Resubmissions

09/03/2025, 22:04

250309-1yxctssqw5 6

09/03/2025, 22:01

250309-1w649asp12 6

09/03/2025, 21:50

250309-1p8dqssnt7 10

09/03/2025, 21:47

250309-1ne1sssmy9 4

Analysis

  • max time kernel
    159s
  • max time network
    159s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20250217-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20250217-enlocale:en-usos:windows10-2004-x64system
  • submitted
    09/03/2025, 22:01

General

  • Target

    zirotu.png

  • Size

    2KB

  • MD5

    f5c92811b7f5083d0bd5402f3b014737

  • SHA1

    8a1c34741bf13461695ec7838a21ab0d200b82a7

  • SHA256

    7b2f9ebd9a8ef42baa9416c52ceb1fbe1108c894d26a767e25849411ddc9ac00

  • SHA512

    d5ee03187a5ebecb5d3431f74d8a0048fd9a8b38bf06721ebc25986d4a8580b0de32d34a645bdbb271f75674e082e14e223502f879fac18a1edd10598152d247

Score
6/10

Malware Config

Signatures

  • Legitimate hosting services abused for malware hosting/C2 1 TTPs 2 IoCs
  • Browser Information Discovery 1 TTPs

    Enumerate browser information.

  • System Location Discovery: System Language Discovery 1 TTPs 14 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Checks processor information in registry 2 TTPs 4 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Modifies Internet Explorer settings 1 TTPs 2 IoCs
  • Modifies data under HKEY_USERS 2 IoCs
  • Modifies registry class 15 IoCs
  • Suspicious behavior: EnumeratesProcesses 28 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 10 IoCs
  • Suspicious use of AdjustPrivilegeToken 64 IoCs
  • Suspicious use of FindShellTrayWindow 47 IoCs
  • Suspicious use of SendNotifyMessage 24 IoCs
  • Suspicious use of SetWindowsHookEx 43 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Windows\system32\mspaint.exe
    "C:\Windows\system32\mspaint.exe" "C:\Users\Admin\AppData\Local\Temp\zirotu.png"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of SetWindowsHookEx
    PID:64
  • C:\Windows\system32\svchost.exe
    C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DeviceAssociationService
    1⤵
      PID:4280
    • C:\Program Files\Google\Chrome\Application\chrome.exe
      "C:\Program Files\Google\Chrome\Application\chrome.exe"
      1⤵
      • Enumerates system info in registry
      • Modifies data under HKEY_USERS
      • Modifies registry class
      • Suspicious behavior: EnumeratesProcesses
      • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
      • Suspicious use of AdjustPrivilegeToken
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SendNotifyMessage
      • Suspicious use of WriteProcessMemory
      PID:3984
      • C:\Program Files\Google\Chrome\Application\chrome.exe
        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ff8e9a1cc40,0x7ff8e9a1cc4c,0x7ff8e9a1cc58
        2⤵
          PID:3884
        • C:\Program Files\Google\Chrome\Application\chrome.exe
          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1964,i,13018271169061604064,2702634867325013868,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=1960 /prefetch:2
          2⤵
            PID:1820
          • C:\Program Files\Google\Chrome\Application\chrome.exe
            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1868,i,13018271169061604064,2702634867325013868,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=2460 /prefetch:3
            2⤵
              PID:3924
            • C:\Program Files\Google\Chrome\Application\chrome.exe
              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2160,i,13018271169061604064,2702634867325013868,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=2612 /prefetch:8
              2⤵
                PID:3140
              • C:\Program Files\Google\Chrome\Application\chrome.exe
                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3128,i,13018271169061604064,2702634867325013868,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=3148 /prefetch:1
                2⤵
                  PID:5028
                • C:\Program Files\Google\Chrome\Application\chrome.exe
                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3160,i,13018271169061604064,2702634867325013868,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=3344 /prefetch:1
                  2⤵
                    PID:3636
                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3684,i,13018271169061604064,2702634867325013868,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=3696 /prefetch:1
                    2⤵
                      PID:2280
                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4664,i,13018271169061604064,2702634867325013868,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=4672 /prefetch:8
                      2⤵
                        PID:4996
                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4524,i,13018271169061604064,2702634867325013868,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=4816 /prefetch:8
                        2⤵
                          PID:836
                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4968,i,13018271169061604064,2702634867325013868,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=4940 /prefetch:8
                          2⤵
                            PID:2168
                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4672,i,13018271169061604064,2702634867325013868,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=4936 /prefetch:8
                            2⤵
                              PID:5040
                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=3688,i,13018271169061604064,2702634867325013868,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=5060 /prefetch:8
                              2⤵
                                PID:4712
                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5172,i,13018271169061604064,2702634867325013868,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=5168 /prefetch:8
                                2⤵
                                  PID:2932
                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5176,i,13018271169061604064,2702634867325013868,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=5096 /prefetch:8
                                  2⤵
                                    PID:4892
                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4944,i,13018271169061604064,2702634867325013868,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=5192 /prefetch:8
                                    2⤵
                                      PID:4996
                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=4532,i,13018271169061604064,2702634867325013868,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=5312 /prefetch:2
                                      2⤵
                                        PID:2936
                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=5248,i,13018271169061604064,2702634867325013868,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=5296 /prefetch:1
                                        2⤵
                                          PID:5480
                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=5376,i,13018271169061604064,2702634867325013868,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=5492 /prefetch:1
                                          2⤵
                                            PID:5664
                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=5372,i,13018271169061604064,2702634867325013868,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=4652 /prefetch:1
                                            2⤵
                                              PID:1060
                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --field-trial-handle=5336,i,13018271169061604064,2702634867325013868,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=5020 /prefetch:1
                                              2⤵
                                                PID:1548
                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4572,i,13018271169061604064,2702634867325013868,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=3356 /prefetch:8
                                                2⤵
                                                  PID:3856
                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5772,i,13018271169061604064,2702634867325013868,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=5848 /prefetch:8
                                                  2⤵
                                                    PID:3596
                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=5816,i,13018271169061604064,2702634867325013868,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=5808 /prefetch:8
                                                    2⤵
                                                    • Suspicious behavior: EnumeratesProcesses
                                                    PID:5676
                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --field-trial-handle=3440,i,13018271169061604064,2702634867325013868,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=5736 /prefetch:1
                                                    2⤵
                                                      PID:6000
                                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --field-trial-handle=3184,i,13018271169061604064,2702634867325013868,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=5688 /prefetch:1
                                                      2⤵
                                                        PID:6024
                                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=6024,i,13018271169061604064,2702634867325013868,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=6032 /prefetch:8
                                                        2⤵
                                                          PID:3688
                                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5568,i,13018271169061604064,2702634867325013868,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=6148 /prefetch:8
                                                          2⤵
                                                            PID:6136
                                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5992,i,13018271169061604064,2702634867325013868,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=6132 /prefetch:8
                                                            2⤵
                                                              PID:1832
                                                            • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
                                                              "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" "C:\Users\Admin\Downloads\Hitler Ransomware.7z"
                                                              2⤵
                                                              • System Location Discovery: System Language Discovery
                                                              • Checks processor information in registry
                                                              • Modifies Internet Explorer settings
                                                              • Suspicious behavior: EnumeratesProcesses
                                                              • Suspicious use of SetWindowsHookEx
                                                              PID:5852
                                                              • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
                                                                "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --backgroundcolor=16514043
                                                                3⤵
                                                                • System Location Discovery: System Language Discovery
                                                                PID:5156
                                                                • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
                                                                  "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=0CE47076EF9C7FD7E46828EC47033E91 --mojo-platform-channel-handle=1716 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2
                                                                  4⤵
                                                                  • System Location Discovery: System Language Discovery
                                                                  PID:6068
                                                                • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
                                                                  "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=renderer --disable-browser-side-navigation --disable-gpu-compositing --service-pipe-token=9B5330502FFBEC26D2039EED28DAC93F --lang=en-US --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --disable-accelerated-video-decode --service-request-channel-token=9B5330502FFBEC26D2039EED28DAC93F --renderer-client-id=2 --mojo-platform-channel-handle=1728 --allow-no-sandbox-job /prefetch:1
                                                                  4⤵
                                                                  • System Location Discovery: System Language Discovery
                                                                  PID:6060
                                                                • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
                                                                  "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=8DF5FAE3B23ABEAC4BD1763E39BC9486 --mojo-platform-channel-handle=1800 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2
                                                                  4⤵
                                                                  • System Location Discovery: System Language Discovery
                                                                  PID:2952
                                                                • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
                                                                  "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=F51271918FD04D6424745B0F52FAAD53 --mojo-platform-channel-handle=1704 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2
                                                                  4⤵
                                                                  • System Location Discovery: System Language Discovery
                                                                  PID:776
                                                                • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
                                                                  "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=B05D630395B3870E16FD08709C91A21A --mojo-platform-channel-handle=1720 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2
                                                                  4⤵
                                                                  • System Location Discovery: System Language Discovery
                                                                  PID:3540
                                                          • C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
                                                            "C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
                                                            1⤵
                                                              PID:4764
                                                            • C:\Windows\system32\svchost.exe
                                                              C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
                                                              1⤵
                                                                PID:1212
                                                              • C:\Windows\System32\rundll32.exe
                                                                C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
                                                                1⤵
                                                                  PID:5212
                                                                • C:\Windows\system32\OpenWith.exe
                                                                  C:\Windows\system32\OpenWith.exe -Embedding
                                                                  1⤵
                                                                  • Modifies registry class
                                                                  • Suspicious use of SetWindowsHookEx
                                                                  PID:5448
                                                                • C:\Windows\system32\OpenWith.exe
                                                                  C:\Windows\system32\OpenWith.exe -Embedding
                                                                  1⤵
                                                                  • Modifies registry class
                                                                  • Suspicious use of SetWindowsHookEx
                                                                  PID:2860
                                                                  • C:\Windows\system32\NOTEPAD.EXE
                                                                    "C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\AppData\Local\Temp\Temp1_Malware-Collection-master.zip\Malware-Collection-master\h3wroKeylogger\h3wroKeylogger.cpp
                                                                    2⤵
                                                                      PID:5584
                                                                  • C:\Windows\system32\OpenWith.exe
                                                                    C:\Windows\system32\OpenWith.exe -Embedding
                                                                    1⤵
                                                                    • Modifies registry class
                                                                    • Suspicious use of SetWindowsHookEx
                                                                    PID:5328
                                                                  • C:\Windows\system32\OpenWith.exe
                                                                    C:\Windows\system32\OpenWith.exe -Embedding
                                                                    1⤵
                                                                    • Modifies registry class
                                                                    • Suspicious behavior: GetForegroundWindowSpam
                                                                    • Suspicious use of SetWindowsHookEx
                                                                    PID:3408
                                                                    • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
                                                                      "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" "C:\Users\Admin\Downloads\AdAvenger.7z"
                                                                      2⤵
                                                                      • System Location Discovery: System Language Discovery
                                                                      • Checks processor information in registry
                                                                      • Modifies Internet Explorer settings
                                                                      • Suspicious use of SetWindowsHookEx
                                                                      PID:5332
                                                                      • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
                                                                        "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --backgroundcolor=16514043
                                                                        3⤵
                                                                        • System Location Discovery: System Language Discovery
                                                                        PID:3372
                                                                        • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
                                                                          "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=45B1A74F5C76FAC5A127DE5EF20452C5 --mojo-platform-channel-handle=1752 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2
                                                                          4⤵
                                                                          • System Location Discovery: System Language Discovery
                                                                          PID:4344
                                                                        • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
                                                                          "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=renderer --disable-browser-side-navigation --disable-gpu-compositing --service-pipe-token=863604298C1B2F1378C387B903ACCE10 --lang=en-US --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --disable-accelerated-video-decode --service-request-channel-token=863604298C1B2F1378C387B903ACCE10 --renderer-client-id=2 --mojo-platform-channel-handle=1776 --allow-no-sandbox-job /prefetch:1
                                                                          4⤵
                                                                          • System Location Discovery: System Language Discovery
                                                                          PID:2952
                                                                        • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
                                                                          "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=A449879E45350510A98115C8DB272DEC --mojo-platform-channel-handle=2340 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2
                                                                          4⤵
                                                                          • System Location Discovery: System Language Discovery
                                                                          PID:2144
                                                                        • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
                                                                          "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=3C725BA911B09E336E8B3AAFBD04FCD8 --mojo-platform-channel-handle=2320 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2
                                                                          4⤵
                                                                          • System Location Discovery: System Language Discovery
                                                                          PID:2208
                                                                        • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
                                                                          "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=F20ACD71A845246B18FF7E62EC767F8F --mojo-platform-channel-handle=1824 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2
                                                                          4⤵
                                                                          • System Location Discovery: System Language Discovery
                                                                          PID:5900
                                                                  • C:\Windows\System32\CompPkgSrv.exe
                                                                    C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                    1⤵
                                                                      PID:5592

                                                                    Network

                                                                          MITRE ATT&CK Enterprise v15

                                                                          Replay Monitor

                                                                          Loading Replay Monitor...

                                                                          Downloads

                                                                          • C:\Users\Admin\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Cache\data_1

                                                                            Filesize

                                                                            264KB

                                                                            MD5

                                                                            33bf4cbc6bce2a2b9e6fac98b047a519

                                                                            SHA1

                                                                            0f278ffebed9f2a24c4f151785d8b3078f82c707

                                                                            SHA256

                                                                            0d360f50cfd4739d96ea019114fc2714b201609680aa12d1cd5d3a022561d5aa

                                                                            SHA512

                                                                            a0e2e02f945acd860f7df064f3c8485db9fa40e7537e9b09141b3b37f6ff79ce8b20c1318d9f2ff23ca953e9f1e5f099c92188c4469a6f5ca42a06746da2c005

                                                                          • C:\Users\Admin\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Visited Links

                                                                            Filesize

                                                                            128KB

                                                                            MD5

                                                                            9fd8347cd0f29a8a1f4d3ea65a9e5c1a

                                                                            SHA1

                                                                            2ff1d7e2954d932098fc0dc5345f5fe58ae2cb4f

                                                                            SHA256

                                                                            73fbbc2be6f745b28822bc55b58bb75674a2ae66e6cca287d5567f2612492a02

                                                                            SHA512

                                                                            2f0f3e4e29966466ce8be08e6f43e91ec59485e014a7d31c420c2aa29841c842bb88dc230f79928a10345227e4ebfe85f9b0f0197e49eac6492775cec1210e42

                                                                          • C:\Users\Admin\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages

                                                                            Filesize

                                                                            36KB

                                                                            MD5

                                                                            b30d3becc8731792523d599d949e63f5

                                                                            SHA1

                                                                            19350257e42d7aee17fb3bf139a9d3adb330fad4

                                                                            SHA256

                                                                            b1b77e96279ead2b460de3de70e2ea4f5ad1b853598a4e27a5caf3f1a32cc4f3

                                                                            SHA512

                                                                            523f54895fb07f62b9a5f72c8b62e83d4d9506bda57b183818615f6eb7286e3b9c5a50409bc5c5164867c3ccdeae88aa395ecca6bc7e36d991552f857510792e

                                                                          • C:\Users\Admin\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages

                                                                            Filesize

                                                                            56KB

                                                                            MD5

                                                                            752a1f26b18748311b691c7d8fc20633

                                                                            SHA1

                                                                            c1f8e83eebc1cc1e9b88c773338eb09ff82ab862

                                                                            SHA256

                                                                            111dac2948e4cecb10b0d2e10d8afaa663d78d643826b592d6414a1fd77cc131

                                                                            SHA512

                                                                            a2f5f262faf2c3e9756da94b2c47787ce3a9391b5bd53581578aa9a764449e114836704d6dec4aadc097fed4c818831baa11affa1eb25be2bfad9349bb090fe5

                                                                          • C:\Users\Admin\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages

                                                                            Filesize

                                                                            64KB

                                                                            MD5

                                                                            be432571b22120e9150bc7246556963b

                                                                            SHA1

                                                                            45acf73144fdf54ad446dda8086bcceaa8ba2625

                                                                            SHA256

                                                                            12d6c5dbcf969954240dcd8902925bad5f60b1ce5bebec32922d973f8872d3a8

                                                                            SHA512

                                                                            c1f7759c99ecc9433d3963f28c0eb46b81d345b127e668adbcd51b6f11dea94a543ae164228084b756bacbf69fd2bade864b704ce43dc3001b8061ac117d6e20

                                                                          • C:\Users\Admin\AppData\Local\Adobe\Acrobat\DC\IconCacheRdr65536.dat

                                                                            Filesize

                                                                            145KB

                                                                            MD5

                                                                            0ca92e00a9ce4375a3638046691b4bc9

                                                                            SHA1

                                                                            5a157e36bc4f2d9e92603360272114bdc0c05a6f

                                                                            SHA256

                                                                            d4438f7c878c75f83cb468efcf7c34f76c7db8e04a90a40314785addf2227151

                                                                            SHA512

                                                                            bf22570e1899f239c117a4e3bd1f46f6e656ee3615490c45157c8dfc18bc3021f6b7a75afba908c2c31850c4f5db7fb56e08059eeb36552720a7aa5d9f7c23c7

                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

                                                                            Filesize

                                                                            649B

                                                                            MD5

                                                                            1cc1ad5a8e7c773e807f448db1d89ccb

                                                                            SHA1

                                                                            4321645dd473abad6a808788a26a781a19000d63

                                                                            SHA256

                                                                            d5c02cc99e2cbce6c65ae9d575e35a0d61c29f078e185f97b4fb49019c299446

                                                                            SHA512

                                                                            bc9e5fbeaeb4a496ba46dc1f5c40dd8403ad4cebfdaaa3ba0484a9d89941a6ee03692bffe9a2cfb0cb62c520511f9b5ac88811e1d2e179578d98b85f56f16bf9

                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000e

                                                                            Filesize

                                                                            71KB

                                                                            MD5

                                                                            2d5b452e2c8c483d5a93f7764f3c27e3

                                                                            SHA1

                                                                            bf8cf58de6e58871a5eaa9bab052a1750a9cef61

                                                                            SHA256

                                                                            0d4caa8036947c4d1e0a21c46bf6de7913237d581c6a9e53ced77fb377de0046

                                                                            SHA512

                                                                            8750a7ce771731d1870b9d569a9f3df0faa67eb707d4f64171db069198b11b3254dd2bc50db061560ace5988603102cb0d5350118cce58f8e03a8f95acc1d4aa

                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001b

                                                                            Filesize

                                                                            78KB

                                                                            MD5

                                                                            b53fd19b0503aac0dc4862ea79a3631e

                                                                            SHA1

                                                                            0be49e4562c5f2f41e02ddd60a1f0262a0292b26

                                                                            SHA256

                                                                            491367e10aae3c105c4ee2fb546d22856155703985ad005a4b6c0b0d2289bd04

                                                                            SHA512

                                                                            b92efff8fd5ba178ac0143b61f0a42986084de783cb5e7500356f9ff1620cf9959b39fa3d111c57bb2a0a93e89cef095ac19e33303e2c1ec152517a509b3463b

                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002d

                                                                            Filesize

                                                                            16KB

                                                                            MD5

                                                                            58795165fd616e7533d2fee408040605

                                                                            SHA1

                                                                            577e9fb5de2152fec8f871064351a45c5333f10e

                                                                            SHA256

                                                                            e6f9e1b930326284938dc4e85d6fdb37e394f98e269405b9d0caa96b214de26e

                                                                            SHA512

                                                                            b97d15c2c5ceee748a724f60568438edf1e9d1d3857e5ca233921ec92686295a3f48d2c908ff5572f970b7203ea386cf30c69afe9b5e2f10825879cd0d06f5f6

                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

                                                                            Filesize

                                                                            2KB

                                                                            MD5

                                                                            944b81ee3a10f8c1c3c33caad0b7a278

                                                                            SHA1

                                                                            497d9634222a4aee20939c79d763bbcc1efb3ea9

                                                                            SHA256

                                                                            2cfd8b6a3e522d52c14c64bae4be506330e8bdd7c5f1d560abc252ba82612d3e

                                                                            SHA512

                                                                            bda8190432ef8fccf59d014b33a83acc4b3d5a18d93f51d090cbbc95713a865922d263c8aeb720168e9793259983dac0e2938c6b13a7c0aec0171ec45df746b6

                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

                                                                            Filesize

                                                                            3KB

                                                                            MD5

                                                                            393f2a387fa29b342dcc1d1fc09864c0

                                                                            SHA1

                                                                            5a474128273efb15d5a2e9ac0f0df5a918caae43

                                                                            SHA256

                                                                            e2f0a91c9da2699c2c77a97081a1d49f9a3e83ecbce08c35855c89e8d907de96

                                                                            SHA512

                                                                            ff24a77c8ed884df197d720f63d32ecbb61385f6869f187bc6839e6712c7709ed6ecbf45ceb936486ef2c601f5fef678656db2ce4cc82a51d7bed6e3663d449b

                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

                                                                            Filesize

                                                                            3KB

                                                                            MD5

                                                                            b72c57ed25f788418f655c2a2ca23a9a

                                                                            SHA1

                                                                            7b135044edd6af046ecc33ebb341101f9c3df715

                                                                            SHA256

                                                                            c0df909a841c560f328537361adc8740235d5256d9528a444d2fc19c07050725

                                                                            SHA512

                                                                            24b21e2483fc88056b71459603dfdf680ea142fd394b656caf284727f3b32f3f17b889e472524979e79d67c28d56539d59dd8799a8e10baacab84fee114b4be5

                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.89.1_0\_locales\en_CA\messages.json

                                                                            Filesize

                                                                            851B

                                                                            MD5

                                                                            07ffbe5f24ca348723ff8c6c488abfb8

                                                                            SHA1

                                                                            6dc2851e39b2ee38f88cf5c35a90171dbea5b690

                                                                            SHA256

                                                                            6895648577286002f1dc9c3366f558484eb7020d52bbf64a296406e61d09599c

                                                                            SHA512

                                                                            7ed2c8db851a84f614d5daf1d5fe633bd70301fd7ff8a6723430f05f642ceb3b1ad0a40de65b224661c782ffcec69d996ebe3e5bb6b2f478181e9a07d8cd41f6

                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.89.1_0\dasherSettingSchema.json

                                                                            Filesize

                                                                            854B

                                                                            MD5

                                                                            4ec1df2da46182103d2ffc3b92d20ca5

                                                                            SHA1

                                                                            fb9d1ba3710cf31a87165317c6edc110e98994ce

                                                                            SHA256

                                                                            6c69ce0fe6fab14f1990a320d704fee362c175c00eb6c9224aa6f41108918ca6

                                                                            SHA512

                                                                            939d81e6a82b10ff73a35c931052d8d53d42d915e526665079eeb4820df4d70f1c6aebab70b59519a0014a48514833fefd687d5a3ed1b06482223a168292105d

                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

                                                                            Filesize

                                                                            6KB

                                                                            MD5

                                                                            d1744627634660ff4bdc482018e7b51b

                                                                            SHA1

                                                                            0b4279427ab84a7ffcbbd3f85cf9ed691ed231d2

                                                                            SHA256

                                                                            131f1e932aa2b40fe6069564c99701543bc62c8b0629318371c6bede61f1ef90

                                                                            SHA512

                                                                            d86d14eabcbe5edd38275b5e8f9e9344f3cdc611bdca20c10f5b4ce3c82c4ace01948e28d11a34ccd0aa05d269eea79e79f54321012bb4fc9fc11f0b39a92b2c

                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

                                                                            Filesize

                                                                            8KB

                                                                            MD5

                                                                            a60f0430b7ba7531a237ee14c04b3cc3

                                                                            SHA1

                                                                            2e10371f8482b927e85713c56bcbf9819954dc15

                                                                            SHA256

                                                                            3fdaa17288aa422b89768c898c8d469062d4e24ff1cb2a09cf3337c90782c839

                                                                            SHA512

                                                                            bf371fbd48a132816c7428780bd8f51364c55fc8ceffedf28f0f4e239ea710ec0a7522905e5894f57876a6b7f419a3d2fc8c217c684a0d8ad68143e4f217f060

                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

                                                                            Filesize

                                                                            2B

                                                                            MD5

                                                                            d751713988987e9331980363e24189ce

                                                                            SHA1

                                                                            97d170e1550eee4afc0af065b78cda302a97674c

                                                                            SHA256

                                                                            4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

                                                                            SHA512

                                                                            b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                            Filesize

                                                                            1KB

                                                                            MD5

                                                                            6b927369343a756346349522d6a2f764

                                                                            SHA1

                                                                            8bf3661a37af92e7b9b03aeac1d503d708681632

                                                                            SHA256

                                                                            3f5b8592bbc155e0db06572f5a9abf22e26573aae771363ab7df3cf95e7b84d8

                                                                            SHA512

                                                                            0665fb6a416aebdd59e4fb0f95a2bc579dca57f9cc331062d78c686da8e2400c68c9a27fa59f0de3332796ff2648aef642099f780eb82000e23153b840b01b5d

                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                            Filesize

                                                                            1KB

                                                                            MD5

                                                                            7def49b2130cd9c1ea86fe2da3996c36

                                                                            SHA1

                                                                            963bddf3fd4d6c4be92904ecdfa37bc0a9b3dcc3

                                                                            SHA256

                                                                            bfe7b04e734cafb6ebd00d37085c6ffa947e75c9b7aa1cf7a3476fcfa23e6efa

                                                                            SHA512

                                                                            e6430161e5dfdcf9ee5245a97cb5b931f065ad72dbcf9db81562e35eaf120751f4735c8178b7e9e43b1ab8dfe53bda4a1961f5df4255d2b01c594843a001104c

                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                            Filesize

                                                                            1KB

                                                                            MD5

                                                                            9c5f50e2dc9d86a1b34e999bd4265197

                                                                            SHA1

                                                                            50be99e3fddd6168cb12de7109aeed08cb26dd87

                                                                            SHA256

                                                                            78a0a7947604d41383815a9441e3dfb0e6c4740d95ad12294157f2dad551d157

                                                                            SHA512

                                                                            397662b78cc485026a13a8605a8d67d803b39b5645bc34fa40ca27fb02bbbd8a790776772efa86ca17811cd4358bd03326fbfa2d630fc7231c4b17a918674dcc

                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                            Filesize

                                                                            1KB

                                                                            MD5

                                                                            91fbcfd3c3311e668371fb714afaabdb

                                                                            SHA1

                                                                            452e27554526bd0b239b9935e8c050f402025269

                                                                            SHA256

                                                                            2dc7721efb6aef631502481d45f3fdac89679dfbd3c0ea5f747dba33a487be93

                                                                            SHA512

                                                                            85dedc0dc8bd45c83e449a0d2012d3b34aab11787c01d9a38783006eea3c471b7c8f65bcd2a685d9ae3be7260250700fedc11e0971cf215f2385c6a1a9f40093

                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                            Filesize

                                                                            1KB

                                                                            MD5

                                                                            96487e1fcc41ee20f944d299a7947ee3

                                                                            SHA1

                                                                            59ac2b02be464d693e0aa28e899bf0afa0a883ee

                                                                            SHA256

                                                                            68b28af345d4f7f5b617c7561a1c56b3b6a632ddbe54707e6ef0edb257439d3c

                                                                            SHA512

                                                                            25a1bf143a6908d1fd07d5f2e959bdbba91e69ce8d4bd04106b56cdd401d029c96c08065ccaeea03060918b0a31125923dea7cfb9f6f79554571a5a0fba00545

                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                            Filesize

                                                                            1KB

                                                                            MD5

                                                                            3498d2e8417a93d4d1b2b9d598c79b90

                                                                            SHA1

                                                                            d61e531f5aaf0cb9a20b04de727949f8c9a0f93b

                                                                            SHA256

                                                                            06af354fce4ff5404eb2feb57c13dc6089fd75cade0e689bcd44f8d8e2ec6dbd

                                                                            SHA512

                                                                            7801032d7fa0e21ce0f7868ed25124823d9028ba7e2afb88bfc37d5c898654607f9097bb728ced73018aa7b1baba247e5b31d6daa2d7891c822178116dabfc29

                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                            Filesize

                                                                            1KB

                                                                            MD5

                                                                            6fff542dce3bc3cb857c0c48fcfeb01b

                                                                            SHA1

                                                                            1152b280ed67fd60826a1fb058dac4c3a70e229a

                                                                            SHA256

                                                                            23902817869905a1067a0e94821eef510fd87e0d2f2c98a3dbc47042e7d624d1

                                                                            SHA512

                                                                            3e4655a5c59f10544ae52c8155b6e0db6f391218386d5c1f9220a9b185b78fa9a56d833063070455713ee2fdaba76684a62627e0a42c27fc3485f799c38bd627

                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                            Filesize

                                                                            1KB

                                                                            MD5

                                                                            5e1f35905217e200ba5b5a4d7366fb76

                                                                            SHA1

                                                                            ae25e6e3bb778f9f80947e91311de7d4ce4cb6f0

                                                                            SHA256

                                                                            2749a51a670922e602033c519aa0b696a139124e8065928eba3c7eca7cec713f

                                                                            SHA512

                                                                            295d2a2411b4e5cf5cf6686cdef21fec51dcb1e4122e1492e4bbe1a1e3cdaf27648e8236b770612f007af1a0495ef29fc2e215e8350d1d1ec9568fea763e66c7

                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                            Filesize

                                                                            1KB

                                                                            MD5

                                                                            d243540dd62c8f4651347c31fc3abb55

                                                                            SHA1

                                                                            d1c51c976d8f405b1d8f6db3b9337e4af9565ea3

                                                                            SHA256

                                                                            2a9df8a3d60aabeb54ba376f62aa47e96369244e1942a7cdcbd14a33217770b3

                                                                            SHA512

                                                                            4b77481636b3c262e440c289d718b3308d08a436bdd72f6b78ad67fcc4764a0da976b1fd6f54c68a0473c5ad7508d1d684bb79075e0575630acb8daa72d64e74

                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                            Filesize

                                                                            524B

                                                                            MD5

                                                                            027c8e5edbcc648099e21a3185593159

                                                                            SHA1

                                                                            838ba3d8602ca5c9b15cae10399f33415a95b71f

                                                                            SHA256

                                                                            650fc6f9c7def1eabc59613009bf143df4b45a885f93d24cbb260eccc0bc95db

                                                                            SHA512

                                                                            247b1fd477c591c0329f01ce180e482e52441b1a0985e6ffe7d042246f8f85f4e3d26160f9c0aff933648f1d4f23dc62ad585ef0a0edc00974d7d75e2085d442

                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                            Filesize

                                                                            524B

                                                                            MD5

                                                                            1d89de8f4502fbf0317ef08c4c6f8051

                                                                            SHA1

                                                                            1a7261bc81b56bd2bd2be6147bfdadbc7153be5b

                                                                            SHA256

                                                                            474031fcf6142ff585d057def8e1ee034e96c35fb05a2c899b57160666715c0b

                                                                            SHA512

                                                                            a54f6dd36a0afb00903d53d208ffe13276803edb2c10c75a59e80ff1965455f0410f32b6140e55fa96faaa05dfca95706296875e7a81119ab7bb64bcd5209015

                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                            Filesize

                                                                            1KB

                                                                            MD5

                                                                            5563cc0477b2fbbfe643eaa2bedc6357

                                                                            SHA1

                                                                            2b17fb9be3cbedc81112b38074e48775dce1b0a1

                                                                            SHA256

                                                                            9bc49e5a8efc01691366a762b52f22567333a995994bed339e3f743b4efea422

                                                                            SHA512

                                                                            c25a9a3f082d130144e1903e9dce61d31a7a246554326ba5a036fad662428316bf293ec3696be9131f5690b060f6817353c82963350381956f0704c9399efa1a

                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                            Filesize

                                                                            11KB

                                                                            MD5

                                                                            56bfe35bc0ea825a10c245a37b302fc2

                                                                            SHA1

                                                                            572a19b84423626d00292e2f19188f23451e07a9

                                                                            SHA256

                                                                            b11ec29c54c05dc8786438dac3a5afa16d79d2ea0c95f021b29a6136f61e3ea4

                                                                            SHA512

                                                                            3fb7f97bb70388bf69616486e1f549c912e7882728493032a9f3afd7f679a6fa8e0b9b234adc30fa5e1c6ad516d9fd180b0398b0b51715b7c30cf76026277cfd

                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                            Filesize

                                                                            10KB

                                                                            MD5

                                                                            6ad5866015cc3f706318f46021771d0f

                                                                            SHA1

                                                                            75591006acbd4c25009b42e1dca118605d111439

                                                                            SHA256

                                                                            06a9d494a79970ee503dd825891443c08908c244eac91025394dccd2e091353d

                                                                            SHA512

                                                                            d638ae11676f5bac112d4ebfb4609d6fa75aebeba7a588a4627acb497b4080bf82dcd5b704d0993d20a8424b977f03480be80d297388badd702da9d572094082

                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                            Filesize

                                                                            10KB

                                                                            MD5

                                                                            ac6be5fee805bf25d8a613690e69b329

                                                                            SHA1

                                                                            9aa4afca6cfe53f6201feb7e2f6d8c99d0ecf2e1

                                                                            SHA256

                                                                            b47281f7b1b8b7c2dc6c775fd715d8b6829c64cca1101b09238d628500b3ec4b

                                                                            SHA512

                                                                            9162ad9cc1cc4a4c1ec406b0b78eea80a02a87182d27661b124454222f0c9920986a65951bdf1b53bc8ce79b7a622bedbae522c0eba2d8280410312c4a5d79bb

                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                            Filesize

                                                                            10KB

                                                                            MD5

                                                                            8e4e02adbababcf1aac0919d5efafe79

                                                                            SHA1

                                                                            195427d1bbecf64b3e0e271e30e78ef7277df243

                                                                            SHA256

                                                                            acedf4bcc3a7cb688ae11be193f9a1697304e7aa55d28d00c07a785f1c0f3097

                                                                            SHA512

                                                                            d486d4828151619f0071a2325890dae0b47e589768ffdb15f7a7695aced4acaeff5fc4fd5eb19b158d0e6265de605002a69611a99cb5e60c2a36dbd3ad16fb95

                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                            Filesize

                                                                            10KB

                                                                            MD5

                                                                            883bf48d7146a2d87b0ad86ce33d7d10

                                                                            SHA1

                                                                            3138701a17736831886bffddc82ef7015408d929

                                                                            SHA256

                                                                            888b537290eadb428222e9aad5b4b1f2194eb88a6381e0a6b505a36d098da57e

                                                                            SHA512

                                                                            17ee91f59fdfce60e589e75a9bc7e62267dae345de33af887d9b679fb05ac94cfa69fa935ac215f58c29e781b958cafecd3086ee988f1affac127cd3fc4895dc

                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                            Filesize

                                                                            10KB

                                                                            MD5

                                                                            4e3fa64a63f0592cdbd1bf717bb653fa

                                                                            SHA1

                                                                            ad119831d320a69bafe9594737f24eb050ab5195

                                                                            SHA256

                                                                            5df86e6cbdc19aa692e03fac3eba1fe2c47248f250a0fbc7ab7ef20cc34f34ef

                                                                            SHA512

                                                                            cf178b2632cbb0fc90d54b2ca763f87a29efd5210146c488f9edc305627d488959bd32f7a6c007a8587de1cbf9aa6875409c2754beff226c2539b9d3792ec627

                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                            Filesize

                                                                            11KB

                                                                            MD5

                                                                            d1c3df9a39b7688ffe7b77b03d6a7f41

                                                                            SHA1

                                                                            641e32a62a452954bd3188bd85ffe0841055a436

                                                                            SHA256

                                                                            b70ee358473ff7dcb7473a336dceda70423fe35d4621577408a6f6b685846692

                                                                            SHA512

                                                                            087f8fe20612d5126a5a6820625d8c57cd0e7deeea05e45d722be47ff4741aac4d66da458d0b0bc1d82c7e45b71a677613606c9cb949227c929c8cbfb9db475d

                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                            Filesize

                                                                            11KB

                                                                            MD5

                                                                            b783cbb3b9b60afbcd8b8bb095bfb66c

                                                                            SHA1

                                                                            fa2b0c8d5bd83e253143bd97afbf7a53e68d6a9d

                                                                            SHA256

                                                                            3bda1a6c81b3f8c01c7aa844423d45e4bf1b70a1704380b3ad9f2958b955cbfb

                                                                            SHA512

                                                                            2bdaf80b022c330777005d13461d111f914f699e2e243f812eab26b18571e01899ddff6c6b4f2c0fff60d2aa1dcbe03a8867c698265c0160d90b20a5c2aba688

                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                            Filesize

                                                                            11KB

                                                                            MD5

                                                                            011ae5174069bbeca3d00f4fc1f0d854

                                                                            SHA1

                                                                            4591e7108a8b509ee1d7fe0a0e33768aa824b397

                                                                            SHA256

                                                                            2469a5cba72056281a64c02d7992cdd0c6247a44dbbc25f72f69d06d73075a30

                                                                            SHA512

                                                                            c8b49270c381fcdb5dd5a950174f638292cb9041cbde4b4edfa0bac4cc1bfd8c22a79d87be836e71c7df4861702e6e9b97f6ed521571620ee3af66a54dedfe1c

                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                            Filesize

                                                                            11KB

                                                                            MD5

                                                                            fc5e283c0bb41a4aabcdb6b306f13fba

                                                                            SHA1

                                                                            91ac4bbb99342c49c639723900ee5e5c84c571f4

                                                                            SHA256

                                                                            5c6a594fd72a044832f83e03615e42ce793d6a8479bc3511d485e454d0ab2b31

                                                                            SHA512

                                                                            66e9e551b92ed4b4855d03292c4415b768a85f2274c1c0d54a1668822e496d931051c4bd0021be13a03470825f431fb620977684ec5fcd174ebce769b0d561c3

                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                            Filesize

                                                                            9KB

                                                                            MD5

                                                                            570a6cadcc8c905025dfd29756be175c

                                                                            SHA1

                                                                            f79e9fcb9f0dd3096a4c04e50d28dbdc9712a5c1

                                                                            SHA256

                                                                            5d914f49581d7c761e7a4f0884e3cd78d90a39c58eee360142df656b45b30508

                                                                            SHA512

                                                                            0e9b74bcb59ad194e6c2d3b93f9549c277fe6d6502e87ad381f300626eaceb8a35e3a4b500a07f4e63152988bec3e1ad34d839ed59dc8d1b0f47ff5eff6a34f1

                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                            Filesize

                                                                            9KB

                                                                            MD5

                                                                            586abc9bd1a36fc4efbaa0a20efa8084

                                                                            SHA1

                                                                            51d789a84aa057c721158576b29f79cba099ca65

                                                                            SHA256

                                                                            c9f7219df6ce1a624c5cc1f5922b10ff0c5449f953182f24b3605159e973e503

                                                                            SHA512

                                                                            19e0eb871ba23b4233e426d563076bd3c64c5545bb4f43b74c8651879143cf368ea70941fe30d979e9d5f26f61e4cce047d0d0edb20957b935037dfcba70af45

                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                            Filesize

                                                                            11KB

                                                                            MD5

                                                                            a22b7c7e662174655f04651b9d75374e

                                                                            SHA1

                                                                            745fa340e6ebc0cee8f13f721f16b427a6049cc4

                                                                            SHA256

                                                                            9301667207a57e409a35be189a1901adc572f5c2042f94c6f934d14826b6d752

                                                                            SHA512

                                                                            a76c6b904d0d215d2f2b9a3e3838e2ff33657c7a3bf992a5d5a6de0e39d68e7fde82006e182c82b3e6dac6175748732cf1d4a4c6264c4626dad9eb70ab988681

                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

                                                                            Filesize

                                                                            15KB

                                                                            MD5

                                                                            9bc2cb90c09c282b77ea603e8271917b

                                                                            SHA1

                                                                            01066da71cfc0915b99f6486b7f9230933b7e932

                                                                            SHA256

                                                                            2dc16f3fdca4f53588714d8131d6be3513afafbd0c036e6660a1d6e3678d272f

                                                                            SHA512

                                                                            10728fc37562b555d03b0a38a5ef2168655cfd577babde123091ca242c50cedf03de043b53e8cb0d81fb7f1964ce1518200a4b48b402ebf7234c218e4321bf7e

                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

                                                                            Filesize

                                                                            72B

                                                                            MD5

                                                                            25ae05dc17eebcd962080c683a68ae81

                                                                            SHA1

                                                                            0d53d77e544a661b2830071dc8b40bf84ca18f3f

                                                                            SHA256

                                                                            a96db893446a49883e0c2d61548d9ac359719bec4fc50daa46ad7e4ad5c56439

                                                                            SHA512

                                                                            decf0d9cfff506893a8bf2029d7a9f26e18425f012b3352dc2fdeef81e1f8ee145ee79f5d95a99b122b3296130e316711b3f21b34346a12f824cd89d221a69ed

                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                                                            Filesize

                                                                            246KB

                                                                            MD5

                                                                            64fb39429ed036c1f5e534de8a4b18af

                                                                            SHA1

                                                                            51e5f0a8cfe99fb292b96b065233514252e101dc

                                                                            SHA256

                                                                            0370321a561aba939541897e09654503aef383c3bf3ce15ab6e0c8eeeb89a688

                                                                            SHA512

                                                                            b93e12b9b608ea9dbd8f9ae4885f5cf80f9ba4a753e40725fcd8801d1ae3e626ee501a2e2c4fdb87ca10ce9f1a398aeacd54fadbef150bf734a3d3aa8bfd1830

                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                                                            Filesize

                                                                            246KB

                                                                            MD5

                                                                            0677527e7dd7e26df2ff0c8f14b40f8b

                                                                            SHA1

                                                                            4ee4bfeb1ea39267f559c2eb489f102bcd0e9cd9

                                                                            SHA256

                                                                            16b1db1dcd416b7bae2485270d621cd8eae549456ef4e5c9925c5b9951846223

                                                                            SHA512

                                                                            cc387d76c2cbbb5149de9999b3d8417eff000178c2bffb6e964927e22825f2d8c8de24abccee075fd33f3f3bf7a508d07463b95af35911194f3976ff9171419b

                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                                                            Filesize

                                                                            246KB

                                                                            MD5

                                                                            1aa6766c2200294d509c3687e60eef4f

                                                                            SHA1

                                                                            766bf64727700466bc8bdc8ca61715ebe8aa7776

                                                                            SHA256

                                                                            b1ab0f5310469334e65153b71f17c13e7d9d89ee09d42058220d6a5ea933287e

                                                                            SHA512

                                                                            f94d9ed3d33ac4e6261d1fed27025998500a5eb921d507622183bba038114ca982c5038e6c73c3e7b6256488bcd6152b5d5891bee3d52faa0a8cdc2dfcb1ffb9

                                                                          • C:\Users\Admin\AppData\Local\Temp\scoped_dir3984_666995327\0f79f875-7bd9-4339-a1f1-80c256bec0e3.tmp

                                                                            Filesize

                                                                            150KB

                                                                            MD5

                                                                            eae462c55eba847a1a8b58e58976b253

                                                                            SHA1

                                                                            4d7c9d59d6ae64eb852bd60b48c161125c820673

                                                                            SHA256

                                                                            ebcda644bcfbd0c9300227bafde696e8923ddb004b4ee619d7873e8a12eae2ad

                                                                            SHA512

                                                                            494481a98ab6c83b16b4e8d287d85ba66499501545da45458acc395da89955971cf2a14e83c2da041c79c580714b92b9409aa14017a16d0b80a7ff3d91bad2a3

                                                                          • C:\Users\Admin\AppData\Local\Temp\scoped_dir3984_666995327\CRX_INSTALL\_locales\en_CA\messages.json

                                                                            Filesize

                                                                            711B

                                                                            MD5

                                                                            558659936250e03cc14b60ebf648aa09

                                                                            SHA1

                                                                            32f1ce0361bbfdff11e2ffd53d3ae88a8b81a825

                                                                            SHA256

                                                                            2445cad863be47bb1c15b57a4960b7b0d01864e63cdfde6395f3b2689dc1444b

                                                                            SHA512

                                                                            1632f5a3cd71887774bf3cb8a4d8b787ea6278271657b0f1d113dbe1a7fd42c4daa717cc449f157ce8972037572b882dc946a7dc2c0e549d71982dcdee89f727

                                                                          • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\DC\Security\ES_session_store

                                                                            Filesize

                                                                            10KB

                                                                            MD5

                                                                            7d5eea2bc08404769727ff19916bf404

                                                                            SHA1

                                                                            a6a81ad9e7e4e0cb62dd4ac772873eac53725c63

                                                                            SHA256

                                                                            4a28c0a1a61401b25191389ef71183512728043a2b4f6a85231527d7c6cf38e6

                                                                            SHA512

                                                                            160e010fc33116c4c2911fef773ea7ab01232b2fa4357b149dd45fdc29f0bd0d4996e24241f1dd1cd8cf18bda3e3d4127c034f88b1b5175463e57d84076b1d0c

                                                                          • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\DC\Security\ES_session_storei

                                                                            Filesize

                                                                            23KB

                                                                            MD5

                                                                            0903d2576c9289eac97155ec15b78bba

                                                                            SHA1

                                                                            b926920a71ca43ebf894e030849772aa87ce88d2

                                                                            SHA256

                                                                            4e9ef4f8ab3832c8344e8e786cc80fec861424289bb5f0551a613ee646e39bc1

                                                                            SHA512

                                                                            5308a97aea0a5f9b2056985c38d2568463d65a5e186cb4ef082e0c2da4fd59dded140c1ec11ae79071cb77cf1d1379926c9f889db968c6a752bd2b760331c4e8

                                                                          • C:\Users\Admin\Downloads\AdAvenger.7z

                                                                            Filesize

                                                                            1.8MB

                                                                            MD5

                                                                            e14cbe0b65036e79f88ee69a2f8048a0

                                                                            SHA1

                                                                            01540cf29bb393db24410148573fa475e2897634

                                                                            SHA256

                                                                            e786a78f9661409445668d8171d9729b461b34c0c3e9de5f16b070f2f793ec80

                                                                            SHA512

                                                                            d93e9e3360986f673e701ad7d45984660115e38d777e7e18a9e29b28a4bb01278d7665b04f13ff0257300431447f7e45c7d221e57f87f57123e88309a3a81f57

                                                                          • C:\Users\Admin\Downloads\Hitler Ransomware.7z

                                                                            Filesize

                                                                            151KB

                                                                            MD5

                                                                            57ab6fac72212a42d48a2024e23b9070

                                                                            SHA1

                                                                            f03b05b999b775c84fedd1c1db2928b245d5f850

                                                                            SHA256

                                                                            d93c5575fb40311e66d94ec47de9f67a9740ab295a81b40cc07bd83cfd932706

                                                                            SHA512

                                                                            90e48850949866341baf1a72aa37e3d7d5973ef6543e39b5cdcac7209662794220f4f65ff22ea2e1d8ed29beae3aaa8de4ea6e139a22c319232dd0ad93fa20cf