Analysis Overview
SHA256
07bee4c09169af71baae203962228143502b474937517b6ebd802da3f78ede76
Threat Level: Known bad
The file 241218-ppqm5szpdn_pw_infected.zip was found to be: Known bad.
Malicious Activity Summary
Detect Pysilon
Pysilon family
A potential corporate email address has been identified in the URL: 6633dd5dcff475e6fb744426_&@2x.png
Legitimate hosting services abused for malware hosting/C2
Browser Information Discovery
Detects Pyinstaller
Unsigned PE
Suspicious use of SetWindowsHookEx
Suspicious use of AdjustPrivilegeToken
Modifies data under HKEY_USERS
Modifies registry class
Opens file in notepad (likely ransom note)
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
Suspicious use of WriteProcessMemory
Suspicious use of SendNotifyMessage
Enumerates system info in registry
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-12-18 20:58
Signatures
Detect Pysilon
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Pysilon family
Detects Pyinstaller
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-12-18 20:58
Reported
2024-12-18 21:04
Platform
win7-20241010-en
Max time kernel
121s
Max time network
130s
Command Line
Signatures
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeRestorePrivilege | N/A | C:\Program Files\7-Zip\7zFM.exe | N/A |
| Token: 35 | N/A | C:\Program Files\7-Zip\7zFM.exe | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\7-Zip\7zFM.exe | N/A |
Processes
C:\Program Files\7-Zip\7zFM.exe
"C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\AppData\Local\Temp\241218-ppqm5szpdn_pw_infected.zip"
Network
Files
Analysis: behavioral2
Detonation Overview
Submitted
2024-12-18 20:58
Reported
2024-12-18 21:07
Platform
win10v2004-20241007-en
Max time kernel
479s
Max time network
483s
Command Line
Signatures
A potential corporate email address has been identified in the URL: 6633dd5dcff475e6fb744426_&@2x.png
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
Browser Information Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133790291731976804" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\Shell\SniffedFolderType = "Generic" | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\LogicalViewMode = "1" | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1092616193" | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\FFlags = "1092616193" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\GroupByKey:FMTID = "{00000000-0000-0000-0000-000000000000}" | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\GroupByKey:PID = "0" | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:FMTID = "{00000000-0000-0000-0000-000000000000}" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\GroupByDirection = "1" | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\MRUListEx = ffffffff | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3} | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\Mode = "1" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0a00000001000000 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7} | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\NodeSlot = "1" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\Shell | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\Instance\ | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4336a54d-038b-4685-ab02-99bb52d3fb8b}\Instance\ | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a0000001001000030f125b7ef471a10a5f102608c9eebac0e0000009000000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4336a54d-038b-4685-ab02-99bb52d3fb8b}\Instance\ | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\0\MRUListEx = ffffffff | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\IconSize = "48" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\GroupView = "0" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3} | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 0202 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Mode = "4" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\Mode = "1" | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Mode = "4" | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\IconSize = "16" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:PID = "0" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:FMTID = "{00000000-0000-0000-0000-000000000000}" | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByDirection = "1" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-3227495264-2217614367-4027411560-1000\{93FE3800-C8ED-4196-9088-7FA7AB74EAD8} | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\LogicalViewMode = "3" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\GroupByDirection = "1" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\FFlags = "1" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0a00000001000000 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\FFlags = "1" | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupView = "0" | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:PID = "0" | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1 = 14001f50e04fd020ea3a6910a2d808002b30309d0000 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\GroupView = "0" | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByDirection = "1" | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\GroupByKey:FMTID = "{00000000-0000-0000-0000-000000000000}" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7} | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a000000a000000030f125b7ef471a10a5f102608c9eebac0e0000009000000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\Shell | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\GroupByKey:PID = "0" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 0100000000000000ffffffff | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\0 = 3a002e803accbfb42cdb4c42b0297fe99a87c641260001002600efbe11000000a163b9e99718db013bd2f7b98f51db013bd2f7b98f51db0114000000 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\MRUListEx = 00000000ffffffff | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Opens file in notepad (likely ransom note)
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\NOTEPAD.EXE | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\7-Zip\7zFM.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Program Files\7-Zip\7zFM.exe
"C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\AppData\Local\Temp\241218-ppqm5szpdn_pw_infected.zip"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ffd2254cc40,0x7ffd2254cc4c,0x7ffd2254cc58
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1840,i,5223848901113934712,7126673811581152452,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1836 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2212,i,5223848901113934712,7126673811581152452,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2256 /prefetch:3
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2300,i,5223848901113934712,7126673811581152452,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2476 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3180,i,5223848901113934712,7126673811581152452,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3192 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3284,i,5223848901113934712,7126673811581152452,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3276 /prefetch:1
C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3816,i,5223848901113934712,7126673811581152452,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3724 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4772,i,5223848901113934712,7126673811581152452,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4872 /prefetch:8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4964,i,5223848901113934712,7126673811581152452,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4988 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=5092,i,5223848901113934712,7126673811581152452,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5276 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=4500,i,5223848901113934712,7126673811581152452,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5560 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=4528,i,5223848901113934712,7126673811581152452,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5444 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=5536,i,5223848901113934712,7126673811581152452,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3500 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=5300,i,5223848901113934712,7126673811581152452,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5436 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=5044,i,5223848901113934712,7126673811581152452,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5464 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=5404,i,5223848901113934712,7126673811581152452,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5632 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=5596,i,5223848901113934712,7126673811581152452,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5028 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5516,i,5223848901113934712,7126673811581152452,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5248 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=5600,i,5223848901113934712,7126673811581152452,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5560 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-appcompat-clear --field-trial-handle=5736,i,5223848901113934712,7126673811581152452,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5492 /prefetch:8
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x468 0x498
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5728,i,5223848901113934712,7126673811581152452,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5832 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --field-trial-handle=5824,i,5223848901113934712,7126673811581152452,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4756 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=5100,i,5223848901113934712,7126673811581152452,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4412 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --field-trial-handle=864,i,5223848901113934712,7126673811581152452,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5616 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --field-trial-handle=4056,i,5223848901113934712,7126673811581152452,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5832 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffd392d46f8,0x7ffd392d4708,0x7ffd392d4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2116,946958385779914854,16258786200656710736,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2156 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2116,946958385779914854,16258786200656710736,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2232 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2116,946958385779914854,16258786200656710736,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2804 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,946958385779914854,16258786200656710736,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3376 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,946958385779914854,16258786200656710736,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3392 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,946958385779914854,16258786200656710736,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4216 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,946958385779914854,16258786200656710736,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4932 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2116,946958385779914854,16258786200656710736,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5040 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,946958385779914854,16258786200656710736,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4000 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2116,946958385779914854,16258786200656710736,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=3240 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2116,946958385779914854,16258786200656710736,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6120 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2116,946958385779914854,16258786200656710736,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6120 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,946958385779914854,16258786200656710736,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5704 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,946958385779914854,16258786200656710736,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5928 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,946958385779914854,16258786200656710736,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5376 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,946958385779914854,16258786200656710736,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5424 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,946958385779914854,16258786200656710736,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3440 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,946958385779914854,16258786200656710736,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5100 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,946958385779914854,16258786200656710736,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4776 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,946958385779914854,16258786200656710736,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3236 /prefetch:1
C:\Windows\system32\NOTEPAD.EXE
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Desktop\tokens.txt
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=2116,946958385779914854,16258786200656710736,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5364 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2116,946958385779914854,16258786200656710736,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5128 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 228.249.119.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.214.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| FR | 172.217.20.164:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | 4.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.249.167.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.179.250.142.in-addr.arpa | udp |
| FR | 172.217.20.164:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 164.20.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| FR | 172.217.20.206:443 | clients2.google.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 53.210.109.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.20.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.187.3.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.32.209.4.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.238.56.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | lululepu.fr | udp |
| US | 104.21.83.132:443 | lululepu.fr | tcp |
| US | 104.21.83.132:443 | lululepu.fr | tcp |
| US | 8.8.8.8:53 | 132.83.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | code.jquery.com | udp |
| US | 104.21.83.132:443 | lululepu.fr | udp |
| US | 8.8.8.8:53 | kit.fontawesome.com | udp |
| US | 151.101.194.137:443 | code.jquery.com | tcp |
| US | 104.18.40.68:443 | kit.fontawesome.com | tcp |
| US | 8.8.8.8:53 | cdn.popcash.net | udp |
| GB | 143.244.38.136:443 | cdn.popcash.net | tcp |
| US | 8.8.8.8:53 | ka-f.fontawesome.com | udp |
| US | 8.8.8.8:53 | dcba.popcash.net | udp |
| US | 104.21.26.223:443 | ka-f.fontawesome.com | tcp |
| US | 104.21.26.223:443 | ka-f.fontawesome.com | tcp |
| US | 104.21.26.223:443 | ka-f.fontawesome.com | tcp |
| US | 104.21.26.223:443 | ka-f.fontawesome.com | tcp |
| US | 3.233.103.94:443 | dcba.popcash.net | tcp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| FR | 172.217.20.164:443 | www.google.com | tcp |
| BE | 74.125.133.157:443 | stats.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | a.nel.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 104.21.26.223:443 | ka-f.fontawesome.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | 137.194.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.40.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 136.38.244.143.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 223.26.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 94.103.233.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.80.190.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 157.133.125.74.in-addr.arpa | udp |
| FR | 172.217.20.164:443 | www.google.com | udp |
| BE | 74.125.133.157:443 | stats.g.doubleclick.net | udp |
| US | 104.18.40.68:443 | kit.fontawesome.com | tcp |
| US | 104.21.26.223:443 | ka-f.fontawesome.com | udp |
| US | 8.8.8.8:53 | p.hogmc.net | udp |
| US | 54.80.91.70:80 | p.hogmc.net | tcp |
| US | 54.80.91.70:80 | p.hogmc.net | tcp |
| US | 54.80.91.70:443 | p.hogmc.net | tcp |
| US | 8.8.8.8:53 | on.syndetimmit.shop | udp |
| NL | 23.109.170.226:443 | on.syndetimmit.shop | tcp |
| US | 8.8.8.8:53 | 70.91.80.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | utendpacas.top | udp |
| NL | 23.109.170.253:443 | utendpacas.top | tcp |
| NL | 23.109.170.253:443 | utendpacas.top | tcp |
| US | 8.8.8.8:53 | parisiigross.top | udp |
| NL | 23.109.170.152:443 | parisiigross.top | tcp |
| NL | 23.109.170.152:443 | parisiigross.top | tcp |
| US | 8.8.8.8:53 | 253.170.109.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.170.109.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 152.170.109.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 48.229.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | discord.com | udp |
| US | 162.159.128.233:443 | discord.com | tcp |
| US | 162.159.128.233:443 | discord.com | tcp |
| US | 8.8.8.8:53 | cdn.prod.website-files.com | udp |
| US | 8.8.8.8:53 | ajax.googleapis.com | udp |
| US | 8.8.8.8:53 | cdn.localizeapi.com | udp |
| US | 162.159.128.233:443 | discord.com | udp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| FR | 216.58.213.74:443 | ajax.googleapis.com | tcp |
| US | 104.18.160.117:443 | cdn.prod.website-files.com | tcp |
| US | 104.18.160.117:443 | cdn.prod.website-files.com | tcp |
| US | 104.18.160.117:443 | cdn.prod.website-files.com | tcp |
| US | 172.67.41.53:443 | cdn.localizeapi.com | tcp |
| DE | 172.217.16.195:443 | beacons.gcp.gvt2.com | tcp |
| US | 104.18.160.117:443 | cdn.prod.website-files.com | udp |
| US | 8.8.8.8:53 | d3e54v103j8qbb.cloudfront.net | udp |
| US | 8.8.8.8:53 | cdn.discordapp.com | udp |
| US | 162.159.130.233:443 | cdn.discordapp.com | tcp |
| FR | 52.222.153.83:443 | d3e54v103j8qbb.cloudfront.net | tcp |
| US | 104.18.160.117:443 | cdn.prod.website-files.com | udp |
| US | 8.8.8.8:53 | 233.128.159.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 170.201.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 117.160.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 53.41.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 163.20.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 233.130.159.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 83.153.222.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | geolocation.onetrust.com | udp |
| FR | 172.217.20.174:443 | www.youtube.com | tcp |
| US | 104.18.32.137:443 | geolocation.onetrust.com | tcp |
| FR | 172.217.20.174:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | 174.20.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 137.32.18.104.in-addr.arpa | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 172.67.41.53:443 | cdn.localizeapi.com | udp |
| FR | 216.58.213.74:443 | ajax.googleapis.com | udp |
| US | 8.8.8.8:53 | remote-auth-gateway.discord.gg | udp |
| US | 162.159.130.234:443 | remote-auth-gateway.discord.gg | tcp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| FR | 172.217.20.202:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | 234.130.159.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 202.20.217.172.in-addr.arpa | udp |
| US | 162.159.130.233:443 | cdn.discordapp.com | udp |
| US | 8.8.8.8:53 | js.hcaptcha.com | udp |
| US | 104.19.230.21:443 | js.hcaptcha.com | tcp |
| US | 104.19.230.21:443 | js.hcaptcha.com | tcp |
| US | 8.8.8.8:53 | 21.230.19.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | newassets.hcaptcha.com | udp |
| US | 104.19.230.21:443 | newassets.hcaptcha.com | tcp |
| FR | 172.217.20.202:443 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | api.hcaptcha.com | udp |
| US | 104.19.230.21:443 | api.hcaptcha.com | udp |
| US | 104.19.229.21:443 | api.hcaptcha.com | udp |
| US | 8.8.8.8:53 | 21.229.19.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | imgs3.hcaptcha.com | udp |
| US | 104.19.229.21:443 | imgs3.hcaptcha.com | tcp |
| US | 8.8.8.8:53 | 170.117.168.52.in-addr.arpa | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| DE | 172.217.16.195:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | api2.hcaptcha.com | udp |
| US | 162.159.130.234:443 | remote-auth-gateway.discord.gg | tcp |
| US | 162.159.130.234:443 | remote-auth-gateway.discord.gg | tcp |
| FR | 172.217.20.202:443 | content-autofill.googleapis.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 162.159.130.234:443 | remote-auth-gateway.discord.gg | tcp |
| US | 8.8.8.8:53 | 22.160.190.20.in-addr.arpa | udp |
| US | 162.159.128.233:80 | discord.com | tcp |
| US | 162.159.128.233:80 | discord.com | tcp |
| US | 162.159.128.233:443 | discord.com | tcp |
| US | 162.159.130.233:443 | cdn.discordapp.com | tcp |
| US | 104.18.160.117:443 | cdn.prod.website-files.com | tcp |
| US | 172.67.41.53:443 | cdn.localizeapi.com | tcp |
| FR | 216.58.213.74:443 | ajax.googleapis.com | tcp |
| US | 8.8.8.8:53 | d3e54v103j8qbb.cloudfront.net | udp |
| FR | 52.222.153.27:443 | d3e54v103j8qbb.cloudfront.net | tcp |
| US | 104.18.160.117:443 | cdn.prod.website-files.com | tcp |
| US | 8.8.8.8:53 | 27.153.222.52.in-addr.arpa | udp |
| GB | 95.101.143.202:443 | www.bing.com | tcp |
| GB | 95.101.143.202:443 | www.bing.com | tcp |
| GB | 95.101.143.202:443 | www.bing.com | tcp |
| GB | 95.101.143.202:443 | www.bing.com | tcp |
| GB | 95.101.143.202:443 | www.bing.com | tcp |
| GB | 95.101.143.202:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 202.143.101.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 17.201.222.52.in-addr.arpa | udp |
| US | 162.159.130.234:443 | remote-auth-gateway.discord.gg | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 104.19.230.21:443 | api2.hcaptcha.com | tcp |
| US | 162.159.130.234:443 | remote-auth-gateway.discord.gg | tcp |
| US | 104.19.229.21:443 | api2.hcaptcha.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| GB | 95.101.143.202:443 | www.bing.com | tcp |
| GB | 95.101.143.202:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | file.io | udp |
| US | 143.244.215.221:80 | file.io | tcp |
| US | 143.244.215.221:80 | file.io | tcp |
| US | 143.244.215.221:443 | file.io | tcp |
| US | 8.8.8.8:53 | www.file.io | udp |
| US | 8.8.8.8:53 | 221.215.244.143.in-addr.arpa | udp |
| FR | 3.165.113.34:443 | www.file.io | tcp |
| FR | 3.165.113.34:443 | www.file.io | tcp |
| FR | 3.164.163.87:80 | crt.rootg2.amazontrust.com | tcp |
| US | 8.8.8.8:53 | hb.vntsm.com | udp |
| GB | 79.127.237.132:443 | hb.vntsm.com | tcp |
| US | 8.8.8.8:53 | 87.163.164.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.113.165.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 132.237.127.79.in-addr.arpa | udp |
| GB | 79.127.237.132:443 | hb.vntsm.com | tcp |
| GB | 79.127.237.132:443 | hb.vntsm.com | tcp |
| US | 8.8.8.8:53 | hb.vntsm.io | udp |
| US | 8.8.8.8:53 | hb-vntsm-com.global.ssl.fastly.net | udp |
| US | 104.22.47.142:443 | hb.vntsm.io | tcp |
| US | 151.101.193.194:443 | hb-vntsm-com.global.ssl.fastly.net | tcp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| BE | 74.125.133.157:443 | stats.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| FR | 216.58.214.67:443 | www.google.co.uk | tcp |
| US | 216.239.34.36:443 | region1.analytics.google.com | tcp |
| US | 8.8.8.8:53 | 142.47.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.193.101.151.in-addr.arpa | udp |
| BE | 74.125.133.157:443 | stats.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | 110.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.214.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.34.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.2.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cadmus.script.ac | udp |
| US | 8.8.8.8:53 | ad-delivery.net | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 104.26.3.70:443 | ad-delivery.net | tcp |
| US | 104.18.23.145:443 | cadmus.script.ac | tcp |
| FR | 216.58.213.66:443 | securepubads.g.doubleclick.net | tcp |
| US | 104.18.23.145:443 | cadmus.script.ac | tcp |
| US | 104.26.3.70:443 | ad-delivery.net | tcp |
| FR | 216.58.213.66:443 | securepubads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| FR | 18.245.202.34:443 | c.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| US | 8.8.8.8:53 | gum.criteo.com | udp |
| US | 8.8.8.8:53 | id.hadron.ad.gt | udp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| US | 8.8.8.8:53 | api.rlcdn.com | udp |
| DE | 162.19.138.82:443 | id5-sync.com | tcp |
| US | 3.33.220.150:443 | match.adsrvr.org | tcp |
| US | 104.22.5.69:443 | id.hadron.ad.gt | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 8.8.8.8:53 | 145.23.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 70.3.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.213.58.216.in-addr.arpa | udp |
| DE | 162.19.138.82:443 | id5-sync.com | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 104.22.5.69:443 | id.hadron.ad.gt | tcp |
| US | 3.33.220.150:443 | match.adsrvr.org | tcp |
| US | 8.8.8.8:53 | 34.202.245.18.in-addr.arpa | udp |
| US | 34.120.133.55:443 | api.rlcdn.com | tcp |
| US | 8.8.8.8:53 | lb.eu-1-id5-sync.com | udp |
| DE | 141.95.98.65:443 | lb.eu-1-id5-sync.com | tcp |
| US | 8.8.8.8:53 | cmp.inmobi.com | udp |
| US | 8.8.8.8:53 | config.aps.amazon-adsystem.com | udp |
| FR | 52.84.174.60:443 | config.aps.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | secure.cdn.fastclick.net | udp |
| US | 8.8.8.8:53 | cdn.hadronid.net | udp |
| US | 8.8.8.8:53 | cdn.id5-sync.com | udp |
| US | 104.22.52.86:443 | cdn.id5-sync.com | tcp |
| US | 104.22.53.173:443 | cdn.hadronid.net | tcp |
| GB | 23.208.240.151:443 | secure.cdn.fastclick.net | tcp |
| GB | 23.208.240.151:443 | secure.cdn.fastclick.net | tcp |
| FR | 52.84.174.60:443 | config.aps.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | 82.138.19.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 55.133.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 69.5.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 150.220.33.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 65.98.95.141.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.52.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 173.53.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 151.240.208.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | proc.ad.cpe.dotomi.com | udp |
| NL | 89.207.16.146:443 | proc.ad.cpe.dotomi.com | tcp |
| FR | 52.222.149.52:443 | cmp.inmobi.com | tcp |
| US | 8.8.8.8:53 | 146.16.207.89.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 52.149.222.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 60.174.84.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | a.ad.gt | udp |
| US | 104.22.4.69:443 | a.ad.gt | tcp |
| US | 8.8.8.8:53 | i.clean.gg | udp |
| US | 34.95.69.49:443 | i.clean.gg | tcp |
| US | 8.8.8.8:53 | 69.4.22.104.in-addr.arpa | udp |
| US | 34.95.69.49:443 | i.clean.gg | udp |
| US | 8.8.8.8:53 | 49.69.95.34.in-addr.arpa | udp |
| US | 143.244.215.221:443 | file.io | tcp |
| US | 216.239.34.36:443 | region1.analytics.google.com | udp |
| FR | 216.58.213.66:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | fundingchoicesmessages.google.com | udp |
| FR | 142.250.179.78:443 | fundingchoicesmessages.google.com | tcp |
| FR | 142.250.179.78:443 | fundingchoicesmessages.google.com | tcp |
| FR | 142.250.179.78:443 | fundingchoicesmessages.google.com | udp |
| US | 8.8.8.8:53 | 78.179.250.142.in-addr.arpa | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
Files
\??\pipe\crashpad_4928_DQDDOAWDTBQHTFSA
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState
| MD5 | b551e9f21953af0644cfa080fec76db9 |
| SHA1 | c15a16936c70b4f454d8a1f3a2703fcdcf92d32e |
| SHA256 | 187264327d335a04d87e4aa27f3a5f85cd9ed164ae61801536cd2199800fa026 |
| SHA512 | 3af402d22766f0e3116a23ebfb59d8d905d0ef69c7b813f3cd6ba0c5ad6f27c60b78c05b72a5ae664c716d8d8c5a9b82b39e805c5cf4caadab73b4bb302bef55 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | cb1b3619fdb2322c15bfd6ba916bdba0 |
| SHA1 | 5430c06985b70ad4dfa05ce688a5c7006961eb26 |
| SHA256 | 80c0b091666fc296870f80eca0a53937d4652f3f8720d2a9420b4cec40a52756 |
| SHA512 | 869291725bdb911718e89505e3587ac525feea6079d8d64cff28c57bcaebd7d6ace67cb95ac549609f9532bdad004590149ce18c3aea58d5e8618cd1060fb1ad |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 61cc48439584bf28d9d843e9a42f833f |
| SHA1 | a56d91d05f47e3838e32ddc6a4f5d09d635f04da |
| SHA256 | 5c49120cea3ffcc9fa29cd767e09185efddfb2336e63cc4b628b6d5228207235 |
| SHA512 | 0f218e590c114f7d0765445d7f92fa73b044f2074cbc8e13d463ebe926dc60bea9d444c47fcf4d6fdfb8c7193d56168bb3a9d9f9aaa8aedbcc476f77f64e42af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | d54a78929e5077da1618bf584d02e7ff |
| SHA1 | 8e987b63a08e20903d427d927845ee7197b54df9 |
| SHA256 | 69cfebc819447f8ecc0cc07f16164e39571db8b5f098e48787602825357616b7 |
| SHA512 | 02ba053041c96728a72ffba1925e7613cc97f792bc6bae1bbbc7dd24266a656e4d056fb6b67c3888e86c0e56ed2f293e2852eafa8457e2fdd6289170cef028b1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
| MD5 | ebc71f748b7d742cd267cbc7c73a39ef |
| SHA1 | 933766747b0138f995d36732c51eadc0f0ecd711 |
| SHA256 | 023219963dfc04cf0c8f96fb648bd9fefc18b78979fb5951f7674dedd67ca18e |
| SHA512 | e7f448c81c72b83cae4e2e1ecdf0f63f5b788307e786119a17a0ad72a7c967afd62c945539e47a4bcdc83411be8df94658ec7fa936019c86f4cfbaf218792afb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e9f612e2aa1b5cdfe7fc84cbe41d8b8b |
| SHA1 | 36350ae8aafb89aa9aaebf874093fe57c7caf55c |
| SHA256 | 40cc96f9064befdf720c696864f83c03e62659ca68c2b4dfcc8ffdc53f0e1712 |
| SHA512 | d97ed853aacd28308b689af9efb592d3f65b86caf10d686c8a0f9cdb94da28cdf64460bce07e4b1888954a7b943899482fa8b52fa4e47dbde2880aea43c761df |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 9f68ba2235df3c78501af355786d7d77 |
| SHA1 | f505cac66459d04410b13bbb00b0ca821f366f21 |
| SHA256 | 853d08042cc294da0ce06627567e001e43e8c40833b9148f6eb14d45428c09fd |
| SHA512 | 77b9600b2806985004ea9ade5899caa0cebee99d0e1fd0f053d4d8822b1c347798284e41dfb3c468b45e36a28dff81c7da4f901b3e1ac7e78e723df824fed970 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d7d35f16dfe2799f1b343e1efd5f031d |
| SHA1 | c8db1e9bed4812592b7c8db2879a2f764647907a |
| SHA256 | 4eb79e59675f5389c45fcdf2d7bec8e7136f7eda1e72f9e177563c2a9ae9a492 |
| SHA512 | dc5063bc4b5bceda100fbc595726507a9b9f3fe562cc41f253168dcd9edb5e62d945a54ee9f15ec112625fccd2d8c9b5d88299d5c97e0fde6a3d6df4e0ed844e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | e69ea3935c0437d9b35926a809d7856a |
| SHA1 | 6d68adcf279450e74ed8a582daa62acf90540f65 |
| SHA256 | 88b1a5ea746cf102ed55e7305af777e6ca2765e05ebbc2161de4dcf21cf726d0 |
| SHA512 | 07eee47cfd8f22f4e9eb4c85173e0bea6746f6fdf7101302c17ed740dbe8c4aa6ef5c2503a98c1762956c2cf374589af429caff540279e52f3abea7411f78415 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000007
| MD5 | fd78818951f52abaf931540cd40b00a2 |
| SHA1 | a7a366b6702367cafa9594751df7b86b4e02ea3f |
| SHA256 | 80727e0a49f082f50dca0067bdb900f18f1b78af8cb868154f6abb680e276020 |
| SHA512 | 425a8b2887851243aae3516a9fc7014fe502b8198e7aa8383218f2e09bf606e00086f1b242c3d633ee375d394444c52f31819aaf8f65039073cc5f6f501e88e0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3b75d7db4dc13a60929169c1cd40996d |
| SHA1 | ecb6cd19ed7ddf424c8d8e1605c4a2292018ffb4 |
| SHA256 | 3a900b44380bc91692cba8cbba6851beebc6d4e6dadb587348f33b1937e422a6 |
| SHA512 | 0792026ba284a037f9534d639f3fdd7f292faf984633640b27aac186872106ae464d85368e4fe393293a2ff6fb7f5cf6df917c29e8e6abef2bbe0c04e0afbda0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | e23d586481329215441d08c38e98c788 |
| SHA1 | d7598a391b42ec9ebc03aa82b22168e4037c1923 |
| SHA256 | 4e2c275f207ce5fb4aa4bf583614d1fdf7ac9f78bf6479b00f4d9344a6e7f4be |
| SHA512 | 05809fa289c9e952b33b8c4a98b21251c5db0717ec26656710eac8ddf21269087a61bb9a83dae8a104fcea7753facf0b916aaf9ec6ea0b7245b631a1ef8f86d1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 483980b0686947d45d4165bf1b020812 |
| SHA1 | 6b66d4d180a4bba3ca469ed675e83345a49cebe9 |
| SHA256 | a7792807be9371141911cc0898114ee2b694cc7676256cceca68344f5ab51b6c |
| SHA512 | f0c19775bed2825d5e713c93e0ff6f939a2f01238c02ddba081d3069ea017eb8debfc1d76f07d38cacaafcb1a1549b7a25ef76e8fd6245d381ddc46add7347a6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7673cd61dda285c04fffe7ce04d66245 |
| SHA1 | 06d98c68f79988dddff9a84978e73f533190948e |
| SHA256 | dbf00999ab2ceadecc65625a35f9719a817b8ea90ac492986ca06d9b99abb288 |
| SHA512 | 021a35d623a16e39a33b2a087861b7a1fc478363d4e2f277f900ec8773776879adc93cd760482faafe160413ddbcfd767153e64728de4a1e4288e3c1681884e5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 2be6c56d2f920118ddd7c8670dbd1033 |
| SHA1 | 5533bfa72868fadceed0f8f55b82286a418d1784 |
| SHA256 | 11ec62235a2441e7b11fa321fb906be8028dfabf1b3f6a52d0ed380cb1213d05 |
| SHA512 | dd81d33c5ce6a9fee5f8271e132eb373d39796ff09e693154fcdcbac3aa0fb376c134e10c178182ba0a6291cfaf894f334f83e4edc57a6a9ff38048f376e6f3b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | e01ba6dcbd2ac20690148edd80217923 |
| SHA1 | 7fc3f8abbe6c32509d67050ddb903da0606030c3 |
| SHA256 | e8aa190bea8850ebb31b5c291bfae754bfe878c512720a841ccacd50d9a852c8 |
| SHA512 | 7b48ee3f897bcdd3af14482ec39a6ec3814651e5674c572ab04165bcbd9724ab378fe6c42d2b3417d8859f2560df54973fad933c9403a160d462f328758b8e49 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 3baa6ae0fbb8d95e641a6ec69f847a3c |
| SHA1 | 8abcdb070f7c45283b4d2e8bc2dccda8d38affa6 |
| SHA256 | 5952457ff3a1deccf60486ca4c7c5b0da771bb0535c8881637568f169c7084c2 |
| SHA512 | 389db0a9158f6a3838874f05b40700448028d893e2355a07fbb80c86ef2b30bf8475533b0bffbfe7984b1f0cd86fe8e88f5e45db03c3487ef4b5df5fd629e002 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 878b7daa83b9b12a892c360bd22b81de |
| SHA1 | bb7db403793760aeab639e1984b48dccd554c7e6 |
| SHA256 | 16467d7217f960e3c74ee8c8ebcbffef33b22608655e8c2015eba8e9ea29fb31 |
| SHA512 | 130007d812a1f79f6c8e2dab6e9743b5a91387a04215ed38801ab366b1a795de026e23d4a1ae0036a833f8222dc4898507a49dbd85ca37f8b4519f8032dc09ea |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 81c6c5ff47866e220152e51af69e5aff |
| SHA1 | 604afb8a50ca0d4004ae49d0bd80aa2b5632ccc9 |
| SHA256 | a9e5d965c206adb3e072aff0421cf66c2a401941492bdb111024ce1d27d61a02 |
| SHA512 | a4c587b1f4ddd98ac21e57b2840e9015cbaef173d67d9483052fb3926471bda628dcb31b1014e1fe45bde49b19a8377343e9640c407f8833739c1a6900f16db1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | fbbb8e73cfb7f334787c064e662ad7e4 |
| SHA1 | 009e398ecbef54cf883a6114f1dc7de357fff78e |
| SHA256 | 4bfcdb5fc3c96e6a3835ce3103dfacd3d99d93d883fc1ff3c934009541cbec6f |
| SHA512 | 9579d0f1d626fb90af5d14cdc4d47c271998c3792d46f3058725c508a42b450f467e7fe13e23b7a9d95f4c158721b739d0e4725938e3c4955758b71da332df4d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 6f0851b2c0cca36a69da69fa8d10a388 |
| SHA1 | b05d9952594c9f9a81843df7aaf547471a8e679b |
| SHA256 | 48f7c7d6b83e1dedafa3905661316db4b432212e63456d51d20526ea9f7a28f2 |
| SHA512 | 8f89945cfa7d1615f1ba3031d55fe46a3ed09150e827e9b60965d284b3457eb14aaad8262b31c7d4897f2ba9f4cbd39f2a573225e07857f9984f41fe49838e7b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 148571f2115d618126b89c7011089bba |
| SHA1 | cade876055520d5cdaeb706f3b31c446ff1e262a |
| SHA256 | a831fb940b65fb53050edb4e65f7c506b345316627a5b005bc85d3fa1ad421c3 |
| SHA512 | cf48e69d611df516ad78bacec7807c3d4a6b9a4704bbc1d8660e452104b86868f84a98fcd5e9a30a73d1804c339ca66c04a0b26ce77d61271b713779c4e14a6c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 87c9303c858a718961292275e6afd24d |
| SHA1 | a9d5d5284a48114a9ae2a5813bac595d3d5e004b |
| SHA256 | 87f40aa64b90a5315fe91e7e2461422b0a08951a381664f6e91ff2b1f68042e7 |
| SHA512 | ada23f62699d310699bf367c27f33e8fc91ec5e2cb7b1a2e0a0e55d891136e2862756e31fb5d991c540ff82f4f8db12b13fcee1ae8028973ae3cd1697161acda |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3680f5b66ede724a663e6d6fcb8f97a1 |
| SHA1 | 0c6fa536abc75df51c7ca7add3996a41a682aa21 |
| SHA256 | fc7dd52035e3e25b86f79f5d73e46bd139f116393bc5e5bcea92b818b6f20ed4 |
| SHA512 | ffa916f39d1a6ca36399f117e514d5da676e68a0a45db8ec48d0e2472b0c43b7f7512a693b39ada8b56abd76794fba4be1199d7c95ad591e2116beac038c0cd3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | d1b3e1977165d9bb5882d57e888ef92b |
| SHA1 | 79b8960c08ce4dbc7c049c430d7fa5e02583f55d |
| SHA256 | ed3e10614e1138f8125b914046fe07f700504ea5509eb97137a365c542c42d24 |
| SHA512 | 67f53640bc5f65f93a4afedee337c7f9d336ce2b832be131052c535c946a20a610938ab0976837e4198e5ce28a982e496bbe90255cfbebf73f745076cc73d786 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 3c6c73a9ca06b08da2d506e92d321491 |
| SHA1 | 143e25483735dc5232899946f27a3f6f45c0da38 |
| SHA256 | e4d4c5277985cf3ae40d32a6c47ac889ce6ce9de7e909bc8e7b88f1ee74ef5f0 |
| SHA512 | 9dbd8acdfc4c54dc57455f47209468e22102577e26f0d48caa33df038071b360b4b41fe3a1bcfd86833ffe6284793aae08bad1e18c3ced3cac1d685c45748f98 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | c7e2ffa20ef0659852d6f108659cd20d |
| SHA1 | 49139b158cc5d269680f92ca25d1ba2e06466063 |
| SHA256 | cbb232a9cf81210990a174b254bef36ee918ec52e28607217d02f0c5e06a4a74 |
| SHA512 | 436f8648b06a671d9bedf6fab376888a05f985fca7ad4ef11bfb137add53fdce85dd93e00352fa9779e11e6397a574d0d2cb131808ef6abb57feb9f192db48a4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | a1896a4651fb5c3497e820194491b46a |
| SHA1 | 2c3daf27ebeb9cd1e8f56216135ad7e4084f696e |
| SHA256 | 86f319ec94bbaaef052de9600e0ea03cddcfcc64a8ef9904a81b63dbf0a05cdd |
| SHA512 | 1eb5a8d32a6f658c957eaafa8501376423ea6eaf5996e38a890b020b0d3dc16117f6a522e2b3ec62488d5ddf01e6a020f90d19f662362d90cb7fe20a2c59618d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | a315448c8f0466b982d9b7121b427d3a |
| SHA1 | 141fb3ec44cbb5d2b3d60dd91857af7b19bd5fe0 |
| SHA256 | 91a012ca7b731930a821f9d91f7638608e82313867d3b55640204147b8737b4c |
| SHA512 | 6d9c13dfa306bd59ba81026e980303b7dc186ea266bee308da0a3ec4e41cacfbcceb877290ec54c6838fccd874a248aa96ec522a874fb8f53b3be1a81b555bd7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 6003cd27e44cd7f2a9e010dde19be066 |
| SHA1 | 2412ca1e923abcbbaf424adfdd71c5feaca65067 |
| SHA256 | d98c120220cfb00c590d347fcdd337efd30fd472be3a87afd9ef27641a4be74d |
| SHA512 | b8472b23b2c7c1096eabb64bf7cdea8c0972a926136375af627ef61d1c5f35a8dc716fe45c2e822248ff5a1af7ba43afc76195a0e758183db6777899fe09e11d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | f55bc4bcefc9a9295b278c085d5f84e9 |
| SHA1 | 22598df29df3002a02643e78d67c837e0d91afc1 |
| SHA256 | 60996c364dc84922bb4c4a38fb73e0ba4fbf6f49fef1d4d22fb8dbaab590e755 |
| SHA512 | cbfe8b31c15ed5cddff1d7e491eaf4c53e5977493b37fa0e7bbe2498e373e98647a1217aa917a785998c29ff30e6f3def3a54ff4becdb27782999106f9dbdc75 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000049
| MD5 | 086cd4bfc33a9214939a2e914ae428b1 |
| SHA1 | 8728bac835cdd5d7ad832c6fc259ebd5ac46da88 |
| SHA256 | d9bc0191f4511e05a63d02722ea4ce4c953742bd33698120d514d3d862f1308b |
| SHA512 | a6d124d4fd8dcc7ac1a4c8be5475407626565fcc337e43ddf0971c240145fcb4399054b039dbf25fb92eb5b71aba1357e0b3a09ad34ade01e4ae370be80627f4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00004a
| MD5 | cb0a3e40afa84e931525ed441809e6de |
| SHA1 | bf015a563436c50c534833b26bdb4139ca777a2b |
| SHA256 | efb11c61029cc8ffed157197923544907e7866c01f7aab4917d5e68a6bd5e28e |
| SHA512 | 8db73a7f475c4c5dfddf7896cb562a70e23b30fd186b66910bf15cf7cccd4bbe7677138fe405a61e8ab5c024844033e81255d8ef233738953930af3dd5495040 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 99ae778cc1b4be6f23281be3e3f20a71 |
| SHA1 | 9851e6320ac38ef9c219057164dd9634914cb9ff |
| SHA256 | 78d1479e55bac0aa1c0be73715aa6adfffe377b4a38af5470e8804925ae2f269 |
| SHA512 | 93946ae0eca281f9202656a3121ab1c416351b5cfc56cbae13468d520683daec0ee7c99f3bf7549937ee0e676a780f07afeaa677b0200ba41511f5b86da0f96c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 2c4d16a2f837e54eaed0a071034492d1 |
| SHA1 | dbd2895d5d321849e41ba18d4f90ccc0c6af6efc |
| SHA256 | 30a90b883bf3d073679bd2533646994c59002facefd6e8a83b16ae0a8f0077ff |
| SHA512 | 64f3e5ec876628ac3f1106d98256e52512ac94d7f8b0c3c9e3958227497e95a90696e1dfee8ad62d38ee797238654e77a7ca5b5f6e4c497979e9c9237143ce97 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 9270c465eb331a836665085e9f2f53a2 |
| SHA1 | 51dbb825e2a16a7d76541c0ec27dabf7bab76e13 |
| SHA256 | ca73e35a883e0be844c08e07bb4e2900647b8ac018ff97ef3490db7125c1dabf |
| SHA512 | 5ea3dbad76cbf212a113ffff77d0c02c624782efedd0192728d47dc7f19962f48202ca660806297764d2add6ee3e13bcec2b311d0fb443545c103b5a8b0743a2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | f08839ae7166dc496666ff62ebd1d1bf |
| SHA1 | 9ccd9139a07b2ce1633e39766c1600f435ae631b |
| SHA256 | 883bcb32485eaa3f494c3f74937d33d4a494acae4d4bcd09ab8d156abe4727ef |
| SHA512 | b335c23db6300d8bdf287249fdf45a01e06a640d36268c0b4e5f6984abbe93900f5950afa424b666a949712e7ef5417624b41733e90136a8e8025ae275492381 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index
| MD5 | 9da364de1bc2c99c12c892ced300386b |
| SHA1 | ddcf9c112afea2345792fe286181e178f62faefb |
| SHA256 | 91b8f7fb04a11f36590c374c4e9e388aac43d2fbedddea47d7e373935898554a |
| SHA512 | 97fabcb0d2737da06d85e165d94e98db71e1e4fbc5a8b728af8dee36da524d494b4f01b970398983889e8be2f53ed15cb4526e94efeb91de2cd127cac657dc77 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00004b
| MD5 | e7eb40a17f017e7b0651dec263c01ffc |
| SHA1 | 26fea5c5c688b2ecf33bb6892c9905159b6d48d9 |
| SHA256 | afb8e284cacb33c4d52af3a501a871cf560e4ec94358761743c02f3a21cb1810 |
| SHA512 | d7af8ff7adb71dd5ed1620efd913673e108846e02a7775d012825357fa81ab28dde7bce06592256e9f9c2e91ede6a249a7e6bce91a392f6f7ac0b53ac3ca0123 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 224cccf3948ce08f3a2dd1b151c543ca |
| SHA1 | a2b2e379dafc15fa665045f61dcd66de3e3b5e31 |
| SHA256 | 53bb56ecf3627bdecbbbd4f5a9cc30d07fd3d0ee50fa6b9fed8711e4b041e054 |
| SHA512 | 358766eec97981e3ec4531d44071f6d41ab17ce5257e42915110c42570cb7e28fcd729cf04838d73ddfafb333e3bfc514057fb2ee46e294e86d59ee0de689152 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 64da932ee37219788360fdb6316859df |
| SHA1 | 7d4ae03424130018712d8d80b6d7bc45d0eda9c6 |
| SHA256 | dd64b679fea8472f013c1949300adf9a32792ad3eb7be150caaac05038c50551 |
| SHA512 | ccf027be6b4cf7fc9f0bbe9569d1210ff547ce7e72721226c9f696c32c487022dfea15f64ce33b7d6a7ce504054e0cf8765c402225d3df42581368cbda1b28f8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c3a577e3908891a00ce07bc86bed4acd |
| SHA1 | c1b0972cdc0377d2811fa5359a26ed4805b917a0 |
| SHA256 | 9ba290b6817e4359db71aa56d287e5c2d2994a6bf11a918c0e18b876a2e36b60 |
| SHA512 | c6ce2640e49bb4006af85c973e15a7e3fd0bf5c6e157573605b00f91f2b5a052b790fa68a991c106c0915d7174ba078535e7b91ace1b22c4128ca41b14aa5942 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000038
| MD5 | 563a27019ed6227bc3fdf6a4d7469e92 |
| SHA1 | 92b55c235d67e30fce319970f205415916b8ad73 |
| SHA256 | 432aa72ae8ac909b9995083c012c74c6755cc2c4fbccaade1b92c2aa8c7cc6c5 |
| SHA512 | 66c3151fa1deec730f1d37e5bea7eb4a9589b6915b864faa685c7021f1afdc59eaeaa9f3a0646e5c99a6ebd3375ff285411954f75d957ddc7f1f6fdc6b8b0e67 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00003b
| MD5 | a0450e1a8e0376c6f7510f2975c9b3f2 |
| SHA1 | 22021a2e100814da6433af609411ebdd792e5eb5 |
| SHA256 | 91dbf94cce6e6f4cdd0099e98aab1681654dfd2a3dcd064cf6dd97d2064d4169 |
| SHA512 | e331e801d3ef3ee09442dbdeaa3c7729e96dc5b1223827bf360a12fdf8a7cf1e69db0310db0d49bb0cca569f10cd4b721f36d1a2925c034f59e2f14aaebabc40 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000044
| MD5 | b539750fc23f45ce7fbc0ba9a51712b7 |
| SHA1 | af0697e0ce72e79418473724d6437e51416a9fb7 |
| SHA256 | 52b1efcad1848cb3b9470a5ba9e224114448d5f7a922cb153ecb7572ba16b996 |
| SHA512 | 907636c7289b8617c8fb16648b3533e26fceaa6bc9516e2ac6dcfd270377e77acb2c01ed24096ef61b7468796c1e1fe3fb6213d91c7ebb01f8dcc8b2fe7f43fa |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00003d
| MD5 | 1e71a8430a7c17d68c0ed324bdd08cff |
| SHA1 | 4225805ad18f854fc2f81cca8944a749720f81e0 |
| SHA256 | 3ec795451212352394064e380eac15e204a602ac6783f9e43c01f6820d07b7d7 |
| SHA512 | 7d6cdd26b28688e656f3fde090dba17be5ca0da9c004af45f023c334d26a2f567fb8e1105fe07d2a82b31716bca1a8aa8b3dec4f0a75fcaccf292245d1132d21 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 073fed8159e66085f8aa21e2fca3fa32 |
| SHA1 | 0680178ed61ae48242d8cbfbbb967221735282fd |
| SHA256 | aaccbc590405fd2a1f1ddfad1c60fef8db37def8dbec9e6c23e8f47ab21b0d39 |
| SHA512 | 3e39ea0727eca7c90095567c1015a0a74200fcaf67d391dbbbca048c47c7398278fb4fd23e6ed0a472245e7aa7e27f3b90dfe82ff1f2caf33317559d21f8d08c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 0fe0ad39fcc3c66dcaddca0192ace661 |
| SHA1 | b61380c9a5c991f1e90f5d486c2a8d12a3ab3f64 |
| SHA256 | a209ce59758e41b20743d2b98a20bb1f26f5656f095a91cd8d2173529a810998 |
| SHA512 | f5afd0574a2d5258faa69d3a52976ce33bc1715572aa9127afcab03b80eef857151b9e32142c38ce30f72ed523b6493c9da4c6b3c964283be52920aa35811185 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 36988ca14952e1848e81a959880ea217 |
| SHA1 | a0482ef725657760502c2d1a5abe0bb37aebaadb |
| SHA256 | d7e96088b37cec1bde202ae8ec2d2f3c3aafc368b6ebd91b3e2985846facf2e6 |
| SHA512 | d04b2f5afec92eb3d9f9cdc148a3eddd1b615e0dfb270566a7969576f50881d1f8572bccb8b9fd7993724bdfe36fc7633a33381d43e0b96c4e9bbd53fc010173 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | fab8d8d865e33fe195732aa7dcb91c30 |
| SHA1 | 2637e832f38acc70af3e511f5eba80fbd7461f2c |
| SHA256 | 1b034ffe38e534e2b7a21be7c1f207ff84a1d5f3893207d0b4bb1a509b4185ea |
| SHA512 | 39a3d43ef7e28fea2cb247a5d09576a4904a43680db8c32139f22a03d80f6ede98708a2452f3f82232b868501340f79c0b3f810f597bcaf5267c3ccfb1704b43 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | e0ab6bb529b708ec8abb02dabbf869fc |
| SHA1 | 450864027485c68c7b6108d57bd4cc058315c797 |
| SHA256 | b0f5bb9c51db7db5f06dc2860d23fe797458d208a2f09d9cfbe67ced5f0a63f8 |
| SHA512 | 849fb3c95b8266037be3990abd2da7460b1eaf5e38b259a807844d13ab39f0d2106446216f165351059e746ed076f8a1c9a58c4362db9e0b126ef0bb1bd85c7c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 38b487437f96af3fb510950b6813cbbe |
| SHA1 | 0c7f362854d36650ae37cb3d2ee02c5e081cc588 |
| SHA256 | aed9625c73a861191a83dc7a5bd53d33c323ff50b3a70bb47eb871cd26ed557d |
| SHA512 | c8363928045fcc50559692218546c54d757c88b705aaab5c6bb2e0884cc4b1ff1fa981a903e30d72c3163901afe0366dd023380fa066d0e243f876628f501440 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 358079674f9575a0e2d910359a7873e6 |
| SHA1 | 04acffcb8f6ff4fb2d6e4062f62344f91da02868 |
| SHA256 | d4c0ea4019cc3878d8dc5012400117d99d3ca363eb45c3b4ec479c2141350550 |
| SHA512 | e77880db2d16bf15be54e29de1d6adfdd143317ea9ddb78f74c9b8452abb95a53178c2e6cef839eb92b340b86f59f709bbf4c50227412a4e0fe79181562fbfdc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 17020153f43867de53334d79392504c3 |
| SHA1 | 6b5ec5a63ec5bd32014a61f07010f194719f5df3 |
| SHA256 | 2f55c0c9b3097d938b1154c3919f3c00df12960f15015322b3b4066c06cfb4af |
| SHA512 | d4192972be8a181bfef0d19c5286b114e9e676184b2254cf9f58d71cc5ef70f846d270109d433ce0bef02047dd2c16677d7bcd6b50ee2cc9938b7beaa280dc7f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | f5a0c4faf0971cf4236982acada60c61 |
| SHA1 | 5c2064ed29bd5cd80deed15fd500ca6e0167ca87 |
| SHA256 | c1eb9062beab0f4cd0b8d79e0186a9408317ef6af2e1a8256027d92b47e0562b |
| SHA512 | af7e48335d278b0245c0b3be8ac334c06a02518f290bf04314bd9950ed17b1b954f59cc19c2e6376605bdab62c533289aaeca59ef7228a10b721815f86d48455 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000051
| MD5 | 180b69f6bf96d221e8ae6e915712d32f |
| SHA1 | ff954ea8f472a59ba1081e1ff0e4986e051e552a |
| SHA256 | d76342f5ed7dd94c5752a339e5af374dcdc0da4b81f4d27b4ad27b982be60b22 |
| SHA512 | ff10637099c0c1d7dd1de81d0f1b9ffa6dcb09d55afdad9ce969229e68aa3cbf9676fd9388792cf83b22a33023b7df02c7c6ec4d65e1d7c5fe8b1b3ffe157617 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | e182aeff8198d0aae5a116000597c8ce |
| SHA1 | 31ebc087b3139aac494d67feb7f64dede7e2ec8f |
| SHA256 | 1f91258836722f9713086ee01242d1a73b5ab249e20388f79b7a98fcb52f22c4 |
| SHA512 | 91b90c93e9c37be47bc6d00b7d8cec61cd0dacc09d014881e96a8a1c2404318db8fb40ce60899accbc4d5b1bac164242565edfeeb9daaf3b05b850d4ae1c21bf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 3ffb833325b804baafa1991b18760f4a |
| SHA1 | ab00379dc71df502c05e096170808a071d1ce3cb |
| SHA256 | 006c2ed18781d9b68c29443e1cfb3e75adfcadba061c56545e695157c5baf3e6 |
| SHA512 | 4aa25b22a35f7efccedc6a63600dbfe442956cddc3a20d523f0623f32b53ecfa1c3d9b3c38c823f91a49c20b30243a86ea6c99f84ca9817eab81723db08dd7c2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe5bd9d2.TMP
| MD5 | 2ab13d719bd1b4bdc1d8de4c90073e28 |
| SHA1 | dca679241356c1c922d17f1a33af336c5a18ceb0 |
| SHA256 | 3dcfcbf39af1bb2f0bb866a75785b46dfa1136d9a22333ae636d8b1650146298 |
| SHA512 | 070b53905e0d7421ba5301994625a77db3128c45977faeac1aa06f3773a541b7367b64e35cf9463ca3be1d76192802913006333146b5e7c01f6c66bce9f5bb9d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ab1ffe27abbe1f5744e7d5046d452711 |
| SHA1 | c78c48388bee0c549e63c5f289293b0372b0bfd6 |
| SHA256 | d1ee5fa32a69581469321ffb57d9634304bf7fbfbc6003f5ee13254ebfc96a5a |
| SHA512 | 3c0b6436c5e1dc2a29ad8bcb7915e94839ac870ea68200da4e26e44bdb24f42410e5e0d901790ce03ca6479e57f96edc13746d35c76d2e676a20de0804d1a62d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 103708bcf22bcf6bc7d2f8f6b9b693ae |
| SHA1 | c12a4a3b2dc71aee799df9d6e90701fa1253bdad |
| SHA256 | 6c8e09ee70e862129293066412edc150908912c3e253bcc7ac01e458e60b1bc5 |
| SHA512 | 993b0983eb8e5ddd02015e1e93b0033a9330cedd9f2143a736d304f1a16fdae170a2e979f4a94968249acf3e6dc2fb130e1c6b7a8803ff4b4391993e91d5a0d5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b2bd66e80b529e3a4d088e1d23b4ba10 |
| SHA1 | 76a1510f356bd864041f71a7c5708241befec543 |
| SHA256 | 2474b7f071ea6aa3f5d8e9f16526ce97ec6974440021ae5173e5c37df65cd752 |
| SHA512 | e646ee09d22496ec4a0faa4b98882d166efb62853a9bb3b3cb4e4f336e95babd71352f40d70be5f60ad406e06d8086adedb61d92e412f67c9258d16c03440334 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 1efbb3588706dfee1c5b5dd6a224db7f |
| SHA1 | 3923775d7ae7acfd9102e0c7ab2f26457f4f917d |
| SHA256 | a3c735edfe19c16fe2cf8b78b9f2debf5ac49536c73f02d2d1f3d4b7a0bac0c5 |
| SHA512 | e8192222c4d8a27ae74a1e01bc04392cb1507336463bd9376df354912ee95518490505528f484237eb71ebdfe5ba331477310a25395fde16e7e276e041df7669 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 8d8d7e635be702ed3d63d8a44ed92ce9 |
| SHA1 | 074291c345bf494c3d62bbc2b41cd269a18bc573 |
| SHA256 | bef5d70ad95cd6d3c49863ca5b80d4b3c768e2f37c7a4640f504d9f4f4cc4342 |
| SHA512 | 078fc34b1f779643a6067681af68d4eb4af5c62ef3188bb9dd72367f69b792ea3dd54bba6281d3872246da656b62df357938ff7e8595910a8e6d60303c770b54 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 21488703f42835962f00914d87e96a47 |
| SHA1 | 46f9bb3753846c8ff186df3b7a608dfbd132174f |
| SHA256 | b517210aeb24cf2ce34832e50b0f28800c4c5c7a4d8cc307330e4ed7d8aec4d0 |
| SHA512 | e2c9484f568c25df95b91eecd3f89bb0885d0d60ed150970050e86f6bd27f8a2684fb3563f5692d68f34367c65fd5ef1aeb72ff7c6263bd049e6d33e9e97fbbf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 1e844c7eae77ae93d3b4823f18cc6d2e |
| SHA1 | 7e393c7e49c2f95c5b92b3d5430546e9d83f9f6e |
| SHA256 | d5fc5dedcbfcec91c652bb5750b02a42db2aecbdc26fed08a32ff1fa6f4279fc |
| SHA512 | ae2eea353ce35291c0c7696ccdd5844f8c979ed5c0673282a8835a66a700f57907d61132efd76d35d5ad54b3d204f7613a41615b97e0fa48b056b397d1b3c6d6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 260dc24ac8e79cc2469fd6f9a60f1029 |
| SHA1 | 9762f78f35b1339ff381f9b8975fd25021509db0 |
| SHA256 | 8be8a229926a700c05ea51d7fe889b3da3ed4562856a813df86abfb62f2557a5 |
| SHA512 | 8ee12a93a5ce08c170fddce02eebca8cc77847e2e9d104302aee27ddf90d29eb91b8169da5e443cfd37289d920dba93071ecf778b26cd58330012b7fb7ce006d |
C:\Users\Admin\Desktop\tokens.txt
| MD5 | f5217bafa6c404f430b5da8f2cb7b57f |
| SHA1 | 989bcffa749c76fe37bd5dbba66b1b242aeed60f |
| SHA256 | e69dbf832ae7471dcd897439dd454b47250b24da9c875c84ec7cb4e653978ed8 |
| SHA512 | 7f18cb903d7edf1a0965ef0ada65602e88e031399994da24d91dcbcfe0e4584e852d8699f1bb6f607499dbcee007f4f3f67092f5b889c8d300e6fb41d399d8d1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | fdcda905730b966f479eb18442ab6e68 |
| SHA1 | 08613b71b1b146795c5cd850d8b1fd1dc06eb4f6 |
| SHA256 | b2314f00a03e6ad352f83b203f6f59f568fb54c8e8a410624fa1330670e64602 |
| SHA512 | 46e07b3e4dd745c46c494b9221ea799e388b0c71730f25c56af4762379da270bbeb31c95897993324dc731b218daeccccd4e78b76868f6935075886913e998a8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 96239895f102cdaf08006615b89c1448 |
| SHA1 | f04bdcbaa50aa420a183292c70ee613654ffa1f1 |
| SHA256 | 86966f5c76e928e17e3c3e89bc562aa103344fa30ffb2c4e10466b513240a82c |
| SHA512 | 636b720d9e345e07506557f70fb89ca3545fbac60a13ba8563917fd8daa263e563d291b6a7629375edc705e4f67ce4b90269208682639c4552b2a6e035e6fe35 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 782f1a55483b52d543fa3c31bee58405 |
| SHA1 | 64bf6e164c8e50d5cbee1cfce540ef9a3fae975c |
| SHA256 | 29da80a863c980bc8577d4e7aa897ee403bcf2558fc44d7a5f2a735e31b26f12 |
| SHA512 | 22fd372cc80d957d7a6de23a634dae1e78eeb380d2236b0555a77317194c2fcc1a98b8847efb0b19ded54d3c14dde89df72a2383503962f47132c6626579cbcc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 51b7ec85fc1b45a23162d6aee845e4ed |
| SHA1 | baa8050c71ae5a03f88d660a1d446af9dbcca497 |
| SHA256 | cfd5009cb5b75b4b604b78054cc2bd135e0f487f79eaa89796a831ed135df588 |
| SHA512 | 91b74971bbb6946a654c0895d75e791ed616f4e7477085cc4e6e5911c4b25332a92be0d1137e0ff3befaa3266434acbb25022e73057153ffb664f548917138fe |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d1180b31315177ac98823663c0c61d4c |
| SHA1 | fce6a3f1576a939153a1fdd2251324749e37aa04 |
| SHA256 | 2fa6f7c2eeeaac1e6a977d7008cdbca6a2856f4d005a5e22104e44af744693e7 |
| SHA512 | f1a2a67284c29eba089cba2dba34c16b99d40c3878926756d1fac19951bd68fbf3975e0842912fe0fd2920979965c66d577823843fb62e638f0840689f739c21 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 15648637da23ce4eea44723cb7d813a4 |
| SHA1 | c6b70363e8989d301e77c0782732ae2eec3e670a |
| SHA256 | 04fa23875c079a320afb816a47701e40483cdaa72116f70390e64a361e203c48 |
| SHA512 | a28f63c46dd43f2394b3b8179e6e2ee343553c29fd42e49fdcfe9c6cb7517fb49fd7f03da95bdd9dd9627f7ccb9f09a7571755fcd64e80ba30d0a162e07978d5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 517ca014d4d511fb05a8cbc980f425fd |
| SHA1 | f9a9c58e3b716412cd331c81955c0c74022d6438 |
| SHA256 | d317af184585c76dcb8e9e10afcb369ba9ab4035629067de42fcd331d3652c15 |
| SHA512 | 7d234f6c81b66dfb68ae55caf5821b9b36dcd1d24c8d2827c9962708dd1d16124c31a256f903b652d2d9dc1e0bc245c409fbc4662b8d69d4b03ad1f5d3a1a9cd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | a57b8836f183ac1df7acb26373f41852 |
| SHA1 | c260fa4a6b338aa46679729c5af18cb0f4a357e9 |
| SHA256 | 7a59c36c7b9c656117552d61444c3d4bc54c7e132f3df59954fe7d19d8b842e6 |
| SHA512 | 39e1b91b9cf3aa0726430607fc0274406e97de94e4e5138c52989d36d4f71e296359e84ae2ab3ac9368a2d6db82ebf3adaaad1a106e70b7e391fc82f83c92803 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 4fc1fe39d561244ce9e04d4af0f8b609 |
| SHA1 | 21affba4aa476c9a3095d27f2774a9bce9485995 |
| SHA256 | 7e85aeeb34d6a79ca74b7a5228d133693ac2e9fe36c9d82b88cd2af27e4218a2 |
| SHA512 | 022adc0b5f327ced866bed61f5a5eb8b98ad6e032ae5a4f6e66860c5b5931c0843471ea09057ad5d8f281a93c86211a8f42011eb0fe76f6d7179e0d12bb609a8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 53edb8b704dbc1c74d03595b6d8b87fa |
| SHA1 | 492df00e5eddec1e6987223251ea1562e8b2d35e |
| SHA256 | fa164fa02bf5b9eb5e5fac2199b8cd3fd26c59890888c637102c1a73d4e4ec63 |
| SHA512 | d7986730d8ecaa31ae70cef9e283157df0ddfe53d29d8475a30f4dea7b6000d2ea9586d7c8888058c8ebe1919d9548effa7259e7e90ead5aec6641d197a57bac |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2946b536b07f34f53e9a2a5ec993e4a3 |
| SHA1 | 8c2c329abaf466903b1ca8288f0ae7df262cba7e |
| SHA256 | d4715749f3b8a1d2f477347998b2becbd2e0214f33d1f86b076b5e6eef90139a |
| SHA512 | d101c2e8ee969ae827d295c71bd4cfd80e8bf00b9bf437338185ddfcd53a4b769b419bab0fd410c72aa7fa37523fc9c4ccaf082ab65c3efd3da8541b15087e30 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c6f63621220f6a3232adf90ff8edd982 |
| SHA1 | 254d719b65bccc8722652b5f37632d3912d49f0d |
| SHA256 | 5e364a7440b53b3520324e4151cef322b517154e23890dce9febe36de95769ce |
| SHA512 | cec13517232bccff6f0dd6ad68dd827d70dde7530e1cb45aee36aacf3f390c8c343657d92e0d45464dde3a3ea414ef3b30944f6874fb18089f8ec761e119d96d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 15b3d978ea36cd45b0c9bfd8308a3345 |
| SHA1 | d08d6580a1faf6db4a3a33e694580b9b9545bb0a |
| SHA256 | f5e3aa8311541c95524ee568de9d38f1f10b02bf7095f8f78de784fd08f8f816 |
| SHA512 | 4b4d19d3488aedb31a2daf9ee22ded226b3015ec70c18d2e023babe7dcdf998b9b3059523876a6fda9b5da585f4d052750b39a91dd9a29a9d0e79ae29942dfa2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 32ae0014564c8c33c5baf6facd6fd5e0 |
| SHA1 | db6e7d944abff6b71d720cd7f3ca8b6810bc15db |
| SHA256 | 0798297d2ce11e52c83b5edf59693c0fb17cc2c2c876364d52f849cea1b0c9cc |
| SHA512 | ae4e648dbb0cf29227183356ff5c6d375911174a283633e36af4dd7f7b1d44c6bb609ba9ec08f2785489b8182518d44e4996bb90b20ec31bda059ccfd8204049 |