Analysis Overview
Threat Level: Likely malicious
The file https://www.youtube.com/redirect?event=comments&redir_token=QUFFLUhqbGZhNjNLUlRLVUFURF8zWldNV1I2cndIMFphUXxBQ3Jtc0trSkRTa0hoMFpZT3JDZWYxOUtvYmZCZG5iOFpQUGNiSU04REtQNF9DVDFuN2ppWEc5M2ZoYXB0MkJXcW1hWHcwbmxyX2k0SWw2RUtVMVV1akd5LWxUZzJRUzM0Mk5OTnFpVWFJelF6SzhjckV4R25kOA&q=https%3A%2F%2Froblxgets.com%2Fwave was found to be: Likely malicious.
Malicious Activity Summary
CryptOne packer
A potential corporate email address has been identified in the URL: [email protected]
Executes dropped EXE
Drops file in Windows directory
Browser Information Discovery
System Location Discovery: System Language Discovery
Modifies data under HKEY_USERS
Suspicious use of AdjustPrivilegeToken
Uses Volume Shadow Copy service COM API
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Modifies registry class
Suspicious behavior: EnumeratesProcesses
Suspicious use of FindShellTrayWindow
Enumerates system info in registry
Suspicious use of SendNotifyMessage
Uses Volume Shadow Copy WMI provider
Suspicious use of WriteProcessMemory
Uses Task Scheduler COM API
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-12-27 01:22
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-12-27 01:22
Reported
2024-12-27 01:25
Platform
win10ltsc2021-20241211-en
Max time kernel
174s
Max time network
172s
Command Line
Signatures
CryptOne packer
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
A potential corporate email address has been identified in the URL: [email protected]
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\Release-App-Botstrap-x64\Release\Bootstrapper.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\Release-App-Botstrap-x64\Release\Bootstrapper.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\Release-App-Botstrap-x64\Release\Bootstrapper.exe | N/A |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\SystemTemp | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Browser Information Discovery
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\Release-App-Botstrap-x64\Release\Bootstrapper.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\Release-App-Botstrap-x64\Release\Bootstrapper.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\Release-App-Botstrap-x64\Release\Bootstrapper.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133797361743092997" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-1411052346-3904498293-150013998-1000_Classes\Local Settings | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Uses Task Scheduler COM API
Uses Volume Shadow Copy WMI provider
Uses Volume Shadow Copy service COM API
Processes
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://www.youtube.com/redirect?event=comments&redir_token=QUFFLUhqbGZhNjNLUlRLVUFURF8zWldNV1I2cndIMFphUXxBQ3Jtc0trSkRTa0hoMFpZT3JDZWYxOUtvYmZCZG5iOFpQUGNiSU04REtQNF9DVDFuN2ppWEc5M2ZoYXB0MkJXcW1hWHcwbmxyX2k0SWw2RUtVMVV1akd5LWxUZzJRUzM0Mk5OTnFpVWFJelF6SzhjckV4R25kOA&q=https%3A%2F%2Froblxgets.com%2Fwave
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x21c,0x220,0x224,0x1f8,0x228,0x7ff91578cc40,0x7ff91578cc4c,0x7ff91578cc58
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1900,i,367383899422561377,205220506134297060,262144 --variations-seed-version=20241210-050121.637000 --mojo-platform-channel-handle=1896 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2144,i,367383899422561377,205220506134297060,262144 --variations-seed-version=20241210-050121.637000 --mojo-platform-channel-handle=1904 /prefetch:3
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2240,i,367383899422561377,205220506134297060,262144 --variations-seed-version=20241210-050121.637000 --mojo-platform-channel-handle=2432 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3136,i,367383899422561377,205220506134297060,262144 --variations-seed-version=20241210-050121.637000 --mojo-platform-channel-handle=3172 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3160,i,367383899422561377,205220506134297060,262144 --variations-seed-version=20241210-050121.637000 --mojo-platform-channel-handle=3344 /prefetch:1
C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4628,i,367383899422561377,205220506134297060,262144 --variations-seed-version=20241210-050121.637000 --mojo-platform-channel-handle=4644 /prefetch:8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=4712,i,367383899422561377,205220506134297060,262144 --variations-seed-version=20241210-050121.637000 --mojo-platform-channel-handle=4648 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --string-annotations=is-enterprise-managed=no --field-trial-handle=5784,i,690293423614796501,17475910179943560176,262144 --variations-seed-version --mojo-platform-channel-handle=1836 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=5012,i,367383899422561377,205220506134297060,262144 --variations-seed-version=20241210-050121.637000 --mojo-platform-channel-handle=5032 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=3188,i,367383899422561377,205220506134297060,262144 --variations-seed-version=20241210-050121.637000 --mojo-platform-channel-handle=3536 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=3496,i,367383899422561377,205220506134297060,262144 --variations-seed-version=20241210-050121.637000 --mojo-platform-channel-handle=3352 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=5240,i,367383899422561377,205220506134297060,262144 --variations-seed-version=20241210-050121.637000 --mojo-platform-channel-handle=5216 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5116,i,367383899422561377,205220506134297060,262144 --variations-seed-version=20241210-050121.637000 --mojo-platform-channel-handle=5236 /prefetch:8
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\Release-App-Botstrap-x64\" -spe -an -ai#7zMap2093:110:7zEvent20878
C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\Release-App-Botstrap-x64\" -spe -an -ai#7zMap10471:110:7zEvent28700
C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\Release-App-Botstrap-x64\Release\" -spe -an -ai#7zMap27593:126:7zEvent19659
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.4355 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=5564,i,367383899422561377,205220506134297060,262144 --variations-seed-version=20241210-050121.637000 --mojo-platform-channel-handle=5396 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --string-annotations=is-enterprise-managed=no --field-trial-handle=3792,i,690293423614796501,17475910179943560176,262144 --variations-seed-version --mojo-platform-channel-handle=3700 /prefetch:8
C:\Users\Admin\Downloads\Release-App-Botstrap-x64\Release\Bootstrapper.exe
"C:\Users\Admin\Downloads\Release-App-Botstrap-x64\Release\Bootstrapper.exe"
C:\Users\Admin\Downloads\Release-App-Botstrap-x64\Release\Bootstrapper.exe
"C:\Users\Admin\Downloads\Release-App-Botstrap-x64\Release\Bootstrapper.exe"
C:\Users\Admin\Downloads\Release-App-Botstrap-x64\Release\Bootstrapper.exe
"C:\Users\Admin\Downloads\Release-App-Botstrap-x64\Release\Bootstrapper.exe"
Network
| Country | Destination | Domain | Proto |
| IT | 91.80.49.21:80 | msedge.b.tlu.dl.delivery.mp.microsoft.com | tcp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| FR | 142.250.178.142:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| FR | 142.250.75.234:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | 241.150.49.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.214.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 142.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.179.250.142.in-addr.arpa | udp |
| FR | 142.250.178.142:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | 195.20.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.75.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.160.190.20.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | roblxgets.com | udp |
| US | 104.21.87.13:443 | roblxgets.com | tcp |
| US | 8.8.8.8:53 | 13.87.21.104.in-addr.arpa | udp |
| US | 104.21.87.13:443 | roblxgets.com | tcp |
| US | 104.21.87.13:443 | roblxgets.com | udp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 8.8.8.8:53 | cdn.ckeditor.com | udp |
| US | 8.8.8.8:53 | rsms.me | udp |
| FR | 3.162.38.53:443 | cdn.ckeditor.com | tcp |
| US | 151.101.129.229:443 | cdn.jsdelivr.net | tcp |
| US | 151.101.129.229:443 | cdn.jsdelivr.net | tcp |
| US | 104.21.58.14:443 | rsms.me | tcp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 204.79.197.239:443 | edge.microsoft.com | tcp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | tcp |
| US | 8.8.8.8:53 | 229.129.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.58.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 168.201.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 53.38.162.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.32.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | edgeassetservice.azureedge.net | udp |
| US | 8.8.8.8:53 | edgeassetservice.azureedge.net | udp |
| US | 13.107.246.64:443 | edgeassetservice.azureedge.net | tcp |
| US | 8.8.8.8:53 | roxplo1ts.ws | udp |
| NL | 185.212.130.11:443 | roxplo1ts.ws | tcp |
| NL | 185.212.130.11:443 | roxplo1ts.ws | tcp |
| US | 216.239.32.36:443 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | 11.130.212.185.in-addr.arpa | udp |
| US | 151.101.129.229:443 | cdn.jsdelivr.net | udp |
| US | 104.21.58.14:443 | rsms.me | udp |
| NL | 185.212.130.10:443 | roxploits.ws | tcp |
| US | 8.8.8.8:53 | 10.130.212.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | fd.api.iris.microsoft.com | udp |
| FR | 20.199.58.43:443 | fd.api.iris.microsoft.com | tcp |
| US | 8.8.8.8:53 | 212.20.149.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.39.242.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 43.58.199.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 13.107.21.239:443 | edge.microsoft.com | tcp |
| US | 204.79.197.239:443 | edge.microsoft.com | tcp |
| US | 8.8.8.8:53 | 43.229.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| IT | 91.80.49.86:80 | msedge.b.tlu.dl.delivery.mp.microsoft.com | tcp |
| US | 8.8.8.8:53 | 86.49.80.91.in-addr.arpa | udp |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| GB | 2.20.12.95:80 | msedge.b.tlu.dl.delivery.mp.microsoft.com | tcp |
| US | 8.8.8.8:53 | 95.12.20.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 105.193.132.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| DE | 172.217.16.195:443 | beacons.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | 195.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | checkappexec.microsoft.com | udp |
| GB | 51.11.108.188:443 | checkappexec.microsoft.com | tcp |
| US | 8.8.8.8:53 | 188.108.11.51.in-addr.arpa | udp |
| IT | 91.80.49.86:80 | msedge.b.tlu.dl.delivery.mp.microsoft.com | tcp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
Files
\??\pipe\crashpad_3172_CNBIEANFMIIJZXRB
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState
| MD5 | 26d12de31204be48f0e21c116a0f6d2d |
| SHA1 | 0fa8a45b8955c810cff0437580a3dc1e61d5f4e5 |
| SHA256 | f9e3fb3e857be9350d48d3bb41fcf01b7d9a958c9f5e1ccc638a952e4b5f3838 |
| SHA512 | 6c368653dddb59772ebe938c054a3909964a4e0732ce2f8d40f038265cc916cd21ac2761c98e5998536253e006a7a2db33182b4597d60355ed13e34398f103cf |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 2ffb981935c4aa9083ae08c8b458f792 |
| SHA1 | 1208e49cfd0733c11ab0c6f326bb5fdd179d3262 |
| SHA256 | 321bb91a86033874250edec4e080c8854365ecd8cc796e04bcb09ca3478c412c |
| SHA512 | 5dce99255e532d58c2452a048341daed9e68c937bbac10848aef834189ee45a4fd6c3e22b0f6b98378b2772feff60c8334c5c1803abaf0f055a179cacd5d5706 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 85a2a3bdf8ee681a793238624ed448af |
| SHA1 | 838e5366bb44fc56cf238cc2b9847cbb5704c36c |
| SHA256 | bda3d45440b0500c7f478b3e900250bfa0387977fd4cbf03906fb10dcf3f9c35 |
| SHA512 | 1aca7975e710c95cdcb417c8f6af00c38320f00fa36a0efda7c8bc97dbb032a63e5da868e3dbdb58fe074fa335bb3e3877f1f5ed9172d9124fb6b84f533e5e16 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | c211c12b7e8362d0e7e42049b4fc0912 |
| SHA1 | f7635ac6d0672bf3314ad23cd2bc7829d03e219f |
| SHA256 | f6fe2e740507ed865f6d2d9980e82349958ad0e4875b27e19d658a016dd5dc45 |
| SHA512 | 6c4fed97d847bb334452fc818a5bc05fec778cb9fa343cdfe354ffab3c02bc8d0b14cef37454f38c73e10c7a661b0118b2b52d62c2967a8124f2c10581d4fec3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | ba1403367eae0b56188028ea7a265178 |
| SHA1 | c0be7566f0f5867719dfff767858c249ae5053fa |
| SHA256 | 44cee06eb50c6b44fe8db985c8c344024d23ebfc868325cbfb7e3a7897948213 |
| SHA512 | b2f8085b051049525970a1967023dbef137c4087c3ecbb019038de72580c74c25309dc9d74f7090e479ea7363932f0b04b2306aa0e93fa693cbc9b9c0f0577fa |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 29eec8b21296f54ae240c184f96ca3c3 |
| SHA1 | 7426455962010e45336e4c739c3a6b1baaade016 |
| SHA256 | d666d25b1b3140c07f1cf00f3e9efeac819d4d0c0524128103d8707d1605fe15 |
| SHA512 | 32aec2b60085cad7f6363bf7fca15bb64f56f99c3123b36e0be7bbc7882a15536dbf88b3e833e21e5898fb8d07c4d2488490d9e28d580bf02f59fc3c88ad9eb2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 7584f62d92567316b87f0de77f3df309 |
| SHA1 | 6ae29c1bbbdbd20ccae3771c4de648f54d09dce6 |
| SHA256 | bc3f325f00654354c3bef16516cd898db0fbe8ca01277252948f4aa095affe1a |
| SHA512 | c7ffeef8ce309831f3e144d317281638538d5dcd179ef418e4ffa790b09b7594e0b2c50115c54979bba1b19afd3a1268643fec31c0df4da9ff08d1d5f6b7763c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 443862f2bcc112b0a0e51fb57abcdb9c |
| SHA1 | a7761c1a1fd9101c8cddaf923a759d0d9ce3fa1b |
| SHA256 | 2a258fb31d58216d8a32a5ca6e2262bdfde8eb25cb7e34ce1537f61daaded1bd |
| SHA512 | 1f001f00a4cd68c1f16e762ee8e82333be940411f1fa3e396d74f60fa4d13ddbbfa6b8ca7c180b703e12bef62b611f7cf51a12e7c6cc63da450e7e1d9006d75b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 8ec60bdd5273c6288931c5b6571c1282 |
| SHA1 | 064efbd2cca7fa8ab7a3de97f311991a6a5cbca2 |
| SHA256 | 0c112a22a40b2a50112342e66c97d8fbdd3ff787898c33e73092f7d90ff1b9a6 |
| SHA512 | d22c0459d4835c5606d67a4b5ed516d37241e9b45d01e1fa599caf452a8e44777b69c45f26bc88683182343760903533a27c8aca0f29f4af6d353181c85395c2 |
C:\Users\Admin\Downloads\Release-App-Botstrap-x64.zip
| MD5 | 8cad19ffab4ad5ef77a157f29c6a1765 |
| SHA1 | fe1bf4608838ca315cf844873fc5ec05ac40ff1a |
| SHA256 | e60951d343f7560c7fa76b5a177e819fbb440c68ad9ea55a8a2cd6b1abfa4dfb |
| SHA512 | c42d055a0589322b93c40cb3b809488b8f96f78cb9aabf54b44fc42cf87e1ac4bed6c5b383a17732b345fea3676698768ddd3460ba81c689d2a580804c21eb10 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | a52c140f7cc79c271e39b97ff80e3c69 |
| SHA1 | 3b3c813ba79f0730022c811a23ba37ccb88cbc9b |
| SHA256 | 2fa56fd303d716ab9e76a6bbb6c4c2c2ce75feed5def0702db8fd3ba87c63e54 |
| SHA512 | a3d5654f8e99ba2662efd086e565131e2242ac5bbb7b6310cf08278e1349fe084651670c9f91e208fc8cf3dd588e46e48dfffbf37689e371ae3f454ff5fa82dc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 4eb5617903c7de57e2c5665d08bc9109 |
| SHA1 | c652ddc7245c6f58ce84d90fd5da04b4f5ddb56b |
| SHA256 | 94d1e21ccc339ae1daf161ec9d7ab01e67bc45638072ebe188db991542ec9eb4 |
| SHA512 | 348c86c1df1e5232dd930b5c1bba7961c7d3d058349f44e0069a138aad26588ecb4454f179bc30bfa6bde47c93ca0b60d9a9448245e08da295028964bd2c102e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 109375c8e71c5d219542a417411af2c7 |
| SHA1 | bf58290fdeee87bb6ad6ca1b70b8dd6f7ed67fcd |
| SHA256 | d361e18b0fc7a78af62472249fd5fa2e5018c1fd28cd51769c29f78b90aae2f8 |
| SHA512 | ed94b80f215f3abf410edfd396d505d790ea7e693d1077efde0c3a884c6c80a62f3289afab14355c27fe1784e97f80a9cb5b6cd842840eca09e086572a50387d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | a7ed431a3aa6d1cd40e5d5c535e2c5dd |
| SHA1 | c507e2c6aca4e8acd7d7b65a9904f73dc14837e4 |
| SHA256 | 68bc90a57602918c9d3035deff105aa970e9e58ebd0091718d887b87af0a8b71 |
| SHA512 | e5f899e51ef9b38ef9d68b0728519bc3741ea3a847415b0a714b4bb3e87ced68373dfb803ab17b03e9f0cf830075ea15c5da31aefbce4e60872e965185ffb6bc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | a09e5ac9aed666547d8f6d4bbab5110a |
| SHA1 | 04f5974a918b52754b4828dc8edfafc09aea3616 |
| SHA256 | 889a99038911312034e81b15dd262826393a8dc12a0336e6772f8826da296acd |
| SHA512 | dd86041af47a280492227b103f32a3ea93998493ad329634c12b13626a11893f04a8d711fffcdd4559ad0a0183aa29ee1b7a97e7bab870e9ad9a17dfd09de220 |
C:\Users\Admin\Downloads\Release-App-Botstrap-x64\Release.zip
| MD5 | 4039725a454445d3e01b3e7da04b491e |
| SHA1 | 06b5f1ec3ba83f039d69ca483686bd1276919d31 |
| SHA256 | 7ca62473a19301f7e7e4bcc11711036ad0d898627b31407202c9385c09f95e6b |
| SHA512 | ff47ac04a0207fd9d4bb7271b95ab9f6efd694d05f3f126e07631821db2d188cb9bc7c6d72af9d9389ea5e263420ab4d0531620f3fc743533bbc668064a472ab |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7ec2cc4467b5c2d94b83ad0b3b4f1442 |
| SHA1 | 9c701c07d52e7386bced2bc81a833fb512a7fc52 |
| SHA256 | bf087fc92321e601014bd928a1ee1af50f3146222e869616b97f82379fce1093 |
| SHA512 | 0b1e9b310d5cb9efb6cfa1919e20ea23b5129830077ab8b4da62525f2d73726d187b8cc7c7dc75bfb6f3cb70d221651b33d089d0dfec9782a4a2f34347d35d3f |
C:\Users\Admin\Downloads\Release-App-Botstrap-x64\Release\autoexec\scripts
| MD5 | 88fd7dbf04bcf75123d02009aea3f7f7 |
| SHA1 | cecf16bdad71e54afc941179ea2b7438a04efa1d |
| SHA256 | 01481b9a862936fbc090bda4033f22d7ffa5a7bfe5dc32f47c7794332b34eec4 |
| SHA512 | 2c6298b5adf91b51f0042d48e0846f5b196d52a588fd4fc577bf19ec26ad8e547382279a15f8bf131b08b0d7c140534aff25f82d5e8998818b812e72c9493917 |
C:\Users\Admin\Downloads\Release-App-Botstrap-x64\Release\workspace\.tests\isfile.txt
| MD5 | 260ca9dd8a4577fc00b7bd5810298076 |
| SHA1 | 53a5687cb26dc41f2ab4033e97e13adefd3740d6 |
| SHA256 | aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27 |
| SHA512 | 51e85deb51c2b909a21ec5b8e83b1cb28da258b1be227620105a345a2bd4c6aea549cd5429670f2df33324667b9f623a420b3a0bdbbd03ad48602211e75478a7 |
C:\Users\Admin\Downloads\Release-App-Botstrap-x64\Release\workspace\Xeno.exe.WebView2\EBWebView\Default\DawnWebGPUCache\data_2
| MD5 | 0962291d6d367570bee5454721c17e11 |
| SHA1 | 59d10a893ef321a706a9255176761366115bedcb |
| SHA256 | ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7 |
| SHA512 | f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed |
C:\Users\Admin\Downloads\Release-App-Botstrap-x64\Release\workspace\Xeno.exe.WebView2\EBWebView\Default\Extension State\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\Downloads\Release-App-Botstrap-x64\Release\workspace\Xeno.exe.WebView2\EBWebView\Default\Extension State\MANIFEST-000001
| MD5 | 5af87dfd673ba2115e2fcf5cfdb727ab |
| SHA1 | d5b5bbf396dc291274584ef71f444f420b6056f1 |
| SHA256 | f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4 |
| SHA512 | de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b |
C:\Users\Admin\Downloads\Release-App-Botstrap-x64\Release\workspace\Xeno.exe.WebView2\EBWebView\Default\GPUCache\data_1
| MD5 | a833653a021f29ee2ec1a845e0c2308f |
| SHA1 | 05071159d3c2516d67b765cef012a0a2d3337759 |
| SHA256 | 8e9f3538e43a68caa472fd47adaf43906e097cfb53ef55d1361caf1cc97efca7 |
| SHA512 | 0902a886c95cee1b34f9419ab0a10ce0fe96eae57c59ab4cefba99ba3fc2a0237741f31076ce065db14fe3dfecd325458209f0d1e9fcc8b9ac7bff8328e1744f |
C:\Users\Admin\Downloads\Release-App-Botstrap-x64\Release\workspace\Xeno.exe.WebView2\EBWebView\Default\GPUCache\data_0
| MD5 | cf89d16bb9107c631daabf0c0ee58efb |
| SHA1 | 3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b |
| SHA256 | d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e |
| SHA512 | 8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0 |
C:\Users\Admin\Downloads\Release-App-Botstrap-x64\Release\workspace\Xeno.exe.WebView2\EBWebView\Default\GPUCache\data_3
| MD5 | 41876349cb12d6db992f1309f22df3f0 |
| SHA1 | 5cf26b3420fc0302cd0a71e8d029739b8765be27 |
| SHA256 | e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c |
| SHA512 | e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e |
C:\Users\Admin\Downloads\Release-App-Botstrap-x64\Release\workspace\Xeno.exe.WebView2\EBWebView\Default\Shared Dictionary\cache\index
| MD5 | 54cb446f628b2ea4a5bce5769910512e |
| SHA1 | c27ca848427fe87f5cf4d0e0e3cd57151b0d820d |
| SHA256 | fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d |
| SHA512 | 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0 |
C:\Users\Admin\Downloads\Release-App-Botstrap-x64\Release\Bootstrapper.exe
| MD5 | ff6c56326f0ee63ca9360576a7449ff5 |
| SHA1 | 0ee6aa098523f43dcd93dedaab26b7a13f37aec7 |
| SHA256 | aafa6952bb4c20240c67300a13ca97756ac5907f2abfbad9b76a6377605e3bf4 |
| SHA512 | 631308c7104f958d8a36e9eb01a7c00c35e2092055301cca89c2669b3b3ee141129e7ff7838fb4c6d2af20fd1f3b6e57035f74805c2e02d4ed68c4b4ac7583d0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b600174a49fc393f9d143129a3e2eae7 |
| SHA1 | 931fcb8c544a7c121bcf9ce132a3afa2c2d3b83e |
| SHA256 | 1855b1a09d2381d727ffbd5089dc7f66c98b4e11cae1a63a68d7e8d447d4b60c |
| SHA512 | 9c0ca59a3debfd9f2f203e0085ed0ef718fb79bd11934b3531254f9971d9a1dfe8abdbb3818ec7d597d571a20531e570753eabee671ad699533fc82b20de8edc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c24f323495ce336e7c3f9a7e5bde39c3 |
| SHA1 | b2f1b3b23ad76d1b04818f4b59b31500d6d27ae3 |
| SHA256 | 97e3310c4417786437669a415a256db479242c72cc566ae0b122b31a9d3c5bea |
| SHA512 | 1be9dc0a6990556d5587e669c144eb3a173b715ef5b4e77556d8605bffaaa2d84956c7409ff75c48f288fedef75edbd93873256f8de2225a71790a89c6d97948 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 41cfc910df8b47ade7cad2f3466a50a2 |
| SHA1 | 334b79728356fd004598454253c35f3f8dc1da80 |
| SHA256 | 79fa45bb9d9034ad9e0a428b09ba777c066c776f34b969953d2dd8dbae0e7cbd |
| SHA512 | 62952c54940b761fce7c4757bf7cb4d8eabbc823a06b78a64620804ba35aa3e8fafa7de2133b3edcb2d29d3cb02ff02445ff6e0ed09aa0a569a89270faa95483 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-12-27 01:22
Reported
2024-12-27 01:37
Platform
win11-20241007-en
Max time kernel
899s
Max time network
845s
Command Line
Signatures
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\SystemTemp | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Browser Information Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133797361741541577" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://www.youtube.com/redirect?event=comments&redir_token=QUFFLUhqbGZhNjNLUlRLVUFURF8zWldNV1I2cndIMFphUXxBQ3Jtc0trSkRTa0hoMFpZT3JDZWYxOUtvYmZCZG5iOFpQUGNiSU04REtQNF9DVDFuN2ppWEc5M2ZoYXB0MkJXcW1hWHcwbmxyX2k0SWw2RUtVMVV1akd5LWxUZzJRUzM0Mk5OTnFpVWFJelF6SzhjckV4R25kOA&q=https%3A%2F%2Froblxgets.com%2Fwave
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffe0537cc40,0x7ffe0537cc4c,0x7ffe0537cc58
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1808,i,3254687325651823716,3468481453117768947,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1804 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2044,i,3254687325651823716,3468481453117768947,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2108 /prefetch:3
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2168,i,3254687325651823716,3468481453117768947,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2188 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3064,i,3254687325651823716,3468481453117768947,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3104 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3084,i,3254687325651823716,3468481453117768947,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3140 /prefetch:1
C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4344,i,3254687325651823716,3468481453117768947,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4536 /prefetch:8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4804,i,3254687325651823716,3468481453117768947,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4608 /prefetch:8
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| FR | 216.58.215.46:443 | www.youtube.com | tcp |
| FR | 142.250.178.138:443 | content-autofill.googleapis.com | tcp |
| FR | 216.58.215.46:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | 46.215.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.20.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 138.178.250.142.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| DE | 172.217.16.195:443 | beacons.gcp.gvt2.com | tcp |
| DE | 172.217.16.195:443 | beacons.gcp.gvt2.com | udp |
Files
\??\pipe\crashpad_944_HDVAWXPXTKERHRKD
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState
| MD5 | 61d8e3c9dbf3c6038860eb65b66f463c |
| SHA1 | 113e73a09efa5c7d057eee9c965b3d227aa454b4 |
| SHA256 | f433b34be1a39256a658d4fbed240677d36e60ba4581ea1d15d469b58cfabc28 |
| SHA512 | 3c40734a9f79c2f11436e383a5ed3a1dae0856eac48435de9af2903fde20b3d9414e48f4683b9c391baa3723728f93a286b25b90e29fea0ccee32a968dbc791c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | f9bb17a6f1bbceb513e9873c069b7c09 |
| SHA1 | 4a6c6d8357aa027a5fac3fb20071df0c63574181 |
| SHA256 | 2faac330530c3883a307ec933b36d783401209e58085faecc2973930759fdb35 |
| SHA512 | b492c191a75ef1ad2751bdae3ebc21a421997ac4e29ceda527852da1db87ec851c789060c036525ec0f8616623d975bff023b42caf9b9d327c6ca063a8da687f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c3117681630c77a98f2f30d43086499b |
| SHA1 | 726fb3499c784707fb2ae1b7322c3cc6a2128197 |
| SHA256 | e07d05c826faf3931acd0949d65863e6c153b6a51773e3b25c43368373b340de |
| SHA512 | 6845937cb3deeb272676c9ffcd77c3560853c99fc82e8079e3d2b3bf5c7425f90baa61c3223e23a8a4b3276a538524a59961ba0516e5c3c4fbc3bba1d695ce4e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 0cdea1109a978194d3b0d5b949aae906 |
| SHA1 | 1e9f31117791bca5d320d030e738378ea391ef83 |
| SHA256 | 69546987191d11b44e6d58dd2329025ee94cd09df7d00bb0f536b3aa4a21512e |
| SHA512 | 129864c0a6d1f8336bfcff470e14a9275cc4e63d3e5ae1a3c0a35c478ea21da45168923a9d93b2a93739733288ec123df5c96f937681f108cb1096aae9bb3b61 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 40a8441bf126527615caf7edd2ba8362 |
| SHA1 | 39bc84be27e3cbbc9047de81c4c07c270ebf50fc |
| SHA256 | 17d7b2cf0e22173764bde2c7b93b8baa55fd467705715bce087d738c271d1a6c |
| SHA512 | ac38c5f6c6e25be45772df57450ee7aa023620f4afef9530857956bc291ceb2544db40438e94296b499659aab613cb5158865459517c22065e15c1335250572e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 2ad1f8f7c218a92cd7c88cd77e8c1274 |
| SHA1 | f3fd1b1a41a845e0fd1fbc2693fa9efbe497ee95 |
| SHA256 | af5f5d762379484d7c698c089c0e7f7ff0b9871f32856665a759f686e9b8b98b |
| SHA512 | ea0734970b9becf62dda608ade395940b5d612c5ec1bab970e71b6c51041fcb53579c6ed46a31e81a98667a4c3a34d8d773b1db4cb3885bc9236a17d15ecd7e1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | d5dfe7cd0c2da2813a76260e45ba5b90 |
| SHA1 | 6f6db7a0fb98da1d3ec6875a195a7f68e246fca3 |
| SHA256 | 8bfbf08706d60334fdb34a3fdcb5e241ddc7a8263600088cd3ed64b7ed2f8896 |
| SHA512 | 802fd128765a2d2188047a6545da161c164b946cddde75135b48cef90fbb2f3588bbaaf90a8c22a42fa01866d30710d617f9b42778b79e5a1ac861f6c22d217f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | af590e87a9d63f0148c008c95735e98e |
| SHA1 | 1690b3720a392389c9f90c9ea89eb98825d1b32d |
| SHA256 | f10986561790ccf055515b4487ca83fdec082f85122db556f8888963f49b2518 |
| SHA512 | 9666aa83b171b69c713f1b08f81a2b3168215863d5e78abe3c0bba320a6447f42e6413ef70f68eab82996f10460a082fdde917b2ef365e84e07d9bc662e00247 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b5f6c754642cced3e3768e2e9f29a243 |
| SHA1 | 1f9960dd3d863d7c59e296a3519cb6150c8963d6 |
| SHA256 | 8586e29882f334ea4993cf581422ff77882d4614e3205901aa808749c51976ab |
| SHA512 | 1b33c9500d62c190a6347af75574a3a34fa9b6023f8f08ca4d1b913ab8bcf1791f975ace64342ab8c5458fec2e191374b7389bdd4627ae4b2f795532c307d3cc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 9e1b3bf631bf24af99b4770056c6f4e0 |
| SHA1 | d0572e64a9b4304aed092d0fe7aa928a6f71369e |
| SHA256 | 34f2c28b256d63ee0b0d21897dd66bfb4cecd0536a6d8c7a51784ebd8b0040f8 |
| SHA512 | f5f1d64874a419fa533540a9293b335f6616873c222ad5b17fbe756932d6868d36b890d93577c75ed1b75bcafae6b8c99cf1d671598fc79358a82440d18f3106 |
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock
| MD5 | f49655f856acb8884cc0ace29216f511 |
| SHA1 | cb0f1f87ec0455ec349aaa950c600475ac7b7b6b |
| SHA256 | 7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba |
| SHA512 | 599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8 |
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val
| MD5 | d222b77a61527f2c177b0869e7babc24 |
| SHA1 | 3f23acb984307a4aeba41ebbb70439c97ad1f268 |
| SHA256 | 80dc3ffa698e4ff2e916f97983b5eae79470203e91cb684c5ccd4ff1a465d747 |
| SHA512 | d17d836ea77aeaff4cd01f9c7523345167a4a6bc62528aac74acde12679f48079d75d159e9cea2e614da50e83c2dcd92c374c899ea6c4fe8e5513d9bf06c01ff |
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx
| MD5 | b5ad5caaaee00cb8cf445427975ae66c |
| SHA1 | dcde6527290a326e048f9c3a85280d3fa71e1e22 |
| SHA256 | b6409b9d55ce242ff022f7a2d86ae8eff873daabf3a0506031712b8baa6197b8 |
| SHA512 | 92f7fbbcbbea769b1af6dd7e75577be3eb8bb4a4a6f8a9288d6da4014e1ea309ee649a7b089be09ba27866e175ab6f6a912413256d7e13eaf60f6f30e492ce7f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | dcd82ee1fe1b4153fb5c925ff9bfe03d |
| SHA1 | 6d2917cdaf18d0a1a9d191364490c1281c34714b |
| SHA256 | c301de1c923754ffed5a83bca4a35e06821ac8227ccdb38944ddff7a67b1495e |
| SHA512 | d236442e761ce65bd6ccc0ebeaca35ffe33be90c0f01edb74d2086cf256b348d46153bcccd3e08538c6ef6caf7a65a6ac999e264bbbd75b00e29596cf552e903 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b2b996f4a5557e0dbc9fd4bc3dd09436 |
| SHA1 | 2bc2fb2ce4b54f3be6acd9eea40efe217006807d |
| SHA256 | 477fd474cceec5a307f6029d4c576510a64a61c162bda5e74c1fc08561477a06 |
| SHA512 | 67e9ad6bf99be58691f4ac73cdb55a65ae2bccabc526514f5c38c1b844e76dca90ce84182c25ffea7065d9973de26ab60badbae5a1aa9888dd35e5d83b0b2deb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 209fa055e8805cf4c35d1052ee2bc6c3 |
| SHA1 | 80302c5326f4c7649509b493842153f42245792a |
| SHA256 | 548e8630fd4ed43c4764add9dd07f355b89aafef4f83cf3ccaa3b38bc9e14728 |
| SHA512 | 7f4f3618d8d57dc213e818a0a435fcd665896df42b4abfe913a527fa19e47165c28e71be895a708cb83fbd52c6827ef588a80151a77fa1b45a863fa7ce08cd5d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 18128ba83ee26da6d1c8807d22dde6f5 |
| SHA1 | 4678e9dab3e859564d7da6b55244be445f1d3d63 |
| SHA256 | 48f7c9590c2342e04f9122d87ba5d6b65d3e5372e2d140c2a4b8c1badb9dd724 |
| SHA512 | 2e1bf1ffdc08151c8264f7c70f17c1a5df34e4ba621b93ef1c76b0c82cfa7e28b0b6a97616d298ba339401ff48c05ba5fc3c1ca1929295beee12785987298086 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 98f46e98dab1817d0f199f02ba51f950 |
| SHA1 | 6b063dfe95414033904fcfdb701095587f1c0283 |
| SHA256 | 67a5aea26ff69c0bbdf129aab91ae283377f056d05842f3cf8c293817a688c8f |
| SHA512 | 850d04718b7c2af5f7b20563fe8685d551a056d3d89eb797d09b4689d5d02d607e81c607e9db2855bc20f2777a1e5d130e4e305e5047bbb978f6dc79cde11234 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | dbb28c385ba41381696d40239f5ef007 |
| SHA1 | c67021ab6a07f3f9c74b1958d89dadf4a9b4f067 |
| SHA256 | 61ed2dc2e306e5c18a529740fb615caf3dfb7161e9b24bebe9552d20d8181f18 |
| SHA512 | f5014307436cd90848743529759ebcf5a63e897988070730e2d226c3fe9af6b00f07805fc77756edaa684f439a2457be3e4d512908291a72cc46a03f2adfc7a0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 5708324b6699fe9b6226131f30df93ff |
| SHA1 | 6a4830b8c0008db2f2bf6fea382f093e9312208a |
| SHA256 | a807981e3c5f9d764b03d5bc3f19e0d4036e7de8e5d034f90f412caca950b045 |
| SHA512 | 9fc6c15b105dca6f92bd783eca9795faf111e0beaafd47d817bf4d6c381293320421a00d6cd179880c2371bcb68311efddb4fc8ee6a79185a40f3bdc3ac216c9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | aef819b2d9d6546c4af55a880ac77d59 |
| SHA1 | f69f9203214264a147c5413757dd88fec5b4fb9f |
| SHA256 | 2a238af688525547bad5f8fa7cf8a9163633468e70517dac1d15e684d86a7028 |
| SHA512 | 161520c09ad96cbbcac2ea6819b6b49087f669d16fe6c2c456c97753c4fcdf695cc3b80b84705de8287bbd65fa2054155521430a6a521b10239620c70efdb3c2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e6639a0ae0837a65e23e3ec814fc452c |
| SHA1 | e24e84bf918527a16d776888b8206e4ee8096b87 |
| SHA256 | e8e8111ff749aed308385c50e28e1140eb147ee0acf720048c5707ebc2393455 |
| SHA512 | baf0abc93f370fa895473f372ad70997ddfe9b22f564e558423532502f1eeb40ba06532a49ea0c6b52c41c81dac1ab40ece3bb2a80fdbb845a685969812fbc0f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 033801d6b6ffcef535684c1141f69d97 |
| SHA1 | c05235eb988fd6609fe39e476e91003497188b99 |
| SHA256 | 4b638bb6d96946aa828a5f7e445ecd793edde1cf3ff6550352f5bca55408cb60 |
| SHA512 | 205988f00dc991f0b847db60914c33367e311a6ed4f94311c035b1524eb8f1165b632c27f42056c9f4e16ff7b87ea91b837dcb3c6a294fe218e58811632b96bf |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 32bafe308b6971ad611f36a045120583 |
| SHA1 | d5556137b8bb3857ad2f93122f3666fc2df490bf |
| SHA256 | cdeea2b0974b4b76c40f92026c8616823ea1fe7429121c33d2f27fd3917d8bab |
| SHA512 | ccce09b5eeffb1942d8065bc71b4d958ad2ec1221ed9afbcb90c9c8291bf6115af94b50099ea8a9d90e28686c63945036328f86fa9363857064ebb684f750027 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | da3af2a60cad969e4eb04d90870c2ecc |
| SHA1 | 7f48180a2b4a6767ab9639485ec246b299d3dbaf |
| SHA256 | f4c856f2a99e04266029619437f4f401b06799e23f5163c88b60393c26614fa7 |
| SHA512 | a845bcc1e1cf19df94bfb99342c0e6d42af9fb54fee3abf3bd34199a2bbe573f92a1ced8a2f5022756283fad42641c1e67f1d4a389afb2dedbb21da4b51f2036 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e60d4366d9a271f99ddc9c52354bae44 |
| SHA1 | cc1c89a1ded109493130f7896d4f07bbe524eb33 |
| SHA256 | 3f8a927d57a711f1b6f24804b2c23f051fd35d9d3af023763a2d53981dfeb2bd |
| SHA512 | bad4a6fe3642cf237d63a522bcb81e36b90182edb4f72e3b2d578434319c3742ff876a24e4398760db0cdaa4f47c2d2c5d8fe6918b7cc0c4bae78d17062d1911 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 3a13e486096b7d122dd3d14f196abfd9 |
| SHA1 | 353d2686c898f035a9df79eb84cfbe9c6a1e06b5 |
| SHA256 | 7125771ac02a2acd3738e917d2f453660a3c897ac483ea3505f3593077b03318 |
| SHA512 | 4b59f50486df15c5346de0dcf9d4c6b0d94ae1e45646477709b9b7cc5464ed7c320e286a0ef583e159163c2a447b6b7ee61af5c2e6075377d1e688171df84790 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 68c86ec3c8f72ba206c54125eaef365e |
| SHA1 | 6df1fb8ac5612941be3dd88e6c000ae0b7afe2ef |
| SHA256 | e2ff57966d2c877c5ff95e12ea6dfe9a28af970df7be90e57e18e44643bc7a0a |
| SHA512 | 61e63c72acbd57201c57aeac30ea68fef7cf399862cf4d33d0832275ee5426f3a8171d886725ef7537c64a8d4f361a8943c90da6ed326180bb30493dc6305ba9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 94a8fca240835c6f77864c57b76415f2 |
| SHA1 | c3377e04388e5e9837a6c91617719e159eacd03d |
| SHA256 | 04b56d8cca50dff26714c3dbca9e07b2b5f6ea6ec38b44ae9fcaa7985310b761 |
| SHA512 | f62790e8b8f5f28bcae7ed692581fdf1a4111e35311d6fb47a2904334ec08e3d54461e7e00ad497052af01534d6f453c1bfea1563c5dfc400d584d368fb89c0c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 671e2b62f8eedab9ee20bffac22d58ee |
| SHA1 | 07fe9f17e191751abe40083dae3cc65d672bea76 |
| SHA256 | 66565c5f45e9e3b5893dd570d2e2a236f08a53942910c390634a2b4d98032d9b |
| SHA512 | 162045b7a00ac00db69d5ad0987db5f8e798ad2ced2fc0ee0832e55c212fe9e1f3c469e5b7ad8da6187cd49102534e87f28650fddfaa4f80f5527e4baf6d05be |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 4741f191b45fe02a64da871f9718795d |
| SHA1 | 1d155eb38bbaef440920a43d752bf49203ee4262 |
| SHA256 | a0a49e99df947e9a27af4369c5af7bc2168e6bef348ca0265ac2a8d3287304a9 |
| SHA512 | ce904de2abd787804ce828dadf613d0045369357c892e4d9cb0c3aa45f7acce4831509a288a59252360e1380ff21684f2e1e21cbb0f054a5cae7f67aa3c9c89a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | cc86436622e573ab3c8531b55314db9d |
| SHA1 | e59879f817123d4c491ab2fffc415eb9275ac045 |
| SHA256 | f0cdf39b6ad748f10b181b1a7711a0c119eb7b12339d854a7f3a18627dd35a02 |
| SHA512 | 36092f93f13ea80dfc1345d60a8f32f413aa59230a06ffd64a6d5de2e10365724c55a083c26bce3c06beeec45055f3c6deddd13870904c46d7a7e2661df53ba2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | aafe484e10040b68f150162e0abb6273 |
| SHA1 | ec7a2b7f6291e4a4622b7e3e3131c9d665969338 |
| SHA256 | ba2f260cd184c7722346cbaad9eae55f841c7009b084ff356598fc94aae77969 |
| SHA512 | 7bf87736d54b2b2ab78a1e2086a645f80bfaccffcebfa819f493228577160ebf5f381dff33a778f212bf9579fd07806204ea7deb8c25871c0996cb478c123ca0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ee35c61069b7143c3270365e7550518a |
| SHA1 | ea24457b17ab206d2e76af47751f52d3b0fe29cb |
| SHA256 | e20bec586def7b9f468f7e567c62127889c5fcd869f46ac90825308eb148f502 |
| SHA512 | 01b3f6307e98492f1cabb19ab7b4db82bb2903b0f3ebd6d55d8df1283d663116327faefc02e571ea2064a24d4eada25ba1fe48b57ad54f14c2bd6a29d573cfc2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b317066b5a44c1e241b2e9153d4e51d9 |
| SHA1 | a5272b9b0fb9f5421b313343c0716dc603733349 |
| SHA256 | 633f454a3336ea51e2bdf25fde7eac35d318890afb7238d352e9d806b6dc2306 |
| SHA512 | c2a08caa4529057d8523e380d308ccae501b4dd4da4cb6a6bb3d292ca41c52be0b627343608f08270f5511d88b8b33f8bb730014ab82bc4b243269db46cbebd8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8881b2cc2e2f7b63146456006279e2a6 |
| SHA1 | 23663610555fc3133c5090fed74a6c4ef35dcfa9 |
| SHA256 | ceb4629359984eba44e855f3b904a111eb3bd8c3b811a865bce04af523c0dc7e |
| SHA512 | c93b7479b5c7f76430049a1019c2271bd0c26111bd1c592c029a6c12ab3465d157347f80480e0fbdb18544b5625527b4f38e0b240753482e097d446d9f7b8b37 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 03dbfc1e866e637146f7e90b4488222e |
| SHA1 | 5b4214958d261423b9c4a8aaffef0630b95f33a8 |
| SHA256 | 9fb3e332f3d29745f10398394d16b1ec2a203141b3fe190614464e3243595533 |
| SHA512 | 02251a5bc93d8ca171b94b71e74b09853310d398174f984a67e9556e9cd9705fd6a2b1818df654310ea24c54c8389b9d5c5462e92251e9093fe082fb145441bd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 34f862f25a3505a0b23eb116095468fd |
| SHA1 | c801a6f174873e99bd458f107d3e319fce0476b1 |
| SHA256 | 5ce77a2a01941fffb992b81b27ca8c8f048c8fe14d5a78536516650f02b13212 |
| SHA512 | 72bd95cea931cae7b916407fffe162dbf939bf204b8b6af2dea2325c39b16be374b335c62e4fd0bee936c6c27158e743a64f01e532310bfdae2a383f17857f4c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | fd18145268d4cada6bffaf8dbcb4d81d |
| SHA1 | a114362f3335ecae127daa8970cd9d72182754c3 |
| SHA256 | ff11c5842d4b57948834e94e911a292896fdcac8765da97a505fb9374252e199 |
| SHA512 | 7640c21f173bce95ae7a1169c925f6748812c52713c3c13c0092a7375b3baf19a97b0bf6571c4a53014064669a0748c74ff430a0b5961eb57a7f8ceca98b89cb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f3c1e0202c7c57687061561bdb67ddaf |
| SHA1 | 69c81cb32ec14e364aabb8b4ce238b48810c9060 |
| SHA256 | 1cbfa8f68f5b444d8c0c19342bd2be0886478f388811a2c1b82009407f9ae26e |
| SHA512 | ab28063c4b0fbd156600606a6561cd2ac34e5d06cb93b2654ac0ede46c63d863a0ed8ed2a343ef6b2bc8fe6cb34fab7bd3ff293f85b49dbb5adac4a6d65b8937 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 6013383d5809320303e0c1e13ca1258e |
| SHA1 | 60708629a9672805182d6fac5724511085c8e239 |
| SHA256 | b1352c1a91db763aa1bfd50c177dad011c2ca10a2f55bdeec22fd888df913424 |
| SHA512 | 83b04f6a6eff22117aaa3db763b8df287e74a62b42a9549356084baeb0744313a9d1d7f01da1c90188244efbce94abdd5aaf1661a0f515b7b98a1cf9569c8d53 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3d2654a63ae5ec416bd80508d8648a7c |
| SHA1 | 7de9186ee33c53e4fbad165a43dfa389f2f6747b |
| SHA256 | b22cf1222409563e2e0c94d00c9eae663376ee130f0a731d34c8adeecffd4670 |
| SHA512 | 58f5d2eca09519a598ed74abb341a92a5f778f59efd96ee26df50b28caa46399482daaa971048c192f672bb260af8cc67a3944095edda7a8b6f18f92c46c6299 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f44f974960c9672159953dfe7c216222 |
| SHA1 | a6ba4a79c0e954d662a321c3e65bb8ee614c0cb6 |
| SHA256 | edb3bd1cc36f33bd2b3f7c838408bb764bdf950b0240e7b42623919854aac0f5 |
| SHA512 | 48bdbcb820d20ffb9c59d668305ce9bd4eb94329c06752ee3f95d20db45b642bd0e1e76c2ceb16326e990fe652ccf800a1eee33eb0b40dea9585639e0a12a4e9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | edeeb8702ecae7f3ba27f2c8b9990a01 |
| SHA1 | 51763b87bc88bb6e2ce99264c474dcd04039955f |
| SHA256 | 88d3dd6dca4847d7a18c249d3f40e4a29f6b8b0debbaf39a004227642ff32d14 |
| SHA512 | a8575cd134f6e11a27c9bd051e10afc09663b38a706d5298851b2f9c1227dd39aa03043eb622668985811d84297a9e2fba64e2d9765122e456bdcf7dcfb90285 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 1516e89075583e379a5638d96e61c49a |
| SHA1 | 5e10272cd361d057155a1d42bed205e62303c448 |
| SHA256 | ac369690b6d8974510a3bdd0617c8c3ba1af03d6044c0aa183b95d1fbe12b4a3 |
| SHA512 | 745e268e57f64696af535997aec8d611f0bc1677d57e73055d8906f81b51a9971c218873c6786d3bab049b57986ad8aad837d9c4a2a3358ac933e630324e3906 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7586e5916d2c48349a1bb58def23a754 |
| SHA1 | 0966bb6bd74c7bfb3bc37a64e673897b5c4d6493 |
| SHA256 | 320971aac6e4e3d1120117e656ad2d4e89510d1bc2d9cf96332f0fb1a89c9bff |
| SHA512 | 93b76ea29ac9a4473c6586c50c31d13d9e0faa903574a2f80d63d3972366ca3ea63c51ac55eb68ac53862bf8c84d16afcf2db3980618b8b2c67aea246c576ae6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 865054b12bbe7452e3898975b168efca |
| SHA1 | b7260ae5a281f0b8ff41fd4f779128c6ab38a703 |
| SHA256 | 4216d9972afdaccdde4998a88de8b756d173701494804a17944e9f838aa5c5ed |
| SHA512 | 59621ce30b115be058f2119eebe76e9c71bdbf9fd79c25e3c18367d12c03924d7f7b9fc5dd2b3f5ed70ca255aa3a1e5cae658a454d6e03a3ba2d8b278b752da6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f2448254c913236e7f002373f4409d1f |
| SHA1 | 9ab268b8233d23b5d42f3b67a0bdbc539a784fbe |
| SHA256 | 4c14af392ccbb9359a44656997cb2a7c1bdb39f87e97b832b56e6508b4051df2 |
| SHA512 | cf7b64af9ffdddad1165e0cfb35ecbd4057717e51f15a80e81c73d783729c1e49767e16f7d900fd4792e071073b3ad6d784678eac3f4f2b9a236feda181ea503 |