Malware Analysis Report

2025-06-15 20:18

Sample ID 241218-zsby9s1nex
Target 241218-ppqm5szpdn_pw_infected.zip
SHA256 07bee4c09169af71baae203962228143502b474937517b6ebd802da3f78ede76
Tags
discovery phishing pyinstaller pysilon
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

07bee4c09169af71baae203962228143502b474937517b6ebd802da3f78ede76

Threat Level: Known bad

The file 241218-ppqm5szpdn_pw_infected.zip was found to be: Known bad.

Malicious Activity Summary

discovery phishing pyinstaller pysilon

Detect Pysilon

Pysilon family

A potential corporate email address has been identified in the URL: 6633dd5dcff475e6fb744426_&@2x.png

Legitimate hosting services abused for malware hosting/C2

Browser Information Discovery

Detects Pyinstaller

Unsigned PE

Suspicious use of SetWindowsHookEx

Suspicious use of AdjustPrivilegeToken

Modifies data under HKEY_USERS

Modifies registry class

Opens file in notepad (likely ransom note)

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of FindShellTrayWindow

Suspicious behavior: EnumeratesProcesses

Suspicious behavior: GetForegroundWindowSpam

Suspicious use of WriteProcessMemory

Suspicious use of SendNotifyMessage

Enumerates system info in registry

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-12-18 20:58

Signatures

Detect Pysilon

Description Indicator Process Target
N/A N/A N/A N/A

Pysilon family

pysilon

Detects Pyinstaller

pyinstaller
Description Indicator Process Target
N/A N/A N/A N/A

Unsigned PE

Description Indicator Process Target
N/A N/A N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-12-18 20:58

Reported

2024-12-18 21:04

Platform

win7-20241010-en

Max time kernel

121s

Max time network

130s

Command Line

"C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\AppData\Local\Temp\241218-ppqm5szpdn_pw_infected.zip"

Signatures

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeRestorePrivilege N/A C:\Program Files\7-Zip\7zFM.exe N/A
Token: 35 N/A C:\Program Files\7-Zip\7zFM.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\7-Zip\7zFM.exe N/A

Processes

C:\Program Files\7-Zip\7zFM.exe

"C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\AppData\Local\Temp\241218-ppqm5szpdn_pw_infected.zip"

Network

N/A

Files

N/A

Analysis: behavioral2

Detonation Overview

Submitted

2024-12-18 20:58

Reported

2024-12-18 21:07

Platform

win10v2004-20241007-en

Max time kernel

479s

Max time network

483s

Command Line

"C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\AppData\Local\Temp\241218-ppqm5szpdn_pw_infected.zip"

Signatures

A potential corporate email address has been identified in the URL: 6633dd5dcff475e6fb744426_&@2x.png

phishing

Legitimate hosting services abused for malware hosting/C2

Description Indicator Process Target
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A

Browser Information Discovery

discovery

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133790291731976804" C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies registry class

Description Indicator Process Target
Set value (str) \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\Shell\SniffedFolderType = "Generic" C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\LogicalViewMode = "1" C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1092616193" C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\FFlags = "1092616193" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\GroupByKey:FMTID = "{00000000-0000-0000-0000-000000000000}" C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\GroupByKey:PID = "0" C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:FMTID = "{00000000-0000-0000-0000-000000000000}" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\GroupByDirection = "1" C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\MRUListEx = ffffffff C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3} C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\Mode = "1" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0a00000001000000 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7} C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\NodeSlot = "1" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\Shell C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\Instance\ C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4336a54d-038b-4685-ab02-99bb52d3fb8b}\Instance\ C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a0000001001000030f125b7ef471a10a5f102608c9eebac0e0000009000000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000 C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4336a54d-038b-4685-ab02-99bb52d3fb8b}\Instance\ C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\0\MRUListEx = ffffffff C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0 C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\IconSize = "48" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\GroupView = "0" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3} C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 0202 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Mode = "4" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\Mode = "1" C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Mode = "4" C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\IconSize = "16" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:PID = "0" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:FMTID = "{00000000-0000-0000-0000-000000000000}" C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByDirection = "1" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-3227495264-2217614367-4027411560-1000\{93FE3800-C8ED-4196-9088-7FA7AB74EAD8} C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1 C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\LogicalViewMode = "3" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\GroupByDirection = "1" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\FFlags = "1" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0a00000001000000 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\FFlags = "1" C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupView = "0" C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:PID = "0" C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1 = 14001f50e04fd020ea3a6910a2d808002b30309d0000 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\GroupView = "0" C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByDirection = "1" C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\GroupByKey:FMTID = "{00000000-0000-0000-0000-000000000000}" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7} C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a000000a000000030f125b7ef471a10a5f102608c9eebac0e0000009000000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000 C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\Shell C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\GroupByKey:PID = "0" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 0100000000000000ffffffff C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\0 = 3a002e803accbfb42cdb4c42b0297fe99a87c641260001002600efbe11000000a163b9e99718db013bd2f7b98f51db013bd2f7b98f51db0114000000 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\MRUListEx = 00000000ffffffff C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Opens file in notepad (likely ransom note)

ransomware
Description Indicator Process Target
N/A N/A C:\Windows\system32\NOTEPAD.EXE N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious behavior: GetForegroundWindowSpam

Description Indicator Process Target
N/A N/A C:\Program Files\7-Zip\7zFM.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeRestorePrivilege N/A C:\Program Files\7-Zip\7zFM.exe N/A
Token: 35 N/A C:\Program Files\7-Zip\7zFM.exe N/A
Token: SeSecurityPrivilege N/A C:\Program Files\7-Zip\7zFM.exe N/A
Token: SeSecurityPrivilege N/A C:\Program Files\7-Zip\7zFM.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\7-Zip\7zFM.exe N/A
N/A N/A C:\Program Files\7-Zip\7zFM.exe N/A
N/A N/A C:\Program Files\7-Zip\7zFM.exe N/A
N/A N/A C:\Program Files\7-Zip\7zFM.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 4928 wrote to memory of 1212 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4928 wrote to memory of 1212 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4928 wrote to memory of 3740 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4928 wrote to memory of 3740 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4928 wrote to memory of 3740 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4928 wrote to memory of 3740 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4928 wrote to memory of 3740 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4928 wrote to memory of 3740 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4928 wrote to memory of 3740 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4928 wrote to memory of 3740 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4928 wrote to memory of 3740 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4928 wrote to memory of 3740 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4928 wrote to memory of 3740 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4928 wrote to memory of 3740 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4928 wrote to memory of 3740 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4928 wrote to memory of 3740 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4928 wrote to memory of 3740 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4928 wrote to memory of 3740 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4928 wrote to memory of 3740 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4928 wrote to memory of 3740 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4928 wrote to memory of 3740 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4928 wrote to memory of 3740 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4928 wrote to memory of 3740 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4928 wrote to memory of 3740 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4928 wrote to memory of 3740 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4928 wrote to memory of 3740 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4928 wrote to memory of 3740 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4928 wrote to memory of 3740 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4928 wrote to memory of 3740 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4928 wrote to memory of 3740 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4928 wrote to memory of 3740 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4928 wrote to memory of 3740 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4928 wrote to memory of 2224 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4928 wrote to memory of 2224 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4928 wrote to memory of 4704 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4928 wrote to memory of 4704 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4928 wrote to memory of 4704 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4928 wrote to memory of 4704 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4928 wrote to memory of 4704 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4928 wrote to memory of 4704 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4928 wrote to memory of 4704 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4928 wrote to memory of 4704 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4928 wrote to memory of 4704 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4928 wrote to memory of 4704 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4928 wrote to memory of 4704 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4928 wrote to memory of 4704 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4928 wrote to memory of 4704 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4928 wrote to memory of 4704 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4928 wrote to memory of 4704 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4928 wrote to memory of 4704 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4928 wrote to memory of 4704 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4928 wrote to memory of 4704 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4928 wrote to memory of 4704 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4928 wrote to memory of 4704 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4928 wrote to memory of 4704 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4928 wrote to memory of 4704 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4928 wrote to memory of 4704 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4928 wrote to memory of 4704 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4928 wrote to memory of 4704 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4928 wrote to memory of 4704 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4928 wrote to memory of 4704 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4928 wrote to memory of 4704 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4928 wrote to memory of 4704 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4928 wrote to memory of 4704 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Program Files\7-Zip\7zFM.exe

"C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\AppData\Local\Temp\241218-ppqm5szpdn_pw_infected.zip"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ffd2254cc40,0x7ffd2254cc4c,0x7ffd2254cc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1840,i,5223848901113934712,7126673811581152452,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1836 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2212,i,5223848901113934712,7126673811581152452,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2256 /prefetch:3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2300,i,5223848901113934712,7126673811581152452,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2476 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3180,i,5223848901113934712,7126673811581152452,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3192 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3284,i,5223848901113934712,7126673811581152452,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3276 /prefetch:1

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3816,i,5223848901113934712,7126673811581152452,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3724 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4772,i,5223848901113934712,7126673811581152452,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4872 /prefetch:8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4964,i,5223848901113934712,7126673811581152452,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4988 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=5092,i,5223848901113934712,7126673811581152452,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5276 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=4500,i,5223848901113934712,7126673811581152452,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5560 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=4528,i,5223848901113934712,7126673811581152452,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5444 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=5536,i,5223848901113934712,7126673811581152452,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3500 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=5300,i,5223848901113934712,7126673811581152452,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5436 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=5044,i,5223848901113934712,7126673811581152452,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5464 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=5404,i,5223848901113934712,7126673811581152452,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5632 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=5596,i,5223848901113934712,7126673811581152452,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5028 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5516,i,5223848901113934712,7126673811581152452,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5248 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=5600,i,5223848901113934712,7126673811581152452,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5560 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-appcompat-clear --field-trial-handle=5736,i,5223848901113934712,7126673811581152452,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5492 /prefetch:8

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x468 0x498

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5728,i,5223848901113934712,7126673811581152452,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5832 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --field-trial-handle=5824,i,5223848901113934712,7126673811581152452,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4756 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=5100,i,5223848901113934712,7126673811581152452,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4412 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --field-trial-handle=864,i,5223848901113934712,7126673811581152452,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5616 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --field-trial-handle=4056,i,5223848901113934712,7126673811581152452,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5832 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffd392d46f8,0x7ffd392d4708,0x7ffd392d4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2116,946958385779914854,16258786200656710736,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2156 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2116,946958385779914854,16258786200656710736,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2232 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2116,946958385779914854,16258786200656710736,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2804 /prefetch:8

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,946958385779914854,16258786200656710736,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3376 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,946958385779914854,16258786200656710736,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3392 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,946958385779914854,16258786200656710736,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4216 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,946958385779914854,16258786200656710736,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4932 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2116,946958385779914854,16258786200656710736,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5040 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,946958385779914854,16258786200656710736,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4000 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2116,946958385779914854,16258786200656710736,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=3240 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2116,946958385779914854,16258786200656710736,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6120 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2116,946958385779914854,16258786200656710736,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6120 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,946958385779914854,16258786200656710736,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5704 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,946958385779914854,16258786200656710736,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5928 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,946958385779914854,16258786200656710736,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5376 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,946958385779914854,16258786200656710736,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5424 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,946958385779914854,16258786200656710736,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3440 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,946958385779914854,16258786200656710736,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5100 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,946958385779914854,16258786200656710736,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4776 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,946958385779914854,16258786200656710736,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3236 /prefetch:1

C:\Windows\system32\NOTEPAD.EXE

"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Desktop\tokens.txt

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=2116,946958385779914854,16258786200656710736,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5364 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2116,946958385779914854,16258786200656710736,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5128 /prefetch:2

Network

Country Destination Domain Proto
US 8.8.8.8:53 8.8.8.8.in-addr.arpa udp
US 8.8.8.8:53 228.249.119.40.in-addr.arpa udp
US 8.8.8.8:53 172.214.232.199.in-addr.arpa udp
US 8.8.8.8:53 68.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 www.google.com udp
FR 172.217.20.164:443 www.google.com tcp
US 8.8.8.8:53 4.159.190.20.in-addr.arpa udp
US 8.8.8.8:53 196.249.167.52.in-addr.arpa udp
US 8.8.8.8:53 106.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 67.179.250.142.in-addr.arpa udp
FR 172.217.20.164:443 www.google.com udp
US 8.8.8.8:53 164.20.217.172.in-addr.arpa udp
US 8.8.8.8:53 clients2.google.com udp
FR 172.217.20.206:443 clients2.google.com tcp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 53.210.109.20.in-addr.arpa udp
US 8.8.8.8:53 206.20.217.172.in-addr.arpa udp
US 8.8.8.8:53 198.187.3.20.in-addr.arpa udp
US 8.8.8.8:53 198.32.209.4.in-addr.arpa udp
US 8.8.8.8:53 88.238.56.23.in-addr.arpa udp
US 8.8.8.8:53 lululepu.fr udp
US 104.21.83.132:443 lululepu.fr tcp
US 104.21.83.132:443 lululepu.fr tcp
US 8.8.8.8:53 132.83.21.104.in-addr.arpa udp
US 8.8.8.8:53 code.jquery.com udp
US 104.21.83.132:443 lululepu.fr udp
US 8.8.8.8:53 kit.fontawesome.com udp
US 151.101.194.137:443 code.jquery.com tcp
US 104.18.40.68:443 kit.fontawesome.com tcp
US 8.8.8.8:53 cdn.popcash.net udp
GB 143.244.38.136:443 cdn.popcash.net tcp
US 8.8.8.8:53 ka-f.fontawesome.com udp
US 8.8.8.8:53 dcba.popcash.net udp
US 104.21.26.223:443 ka-f.fontawesome.com tcp
US 104.21.26.223:443 ka-f.fontawesome.com tcp
US 104.21.26.223:443 ka-f.fontawesome.com tcp
US 104.21.26.223:443 ka-f.fontawesome.com tcp
US 3.233.103.94:443 dcba.popcash.net tcp
US 8.8.8.8:53 stats.g.doubleclick.net udp
FR 172.217.20.164:443 www.google.com tcp
BE 74.125.133.157:443 stats.g.doubleclick.net tcp
US 8.8.8.8:53 a.nel.cloudflare.com udp
US 35.190.80.1:443 a.nel.cloudflare.com tcp
US 104.21.26.223:443 ka-f.fontawesome.com udp
US 35.190.80.1:443 a.nel.cloudflare.com udp
US 8.8.8.8:53 137.194.101.151.in-addr.arpa udp
US 8.8.8.8:53 68.40.18.104.in-addr.arpa udp
US 8.8.8.8:53 136.38.244.143.in-addr.arpa udp
US 8.8.8.8:53 223.26.21.104.in-addr.arpa udp
US 8.8.8.8:53 94.103.233.3.in-addr.arpa udp
US 8.8.8.8:53 1.80.190.35.in-addr.arpa udp
US 8.8.8.8:53 157.133.125.74.in-addr.arpa udp
FR 172.217.20.164:443 www.google.com udp
BE 74.125.133.157:443 stats.g.doubleclick.net udp
US 104.18.40.68:443 kit.fontawesome.com tcp
US 104.21.26.223:443 ka-f.fontawesome.com udp
US 8.8.8.8:53 p.hogmc.net udp
US 54.80.91.70:80 p.hogmc.net tcp
US 54.80.91.70:80 p.hogmc.net tcp
US 54.80.91.70:443 p.hogmc.net tcp
US 8.8.8.8:53 on.syndetimmit.shop udp
NL 23.109.170.226:443 on.syndetimmit.shop tcp
US 8.8.8.8:53 70.91.80.54.in-addr.arpa udp
US 8.8.8.8:53 utendpacas.top udp
NL 23.109.170.253:443 utendpacas.top tcp
NL 23.109.170.253:443 utendpacas.top tcp
US 8.8.8.8:53 parisiigross.top udp
NL 23.109.170.152:443 parisiigross.top tcp
NL 23.109.170.152:443 parisiigross.top tcp
US 8.8.8.8:53 253.170.109.23.in-addr.arpa udp
US 8.8.8.8:53 226.170.109.23.in-addr.arpa udp
US 8.8.8.8:53 152.170.109.23.in-addr.arpa udp
US 8.8.8.8:53 48.229.111.52.in-addr.arpa udp
US 8.8.8.8:53 discord.com udp
US 162.159.128.233:443 discord.com tcp
US 162.159.128.233:443 discord.com tcp
US 8.8.8.8:53 cdn.prod.website-files.com udp
US 8.8.8.8:53 ajax.googleapis.com udp
US 8.8.8.8:53 cdn.localizeapi.com udp
US 162.159.128.233:443 discord.com udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
FR 216.58.213.74:443 ajax.googleapis.com tcp
US 104.18.160.117:443 cdn.prod.website-files.com tcp
US 104.18.160.117:443 cdn.prod.website-files.com tcp
US 104.18.160.117:443 cdn.prod.website-files.com tcp
US 172.67.41.53:443 cdn.localizeapi.com tcp
DE 172.217.16.195:443 beacons.gcp.gvt2.com tcp
US 104.18.160.117:443 cdn.prod.website-files.com udp
US 8.8.8.8:53 d3e54v103j8qbb.cloudfront.net udp
US 8.8.8.8:53 cdn.discordapp.com udp
US 162.159.130.233:443 cdn.discordapp.com tcp
FR 52.222.153.83:443 d3e54v103j8qbb.cloudfront.net tcp
US 104.18.160.117:443 cdn.prod.website-files.com udp
US 8.8.8.8:53 233.128.159.162.in-addr.arpa udp
US 8.8.8.8:53 170.201.250.142.in-addr.arpa udp
US 8.8.8.8:53 117.160.18.104.in-addr.arpa udp
US 8.8.8.8:53 53.41.67.172.in-addr.arpa udp
US 8.8.8.8:53 163.20.217.172.in-addr.arpa udp
US 8.8.8.8:53 74.213.58.216.in-addr.arpa udp
US 8.8.8.8:53 195.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 233.130.159.162.in-addr.arpa udp
US 8.8.8.8:53 83.153.222.52.in-addr.arpa udp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 geolocation.onetrust.com udp
FR 172.217.20.174:443 www.youtube.com tcp
US 104.18.32.137:443 geolocation.onetrust.com tcp
FR 172.217.20.174:443 www.youtube.com udp
US 8.8.8.8:53 174.20.217.172.in-addr.arpa udp
US 8.8.8.8:53 137.32.18.104.in-addr.arpa udp
US 35.190.80.1:443 a.nel.cloudflare.com tcp
US 35.190.80.1:443 a.nel.cloudflare.com udp
US 172.67.41.53:443 cdn.localizeapi.com udp
FR 216.58.213.74:443 ajax.googleapis.com udp
US 8.8.8.8:53 remote-auth-gateway.discord.gg udp
US 162.159.130.234:443 remote-auth-gateway.discord.gg tcp
US 8.8.8.8:53 content-autofill.googleapis.com udp
FR 172.217.20.202:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 234.130.159.162.in-addr.arpa udp
US 8.8.8.8:53 202.20.217.172.in-addr.arpa udp
US 162.159.130.233:443 cdn.discordapp.com udp
US 8.8.8.8:53 js.hcaptcha.com udp
US 104.19.230.21:443 js.hcaptcha.com tcp
US 104.19.230.21:443 js.hcaptcha.com tcp
US 8.8.8.8:53 21.230.19.104.in-addr.arpa udp
US 8.8.8.8:53 newassets.hcaptcha.com udp
US 104.19.230.21:443 newassets.hcaptcha.com tcp
FR 172.217.20.202:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 api.hcaptcha.com udp
US 104.19.230.21:443 api.hcaptcha.com udp
US 104.19.229.21:443 api.hcaptcha.com udp
US 8.8.8.8:53 21.229.19.104.in-addr.arpa udp
US 8.8.8.8:53 imgs3.hcaptcha.com udp
US 104.19.229.21:443 imgs3.hcaptcha.com tcp
US 8.8.8.8:53 170.117.168.52.in-addr.arpa udp
US 35.190.80.1:443 a.nel.cloudflare.com udp
DE 172.217.16.195:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 api2.hcaptcha.com udp
US 162.159.130.234:443 remote-auth-gateway.discord.gg tcp
US 162.159.130.234:443 remote-auth-gateway.discord.gg tcp
FR 172.217.20.202:443 content-autofill.googleapis.com udp
US 35.190.80.1:443 a.nel.cloudflare.com udp
US 162.159.130.234:443 remote-auth-gateway.discord.gg tcp
US 8.8.8.8:53 22.160.190.20.in-addr.arpa udp
US 162.159.128.233:80 discord.com tcp
US 162.159.128.233:80 discord.com tcp
US 162.159.128.233:443 discord.com tcp
US 162.159.130.233:443 cdn.discordapp.com tcp
US 104.18.160.117:443 cdn.prod.website-files.com tcp
US 172.67.41.53:443 cdn.localizeapi.com tcp
FR 216.58.213.74:443 ajax.googleapis.com tcp
US 8.8.8.8:53 d3e54v103j8qbb.cloudfront.net udp
FR 52.222.153.27:443 d3e54v103j8qbb.cloudfront.net tcp
US 104.18.160.117:443 cdn.prod.website-files.com tcp
US 8.8.8.8:53 27.153.222.52.in-addr.arpa udp
GB 95.101.143.202:443 www.bing.com tcp
GB 95.101.143.202:443 www.bing.com tcp
GB 95.101.143.202:443 www.bing.com tcp
GB 95.101.143.202:443 www.bing.com tcp
GB 95.101.143.202:443 www.bing.com tcp
GB 95.101.143.202:443 www.bing.com tcp
US 8.8.8.8:53 202.143.101.95.in-addr.arpa udp
US 8.8.8.8:53 17.201.222.52.in-addr.arpa udp
US 162.159.130.234:443 remote-auth-gateway.discord.gg tcp
US 35.190.80.1:443 a.nel.cloudflare.com tcp
US 35.190.80.1:443 a.nel.cloudflare.com udp
US 104.19.230.21:443 api2.hcaptcha.com tcp
US 162.159.130.234:443 remote-auth-gateway.discord.gg tcp
US 104.19.229.21:443 api2.hcaptcha.com tcp
US 35.190.80.1:443 a.nel.cloudflare.com udp
GB 95.101.143.202:443 www.bing.com tcp
GB 95.101.143.202:443 www.bing.com tcp
US 8.8.8.8:53 file.io udp
US 143.244.215.221:80 file.io tcp
US 143.244.215.221:80 file.io tcp
US 143.244.215.221:443 file.io tcp
US 8.8.8.8:53 www.file.io udp
US 8.8.8.8:53 221.215.244.143.in-addr.arpa udp
FR 3.165.113.34:443 www.file.io tcp
FR 3.165.113.34:443 www.file.io tcp
FR 3.164.163.87:80 crt.rootg2.amazontrust.com tcp
US 8.8.8.8:53 hb.vntsm.com udp
GB 79.127.237.132:443 hb.vntsm.com tcp
US 8.8.8.8:53 87.163.164.3.in-addr.arpa udp
US 8.8.8.8:53 34.113.165.3.in-addr.arpa udp
US 8.8.8.8:53 132.237.127.79.in-addr.arpa udp
GB 79.127.237.132:443 hb.vntsm.com tcp
GB 79.127.237.132:443 hb.vntsm.com tcp
US 8.8.8.8:53 hb.vntsm.io udp
US 8.8.8.8:53 hb-vntsm-com.global.ssl.fastly.net udp
US 104.22.47.142:443 hb.vntsm.io tcp
US 151.101.193.194:443 hb-vntsm-com.global.ssl.fastly.net tcp
US 8.8.8.8:53 region1.analytics.google.com udp
BE 74.125.133.157:443 stats.g.doubleclick.net tcp
US 8.8.8.8:53 www.google.co.uk udp
FR 216.58.214.67:443 www.google.co.uk tcp
US 216.239.34.36:443 region1.analytics.google.com tcp
US 8.8.8.8:53 142.47.22.104.in-addr.arpa udp
US 8.8.8.8:53 194.193.101.151.in-addr.arpa udp
BE 74.125.133.157:443 stats.g.doubleclick.net tcp
US 8.8.8.8:53 110.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 67.214.58.216.in-addr.arpa udp
US 8.8.8.8:53 36.34.239.216.in-addr.arpa udp
US 8.8.8.8:53 133.2.101.151.in-addr.arpa udp
US 8.8.8.8:53 cadmus.script.ac udp
US 8.8.8.8:53 ad-delivery.net udp
US 8.8.8.8:53 securepubads.g.doubleclick.net udp
US 104.26.3.70:443 ad-delivery.net tcp
US 104.18.23.145:443 cadmus.script.ac tcp
FR 216.58.213.66:443 securepubads.g.doubleclick.net tcp
US 104.18.23.145:443 cadmus.script.ac tcp
US 104.26.3.70:443 ad-delivery.net tcp
FR 216.58.213.66:443 securepubads.g.doubleclick.net tcp
US 8.8.8.8:53 c.amazon-adsystem.com udp
FR 18.245.202.34:443 c.amazon-adsystem.com tcp
US 8.8.8.8:53 id5-sync.com udp
US 8.8.8.8:53 gum.criteo.com udp
US 8.8.8.8:53 id.hadron.ad.gt udp
US 8.8.8.8:53 match.adsrvr.org udp
US 8.8.8.8:53 api.rlcdn.com udp
DE 162.19.138.82:443 id5-sync.com tcp
US 3.33.220.150:443 match.adsrvr.org tcp
US 104.22.5.69:443 id.hadron.ad.gt tcp
NL 178.250.1.11:443 gum.criteo.com tcp
US 8.8.8.8:53 145.23.18.104.in-addr.arpa udp
US 8.8.8.8:53 70.3.26.104.in-addr.arpa udp
US 8.8.8.8:53 66.213.58.216.in-addr.arpa udp
DE 162.19.138.82:443 id5-sync.com tcp
NL 178.250.1.11:443 gum.criteo.com tcp
US 104.22.5.69:443 id.hadron.ad.gt tcp
US 3.33.220.150:443 match.adsrvr.org tcp
US 8.8.8.8:53 34.202.245.18.in-addr.arpa udp
US 34.120.133.55:443 api.rlcdn.com tcp
US 8.8.8.8:53 lb.eu-1-id5-sync.com udp
DE 141.95.98.65:443 lb.eu-1-id5-sync.com tcp
US 8.8.8.8:53 cmp.inmobi.com udp
US 8.8.8.8:53 config.aps.amazon-adsystem.com udp
FR 52.84.174.60:443 config.aps.amazon-adsystem.com tcp
US 8.8.8.8:53 secure.cdn.fastclick.net udp
US 8.8.8.8:53 cdn.hadronid.net udp
US 8.8.8.8:53 cdn.id5-sync.com udp
US 104.22.52.86:443 cdn.id5-sync.com tcp
US 104.22.53.173:443 cdn.hadronid.net tcp
GB 23.208.240.151:443 secure.cdn.fastclick.net tcp
GB 23.208.240.151:443 secure.cdn.fastclick.net tcp
FR 52.84.174.60:443 config.aps.amazon-adsystem.com tcp
US 8.8.8.8:53 82.138.19.162.in-addr.arpa udp
US 8.8.8.8:53 55.133.120.34.in-addr.arpa udp
US 8.8.8.8:53 69.5.22.104.in-addr.arpa udp
US 8.8.8.8:53 150.220.33.3.in-addr.arpa udp
US 8.8.8.8:53 11.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 65.98.95.141.in-addr.arpa udp
US 8.8.8.8:53 86.52.22.104.in-addr.arpa udp
US 8.8.8.8:53 173.53.22.104.in-addr.arpa udp
US 8.8.8.8:53 151.240.208.23.in-addr.arpa udp
US 8.8.8.8:53 proc.ad.cpe.dotomi.com udp
NL 89.207.16.146:443 proc.ad.cpe.dotomi.com tcp
FR 52.222.149.52:443 cmp.inmobi.com tcp
US 8.8.8.8:53 146.16.207.89.in-addr.arpa udp
US 8.8.8.8:53 52.149.222.52.in-addr.arpa udp
US 8.8.8.8:53 60.174.84.52.in-addr.arpa udp
US 8.8.8.8:53 a.ad.gt udp
US 104.22.4.69:443 a.ad.gt tcp
US 8.8.8.8:53 i.clean.gg udp
US 34.95.69.49:443 i.clean.gg tcp
US 8.8.8.8:53 69.4.22.104.in-addr.arpa udp
US 34.95.69.49:443 i.clean.gg udp
US 8.8.8.8:53 49.69.95.34.in-addr.arpa udp
US 143.244.215.221:443 file.io tcp
US 216.239.34.36:443 region1.analytics.google.com udp
FR 216.58.213.66:443 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 fundingchoicesmessages.google.com udp
FR 142.250.179.78:443 fundingchoicesmessages.google.com tcp
FR 142.250.179.78:443 fundingchoicesmessages.google.com tcp
FR 142.250.179.78:443 fundingchoicesmessages.google.com udp
US 8.8.8.8:53 78.179.250.142.in-addr.arpa udp
US 35.190.80.1:443 a.nel.cloudflare.com udp

Files

\??\pipe\crashpad_4928_DQDDOAWDTBQHTFSA

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

MD5 b551e9f21953af0644cfa080fec76db9
SHA1 c15a16936c70b4f454d8a1f3a2703fcdcf92d32e
SHA256 187264327d335a04d87e4aa27f3a5f85cd9ed164ae61801536cd2199800fa026
SHA512 3af402d22766f0e3116a23ebfb59d8d905d0ef69c7b813f3cd6ba0c5ad6f27c60b78c05b72a5ae664c716d8d8c5a9b82b39e805c5cf4caadab73b4bb302bef55

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 cb1b3619fdb2322c15bfd6ba916bdba0
SHA1 5430c06985b70ad4dfa05ce688a5c7006961eb26
SHA256 80c0b091666fc296870f80eca0a53937d4652f3f8720d2a9420b4cec40a52756
SHA512 869291725bdb911718e89505e3587ac525feea6079d8d64cff28c57bcaebd7d6ace67cb95ac549609f9532bdad004590149ce18c3aea58d5e8618cd1060fb1ad

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 61cc48439584bf28d9d843e9a42f833f
SHA1 a56d91d05f47e3838e32ddc6a4f5d09d635f04da
SHA256 5c49120cea3ffcc9fa29cd767e09185efddfb2336e63cc4b628b6d5228207235
SHA512 0f218e590c114f7d0765445d7f92fa73b044f2074cbc8e13d463ebe926dc60bea9d444c47fcf4d6fdfb8c7193d56168bb3a9d9f9aaa8aedbcc476f77f64e42af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 d54a78929e5077da1618bf584d02e7ff
SHA1 8e987b63a08e20903d427d927845ee7197b54df9
SHA256 69cfebc819447f8ecc0cc07f16164e39571db8b5f098e48787602825357616b7
SHA512 02ba053041c96728a72ffba1925e7613cc97f792bc6bae1bbbc7dd24266a656e4d056fb6b67c3888e86c0e56ed2f293e2852eafa8457e2fdd6289170cef028b1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

MD5 ebc71f748b7d742cd267cbc7c73a39ef
SHA1 933766747b0138f995d36732c51eadc0f0ecd711
SHA256 023219963dfc04cf0c8f96fb648bd9fefc18b78979fb5951f7674dedd67ca18e
SHA512 e7f448c81c72b83cae4e2e1ecdf0f63f5b788307e786119a17a0ad72a7c967afd62c945539e47a4bcdc83411be8df94658ec7fa936019c86f4cfbaf218792afb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e9f612e2aa1b5cdfe7fc84cbe41d8b8b
SHA1 36350ae8aafb89aa9aaebf874093fe57c7caf55c
SHA256 40cc96f9064befdf720c696864f83c03e62659ca68c2b4dfcc8ffdc53f0e1712
SHA512 d97ed853aacd28308b689af9efb592d3f65b86caf10d686c8a0f9cdb94da28cdf64460bce07e4b1888954a7b943899482fa8b52fa4e47dbde2880aea43c761df

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 9f68ba2235df3c78501af355786d7d77
SHA1 f505cac66459d04410b13bbb00b0ca821f366f21
SHA256 853d08042cc294da0ce06627567e001e43e8c40833b9148f6eb14d45428c09fd
SHA512 77b9600b2806985004ea9ade5899caa0cebee99d0e1fd0f053d4d8822b1c347798284e41dfb3c468b45e36a28dff81c7da4f901b3e1ac7e78e723df824fed970

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d7d35f16dfe2799f1b343e1efd5f031d
SHA1 c8db1e9bed4812592b7c8db2879a2f764647907a
SHA256 4eb79e59675f5389c45fcdf2d7bec8e7136f7eda1e72f9e177563c2a9ae9a492
SHA512 dc5063bc4b5bceda100fbc595726507a9b9f3fe562cc41f253168dcd9edb5e62d945a54ee9f15ec112625fccd2d8c9b5d88299d5c97e0fde6a3d6df4e0ed844e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 e69ea3935c0437d9b35926a809d7856a
SHA1 6d68adcf279450e74ed8a582daa62acf90540f65
SHA256 88b1a5ea746cf102ed55e7305af777e6ca2765e05ebbc2161de4dcf21cf726d0
SHA512 07eee47cfd8f22f4e9eb4c85173e0bea6746f6fdf7101302c17ed740dbe8c4aa6ef5c2503a98c1762956c2cf374589af429caff540279e52f3abea7411f78415

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000007

MD5 fd78818951f52abaf931540cd40b00a2
SHA1 a7a366b6702367cafa9594751df7b86b4e02ea3f
SHA256 80727e0a49f082f50dca0067bdb900f18f1b78af8cb868154f6abb680e276020
SHA512 425a8b2887851243aae3516a9fc7014fe502b8198e7aa8383218f2e09bf606e00086f1b242c3d633ee375d394444c52f31819aaf8f65039073cc5f6f501e88e0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3b75d7db4dc13a60929169c1cd40996d
SHA1 ecb6cd19ed7ddf424c8d8e1605c4a2292018ffb4
SHA256 3a900b44380bc91692cba8cbba6851beebc6d4e6dadb587348f33b1937e422a6
SHA512 0792026ba284a037f9534d639f3fdd7f292faf984633640b27aac186872106ae464d85368e4fe393293a2ff6fb7f5cf6df917c29e8e6abef2bbe0c04e0afbda0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 e23d586481329215441d08c38e98c788
SHA1 d7598a391b42ec9ebc03aa82b22168e4037c1923
SHA256 4e2c275f207ce5fb4aa4bf583614d1fdf7ac9f78bf6479b00f4d9344a6e7f4be
SHA512 05809fa289c9e952b33b8c4a98b21251c5db0717ec26656710eac8ddf21269087a61bb9a83dae8a104fcea7753facf0b916aaf9ec6ea0b7245b631a1ef8f86d1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 483980b0686947d45d4165bf1b020812
SHA1 6b66d4d180a4bba3ca469ed675e83345a49cebe9
SHA256 a7792807be9371141911cc0898114ee2b694cc7676256cceca68344f5ab51b6c
SHA512 f0c19775bed2825d5e713c93e0ff6f939a2f01238c02ddba081d3069ea017eb8debfc1d76f07d38cacaafcb1a1549b7a25ef76e8fd6245d381ddc46add7347a6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7673cd61dda285c04fffe7ce04d66245
SHA1 06d98c68f79988dddff9a84978e73f533190948e
SHA256 dbf00999ab2ceadecc65625a35f9719a817b8ea90ac492986ca06d9b99abb288
SHA512 021a35d623a16e39a33b2a087861b7a1fc478363d4e2f277f900ec8773776879adc93cd760482faafe160413ddbcfd767153e64728de4a1e4288e3c1681884e5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 2be6c56d2f920118ddd7c8670dbd1033
SHA1 5533bfa72868fadceed0f8f55b82286a418d1784
SHA256 11ec62235a2441e7b11fa321fb906be8028dfabf1b3f6a52d0ed380cb1213d05
SHA512 dd81d33c5ce6a9fee5f8271e132eb373d39796ff09e693154fcdcbac3aa0fb376c134e10c178182ba0a6291cfaf894f334f83e4edc57a6a9ff38048f376e6f3b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 e01ba6dcbd2ac20690148edd80217923
SHA1 7fc3f8abbe6c32509d67050ddb903da0606030c3
SHA256 e8aa190bea8850ebb31b5c291bfae754bfe878c512720a841ccacd50d9a852c8
SHA512 7b48ee3f897bcdd3af14482ec39a6ec3814651e5674c572ab04165bcbd9724ab378fe6c42d2b3417d8859f2560df54973fad933c9403a160d462f328758b8e49

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 3baa6ae0fbb8d95e641a6ec69f847a3c
SHA1 8abcdb070f7c45283b4d2e8bc2dccda8d38affa6
SHA256 5952457ff3a1deccf60486ca4c7c5b0da771bb0535c8881637568f169c7084c2
SHA512 389db0a9158f6a3838874f05b40700448028d893e2355a07fbb80c86ef2b30bf8475533b0bffbfe7984b1f0cd86fe8e88f5e45db03c3487ef4b5df5fd629e002

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 878b7daa83b9b12a892c360bd22b81de
SHA1 bb7db403793760aeab639e1984b48dccd554c7e6
SHA256 16467d7217f960e3c74ee8c8ebcbffef33b22608655e8c2015eba8e9ea29fb31
SHA512 130007d812a1f79f6c8e2dab6e9743b5a91387a04215ed38801ab366b1a795de026e23d4a1ae0036a833f8222dc4898507a49dbd85ca37f8b4519f8032dc09ea

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 81c6c5ff47866e220152e51af69e5aff
SHA1 604afb8a50ca0d4004ae49d0bd80aa2b5632ccc9
SHA256 a9e5d965c206adb3e072aff0421cf66c2a401941492bdb111024ce1d27d61a02
SHA512 a4c587b1f4ddd98ac21e57b2840e9015cbaef173d67d9483052fb3926471bda628dcb31b1014e1fe45bde49b19a8377343e9640c407f8833739c1a6900f16db1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 fbbb8e73cfb7f334787c064e662ad7e4
SHA1 009e398ecbef54cf883a6114f1dc7de357fff78e
SHA256 4bfcdb5fc3c96e6a3835ce3103dfacd3d99d93d883fc1ff3c934009541cbec6f
SHA512 9579d0f1d626fb90af5d14cdc4d47c271998c3792d46f3058725c508a42b450f467e7fe13e23b7a9d95f4c158721b739d0e4725938e3c4955758b71da332df4d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6f0851b2c0cca36a69da69fa8d10a388
SHA1 b05d9952594c9f9a81843df7aaf547471a8e679b
SHA256 48f7c7d6b83e1dedafa3905661316db4b432212e63456d51d20526ea9f7a28f2
SHA512 8f89945cfa7d1615f1ba3031d55fe46a3ed09150e827e9b60965d284b3457eb14aaad8262b31c7d4897f2ba9f4cbd39f2a573225e07857f9984f41fe49838e7b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 148571f2115d618126b89c7011089bba
SHA1 cade876055520d5cdaeb706f3b31c446ff1e262a
SHA256 a831fb940b65fb53050edb4e65f7c506b345316627a5b005bc85d3fa1ad421c3
SHA512 cf48e69d611df516ad78bacec7807c3d4a6b9a4704bbc1d8660e452104b86868f84a98fcd5e9a30a73d1804c339ca66c04a0b26ce77d61271b713779c4e14a6c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 87c9303c858a718961292275e6afd24d
SHA1 a9d5d5284a48114a9ae2a5813bac595d3d5e004b
SHA256 87f40aa64b90a5315fe91e7e2461422b0a08951a381664f6e91ff2b1f68042e7
SHA512 ada23f62699d310699bf367c27f33e8fc91ec5e2cb7b1a2e0a0e55d891136e2862756e31fb5d991c540ff82f4f8db12b13fcee1ae8028973ae3cd1697161acda

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3680f5b66ede724a663e6d6fcb8f97a1
SHA1 0c6fa536abc75df51c7ca7add3996a41a682aa21
SHA256 fc7dd52035e3e25b86f79f5d73e46bd139f116393bc5e5bcea92b818b6f20ed4
SHA512 ffa916f39d1a6ca36399f117e514d5da676e68a0a45db8ec48d0e2472b0c43b7f7512a693b39ada8b56abd76794fba4be1199d7c95ad591e2116beac038c0cd3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 d1b3e1977165d9bb5882d57e888ef92b
SHA1 79b8960c08ce4dbc7c049c430d7fa5e02583f55d
SHA256 ed3e10614e1138f8125b914046fe07f700504ea5509eb97137a365c542c42d24
SHA512 67f53640bc5f65f93a4afedee337c7f9d336ce2b832be131052c535c946a20a610938ab0976837e4198e5ce28a982e496bbe90255cfbebf73f745076cc73d786

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 3c6c73a9ca06b08da2d506e92d321491
SHA1 143e25483735dc5232899946f27a3f6f45c0da38
SHA256 e4d4c5277985cf3ae40d32a6c47ac889ce6ce9de7e909bc8e7b88f1ee74ef5f0
SHA512 9dbd8acdfc4c54dc57455f47209468e22102577e26f0d48caa33df038071b360b4b41fe3a1bcfd86833ffe6284793aae08bad1e18c3ced3cac1d685c45748f98

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 c7e2ffa20ef0659852d6f108659cd20d
SHA1 49139b158cc5d269680f92ca25d1ba2e06466063
SHA256 cbb232a9cf81210990a174b254bef36ee918ec52e28607217d02f0c5e06a4a74
SHA512 436f8648b06a671d9bedf6fab376888a05f985fca7ad4ef11bfb137add53fdce85dd93e00352fa9779e11e6397a574d0d2cb131808ef6abb57feb9f192db48a4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a1896a4651fb5c3497e820194491b46a
SHA1 2c3daf27ebeb9cd1e8f56216135ad7e4084f696e
SHA256 86f319ec94bbaaef052de9600e0ea03cddcfcc64a8ef9904a81b63dbf0a05cdd
SHA512 1eb5a8d32a6f658c957eaafa8501376423ea6eaf5996e38a890b020b0d3dc16117f6a522e2b3ec62488d5ddf01e6a020f90d19f662362d90cb7fe20a2c59618d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 a315448c8f0466b982d9b7121b427d3a
SHA1 141fb3ec44cbb5d2b3d60dd91857af7b19bd5fe0
SHA256 91a012ca7b731930a821f9d91f7638608e82313867d3b55640204147b8737b4c
SHA512 6d9c13dfa306bd59ba81026e980303b7dc186ea266bee308da0a3ec4e41cacfbcceb877290ec54c6838fccd874a248aa96ec522a874fb8f53b3be1a81b555bd7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6003cd27e44cd7f2a9e010dde19be066
SHA1 2412ca1e923abcbbaf424adfdd71c5feaca65067
SHA256 d98c120220cfb00c590d347fcdd337efd30fd472be3a87afd9ef27641a4be74d
SHA512 b8472b23b2c7c1096eabb64bf7cdea8c0972a926136375af627ef61d1c5f35a8dc716fe45c2e822248ff5a1af7ba43afc76195a0e758183db6777899fe09e11d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 f55bc4bcefc9a9295b278c085d5f84e9
SHA1 22598df29df3002a02643e78d67c837e0d91afc1
SHA256 60996c364dc84922bb4c4a38fb73e0ba4fbf6f49fef1d4d22fb8dbaab590e755
SHA512 cbfe8b31c15ed5cddff1d7e491eaf4c53e5977493b37fa0e7bbe2498e373e98647a1217aa917a785998c29ff30e6f3def3a54ff4becdb27782999106f9dbdc75

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000049

MD5 086cd4bfc33a9214939a2e914ae428b1
SHA1 8728bac835cdd5d7ad832c6fc259ebd5ac46da88
SHA256 d9bc0191f4511e05a63d02722ea4ce4c953742bd33698120d514d3d862f1308b
SHA512 a6d124d4fd8dcc7ac1a4c8be5475407626565fcc337e43ddf0971c240145fcb4399054b039dbf25fb92eb5b71aba1357e0b3a09ad34ade01e4ae370be80627f4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00004a

MD5 cb0a3e40afa84e931525ed441809e6de
SHA1 bf015a563436c50c534833b26bdb4139ca777a2b
SHA256 efb11c61029cc8ffed157197923544907e7866c01f7aab4917d5e68a6bd5e28e
SHA512 8db73a7f475c4c5dfddf7896cb562a70e23b30fd186b66910bf15cf7cccd4bbe7677138fe405a61e8ab5c024844033e81255d8ef233738953930af3dd5495040

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 99ae778cc1b4be6f23281be3e3f20a71
SHA1 9851e6320ac38ef9c219057164dd9634914cb9ff
SHA256 78d1479e55bac0aa1c0be73715aa6adfffe377b4a38af5470e8804925ae2f269
SHA512 93946ae0eca281f9202656a3121ab1c416351b5cfc56cbae13468d520683daec0ee7c99f3bf7549937ee0e676a780f07afeaa677b0200ba41511f5b86da0f96c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 2c4d16a2f837e54eaed0a071034492d1
SHA1 dbd2895d5d321849e41ba18d4f90ccc0c6af6efc
SHA256 30a90b883bf3d073679bd2533646994c59002facefd6e8a83b16ae0a8f0077ff
SHA512 64f3e5ec876628ac3f1106d98256e52512ac94d7f8b0c3c9e3958227497e95a90696e1dfee8ad62d38ee797238654e77a7ca5b5f6e4c497979e9c9237143ce97

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9270c465eb331a836665085e9f2f53a2
SHA1 51dbb825e2a16a7d76541c0ec27dabf7bab76e13
SHA256 ca73e35a883e0be844c08e07bb4e2900647b8ac018ff97ef3490db7125c1dabf
SHA512 5ea3dbad76cbf212a113ffff77d0c02c624782efedd0192728d47dc7f19962f48202ca660806297764d2add6ee3e13bcec2b311d0fb443545c103b5a8b0743a2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 f08839ae7166dc496666ff62ebd1d1bf
SHA1 9ccd9139a07b2ce1633e39766c1600f435ae631b
SHA256 883bcb32485eaa3f494c3f74937d33d4a494acae4d4bcd09ab8d156abe4727ef
SHA512 b335c23db6300d8bdf287249fdf45a01e06a640d36268c0b4e5f6984abbe93900f5950afa424b666a949712e7ef5417624b41733e90136a8e8025ae275492381

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index

MD5 9da364de1bc2c99c12c892ced300386b
SHA1 ddcf9c112afea2345792fe286181e178f62faefb
SHA256 91b8f7fb04a11f36590c374c4e9e388aac43d2fbedddea47d7e373935898554a
SHA512 97fabcb0d2737da06d85e165d94e98db71e1e4fbc5a8b728af8dee36da524d494b4f01b970398983889e8be2f53ed15cb4526e94efeb91de2cd127cac657dc77

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00004b

MD5 e7eb40a17f017e7b0651dec263c01ffc
SHA1 26fea5c5c688b2ecf33bb6892c9905159b6d48d9
SHA256 afb8e284cacb33c4d52af3a501a871cf560e4ec94358761743c02f3a21cb1810
SHA512 d7af8ff7adb71dd5ed1620efd913673e108846e02a7775d012825357fa81ab28dde7bce06592256e9f9c2e91ede6a249a7e6bce91a392f6f7ac0b53ac3ca0123

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 224cccf3948ce08f3a2dd1b151c543ca
SHA1 a2b2e379dafc15fa665045f61dcd66de3e3b5e31
SHA256 53bb56ecf3627bdecbbbd4f5a9cc30d07fd3d0ee50fa6b9fed8711e4b041e054
SHA512 358766eec97981e3ec4531d44071f6d41ab17ce5257e42915110c42570cb7e28fcd729cf04838d73ddfafb333e3bfc514057fb2ee46e294e86d59ee0de689152

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 64da932ee37219788360fdb6316859df
SHA1 7d4ae03424130018712d8d80b6d7bc45d0eda9c6
SHA256 dd64b679fea8472f013c1949300adf9a32792ad3eb7be150caaac05038c50551
SHA512 ccf027be6b4cf7fc9f0bbe9569d1210ff547ce7e72721226c9f696c32c487022dfea15f64ce33b7d6a7ce504054e0cf8765c402225d3df42581368cbda1b28f8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c3a577e3908891a00ce07bc86bed4acd
SHA1 c1b0972cdc0377d2811fa5359a26ed4805b917a0
SHA256 9ba290b6817e4359db71aa56d287e5c2d2994a6bf11a918c0e18b876a2e36b60
SHA512 c6ce2640e49bb4006af85c973e15a7e3fd0bf5c6e157573605b00f91f2b5a052b790fa68a991c106c0915d7174ba078535e7b91ace1b22c4128ca41b14aa5942

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000038

MD5 563a27019ed6227bc3fdf6a4d7469e92
SHA1 92b55c235d67e30fce319970f205415916b8ad73
SHA256 432aa72ae8ac909b9995083c012c74c6755cc2c4fbccaade1b92c2aa8c7cc6c5
SHA512 66c3151fa1deec730f1d37e5bea7eb4a9589b6915b864faa685c7021f1afdc59eaeaa9f3a0646e5c99a6ebd3375ff285411954f75d957ddc7f1f6fdc6b8b0e67

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00003b

MD5 a0450e1a8e0376c6f7510f2975c9b3f2
SHA1 22021a2e100814da6433af609411ebdd792e5eb5
SHA256 91dbf94cce6e6f4cdd0099e98aab1681654dfd2a3dcd064cf6dd97d2064d4169
SHA512 e331e801d3ef3ee09442dbdeaa3c7729e96dc5b1223827bf360a12fdf8a7cf1e69db0310db0d49bb0cca569f10cd4b721f36d1a2925c034f59e2f14aaebabc40

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000044

MD5 b539750fc23f45ce7fbc0ba9a51712b7
SHA1 af0697e0ce72e79418473724d6437e51416a9fb7
SHA256 52b1efcad1848cb3b9470a5ba9e224114448d5f7a922cb153ecb7572ba16b996
SHA512 907636c7289b8617c8fb16648b3533e26fceaa6bc9516e2ac6dcfd270377e77acb2c01ed24096ef61b7468796c1e1fe3fb6213d91c7ebb01f8dcc8b2fe7f43fa

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00003d

MD5 1e71a8430a7c17d68c0ed324bdd08cff
SHA1 4225805ad18f854fc2f81cca8944a749720f81e0
SHA256 3ec795451212352394064e380eac15e204a602ac6783f9e43c01f6820d07b7d7
SHA512 7d6cdd26b28688e656f3fde090dba17be5ca0da9c004af45f023c334d26a2f567fb8e1105fe07d2a82b31716bca1a8aa8b3dec4f0a75fcaccf292245d1132d21

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 073fed8159e66085f8aa21e2fca3fa32
SHA1 0680178ed61ae48242d8cbfbbb967221735282fd
SHA256 aaccbc590405fd2a1f1ddfad1c60fef8db37def8dbec9e6c23e8f47ab21b0d39
SHA512 3e39ea0727eca7c90095567c1015a0a74200fcaf67d391dbbbca048c47c7398278fb4fd23e6ed0a472245e7aa7e27f3b90dfe82ff1f2caf33317559d21f8d08c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0fe0ad39fcc3c66dcaddca0192ace661
SHA1 b61380c9a5c991f1e90f5d486c2a8d12a3ab3f64
SHA256 a209ce59758e41b20743d2b98a20bb1f26f5656f095a91cd8d2173529a810998
SHA512 f5afd0574a2d5258faa69d3a52976ce33bc1715572aa9127afcab03b80eef857151b9e32142c38ce30f72ed523b6493c9da4c6b3c964283be52920aa35811185

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 36988ca14952e1848e81a959880ea217
SHA1 a0482ef725657760502c2d1a5abe0bb37aebaadb
SHA256 d7e96088b37cec1bde202ae8ec2d2f3c3aafc368b6ebd91b3e2985846facf2e6
SHA512 d04b2f5afec92eb3d9f9cdc148a3eddd1b615e0dfb270566a7969576f50881d1f8572bccb8b9fd7993724bdfe36fc7633a33381d43e0b96c4e9bbd53fc010173

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 fab8d8d865e33fe195732aa7dcb91c30
SHA1 2637e832f38acc70af3e511f5eba80fbd7461f2c
SHA256 1b034ffe38e534e2b7a21be7c1f207ff84a1d5f3893207d0b4bb1a509b4185ea
SHA512 39a3d43ef7e28fea2cb247a5d09576a4904a43680db8c32139f22a03d80f6ede98708a2452f3f82232b868501340f79c0b3f810f597bcaf5267c3ccfb1704b43

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 e0ab6bb529b708ec8abb02dabbf869fc
SHA1 450864027485c68c7b6108d57bd4cc058315c797
SHA256 b0f5bb9c51db7db5f06dc2860d23fe797458d208a2f09d9cfbe67ced5f0a63f8
SHA512 849fb3c95b8266037be3990abd2da7460b1eaf5e38b259a807844d13ab39f0d2106446216f165351059e746ed076f8a1c9a58c4362db9e0b126ef0bb1bd85c7c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 38b487437f96af3fb510950b6813cbbe
SHA1 0c7f362854d36650ae37cb3d2ee02c5e081cc588
SHA256 aed9625c73a861191a83dc7a5bd53d33c323ff50b3a70bb47eb871cd26ed557d
SHA512 c8363928045fcc50559692218546c54d757c88b705aaab5c6bb2e0884cc4b1ff1fa981a903e30d72c3163901afe0366dd023380fa066d0e243f876628f501440

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 358079674f9575a0e2d910359a7873e6
SHA1 04acffcb8f6ff4fb2d6e4062f62344f91da02868
SHA256 d4c0ea4019cc3878d8dc5012400117d99d3ca363eb45c3b4ec479c2141350550
SHA512 e77880db2d16bf15be54e29de1d6adfdd143317ea9ddb78f74c9b8452abb95a53178c2e6cef839eb92b340b86f59f709bbf4c50227412a4e0fe79181562fbfdc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 17020153f43867de53334d79392504c3
SHA1 6b5ec5a63ec5bd32014a61f07010f194719f5df3
SHA256 2f55c0c9b3097d938b1154c3919f3c00df12960f15015322b3b4066c06cfb4af
SHA512 d4192972be8a181bfef0d19c5286b114e9e676184b2254cf9f58d71cc5ef70f846d270109d433ce0bef02047dd2c16677d7bcd6b50ee2cc9938b7beaa280dc7f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 206702161f94c5cd39fadd03f4014d98
SHA1 bd8bfc144fb5326d21bd1531523d9fb50e1b600a
SHA256 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167
SHA512 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 f5a0c4faf0971cf4236982acada60c61
SHA1 5c2064ed29bd5cd80deed15fd500ca6e0167ca87
SHA256 c1eb9062beab0f4cd0b8d79e0186a9408317ef6af2e1a8256027d92b47e0562b
SHA512 af7e48335d278b0245c0b3be8ac334c06a02518f290bf04314bd9950ed17b1b954f59cc19c2e6376605bdab62c533289aaeca59ef7228a10b721815f86d48455

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000051

MD5 180b69f6bf96d221e8ae6e915712d32f
SHA1 ff954ea8f472a59ba1081e1ff0e4986e051e552a
SHA256 d76342f5ed7dd94c5752a339e5af374dcdc0da4b81f4d27b4ad27b982be60b22
SHA512 ff10637099c0c1d7dd1de81d0f1b9ffa6dcb09d55afdad9ce969229e68aa3cbf9676fd9388792cf83b22a33023b7df02c7c6ec4d65e1d7c5fe8b1b3ffe157617

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 e182aeff8198d0aae5a116000597c8ce
SHA1 31ebc087b3139aac494d67feb7f64dede7e2ec8f
SHA256 1f91258836722f9713086ee01242d1a73b5ab249e20388f79b7a98fcb52f22c4
SHA512 91b90c93e9c37be47bc6d00b7d8cec61cd0dacc09d014881e96a8a1c2404318db8fb40ce60899accbc4d5b1bac164242565edfeeb9daaf3b05b850d4ae1c21bf

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 3ffb833325b804baafa1991b18760f4a
SHA1 ab00379dc71df502c05e096170808a071d1ce3cb
SHA256 006c2ed18781d9b68c29443e1cfb3e75adfcadba061c56545e695157c5baf3e6
SHA512 4aa25b22a35f7efccedc6a63600dbfe442956cddc3a20d523f0623f32b53ecfa1c3d9b3c38c823f91a49c20b30243a86ea6c99f84ca9817eab81723db08dd7c2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe5bd9d2.TMP

MD5 2ab13d719bd1b4bdc1d8de4c90073e28
SHA1 dca679241356c1c922d17f1a33af336c5a18ceb0
SHA256 3dcfcbf39af1bb2f0bb866a75785b46dfa1136d9a22333ae636d8b1650146298
SHA512 070b53905e0d7421ba5301994625a77db3128c45977faeac1aa06f3773a541b7367b64e35cf9463ca3be1d76192802913006333146b5e7c01f6c66bce9f5bb9d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ab1ffe27abbe1f5744e7d5046d452711
SHA1 c78c48388bee0c549e63c5f289293b0372b0bfd6
SHA256 d1ee5fa32a69581469321ffb57d9634304bf7fbfbc6003f5ee13254ebfc96a5a
SHA512 3c0b6436c5e1dc2a29ad8bcb7915e94839ac870ea68200da4e26e44bdb24f42410e5e0d901790ce03ca6479e57f96edc13746d35c76d2e676a20de0804d1a62d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 103708bcf22bcf6bc7d2f8f6b9b693ae
SHA1 c12a4a3b2dc71aee799df9d6e90701fa1253bdad
SHA256 6c8e09ee70e862129293066412edc150908912c3e253bcc7ac01e458e60b1bc5
SHA512 993b0983eb8e5ddd02015e1e93b0033a9330cedd9f2143a736d304f1a16fdae170a2e979f4a94968249acf3e6dc2fb130e1c6b7a8803ff4b4391993e91d5a0d5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b2bd66e80b529e3a4d088e1d23b4ba10
SHA1 76a1510f356bd864041f71a7c5708241befec543
SHA256 2474b7f071ea6aa3f5d8e9f16526ce97ec6974440021ae5173e5c37df65cd752
SHA512 e646ee09d22496ec4a0faa4b98882d166efb62853a9bb3b3cb4e4f336e95babd71352f40d70be5f60ad406e06d8086adedb61d92e412f67c9258d16c03440334

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 1efbb3588706dfee1c5b5dd6a224db7f
SHA1 3923775d7ae7acfd9102e0c7ab2f26457f4f917d
SHA256 a3c735edfe19c16fe2cf8b78b9f2debf5ac49536c73f02d2d1f3d4b7a0bac0c5
SHA512 e8192222c4d8a27ae74a1e01bc04392cb1507336463bd9376df354912ee95518490505528f484237eb71ebdfe5ba331477310a25395fde16e7e276e041df7669

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 8d8d7e635be702ed3d63d8a44ed92ce9
SHA1 074291c345bf494c3d62bbc2b41cd269a18bc573
SHA256 bef5d70ad95cd6d3c49863ca5b80d4b3c768e2f37c7a4640f504d9f4f4cc4342
SHA512 078fc34b1f779643a6067681af68d4eb4af5c62ef3188bb9dd72367f69b792ea3dd54bba6281d3872246da656b62df357938ff7e8595910a8e6d60303c770b54

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 21488703f42835962f00914d87e96a47
SHA1 46f9bb3753846c8ff186df3b7a608dfbd132174f
SHA256 b517210aeb24cf2ce34832e50b0f28800c4c5c7a4d8cc307330e4ed7d8aec4d0
SHA512 e2c9484f568c25df95b91eecd3f89bb0885d0d60ed150970050e86f6bd27f8a2684fb3563f5692d68f34367c65fd5ef1aeb72ff7c6263bd049e6d33e9e97fbbf

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 1e844c7eae77ae93d3b4823f18cc6d2e
SHA1 7e393c7e49c2f95c5b92b3d5430546e9d83f9f6e
SHA256 d5fc5dedcbfcec91c652bb5750b02a42db2aecbdc26fed08a32ff1fa6f4279fc
SHA512 ae2eea353ce35291c0c7696ccdd5844f8c979ed5c0673282a8835a66a700f57907d61132efd76d35d5ad54b3d204f7613a41615b97e0fa48b056b397d1b3c6d6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 260dc24ac8e79cc2469fd6f9a60f1029
SHA1 9762f78f35b1339ff381f9b8975fd25021509db0
SHA256 8be8a229926a700c05ea51d7fe889b3da3ed4562856a813df86abfb62f2557a5
SHA512 8ee12a93a5ce08c170fddce02eebca8cc77847e2e9d104302aee27ddf90d29eb91b8169da5e443cfd37289d920dba93071ecf778b26cd58330012b7fb7ce006d

C:\Users\Admin\Desktop\tokens.txt

MD5 f5217bafa6c404f430b5da8f2cb7b57f
SHA1 989bcffa749c76fe37bd5dbba66b1b242aeed60f
SHA256 e69dbf832ae7471dcd897439dd454b47250b24da9c875c84ec7cb4e653978ed8
SHA512 7f18cb903d7edf1a0965ef0ada65602e88e031399994da24d91dcbcfe0e4584e852d8699f1bb6f607499dbcee007f4f3f67092f5b889c8d300e6fb41d399d8d1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 fdcda905730b966f479eb18442ab6e68
SHA1 08613b71b1b146795c5cd850d8b1fd1dc06eb4f6
SHA256 b2314f00a03e6ad352f83b203f6f59f568fb54c8e8a410624fa1330670e64602
SHA512 46e07b3e4dd745c46c494b9221ea799e388b0c71730f25c56af4762379da270bbeb31c95897993324dc731b218daeccccd4e78b76868f6935075886913e998a8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 96239895f102cdaf08006615b89c1448
SHA1 f04bdcbaa50aa420a183292c70ee613654ffa1f1
SHA256 86966f5c76e928e17e3c3e89bc562aa103344fa30ffb2c4e10466b513240a82c
SHA512 636b720d9e345e07506557f70fb89ca3545fbac60a13ba8563917fd8daa263e563d291b6a7629375edc705e4f67ce4b90269208682639c4552b2a6e035e6fe35

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 782f1a55483b52d543fa3c31bee58405
SHA1 64bf6e164c8e50d5cbee1cfce540ef9a3fae975c
SHA256 29da80a863c980bc8577d4e7aa897ee403bcf2558fc44d7a5f2a735e31b26f12
SHA512 22fd372cc80d957d7a6de23a634dae1e78eeb380d2236b0555a77317194c2fcc1a98b8847efb0b19ded54d3c14dde89df72a2383503962f47132c6626579cbcc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 51b7ec85fc1b45a23162d6aee845e4ed
SHA1 baa8050c71ae5a03f88d660a1d446af9dbcca497
SHA256 cfd5009cb5b75b4b604b78054cc2bd135e0f487f79eaa89796a831ed135df588
SHA512 91b74971bbb6946a654c0895d75e791ed616f4e7477085cc4e6e5911c4b25332a92be0d1137e0ff3befaa3266434acbb25022e73057153ffb664f548917138fe

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d1180b31315177ac98823663c0c61d4c
SHA1 fce6a3f1576a939153a1fdd2251324749e37aa04
SHA256 2fa6f7c2eeeaac1e6a977d7008cdbca6a2856f4d005a5e22104e44af744693e7
SHA512 f1a2a67284c29eba089cba2dba34c16b99d40c3878926756d1fac19951bd68fbf3975e0842912fe0fd2920979965c66d577823843fb62e638f0840689f739c21

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 15648637da23ce4eea44723cb7d813a4
SHA1 c6b70363e8989d301e77c0782732ae2eec3e670a
SHA256 04fa23875c079a320afb816a47701e40483cdaa72116f70390e64a361e203c48
SHA512 a28f63c46dd43f2394b3b8179e6e2ee343553c29fd42e49fdcfe9c6cb7517fb49fd7f03da95bdd9dd9627f7ccb9f09a7571755fcd64e80ba30d0a162e07978d5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 517ca014d4d511fb05a8cbc980f425fd
SHA1 f9a9c58e3b716412cd331c81955c0c74022d6438
SHA256 d317af184585c76dcb8e9e10afcb369ba9ab4035629067de42fcd331d3652c15
SHA512 7d234f6c81b66dfb68ae55caf5821b9b36dcd1d24c8d2827c9962708dd1d16124c31a256f903b652d2d9dc1e0bc245c409fbc4662b8d69d4b03ad1f5d3a1a9cd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a57b8836f183ac1df7acb26373f41852
SHA1 c260fa4a6b338aa46679729c5af18cb0f4a357e9
SHA256 7a59c36c7b9c656117552d61444c3d4bc54c7e132f3df59954fe7d19d8b842e6
SHA512 39e1b91b9cf3aa0726430607fc0274406e97de94e4e5138c52989d36d4f71e296359e84ae2ab3ac9368a2d6db82ebf3adaaad1a106e70b7e391fc82f83c92803

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 4fc1fe39d561244ce9e04d4af0f8b609
SHA1 21affba4aa476c9a3095d27f2774a9bce9485995
SHA256 7e85aeeb34d6a79ca74b7a5228d133693ac2e9fe36c9d82b88cd2af27e4218a2
SHA512 022adc0b5f327ced866bed61f5a5eb8b98ad6e032ae5a4f6e66860c5b5931c0843471ea09057ad5d8f281a93c86211a8f42011eb0fe76f6d7179e0d12bb609a8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 53edb8b704dbc1c74d03595b6d8b87fa
SHA1 492df00e5eddec1e6987223251ea1562e8b2d35e
SHA256 fa164fa02bf5b9eb5e5fac2199b8cd3fd26c59890888c637102c1a73d4e4ec63
SHA512 d7986730d8ecaa31ae70cef9e283157df0ddfe53d29d8475a30f4dea7b6000d2ea9586d7c8888058c8ebe1919d9548effa7259e7e90ead5aec6641d197a57bac

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2946b536b07f34f53e9a2a5ec993e4a3
SHA1 8c2c329abaf466903b1ca8288f0ae7df262cba7e
SHA256 d4715749f3b8a1d2f477347998b2becbd2e0214f33d1f86b076b5e6eef90139a
SHA512 d101c2e8ee969ae827d295c71bd4cfd80e8bf00b9bf437338185ddfcd53a4b769b419bab0fd410c72aa7fa37523fc9c4ccaf082ab65c3efd3da8541b15087e30

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c6f63621220f6a3232adf90ff8edd982
SHA1 254d719b65bccc8722652b5f37632d3912d49f0d
SHA256 5e364a7440b53b3520324e4151cef322b517154e23890dce9febe36de95769ce
SHA512 cec13517232bccff6f0dd6ad68dd827d70dde7530e1cb45aee36aacf3f390c8c343657d92e0d45464dde3a3ea414ef3b30944f6874fb18089f8ec761e119d96d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 15b3d978ea36cd45b0c9bfd8308a3345
SHA1 d08d6580a1faf6db4a3a33e694580b9b9545bb0a
SHA256 f5e3aa8311541c95524ee568de9d38f1f10b02bf7095f8f78de784fd08f8f816
SHA512 4b4d19d3488aedb31a2daf9ee22ded226b3015ec70c18d2e023babe7dcdf998b9b3059523876a6fda9b5da585f4d052750b39a91dd9a29a9d0e79ae29942dfa2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 32ae0014564c8c33c5baf6facd6fd5e0
SHA1 db6e7d944abff6b71d720cd7f3ca8b6810bc15db
SHA256 0798297d2ce11e52c83b5edf59693c0fb17cc2c2c876364d52f849cea1b0c9cc
SHA512 ae4e648dbb0cf29227183356ff5c6d375911174a283633e36af4dd7f7b1d44c6bb609ba9ec08f2785489b8182518d44e4996bb90b20ec31bda059ccfd8204049