Malware Analysis Report

2025-06-16 05:44

Sample ID 250304-s1s47atrz7
Target nezur-faking-unc-v0-9bo7ts6at0od1.webp
SHA256 20be8d6207184dfd8d235813a15943d41c17434c5ba8d044f182161dca2b33a2
Tags
discovery
score
4/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
4/10

SHA256

20be8d6207184dfd8d235813a15943d41c17434c5ba8d044f182161dca2b33a2

Threat Level: Likely benign

The file nezur-faking-unc-v0-9bo7ts6at0od1.webp was found to be: Likely benign.

Malicious Activity Summary

discovery

Drops file in Windows directory

Browser Information Discovery

Suspicious use of WriteProcessMemory

Enumerates system info in registry

Suspicious behavior: EnumeratesProcesses

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of AdjustPrivilegeToken

Suspicious use of SendNotifyMessage

Modifies data under HKEY_USERS

Suspicious use of FindShellTrayWindow

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2025-03-04 15:35

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2025-03-04 15:35

Reported

2025-03-04 15:38

Platform

win11-20250217-en

Max time kernel

149s

Max time network

150s

Command Line

"C:\Program Files\Google\Chrome\Application\chrome.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\nezur-faking-unc-v0-9bo7ts6at0od1.webp

Signatures

Drops file in Windows directory

Description Indicator Process Target
File opened for modification C:\Windows\SystemTemp\Crashpad\settings.dat C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe N/A
File opened for modification C:\Windows\SystemTemp C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File opened for modification C:\Windows\SystemTemp C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File opened for modification C:\Windows\SystemTemp C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\Crashpad\metadata C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe N/A

Browser Information Discovery

discovery

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133855761721677958" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 6108 wrote to memory of 908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 6108 wrote to memory of 908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 6108 wrote to memory of 2664 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 6108 wrote to memory of 2664 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 6108 wrote to memory of 2664 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 6108 wrote to memory of 2664 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 6108 wrote to memory of 2664 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 6108 wrote to memory of 2664 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 6108 wrote to memory of 2664 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 6108 wrote to memory of 2664 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 6108 wrote to memory of 2664 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 6108 wrote to memory of 2664 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 6108 wrote to memory of 2664 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 6108 wrote to memory of 2664 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 6108 wrote to memory of 2664 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 6108 wrote to memory of 2664 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 6108 wrote to memory of 2664 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 6108 wrote to memory of 2664 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 6108 wrote to memory of 2664 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 6108 wrote to memory of 2664 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 6108 wrote to memory of 2664 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 6108 wrote to memory of 2664 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 6108 wrote to memory of 2664 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 6108 wrote to memory of 2664 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 6108 wrote to memory of 2664 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 6108 wrote to memory of 2664 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 6108 wrote to memory of 2664 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 6108 wrote to memory of 2664 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 6108 wrote to memory of 2664 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 6108 wrote to memory of 2664 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 6108 wrote to memory of 2664 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 6108 wrote to memory of 2664 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 6108 wrote to memory of 2360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 6108 wrote to memory of 2360 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 6108 wrote to memory of 1836 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 6108 wrote to memory of 1836 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 6108 wrote to memory of 1836 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 6108 wrote to memory of 1836 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 6108 wrote to memory of 1836 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 6108 wrote to memory of 1836 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 6108 wrote to memory of 1836 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 6108 wrote to memory of 1836 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 6108 wrote to memory of 1836 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 6108 wrote to memory of 1836 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 6108 wrote to memory of 1836 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 6108 wrote to memory of 1836 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 6108 wrote to memory of 1836 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 6108 wrote to memory of 1836 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 6108 wrote to memory of 1836 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 6108 wrote to memory of 1836 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 6108 wrote to memory of 1836 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 6108 wrote to memory of 1836 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 6108 wrote to memory of 1836 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 6108 wrote to memory of 1836 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 6108 wrote to memory of 1836 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 6108 wrote to memory of 1836 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 6108 wrote to memory of 1836 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 6108 wrote to memory of 1836 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 6108 wrote to memory of 1836 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 6108 wrote to memory of 1836 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 6108 wrote to memory of 1836 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 6108 wrote to memory of 1836 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 6108 wrote to memory of 1836 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 6108 wrote to memory of 1836 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\nezur-faking-unc-v0-9bo7ts6at0od1.webp

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fffb46bcc40,0x7fffb46bcc4c,0x7fffb46bcc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1928,i,17300075188991307529,17587582136805143242,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=1924 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1392,i,17300075188991307529,17587582136805143242,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=2036 /prefetch:3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2248,i,17300075188991307529,17587582136805143242,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=2264 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3080,i,17300075188991307529,17587582136805143242,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=3124 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3088,i,17300075188991307529,17587582136805143242,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=3148 /prefetch:1

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4600,i,17300075188991307529,17587582136805143242,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=4608 /prefetch:8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4768,i,17300075188991307529,17587582136805143242,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=4808 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4964,i,17300075188991307529,17587582136805143242,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=4836 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4856,i,17300075188991307529,17587582136805143242,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=4672 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4960,i,17300075188991307529,17587582136805143242,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=4936 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4836,i,17300075188991307529,17587582136805143242,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=5056 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=4672,i,17300075188991307529,17587582136805143242,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=4536 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7fffb4483cb8,0x7fffb4483cc8,0x7fffb4483cd8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1868,10913267645935241384,14667367967252394811,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1892 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1868,10913267645935241384,14667367967252394811,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2308 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1868,10913267645935241384,14667367967252394811,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2556 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1868,10913267645935241384,14667367967252394811,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3228 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1868,10913267645935241384,14667367967252394811,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3240 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1868,10913267645935241384,14667367967252394811,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4044 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1868,10913267645935241384,14667367967252394811,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4076 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1868,10913267645935241384,14667367967252394811,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4944 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1868,10913267645935241384,14667367967252394811,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4944 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1868,10913267645935241384,14667367967252394811,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5620 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1868,10913267645935241384,14667367967252394811,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5352 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1868,10913267645935241384,14667367967252394811,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5084 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1868,10913267645935241384,14667367967252394811,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3288 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1868,10913267645935241384,14667367967252394811,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2924 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1868,10913267645935241384,14667367967252394811,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6024 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1868,10913267645935241384,14667367967252394811,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5652 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=1868,10913267645935241384,14667367967252394811,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=6068 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fffb46bcc40,0x7fffb46bcc4c,0x7fffb46bcc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1948,i,11655931747095210498,3532411267704007131,262144 --variations-seed-version=20250303-180020.638000 --mojo-platform-channel-handle=1944 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1792,i,11655931747095210498,3532411267704007131,262144 --variations-seed-version=20250303-180020.638000 --mojo-platform-channel-handle=1992 /prefetch:3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2212,i,11655931747095210498,3532411267704007131,262144 --variations-seed-version=20250303-180020.638000 --mojo-platform-channel-handle=1908 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3112,i,11655931747095210498,3532411267704007131,262144 --variations-seed-version=20250303-180020.638000 --mojo-platform-channel-handle=3124 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3144,i,11655931747095210498,3532411267704007131,262144 --variations-seed-version=20250303-180020.638000 --mojo-platform-channel-handle=3372 /prefetch:1

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4464,i,11655931747095210498,3532411267704007131,262144 --variations-seed-version=20250303-180020.638000 --mojo-platform-channel-handle=3540 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4416,i,11655931747095210498,3532411267704007131,262144 --variations-seed-version=20250303-180020.638000 --mojo-platform-channel-handle=4616 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4752,i,11655931747095210498,3532411267704007131,262144 --variations-seed-version=20250303-180020.638000 --mojo-platform-channel-handle=4760 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4784,i,11655931747095210498,3532411267704007131,262144 --variations-seed-version=20250303-180020.638000 --mojo-platform-channel-handle=4472 /prefetch:8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5016,i,11655931747095210498,3532411267704007131,262144 --variations-seed-version=20250303-180020.638000 --mojo-platform-channel-handle=4768 /prefetch:8

C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe" --reenable-autoupdates --system-level

C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\Crashpad --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x244,0x248,0x24c,0x220,0x250,0x7ff60fbc4698,0x7ff60fbc46a4,0x7ff60fbc46b0

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=4724,i,11655931747095210498,3532411267704007131,262144 --variations-seed-version=20250303-180020.638000 --mojo-platform-channel-handle=4636 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=4608,i,11655931747095210498,3532411267704007131,262144 --variations-seed-version=20250303-180020.638000 --mojo-platform-channel-handle=4348 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1868,10913267645935241384,14667367967252394811,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=6172 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=3276,i,11655931747095210498,3532411267704007131,262144 --variations-seed-version=20250303-180020.638000 --mojo-platform-channel-handle=3332 /prefetch:1

Network

Country Destination Domain Proto
US 8.8.8.8:53 clients2.google.com udp
GB 142.250.187.206:443 clients2.google.com udp
N/A 224.0.0.251:5353 udp
GB 142.250.187.206:443 clients2.google.com tcp
GB 142.250.179.225:443 clients2.googleusercontent.com udp
GB 92.123.128.192:443 www.bing.com tcp
GB 92.123.128.192:443 www.bing.com tcp
GB 92.123.128.192:443 www.bing.com tcp
GB 92.123.128.192:443 www.bing.com tcp
GB 92.123.128.192:443 www.bing.com tcp
GB 92.123.128.192:443 www.bing.com tcp
US 8.8.8.8:53 nav.smartscreen.microsoft.com udp
GB 172.165.61.93:443 nav.smartscreen.microsoft.com tcp
GB 172.165.61.93:443 nav.smartscreen.microsoft.com tcp
US 8.8.8.8:53 data-edge.smartscreen.microsoft.com udp
GB 51.11.108.188:443 data-edge.smartscreen.microsoft.com tcp
GB 51.11.108.188:443 data-edge.smartscreen.microsoft.com tcp
GB 51.11.108.188:443 data-edge.smartscreen.microsoft.com tcp
FR 45.112.123.126:80 gofile.io tcp
FR 45.112.123.126:80 gofile.io tcp
FR 45.112.123.126:443 gofile.io tcp
FR 51.75.242.210:443 s.gofile.io tcp
FR 45.112.123.126:443 gofile.io tcp
FR 51.75.242.210:443 s.gofile.io tcp
GB 13.87.96.169:443 nav.smartscreen.microsoft.com tcp
GB 216.58.204.68:443 www.google.com tcp
GB 216.58.204.68:443 www.google.com udp
GB 216.58.201.110:443 apis.google.com udp
GB 172.217.169.10:443 ogads-pa.googleapis.com udp
GB 172.217.169.10:443 ogads-pa.googleapis.com tcp
GB 142.250.200.46:443 play.google.com udp
GB 142.250.200.46:443 play.google.com tcp
GB 142.250.200.46:443 play.google.com udp
GB 142.250.200.46:443 play.google.com tcp
GB 142.250.187.206:443 clients2.google.com udp
GB 142.250.187.206:443 clients2.google.com tcp
FR 45.112.123.126:443 gofile.io tcp
FR 45.112.123.126:443 gofile.io tcp
FR 51.75.242.210:443 s.gofile.io tcp
FR 45.112.123.126:443 gofile.io tcp
FR 51.75.242.210:443 s.gofile.io tcp

Files

\??\pipe\crashpad_6108_AEGHUTMQESNVEQMG

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 7cf93d0c0f40607092982dab8e4e69b1
SHA1 24c8a323145307b689016ccdf7b11997ce660f78
SHA256 598044a650b538f2115bcdb61d3284b2498b4477652205e436253d4efd90fcff
SHA512 c10bfb3ee9d2b964d7575a3dbd1def6e4325c5bd6afce1e768fec985e7f225cbf16afb7ac20a5c09974b1010286774a58884f7fc0e851c3c1780a7e5c8218e7f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Temp\scoped_dir6108_622215178\d44d6594-9edc-49d2-97bf-1554144ac68e.tmp

MD5 eae462c55eba847a1a8b58e58976b253
SHA1 4d7c9d59d6ae64eb852bd60b48c161125c820673
SHA256 ebcda644bcfbd0c9300227bafde696e8923ddb004b4ee619d7873e8a12eae2ad
SHA512 494481a98ab6c83b16b4e8d287d85ba66499501545da45458acc395da89955971cf2a14e83c2da041c79c580714b92b9409aa14017a16d0b80a7ff3d91bad2a3

C:\Users\Admin\AppData\Local\Temp\scoped_dir6108_622215178\CRX_INSTALL\_locales\en_CA\messages.json

MD5 558659936250e03cc14b60ebf648aa09
SHA1 32f1ce0361bbfdff11e2ffd53d3ae88a8b81a825
SHA256 2445cad863be47bb1c15b57a4960b7b0d01864e63cdfde6395f3b2689dc1444b
SHA512 1632f5a3cd71887774bf3cb8a4d8b787ea6278271657b0f1d113dbe1a7fd42c4daa717cc449f157ce8972037572b882dc946a7dc2c0e549d71982dcdee89f727

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.89.1_0\_locales\en_CA\messages.json

MD5 07ffbe5f24ca348723ff8c6c488abfb8
SHA1 6dc2851e39b2ee38f88cf5c35a90171dbea5b690
SHA256 6895648577286002f1dc9c3366f558484eb7020d52bbf64a296406e61d09599c
SHA512 7ed2c8db851a84f614d5daf1d5fe633bd70301fd7ff8a6723430f05f642ceb3b1ad0a40de65b224661c782ffcec69d996ebe3e5bb6b2f478181e9a07d8cd41f6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.89.1_0\dasherSettingSchema.json

MD5 4ec1df2da46182103d2ffc3b92d20ca5
SHA1 fb9d1ba3710cf31a87165317c6edc110e98994ce
SHA256 6c69ce0fe6fab14f1990a320d704fee362c175c00eb6c9224aa6f41108918ca6
SHA512 939d81e6a82b10ff73a35c931052d8d53d42d915e526665079eeb4820df4d70f1c6aebab70b59519a0014a48514833fefd687d5a3ed1b06482223a168292105d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

MD5 a1deeb8db4d400680bf3999c366b6a6b
SHA1 4e34d5e0bb728411a8972f21284b9763917dcf62
SHA256 642cbbf2233460ec235a572f3601057954dd57e0e671ceecf2f8c2527f48735b
SHA512 9c96283ed26c0e12817fb295094795930aecd48d4f85ebf46642352d8567d048e01e9f9b8bd45b19ad0afe42bb27b49bd159d7feb99e5a4bc260ed27a33919b4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 33d2e1de0d43de60f5b6ae0944b74339
SHA1 a051c1d2299a07ade117f3e44714cdd96fae16d7
SHA256 c4b0af9bc7b80e5bd578f89ee2db90a8f3bcbbc4dae8e6fe0a9e912a7bc6b9e0
SHA512 db0efc25002249654d939922b8c10a1fbf294225cf68954477663eada5b8b3020a35bda3a2340913aa3d3bb7e3fd355421593576f1e58dbb442c9cf95345a24e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 54c3e99637204dd1ed8bd08d8ee852ca
SHA1 1e2ce4330fe06c03d167b53ee554c40186c379b9
SHA256 be8bb65aa5ec3bb12e042ff940a814c356014103929dba22714ae40326f3136f
SHA512 27321357b7ff1a7a9dea42afbd8ad478e04a8aa46008d0d059bf64c81049e8e8ac643d26bfa08469e5702c04d34ffdb5b2baa808dc574a818d68124e704d7ab3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

MD5 65a51d76c859d9429ace7e1b8f415b69
SHA1 c502a2125c8113d6c44429bb8b565746bc91767e
SHA256 f725d57e0548bf09b062b65f682c52c2a68cfd3bd5261bfec4fecc243f0e1b31
SHA512 82da6da9aadf252ffec1975d1d7f5a432a4c9084bf880a9909a2610519d31366f3a9b6e1f6be688f7349c65918196b437867b4f7b26607da1e76fbf152744903

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a2660046242ba748261132f4803e5be5
SHA1 97ed58b6f817eb0cab889d0377c3dc6b32f295eb
SHA256 682f6dcbdd2044106dcd2188c95322d113548ca78cdf878eeb0def97dce043eb
SHA512 9211d94562e3ae4b097e1794db4791048bbe0850e4689c5bb98b66e036a722482adfebf7cd0f5c6a4041e89900361bb3186fbcdca9c78a1c6d6c61d5f3e513a4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 48c90a1160ef30ebdea91b5400910c4d
SHA1 38449d24d3edd2c18ab0f6a9ae65bb38cee92c01
SHA256 8cf824a52ffea6cdca7e7f21ea08c65bef4cae300b8a07be34368c7c89d45cfb
SHA512 76c5e170e42e48e314fa60dd72125cdc3db067853b19bb43d5a66a8a685b09e02873ef820b1ce84289978a87b83adf9febbbb0758af81736808719259d85ab6f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\DawnCache\data_1

MD5 f50f89a0a91564d0b8a211f8921aa7de
SHA1 112403a17dd69d5b9018b8cede023cb3b54eab7d
SHA256 b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec
SHA512 bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 648295913e8e74a91d84a0bd6dfa0efe
SHA1 e42c17ec7e237fa16204bd204ba0d47c2e7aa057
SHA256 3f46ccf49be312c1e7b3cd94ff1d27970975d6a80e052769daf31c772adb260c
SHA512 6e3f03fade65388ad14c2443300f79d028986a7863d32ad731a3b1aef4bc4937e7cb150c814947befdf4d2a8510f70368ad35621ae854b9037e46488df7423e2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 fe68444a298dfe7ce3afb15e1e04dc2d
SHA1 ce8500b8bc9f8033bf5f6b28174d04852e996cde
SHA256 4fa17fcbb66e9306869abf881cf02c7b890bd34c34852c8a8f0e276bab375ba0
SHA512 ed3aec46de266977a45e00363f3e258e53e9763fd5304861d2a7582344f6364f9dba20d5a13e6c2eee42e6bb875eec2f3e900f45cc64bf911e7055008c2374c4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\cedb0849-c58b-48f0-894e-c2bbaaba8b32.tmp

MD5 5058f1af8388633f609cadb75a75dc9d
SHA1 3a52ce780950d4d969792a2559cd519d7ee8c727
SHA256 cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8
SHA512 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 5e3fb91136c68857ef100fbd88e650d9
SHA1 c96771205f249a9c1f45c9af50511940fea51db7
SHA256 f43163b9778be7b6b05120ff7ab4963851901e185664244cf3431a7b5497775d
SHA512 92d6d598f065e4314b5c62853dec8371714ff0bcb4384e94058732dc4fd62fb90fc78682addf5f8158956d8e4ff01bd85e6bb9ade44cfc82e46e89e51ca1ce90

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\MANIFEST-000001

MD5 5af87dfd673ba2115e2fcf5cfdb727ab
SHA1 d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256 f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512 de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 206702161f94c5cd39fadd03f4014d98
SHA1 bd8bfc144fb5326d21bd1531523d9fb50e1b600a
SHA256 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167
SHA512 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 3c896ed50e2b377ca32b74835b6942cc
SHA1 3c4845b82dd9a3d632f1971d615a0b02d360ff7f
SHA256 c9e3b3133f48ccff27e280228f2da1dbb811764bd2856684ca94ed020e5ce12e
SHA512 b03b98cbd92dba1151e41e32f1abd141c52c625f69454a53f858182c05a19a3aa260029b11bfb19024dfa9a2893ea4c19d1deb7acd22a2a110f44d4e6d547d13

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 79281262dd49d1de0b674b19bc541d24
SHA1 108883151967c832b1c4528eede743f4717dc4ce
SHA256 55be92f0522e6eb78b95d82721ef7206f2377cbd2e1f225ab2cd82e2e874cf27
SHA512 a20ced2a0e78f0508fcc7e521b0c1ff4c5cef4a27e18b4130de1912b735d20ab3ebd39db8a13ef1339ab85924ad9440cf59019fbddf106d060fc32238c7f6057

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 0562fce4476a7e721551af0efae56a53
SHA1 1e097210fbe13372e9cfe428329c184e18d0e4ba
SHA256 88ac2f3df2de56b87a2184cdf4a3794d8009b15997bd29fbc010c43a85466bbf
SHA512 21ee22e518bbb017bd4073e7c3669d1d0b1e7f0257f007633e3659677ecc8ae1b0876ad88d465b241d837497e946409eca3b61a2cfec85af093f8039ec11028c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 bef2437ae76639971f0e0bd5a255da17
SHA1 3a903ab673445c3cf93ae90c9decf5caff8dd753
SHA256 8b1b261b8f75cfaf283ad04a39b7600a0733e9e57fc2da47673baa072eb9a680
SHA512 f5c54a2cf560a6209e2fc96082d0559db2766fd1befc021297d97ca7943c9a335ff208ced4e7991b5f0f90880965585941d03db74b721a53481c7ff29460b078

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe58a033.TMP

MD5 957b02366d21dd48cdf30c196ab2ac0c
SHA1 906ba4c51878f8363440ae663ad44f8a538c5a30
SHA256 3790bcea18193ef5f2e61e4f0d8a9c417e164dd21e8c20d587ae476690203503
SHA512 0d6a4b2d6fa2aaabc03adeb9e1bfdf218cdd28ef8f869567cadc14ea02936ec3161584646040298672c53746bfc56617f439e8b0dd5ca64c6225b3c8621f7ddb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 95ace0ebe6d4a755b02849581dfa6b68
SHA1 0d84d2c6cf07e639f0f2f3c9497d5171b060faff
SHA256 b5405b0a3846ab87bc52a0b387896883e0e457126dc75d46fbde630377bc75e5
SHA512 006dda9bc8ae200e059582b193565c65c493200ae04fc52ddf19fc0a2ba124e9e2ba548df1ec1d952e41fa371aea4a979c529c8a6dbc79a10baab9ab33d8f0b2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 ecf0ad8ebcad64a7e5def5779875f721
SHA1 93b3081a99948d3451a5472fec21c36b85466e03
SHA256 a675a31bd642300296135cdbe541293dc62cb544b16e21480a0146317daae392
SHA512 a78af4294198a6057a560719b7dec6a25a762dccc0fbcb1b3ddd69c3cf406a7201c70b689422154efa5693144f0bf72598d8bafe0c9fd6b7714dcdf696108123

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 cf8df8c601085a507a6067e390d0bc3b
SHA1 e332e60208f17ab3b2f95fef5d62c505640a3497
SHA256 ffe84db23132af508593bdb2d536dfd5913d849bd3835f35e92018c65e6c17d5
SHA512 1780eebc01fbdd5b3ce767a76c816a83274369c90e74c34e74f3aa82efc555dcbdcd70720925ca88caebab6b3165404f4f95ee8a7b0faa0418eef76181712ce0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 3e3313dcb2f3861a3fd610a47cdd5055
SHA1 dba021e6d5d7d3470760598c03b3ad9ca2e1d13d
SHA256 af6af60243a5c3216cded07ac05f080bfbaf04c44fa19e7c386a083bed37f0ed
SHA512 20e45c4a530f6f46ba219f96d5ff91044402f992d37a08f1f7cf90b1d2b7e3f591e622f88db834d2289dea50a261e66a0d5a4f72d7fd441e8d47dd34754b51ca

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 b0f1f725b7631962e30b36f43c0ef041
SHA1 4d14461a43b947744a08ace2c4a7d26a0f5bcbf5
SHA256 b25c8295c5e290d622fc19bcdc9157097fcfe49b21c0b8fee6808d4aceaa8314
SHA512 6dd8df0447642c6804be567faa4595a990d2a4b8c64c26c337dc782d87a6454b8d121d1e21fd8407b52c29a2f794bd64ef4451a171ba911467d9c16e6fba73c7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\CrashpadMetrics-active.pma

MD5 a79262f89d388f555cb943871550ff2c
SHA1 c3e1bc1afc3f4401a358ac079e7adc56087e9e8a
SHA256 5dfeb6413e81e0b127f6b04c960164441a5551ee6f797af190cc1552bb638a5e
SHA512 0eaf66040355a4f0e432f1753c58f5134c7f917088ba9d424625bc44ca6c6af1a58a012ca19c35b5365e9adf75194dbff5f254ecd5ed4ddb7c5b38f30f43b878

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

MD5 7ef6364e5322f9df6f5b52305b387a98
SHA1 9778ce281418a8595956130edb0abedb9c0fe6ed
SHA256 0b21a0b0cc4cc98d9e0dd6a2a2777767d43f96cedf3d84c2ee7e7c2d3d5a5019
SHA512 9e0543f9058f21f2a5c3f3a62509bd236582066f701c797b86913f5a22145b3c8e0302b602e4e75e48514067087ac0aa5a1ad9951cd2b0988ff9d7999cc3dae7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 961e3604f228b0d10541ebf921500c86
SHA1 6e00570d9f78d9cfebe67d4da5efe546543949a7
SHA256 f7b24f2eb3d5eb0550527490395d2f61c3d2fe74bb9cb345197dad81b58b5fed
SHA512 535f930afd2ef50282715c7e48859cc2d7b354ff4e6c156b94d5a2815f589b33189ffedfcaf4456525283e993087f9f560d84cfcf497d189ab8101510a09c472

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\segmentation_platform\ukm_db-journal

MD5 50f6f0120a36af5a777888d05637e009
SHA1 157b5b6a4b32b3c51ebd812183e9df8f56af5b3a
SHA256 cb6878e92841f1f7317da89a0e5e75fd33aff92f74791b5c992d19de8b1916a0
SHA512 6a2b44607b497e21a4d24b7498ca458a595f1cd0409414a111cedf5d3d60d6add4d6448ad8f70c74ac5d3809dafbd08334b14b27527ff04482752283846a2775

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\000003.log

MD5 08ace55bec194b5f2f738eef7fb6ecba
SHA1 6def174c7f3e3f009cf85c5f1caf8c683e7f019b
SHA256 a78d6f8199259021c903aa540cb0a948fa040c57bf2824b8559a61ef936de701
SHA512 212772db517fc0a3f061682a4feae240a2b1a5c5c8f0c7b6d62e043df6be3c5824bfc64fbb6957e89bbf037aff697b90e2925416b15224320d09acc0d5ee1d9b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Visited Links

MD5 fa2ff1e9edff72f753c11d0ecffbf240
SHA1 361b2b97b3c68785fd4068e277449022de6eea4e
SHA256 2769e89a0c1ad21b7cc675e0eea3dc00b3de7da1f4863dc6c6763fa8e1098c58
SHA512 5f7096b9ed9404554172c2fe82e37213de7ca6ca7805837c52ce24d144529b55aa5ba208389a04e648c43ea7c01bb3bf2549ff285bfa03e74cdac4b8ae134353

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG

MD5 e5ac54e3406e6b2c409855b4db952ddf
SHA1 bb4977a58e4ce347613ff744a9cfffd25d68e8d5
SHA256 356954a6db8b7db0722ba8bf311abfaa8d8dd308c87e5086cca379d3d70b2336
SHA512 4911890e2ce13128aa205d9bd95c7833c5472f2a0de4439dfa1add99346483df82adc05d1bcadc3550193963480ebf66699ffd0bb2a9b9d022792098001c071c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Cookies

MD5 8b5f79bf7166d44c7ccc99dd155abaaf
SHA1 6bb1b6493dce31b10b7cfac6538f5b38af0c978c
SHA256 2df5af8f1c02e924ba24b9fea4465bd55db57e150993fa38d4161735363f10df
SHA512 af84d4f572fdde29bc1a0ef95ad9fa2370c280f659611f4bf0c3f9ee17a81ff748ae173376691a7d2c1874a158ee78c5d3e5110dc56957d01a3f7d470e3a6d76

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\LOG

MD5 89843d3d469d3793501c492a86fca807
SHA1 926db10883b701224dd80b5b8d2f0d95234defaf
SHA256 95045f51766ecb07a24b8849587c864f0cc479b9ef43658efcd2486a7bbda62c
SHA512 cf6a24c517debf9e925bba9f4f02981db9ca838a7dc8ba8b177ec0dd3cb0bccb29c6e287a33ce6f80daaebfa86fce0c0c29009e5162d1c41f8e8c42cc2aaf642

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_1

MD5 d96b93904dd54e468afe92a42e8ca266
SHA1 dde4b7fa2b3ac6ca7def7ccc8fe7dc642879301c
SHA256 e1755abbd2aefd04eab74ff34310009be690b35d355af3ec0fa27d6c617a5dd3
SHA512 9fdad7de6b29164a6ad15753944139a174e407ef4c0fbd5291bfe2405fe35e7710e86a265000e8b316e773b2caa535ecd93d5a8c3b09c3d798c891ba612f9b04

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\History

MD5 69341dcd62e5b6b8b9b343dcb16d008b
SHA1 82af603214884384598cb85bf679d6d780d614f7
SHA256 44796ce97a29d0f776f724f53d5a6735dbafdd0c6cca4fb5ba5eadc249defeb6
SHA512 0e39198233efadf02b1e041dbe8e8c39304b957c9c48d00edad779cf7b4fc21bb22a5c95c9a3f9f4c76a64710e540bbb44c5bf478b47b868cdfe08a9a2333b91

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG

MD5 59a04eb1f9b0f5e4894bcecff9b3decb
SHA1 a852d79cfab77f7432b376425c44a360aade59c4
SHA256 eb2e47dd8c2bc6426c2a8981a02d40e7db3de42c8d72bef3a52d05a18e87c093
SHA512 5ccf76671008465ba7a07bba144bff4c3f5c2ba04fc68bc456518630866bca4fb1472a1b2e21d91290a58d48c77a84478df5ce6a7a14e4ac66ec3e2bcfceea72

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Version

MD5 ef48733031b712ca7027624fff3ab208
SHA1 da4f3812e6afc4b90d2185f4709dfbb6b47714fa
SHA256 c9ce8dbbe51a4131073db3d6ceef1e11eaca6308ad88a86125f221102d2cee99
SHA512 ce3a5a429e3796977a8019f47806b8c0671b597ead642fcbfbe3144e2b8112d35a9f2250896b7f215d237d0d19c5966caf3fe674165a6d50e14cb2b88c892029

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG

MD5 8b4ffab336340b90f8eaaf5fb2488174
SHA1 85b62b0d66cf290ea52b45ccb6a471ac244ca6fe
SHA256 4c02561fc9ab5465afa2dd6e2bfd27a7a7c564e1863a31fa5acddbc072683345
SHA512 736a4c7397d1441eeb963e1f79462792922926ddb0d9fdb7f0107daa8d4fd6fccfa912131a195123655e14740e2098a38c8ded25767b843a8919d792a97346a6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sessions\Tabs_13385576178237543

MD5 c8d025221e91bc488f0a99ebe2ef5880
SHA1 423013c05adbf32fe4ce294d9776583f9c453b2d
SHA256 7331ba42532ba63e8f09409fdf0775165928949eb32ac5bb406e269b69785aa8
SHA512 2dac2766dccdce1dee46c3747a1857ce449463bcb2cf60bb7276cfb9eadc31e4d8619cea130c5e6ec0fadc66491f903bedd87ed52c61d7d6dcfad48dc8ac9ba3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.89.1_0\_metadata\computed_hashes.json

MD5 eb95daa26abf3e1769719f72665ba30f
SHA1 77515d76b6e9429ffd64105cbc345b600ed3bf2d
SHA256 0f2c124b4d0f11ce0bc64d6f9799650c1b9e54d443b0b17028094fb9d68f7dee
SHA512 a02ae7ae2d904bd3b40e1b93dde103d41e49242dfb32479c4b3e3bdde41d917a6418ab4c3695635fcdfedf24768d832d697b13c8acb5e1fbd99f9a79210c9db0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.89.1_0\_metadata\verified_contents.json

MD5 8f99e1ef2afc5f73d9391c248a0390aa
SHA1 dd15dcd68ffb7cba69c6bba010df57a75390c64c
SHA256 d57215628af1ecd1ecd8f83da69245161e4e0a2ce24846b2fff6b35da232709b
SHA512 8f4aa8ce2ea90958bec430cd46f1e76d8e7617c0735d8ab896f4da1f84f3220920cca6ca2da2d7559355423ec115342183615f7e62e72ee6168a5930a078948b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\LOG

MD5 c24d5d96ae0ef9959ddea6ff595f4c24
SHA1 198fe6e892acf3427623fa87bcf859784a5330d8
SHA256 97f51b9710915545c97c595e0e737082518b6584b6f0a0f0e9732eafb4cf77f8
SHA512 267d7aac72c1d13f996d89d5461ab61d4903b1406100cef6f9b9c9c799815b278d58dc4f861a9e8016644083cc5f36c0dc49837664dc6d8deb52ea0d2249a55d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\000003.log

MD5 4b7d63cabcd3f50b6f3af566fa78a8aa
SHA1 ee98a166a56fa2cd1b09437213b39eec07d3d682
SHA256 3462c7809b700a78a83b8f89f5aaa17ee385dca650e204abc8abd245ba3c6d12
SHA512 287b4854830493bff4a6c9296c0c5bdb32608d3e0ff4f555d529cb17d3fa20121f51293f8d4fd1dffd8641b7c423274bf1813a7922a993f80b229481d02c3f40

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG

MD5 4586aee952180eaa070349bbe2582784
SHA1 aed9a47ad578b8b8ce70ac327c5d2fa0b9a88a68
SHA256 c157079bd80234746908427922ba2c2ee594bb8b443765bad48bc2dc07d77f88
SHA512 09abe4637a2ddf357ae0786d69ff7d7caa76b0e3c784954d27a8cc44afe3628502aeedf5b6e2ee3b3b31743c5723a0e131bc07b5a3e7ce4229cc856bb00085bf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\QuotaManager-journal

MD5 0c4c3ba7928a439f4455b05198d12e58
SHA1 ca816ba4dc6a53aa97178a82ebb50f5bd7f34ff0
SHA256 3042f9c33065a835c49aea7d966cc935dedab1926ef6c69e184ac0bd0610ca5e
SHA512 78c84a9164642e334206053e2743845f3e478a906fd233412c9c41d9dfeee950b52bc938e1fa11cfa9af49c636a6f38aebd96fb8038256225baba8c061c8e708

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\QuotaManager

MD5 b5c23f8734131b7fe56b2bfe8f6d76bc
SHA1 3a60176fc808e0b9b37871d98603c5a2eba9e094
SHA256 54cb6266ab276763dd6af362b8e10a1145ae880dade1befee36580ada77cd93a
SHA512 54aa2019745f2a820baaba5363bacbc3a7f3931656843bfb56f01d5c3f54c42c04348b816a019581269aceec550051d380f294eab239c710edc51c327f32b6f7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_3

MD5 dde19f99ef01657000261a1d35ccbaf9
SHA1 7215c52e52125f6099cfe146d18bdee9805777b2
SHA256 5daf186c59d782b06e278e7bf38985c69693d99ef7aff3891ad6abb3fd304127
SHA512 cc5af1fbae63bcdf2d73559a128750ff1d48a4f559e290faff052d0bdcd6e5b5333bc383dd46cf4d93e7b5bcd6293fea92687ada269d10369e42f308601ab615

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

MD5 7f7fad46cd25255fe70a4b1dc63beaa3
SHA1 7ac73bc74cc8a88965bc219b91d3dd96cfae69eb
SHA256 e5b4ba3fbc29f42313e418d649b887835eee98dac54463ff9e553d46389619ed
SHA512 1196bc569e715a8b09122db152b21b8cd8d612bdeeb9bc0658b0dcb8a74a5eee969bae0803f62961ccec540b98ee6559600a21565735addb545629a4534d8a5a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_0

MD5 afc79378764c05c3cc8c346edbe1493d
SHA1 80bd8f4074b6332f65feaa8714d5d68f41035365
SHA256 6a9890d5b2db2c08a784d0448962acf4d29b2ecf2de85db9edbbda93e7954513
SHA512 9e24ac335e8b7aaf6ef82be35d7a43da4dd3982b5becf99c3fdf2536dce87bb940d427b56fd13e38a98ce4cb492b697a7c873df87757dc874b7b7c3451df78d0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 b1a1ccf7e37f8b3bece94f4d478072ee
SHA1 721be474be0d18bd2c7bc34639040e7bbd514d5a
SHA256 03644f4a123d6e12e3d941b1d7094e6b4b5bd68b5863e0013be6bfbe0fd65fa7
SHA512 3ce758ed56a1299040d799e5eb7d18cb3e6887d20a198ab1b2174a4690271fffa91bfc2c730cdf4b9fa6949490ab8b361468e7d2f516dd276c36c85714acf6fd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 d5dc90ede0c48d1c89ca6f3fdfb689c7
SHA1 13b0df6c896120ae3105b44df5af749adbf35d84
SHA256 647384a26dd22d1b134dd9ed8a08e5c26908415115932c8f23332e6b1b4105e9
SHA512 766f01bf719cc6e585653270d2ecd235a7a30dd6a438a821cdec76146dc23757e70b5d280746c3c62e3ff56b2cb35ba79653d82efa879e7f5af0db2256b2ddba

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 ec169a4de663e2466ea63f40f303a9e4
SHA1 14abbf41a6415b4f71a2e246e761cd383038fd8f
SHA256 44f3c8ffb871d331454a5167cde85cf1dc30e95add62eecc9bb646784a165533
SHA512 fc41ab4a1d1ae61488bbe7609f7024c9c8bb1e2c8c620281b64acee8bea6857f1bc782075a597cf16e8cff853f52ba0d401599fa7402e1c615154add42136672

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 0ace2026fecbaac1022baee8127e30a2
SHA1 bc35f7acaaf2f757d1e98c0b7492a6fabba136ec
SHA256 6cbc3b14c2c53a57098a96fce479f5cc7e72fe9ab46947083f156a2feb5d97ff
SHA512 4a3f491a98afb0e1ceb273ab7912fb502ca0bb9af73e1df55798c7512842f180ea8bf7f23cba366dfb69249933fecb98ec9048bbd95e1b7b0a87ec74af6b082a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2fc703b76f85c4e49726352654f552e7
SHA1 9adba8ef44d7c4a5156b708db8cb6b89d392ecad
SHA256 f6c4450457ead1b8cffeb1d11cfa60fc246b4379c87baf3df57c75eae5194876
SHA512 088207d5e5d4f71446598a041cf962d0c682328f4072b817e15994ce8f966be79fb7f52e625accf365b4d44921920ddbc1998aab1f4d0dd70491680b232311e9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 2cda0aab2d8b2ba1522cfc3799d2f75b
SHA1 24c891cccd5109a580e92e9444c7506d79c99889
SHA256 24b60ad259f5f5b40eaa2bc60fd0c597c3c019516168045039357e7f5feb248b
SHA512 c3d99f87f01ab7d44127a8c514511027a68acc8b1e053b0eed27b76051e6d5304dd06d0e765c9cdfd962e26c845a1e76a0f50f8639267515da26089827f0a14f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0785e09a5af84175ee94c5fb7a5d0663
SHA1 17e5095f623265798eaaad711d2fb5bb8b320b55
SHA256 7830c70f14bbc29736f7c7c30997a3fbf0d6bfaededca53750908c37d02e3893
SHA512 151b1f3fe0f1461440159206620f894d170b95a704b80e20406d170750c41fbacedd27bd0295cc8de5ba671536670e4dd3a44c6766db5ccb58a903e2b9a98fe3