Malware Analysis Report

2025-01-19 02:20

Sample ID 241219-w2y9daxlav
Target https://u.to/i1YTIQ
Tags
discovery phishing
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

Threat Level: Known bad

The file https://u.to/i1YTIQ was found to be: Known bad.

Malicious Activity Summary

discovery phishing

A potential corporate email address has been identified in the URL: [email protected]

A potential corporate email address has been identified in the URL: [email protected]

Drops file in Windows directory

Browser Information Discovery

Modifies data under HKEY_USERS

Suspicious behavior: EnumeratesProcesses

Suspicious use of AdjustPrivilegeToken

Suspicious use of FindShellTrayWindow

Suspicious use of SendNotifyMessage

Enumerates system info in registry

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of WriteProcessMemory

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-12-19 18:25

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-12-19 18:25

Reported

2024-12-19 18:30

Platform

win11-20241007-en

Max time kernel

299s

Max time network

290s

Command Line

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://u.to/i1YTIQ

Signatures

A potential corporate email address has been identified in the URL: [email protected]

phishing

A potential corporate email address has been identified in the URL: [email protected]

phishing

Drops file in Windows directory

Description Indicator Process Target
File opened for modification C:\Windows\SystemTemp C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Browser Information Discovery

discovery

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133791063581844236" C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 3388 wrote to memory of 1164 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3388 wrote to memory of 1164 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3388 wrote to memory of 1940 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3388 wrote to memory of 1940 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3388 wrote to memory of 1940 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3388 wrote to memory of 1940 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3388 wrote to memory of 1940 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3388 wrote to memory of 1940 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3388 wrote to memory of 1940 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3388 wrote to memory of 1940 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3388 wrote to memory of 1940 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3388 wrote to memory of 1940 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3388 wrote to memory of 1940 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3388 wrote to memory of 1940 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3388 wrote to memory of 1940 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3388 wrote to memory of 1940 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3388 wrote to memory of 1940 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3388 wrote to memory of 1940 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3388 wrote to memory of 1940 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3388 wrote to memory of 1940 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3388 wrote to memory of 1940 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3388 wrote to memory of 1940 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3388 wrote to memory of 1940 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3388 wrote to memory of 1940 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3388 wrote to memory of 1940 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3388 wrote to memory of 1940 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3388 wrote to memory of 1940 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3388 wrote to memory of 1940 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3388 wrote to memory of 1940 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3388 wrote to memory of 1940 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3388 wrote to memory of 1940 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3388 wrote to memory of 1940 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3388 wrote to memory of 4068 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3388 wrote to memory of 4068 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3388 wrote to memory of 3788 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3388 wrote to memory of 3788 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3388 wrote to memory of 3788 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3388 wrote to memory of 3788 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3388 wrote to memory of 3788 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3388 wrote to memory of 3788 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3388 wrote to memory of 3788 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3388 wrote to memory of 3788 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3388 wrote to memory of 3788 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3388 wrote to memory of 3788 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3388 wrote to memory of 3788 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3388 wrote to memory of 3788 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3388 wrote to memory of 3788 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3388 wrote to memory of 3788 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3388 wrote to memory of 3788 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3388 wrote to memory of 3788 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3388 wrote to memory of 3788 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3388 wrote to memory of 3788 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3388 wrote to memory of 3788 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3388 wrote to memory of 3788 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3388 wrote to memory of 3788 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3388 wrote to memory of 3788 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3388 wrote to memory of 3788 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3388 wrote to memory of 3788 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3388 wrote to memory of 3788 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3388 wrote to memory of 3788 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3388 wrote to memory of 3788 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3388 wrote to memory of 3788 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3388 wrote to memory of 3788 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3388 wrote to memory of 3788 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://u.to/i1YTIQ

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fff977acc40,0x7fff977acc4c,0x7fff977acc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1848,i,2866439967813409954,2187815321583582477,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1844 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1744,i,2866439967813409954,2187815321583582477,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2132 /prefetch:3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2200,i,2866439967813409954,2187815321583582477,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2368 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3076,i,2866439967813409954,2187815321583582477,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3104 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3096,i,2866439967813409954,2187815321583582477,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3148 /prefetch:1

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4380,i,2866439967813409954,2187815321583582477,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3768 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4612,i,2866439967813409954,2187815321583582477,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3364 /prefetch:8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=4728,i,2866439967813409954,2187815321583582477,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3408 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=3364,i,2866439967813409954,2187815321583582477,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4872 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4936,i,2866439967813409954,2187815321583582477,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3356 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=4976,i,2866439967813409954,2187815321583582477,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3232 /prefetch:1

Network

Country Destination Domain Proto
US 8.8.8.8:53 u.to udp
RU 195.216.243.155:443 u.to tcp
US 8.8.8.8:53 202.20.217.172.in-addr.arpa udp
US 8.8.8.8:53 155.243.216.195.in-addr.arpa udp
US 172.67.160.215:443 steamcomumniity.com tcp
US 35.190.80.1:443 a.nel.cloudflare.com tcp
US 35.190.80.1:443 a.nel.cloudflare.com udp
N/A 224.0.0.251:5353 udp
US 172.67.160.215:443 steamcomumniity.com udp
US 104.17.25.14:443 cdnjs.cloudflare.com tcp
US 151.101.130.137:443 code.jquery.com tcp
US 172.64.145.151:443 cdn.cloudflare.steamstatic.com tcp
US 172.64.145.151:443 cdn.cloudflare.steamstatic.com tcp
US 172.64.145.151:443 cdn.cloudflare.steamstatic.com tcp
US 172.64.145.151:443 cdn.cloudflare.steamstatic.com tcp
US 172.64.145.151:443 cdn.cloudflare.steamstatic.com tcp
US 172.64.145.151:443 cdn.cloudflare.steamstatic.com tcp
GB 88.221.134.202:443 cdn.akamai.steamstatic.com tcp
US 8.8.8.8:53 202.134.221.88.in-addr.arpa udp
US 172.64.145.151:443 cdn.cloudflare.steamstatic.com tcp
US 199.232.196.193:443 i.imgur.com tcp
GB 95.100.245.51:443 store.steampowered.com tcp
GB 23.214.143.155:443 steamcommunity.com tcp
US 151.101.193.229:443 cdn.jsdelivr.net tcp
US 151.101.193.229:443 cdn.jsdelivr.net tcp
US 104.21.72.124:443 fonts.cdnfonts.com tcp
US 104.21.72.124:443 fonts.cdnfonts.com udp
GB 88.221.134.216:443 community.akamai.steamstatic.com tcp
GB 88.221.134.216:443 community.akamai.steamstatic.com tcp
GB 88.221.134.216:443 community.akamai.steamstatic.com tcp
US 35.190.80.1:443 a.nel.cloudflare.com udp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
US 199.232.196.193:443 i.imgur.com tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
US 35.190.80.1:443 a.nel.cloudflare.com udp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
US 35.190.80.1:443 a.nel.cloudflare.com udp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp

Files

\??\pipe\crashpad_3388_VIUNFXDOQJVYIJJT

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

MD5 fcc8b7bcae4089d5f061107f55be79f2
SHA1 c2eb13df9dc968f4912e7e8c758516316f981b71
SHA256 b798ff4a5bc18e814579a2fc59ab9069a7f79285d3af32d7217f7211787cfef3
SHA512 268725c50107b43d24b354b5b47a72048039dbe225e9ed37a95c2e78f4d317efd9c7190677d7252dda85de67ab8ef17f8143adf15d31a3a78a712decf38b9027

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 4591e7f3b4f8dc0d72fd94f5f6f6e2eb
SHA1 89aadee7755038ba708a70316135a1a8f8f33013
SHA256 d7660361e2ef9817c0f83cf8f64a7ed8fb67298c1a6e1d5a6ef0da4a9c328f89
SHA512 f522d4b968df0d81780dd9bb4b2bede237c766a4e57f9ab4adb72af652d7778e699a0fdcbb1197c10c82ed9b389e143b47f6442ed4f673b5859a60ae9bf57e9c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 fb87ba1647551712587226994f1686df
SHA1 f94595f58852caf167e8f4e9a3a810fafa024c45
SHA256 0dbf68b0340634bf529f7e2a2dec3242aa65c01ece6cc3c0fe44f710f3ab1244
SHA512 29481d8dedc8e395ab4ed137e8cc87e6abdfc22ad6ef234baa797a5a4dee85d340b62a8c73f4e94658dac687cea4b93f88e7a1d2ae30f9195b810c13bc482ccf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 823f868e3dfe4c74f754a01894ac9e62
SHA1 cfb9f4403ab641d9730d577859c3c12cdf703e20
SHA256 c3d714b603460cc82bfca00c3c8b6adf0af8f45c54546ab5d388f66b9be03996
SHA512 9edffbefe0eafe1667b0918cba828364690b811bc907665c5c96f7006f1ce2a6678928c55aac92adc0b48c8d4374363acb849ee85280807c5b0c0eb3398e2afc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9a235fa9ddc99b49502ee29649c73754
SHA1 fd5bd1ed8c7d9b3cfdad66acb390a64f16a2bdb2
SHA256 8d61ab34532a2c8fe43429d5e56935ddf820fe67c01c12ba6b9c8d87c718aed9
SHA512 92676c965c6481d2ce47acbd385abe7aca8308acceed3e945d302278121e270b2ab8453798cc8d0ec07bcae97c356b76dc87110b2d9f741b5a552b973b5c1ae3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 79ab05261d30004133120784900c12bd
SHA1 4cd4eee0019b95deafc85ead18657e621746f1f8
SHA256 7e3ee9ef89271cac09d150ebaf63e722c86f1406f82c1b1d852cf5f2f7dfb2b8
SHA512 f2428542f9424e9f13f4ea1eabec085942a82b6d417aeebd558bd34f1c95f3d4d907941586d0741900d59eb74448be1fac974ddb627989c919d540eaaf97e47c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f97cf7db1ad00f0a4c76fcb72767ccd6
SHA1 b069170f2c5489f777d029b618aac559d779a2eb
SHA256 a08780d1cd0b250443376ca3d28437dcfff8f27e7faae4623f9b880467080c4b
SHA512 823aa65be892d6b24d62f6a9f2883343c5a0b7a361999ea137a21d809cdd912da59cac5c2dd63fa767f262497ac2715c1e05f9b0ac04c6555fc93303f637751d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 cc8a7d24b074e49ae7674a8725dbb4fa
SHA1 812252b9932393deb8b10b000a92153ab28571a5
SHA256 5fe76e8e8716780262d3c6fd694b125a9a7c6a075d897451b8d0b4a53deb2c90
SHA512 93f7ad6050ef1ad4455494cf1d86366807a8b62c9c162058f36e76893de650c752c789308b5eef21b2c242f1218397c21f2cd6e8b4cc8de60f4020fdef08c77e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 c246f9906b57f33f996e64fa22bf6816
SHA1 33b91dbec341cf06c2251ed4128356b63f5ee0b7
SHA256 aeb09979ad708b4cd632b892295bc0298f9f72644ca8eb20d2571de824028c22
SHA512 1db32695d76413f2670edac30db2c40ef0c271976f50f3eca6ffc4ea25fe869d8c31debabfdbad7b357ee243a146176cb6e6309ab0053b7600f93d1770c6f62e

C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

MD5 f3b25701fe362ec84616a93a45ce9998
SHA1 d62636d8caec13f04e28442a0a6fa1afeb024bbb
SHA256 b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209
SHA512 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index

MD5 5161f0b46da17b5439d8dcc73d60eea7
SHA1 97b7d9ee157391990c405416399b8584fbb04ef5
SHA256 477f88841068002cfd692cafed374066d248f0e8aade0262e1b6386b3413ea7a
SHA512 131edbbd8fc251f81ea84dbea5853caaef7191c7e3b3125f1714d5e401c440a51f9a87285ce343b7dbca1ceb9571784946b2b92cf736a063950ae2712c5e973c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 06d780c1700f683d9262d02401e41fff
SHA1 438c57d9c9b44232bac4270bfb27de433933c63d
SHA256 3e8014cf7380496d1251e220439a6b3aee678d58ac63cea28d050c6d2f531d36
SHA512 1d369e7c1f362cdf7b013cf2843559148ab7111f15158ad611fdaaaa19b4ab4dc65b715f8d5f17014de331ba9326d3fa10d5c55b87f6ea699a98545e4e049bf6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 817aaea06a556f9341dd3a13cea0676b
SHA1 50d7417151f95673f8983e06973d4b1d297703c7
SHA256 30dc31c56af85984aa58a9e865ef8649b143884ce418113eba170f3ca9dbfdb6
SHA512 e0282fbcdb64a536091b2e741b39ab61c621dd7721fc206c46355fe7e36da81c0909b5661e8be105235e589ebc918555e6320dc452212359086c5f6cf9c58fad

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 30268106b0ea3897116470b3ad7b6520
SHA1 4d015e53d231f1e3c2e6643685abdebee7159ace
SHA256 57fe01b8673fe590447acbc074152b521ed9e975b42c9305e982999acbfeabc0
SHA512 8a9b9db8c6540ec8366867d46ffe495bc0ce1b8c5f43bac223ac75d1a6f1ca57001813b1dc19281823f4bdda409c0272e422d71917908cb73319cb49384af02a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 437dc58ef27d8825baef160f9bbce5d5
SHA1 17c50d361e33a747dfaf4f6fb85358432be6b4fa
SHA256 0fa47861d9a37a755855e2b23e89339d8e8f60f7e7eb42204207c974835686ee
SHA512 5eb842f31d3e4f720a3ba3e802004d56f228caf980cfb8cdc8f00738cc0bdab94c2175f7ff244c8687b223e1b40d3c3d29cbf84a5f13f2d0333c1bdd28e0fc5e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 1b115d30620ef3ebb457000e567e2b7a
SHA1 733b6e9324a702092c1aa5ad31cac55854822cb3
SHA256 f693031f049a489dfd281ff6ef5f001bbe4264791279c988ad5541623dbaedcf
SHA512 be89035e84b3db34beb577b89e393c5ef1fc69cf9c487f53f04a194c03151f4afbf6205a584482e99b417b897703289c684034001bc7f063e178ea701ef2aa4b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000023

MD5 71d8c032980d1a77fc91df75f3b8d0ad
SHA1 6bfa8b406acf9a3572697e493b762fb5a22a4736
SHA256 f60023126bcd28cf0e7afe447e9052a6b505a55c4e5ff4d2a1234039b17375c6
SHA512 cb09472205357426ea767c0759b1175e8aef801a3068e1ed70b64930d878c6debeb7ec2beff48564ae37eed6dde8b18437f0cdfde5a68cc685917447fa7e4505

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000022

MD5 5d2d06e403a7a43c4f093c7c408cd742
SHA1 55863e196cfdff655b155ed2c0960913445236fd
SHA256 cd736da48dba022636df45d58ba50f252b576642246e53d6f685c8bf9564111e
SHA512 71b55c6acc0284d11d7e6b33ad6993f8ca9ca2186b65bc377b235e4867dc2645c4079040aa8a24482cdd35d391dc75ef7f2b7633f7197c239d8075946108fcf5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000018

MD5 231913fdebabcbe65f4b0052372bde56
SHA1 553909d080e4f210b64dc73292f3a111d5a0781f
SHA256 9f890a9debcdfccc339149a7943be9aff9e4c9203c2fa37d5671a5b2c88503ad
SHA512 7b11b709968c5a52b9b60189fb534f5df56912417243820e9d1c00c97f4bd6d0835f2cdf574d0c36ecb32dbbf5fc397324df54f7fdf9e1b062b5dbda2c02e919

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000027

MD5 31328c0f2d8b3017c1e78cba762a6569
SHA1 5a7f665152268c64c3e5bf861a4039a2208109f1
SHA256 8f5d8f86ab437a37d80b70d00226ba78095856ecd147d535e02aba790f46aa92
SHA512 9dbcbddf345774a7c8d464ea38de3a891dd52eba6cb7ca06b05d2b1938d37fefcc12ce4c4753525d5b401fda0f7c5101ea506ad2e6eeee9c98c953188ec75c1a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\1a9a6695-d2ba-43c7-9872-c4ab1be2f1d6.tmp

MD5 34cddb0bc2adb61538fcd753bea04098
SHA1 2bbcb7d8e058a916b5f8b2d50dd6fd65cfd03bff
SHA256 5d55dc34b014fea6578fdb1ce954a8fa161f30ed02436f62292d99d898ac6b14
SHA512 19192196ee1083f0bd1720e53b4165061a6342fc39c7f865bdf3e6dd9e7bfe5070c7e9d3fe0b6ba94186def0cf9b3aebdcbd15d0c8b4bf36d082d839db810e4d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 4b332fb2cd929b8fe8ebf3f8320c5b73
SHA1 fa42cd01e2332b03cda43e579137a441f84e38a4
SHA256 e8d9491d69512789ce4210685dcc9d6a87a41f790a3897e38218ab755d3d3a96
SHA512 8dde50267223b85f1b4e5521be7d1d4e208d20312861d38f7eb169c269fb80cf198f288131c7a49af898448e547368c9e1cff85c7741575a45765a016ea9c84e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3aa3ca7e7dced7eccd4d5bcf52c42c23
SHA1 e9b158ec6dd894d9a697c0890d5ddb817fec1a7a
SHA256 9b31546f85f18a804d7557fd8b30b065aae786ac221613497af59823dd9b3877
SHA512 e8272a6619f4ec020cba8bdb1f50ce2947dc73203a7b28f518239ea8e203debebb9d2d856b69bf63f2ed19e7f70e613b251228dc8223a845fdb3c1c414a5887c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 120f449837ef12d646e5d9c3b0bc8059
SHA1 ab090a2c8eaff240a450024983ff9e9a89ac50bc
SHA256 3008400002ded4c6342623dfd13da3bb6baa7508f34e3586d1a931a3e2cd0a34
SHA512 87710b8189c806ec20b0528e39bf4bc817e9e6a5455992549b60ef977c8407e7566d7b3d851f8c312fb97ca45afd78a696e16710e2b7ed49d531c3f08c6bc006

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 10c93792c614c8d279bb59bb881f8c93
SHA1 41665b726596a3cece52b95e0c0cb670267bc097
SHA256 e28615c4c97b3f982a9efee8654b1b5d59d122548cfcc4f25dbf4d2d9abaa990
SHA512 0bbbb24b371898aaf6e9a082ad847e703563c3d99c29b431878eede7538af2a1751e52c7409cb07936e14d88764abe4f7cd9cb918e0f401a3d55437ed699ecd5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 56ffbec89b43087273ce059f9c4fc265
SHA1 0b70441c27788f7f149d479a307d9bec6cbbea2d
SHA256 98ae8e6ba39ef452c69ea7f86082aafaff0c5f015aca631e0ebd024c4666eac0
SHA512 4d36e7f9f6d9a25e293590da5a209c88521bae486b918fd9e878bf04b6dfdc145d38b11831383d279e4ea42a15a3fb6e56bc219d781535c94ba6fcc61f7d71b9

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx

MD5 b5ad5caaaee00cb8cf445427975ae66c
SHA1 dcde6527290a326e048f9c3a85280d3fa71e1e22
SHA256 b6409b9d55ce242ff022f7a2d86ae8eff873daabf3a0506031712b8baa6197b8
SHA512 92f7fbbcbbea769b1af6dd7e75577be3eb8bb4a4a6f8a9288d6da4014e1ea309ee649a7b089be09ba27866e175ab6f6a912413256d7e13eaf60f6f30e492ce7f

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock

MD5 f49655f856acb8884cc0ace29216f511
SHA1 cb0f1f87ec0455ec349aaa950c600475ac7b7b6b
SHA256 7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba
SHA512 599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val

MD5 d222b77a61527f2c177b0869e7babc24
SHA1 3f23acb984307a4aeba41ebbb70439c97ad1f268
SHA256 80dc3ffa698e4ff2e916f97983b5eae79470203e91cb684c5ccd4ff1a465d747
SHA512 d17d836ea77aeaff4cd01f9c7523345167a4a6bc62528aac74acde12679f48079d75d159e9cea2e614da50e83c2dcd92c374c899ea6c4fe8e5513d9bf06c01ff

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 024a5d8e8a32ca3de5c89d6e5ae95342
SHA1 9b88bbac631188139065a46c36447c5abfb01c89
SHA256 b39b56e9efca78045cf668caa778c17d824692d7cfca9eb3e526bf90067cd3d2
SHA512 c3a86b53eef985b6eab231feef265759a579371730c2046ec37a98e07c75317899cce4c720296af4cbcdf317ad4587f0d63e98486f4e6df603c147c1115e1f15

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 143d18769e323ff2faac065f7e70a4e2
SHA1 bb4113212645aa194f6af7c638822c05a29af294
SHA256 e5a280c6484b0ea62c4e02bd262363b38c1fca1b95426edb840462622ecfb5bd
SHA512 9f724456f4f391acd0075c8901981a1c9689293dff530a7de034ff6fc24206ecaac82d4d91110e886203d2646f797f881f2ea18642be58aa91ac27028898bf8c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 403c9c14b252c03705e182e2f6661a1f
SHA1 b0dae75b698c79533cd358ce48490271fdf20c32
SHA256 063e637d8bac3701b689882ca596122e443d72f1746f4883d09c88c9c609a1db
SHA512 d51906bdeac49667c40bbf38092fbf56bb6157193b2703390a3e1051b60438c3bee10aa06d695d59f5ebd703b25190f98bcbb2f17e7adf54f78e80b468e8e100

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 f178e8ff5d3dd273b9a787b4578ba30d
SHA1 8daf06c2cd7e588cceda35ff4771039545b9ed92
SHA256 08e7be0efc5eed3c3d22af354d70cf2a533ea739cd55fa33c6e7905fc2ee062f
SHA512 fbe06a87a3d8aafc99ef7b49721395b224336aacf0f367015dac779acff569b2f9f71841a461bc20e3829988ddc9a036a60fcbcd536ae02c39b0bb3351a0275c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 e6043d12dae9a3b4c3f2974b2d6aad80
SHA1 9eb5437a091049fdc1aac3d6a5ffda4102cfb9e6
SHA256 daa75ef16f4b7b04f34948f6475f1a09cffddffb0a2fb76874d30fbb6c2ba490
SHA512 45d343dd39c3ff7e7c0548d69aec3cd66f6e786e96db2469384bcf6a6ce5081d28477b8c048c65593830ef3e6cd1870d2e3e6ef887da7a9572efc1d605624268

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 2a10caa7b20f186dfa71dbeccdd090f0
SHA1 e338ee17c75f7c1f2b3a3d74b2ceef9cdc05299b
SHA256 b272c1ccafcb9d04d38da7947130f7b33d9703793c7e550b96142bd2798d57c0
SHA512 0ec94595508e22c287a68fde6d3951a669719870fb777e50350641d5e27443554b28afe60767a01a7d9109e0b373ac1c74fdec26116c6212d8d25fd684da11d6