7b7683320eb272189704305cfc34ebcf141244db0efb1f117d358ebc14660ba048e4ad632ba9e3f47711bc4e8f56f81307eb995

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6605976b54ef4ce6356102cfa5b375e3
SHA1 bb98bdc101dad46238eec1c18e03c56aa3c66ca5
SHA256 0be098198bf534edb095f820431358f1ed0020fa04864b8bac250de30a02d73c
SHA512 3a08257bc2d699dffc22c0b7520e751c2c6d2324c057d220db15083bd35f213053a989faa9dd23b4a0ece4b47731f0b24b0e5818b07a0b0ef909f368449a12a1