Analysis Overview
SHA256
c384e89427865e119db4daf18c2c225b951a4cd07dbff92b65caf68c2a95ace0
Threat Level: Known bad
The file ReShade_Setup_6.5.1.exe was found to be: Known bad.
Malicious Activity Summary
PureCrypter
Ramnit family
Purecrypter family
Ramnit
Downloads MZ/PE file
Event Triggered Execution: Component Object Model Hijacking
Executes dropped EXE
Loads dropped DLL
Checks installed software on the system
Enumerates processes with tasklist
UPX packed file
Drops file in Windows directory
Drops file in Program Files directory
Subvert Trust Controls: Mark-of-the-Web Bypass
Enumerates physical storage devices
Browser Information Discovery
System Location Discovery: System Language Discovery
Program crash
Suspicious use of FindShellTrayWindow
Checks SCSI registry key(s)
Modifies data under HKEY_USERS
Suspicious use of WriteProcessMemory
Runs net.exe
Delays execution with timeout.exe
Suspicious behavior: GetForegroundWindowSpam
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of SendNotifyMessage
Enumerates system info in registry
Kills process with taskkill
Modifies registry class
NTFS ADS
Suspicious use of AdjustPrivilegeToken
Suspicious use of SetWindowsHookEx
Suspicious behavior: EnumeratesProcesses
Suspicious use of UnmapMainImage
MITRE ATT&CK
Enterprise Matrix V16
Analysis: static1
Detonation Overview
Reported
2025-07-04 18:22
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2025-07-04 18:22
Reported
2025-07-04 18:51
Platform
win11-20250619-en
Max time kernel
1711s
Max time network
1714s
Command Line
Signatures
PureCrypter
Purecrypter family
Ramnit
Ramnit family
Downloads MZ/PE file
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Event Triggered Execution: Component Object Model Hijacking
Executes dropped EXE
Loads dropped DLL
Checks installed software on the system
Enumerates processes with tasklist
UPX packed file
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Program Files\7-Zip\readme.txt | C:\Users\Admin\Downloads\7z2409-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\7z.dll | C:\Users\Admin\Downloads\7z2409-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\fy.txt | C:\Users\Admin\Downloads\7z2409-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\hy.txt | C:\Users\Admin\Downloads\7z2409-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ku-ckb.txt | C:\Users\Admin\Downloads\7z2409-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\mk.txt | C:\Users\Admin\Downloads\7z2409-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\mr.txt | C:\Users\Admin\Downloads\7z2409-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\nb.txt | C:\Users\Admin\Downloads\7z2409-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\sl.txt | C:\Users\Admin\Downloads\7z2409-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\va.txt | C:\Users\Admin\Downloads\7z2409-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\kab.txt | C:\Users\Admin\Downloads\7z2409-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\descript.ion | C:\Users\Admin\Downloads\7z2409-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\be.txt | C:\Users\Admin\Downloads\7z2409-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\bg.txt | C:\Users\Admin\Downloads\7z2409-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ca.txt | C:\Users\Admin\Downloads\7z2409-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\hr.txt | C:\Users\Admin\Downloads\7z2409-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ka.txt | C:\Users\Admin\Downloads\7z2409-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\si.txt | C:\Users\Admin\Downloads\7z2409-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ast.txt | C:\Users\Admin\Downloads\7z2409-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\eo.txt | C:\Users\Admin\Downloads\7z2409-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\io.txt | C:\Users\Admin\Downloads\7z2409-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ko.txt | C:\Users\Admin\Downloads\7z2409-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ms.txt | C:\Users\Admin\Downloads\7z2409-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\sr-spl.txt | C:\Users\Admin\Downloads\7z2409-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\tk.txt | C:\Users\Admin\Downloads\7z2409-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\tt.txt | C:\Users\Admin\Downloads\7z2409-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\eu.txt | C:\Users\Admin\Downloads\7z2409-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\hu.txt | C:\Users\Admin\Downloads\7z2409-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\mng2.txt | C:\Users\Admin\Downloads\7z2409-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\nn.txt | C:\Users\Admin\Downloads\7z2409-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\pl.txt | C:\Users\Admin\Downloads\7z2409-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\sw.txt | C:\Users\Admin\Downloads\7z2409-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Uninstall.exe | C:\Users\Admin\Downloads\7z2409-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ar.txt | C:\Users\Admin\Downloads\7z2409-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\co.txt | C:\Users\Admin\Downloads\7z2409-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\hi.txt | C:\Users\Admin\Downloads\7z2409-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\id.txt | C:\Users\Admin\Downloads\7z2409-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ja.txt | C:\Users\Admin\Downloads\7z2409-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\af.txt | C:\Users\Admin\Downloads\7z2409-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\cs.txt | C:\Users\Admin\Downloads\7z2409-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ga.txt | C:\Users\Admin\Downloads\7z2409-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ru.txt | C:\Users\Admin\Downloads\7z2409-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\uz-cyrl.txt | C:\Users\Admin\Downloads\7z2409-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\7z.exe | C:\Users\Admin\Downloads\7z2409-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\fur.txt | C:\Users\Admin\Downloads\7z2409-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\it.txt | C:\Users\Admin\Downloads\7z2409-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ro.txt | C:\Users\Admin\Downloads\7z2409-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\sk.txt | C:\Users\Admin\Downloads\7z2409-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\th.txt | C:\Users\Admin\Downloads\7z2409-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\7-zip.dll | C:\Users\Admin\Downloads\7z2409-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\bn.txt | C:\Users\Admin\Downloads\7z2409-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\fi.txt | C:\Users\Admin\Downloads\7z2409-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\gl.txt | C:\Users\Admin\Downloads\7z2409-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\ku.txt | C:\Users\Admin\Downloads\7z2409-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\nl.txt | C:\Users\Admin\Downloads\7z2409-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\tg.txt | C:\Users\Admin\Downloads\7z2409-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\zh-cn.txt | C:\Users\Admin\Downloads\7z2409-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\License.txt | C:\Users\Admin\Downloads\7z2409-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\7-zip.chm | C:\Users\Admin\Downloads\7z2409-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\an.txt | C:\Users\Admin\Downloads\7z2409-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\gu.txt | C:\Users\Admin\Downloads\7z2409-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\Lang\pt-br.txt | C:\Users\Admin\Downloads\7z2409-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\7z.sfx | C:\Users\Admin\Downloads\7z2409-x64.exe | N/A |
| File opened for modification | C:\Program Files\7-Zip\7zFM.exe | C:\Users\Admin\Downloads\7z2409-x64.exe | N/A |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\SystemTemp | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Subvert Trust Controls: Mark-of-the-Web Bypass
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\7z2409-x64.exe:Zone.Identifier | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Browser Information Discovery
Enumerates physical storage devices
Program crash
System Location Discovery: System Language Discovery
Checks SCSI registry key(s)
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_WDC&PROD_WDS100T2B0A\4&215468A5&0&000000 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\ConfigFlags | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_DADY&PROD_HL-DT-ST_DVD+-RW\4&215468A5&0&010000 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_DADY&Prod_HL-DT-ST_DVD+-RW\4&215468a5&0&010000\ConfigFlags | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Delays execution with timeout.exe
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\timeout.exe | N/A |
| N/A | N/A | C:\Windows\system32\timeout.exe | N/A |
| N/A | N/A | C:\Windows\system32\timeout.exe | N/A |
| N/A | N/A | C:\Windows\system32\timeout.exe | N/A |
| N/A | N/A | C:\Windows\system32\timeout.exe | N/A |
| N/A | N/A | C:\Windows\system32\timeout.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Kills process with taskkill
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\taskkill.exe | N/A |
| N/A | N/A | C:\Windows\system32\taskkill.exe | N/A |
| N/A | N/A | C:\Windows\system32\taskkill.exe | N/A |
| N/A | N/A | C:\Windows\system32\taskkill.exe | N/A |
| N/A | N/A | C:\Windows\system32\taskkill.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133961269604725651" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3972667009-3658015838-2693993929-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:PID = "0" | C:\Windows\system32\OpenWith.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3972667009-3658015838-2693993929-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\1\MRUListEx = ffffffff | C:\Windows\system32\OpenWith.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3972667009-3658015838-2693993929-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\Shell\SniffedFolderType = "Generic" | C:\Windows\system32\OpenWith.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3972667009-3658015838-2693993929-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1" | C:\Windows\system32\OpenWith.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3972667009-3658015838-2693993929-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\LogicalViewMode = "1" | C:\Windows\system32\OpenWith.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3972667009-3658015838-2693993929-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupView = "0" | C:\Windows\system32\OpenWith.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3972667009-3658015838-2693993929-1000_Classes\.ps1\ = "ps1_auto_file" | C:\Windows\system32\OpenWith.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3972667009-3658015838-2693993929-1000_Classes\.sh | C:\Windows\system32\OpenWith.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3972667009-3658015838-2693993929-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:FMTID = "{00000000-0000-0000-0000-000000000000}" | C:\Windows\system32\OpenWith.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\7-Zip\ = "{23170F69-40C1-278A-1000-000100020000}" | C:\Users\Admin\Downloads\7z2409-x64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32\ = "C:\\Program Files\\7-Zip\\7-zip32.dll" | C:\Users\Admin\Downloads\7z2409-x64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000} | C:\Users\Admin\Downloads\7z2409-x64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\7-Zip | C:\Users\Admin\Downloads\7z2409-x64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Directory\shellex\DragDropHandlers\7-Zip\ = "{23170F69-40C1-278A-1000-000100020000}" | C:\Users\Admin\Downloads\7z2409-x64.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3972667009-3658015838-2693993929-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\1\NodeSlot = "2" | C:\Windows\system32\OpenWith.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3972667009-3658015838-2693993929-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Mode = "4" | C:\Windows\system32\OpenWith.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3972667009-3658015838-2693993929-1000_Classes\Local Settings | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Drive\shellex\DragDropHandlers\7-Zip\ = "{23170F69-40C1-278A-1000-000100020000}" | C:\Users\Admin\Downloads\7z2409-x64.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3972667009-3658015838-2693993929-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\MRUListEx = 0100000000000000ffffffff | C:\Windows\system32\OpenWith.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4336a54d-038b-4685-ab02-99bb52d3fb8b}\Instance\ | C:\Windows\system32\OpenWith.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3972667009-3658015838-2693993929-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupView = "0" | C:\Windows\system32\OpenWith.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3972667009-3658015838-2693993929-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1092616257" | C:\Windows\system32\OpenWith.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3972667009-3658015838-2693993929-1000_Classes\Applications | C:\Windows\system32\OpenWith.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3972667009-3658015838-2693993929-1000_Classes\Applications\7z.exe | C:\Windows\system32\OpenWith.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32 | C:\Users\Admin\Downloads\7z2409-x64.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3972667009-3658015838-2693993929-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 02 | C:\Windows\system32\OpenWith.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3972667009-3658015838-2693993929-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 0202 | C:\Windows\system32\OpenWith.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3972667009-3658015838-2693993929-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\Instance\ | C:\Windows\system32\OpenWith.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3972667009-3658015838-2693993929-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\1\MRUListEx = 00000000ffffffff | C:\Windows\system32\OpenWith.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3972667009-3658015838-2693993929-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\1\0\MRUListEx = ffffffff | C:\Windows\system32\OpenWith.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3972667009-3658015838-2693993929-1000_Classes\Applications\7z.exe\shell | C:\Windows\system32\OpenWith.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3972667009-3658015838-2693993929-1000_Classes\Applications\7z.exe\shell\open | C:\Windows\system32\OpenWith.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{23170F69-40C1-278A-1000-000100020000}\ = "7-Zip Shell Extension" | C:\Users\Admin\Downloads\7z2409-x64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Folder\ShellEx\ContextMenuHandlers\7-Zip\ = "{23170F69-40C1-278A-1000-000100020000}" | C:\Users\Admin\Downloads\7z2409-x64.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3972667009-3658015838-2693993929-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Mappings\S-1-15-2-620072444-2846605723-1118207114-1642104096-81213792-2370344205-2712285428 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3972667009-3658015838-2693993929-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1" | C:\Windows\system32\OpenWith.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3972667009-3658015838-2693993929-1000_Classes\Local Settings | C:\Windows\system32\OpenWith.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3972667009-3658015838-2693993929-1000_Classes\Local Settings | C:\Windows\system32\OpenWith.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3972667009-3658015838-2693993929-1000_Classes\ps1_auto_file\shell\open\command | C:\Windows\system32\OpenWith.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3972667009-3658015838-2693993929-1000_Classes\sh_auto_file\shell\open\command | C:\Windows\system32\OpenWith.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32\ = "C:\\Program Files\\7-Zip\\7-zip.dll" | C:\Users\Admin\Downloads\7z2409-x64.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3972667009-3658015838-2693993929-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Mappings\S-1-15-2-620072444-2846605723-1118207114-1642104096-81213792-2370344205-2712285428\Children | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3972667009-3658015838-2693993929-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU | C:\Windows\system32\OpenWith.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3972667009-3658015838-2693993929-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2 | C:\Windows\system32\OpenWith.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3972667009-3658015838-2693993929-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7} | C:\Windows\system32\OpenWith.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3972667009-3658015838-2693993929-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\IconSize = "16" | C:\Windows\system32\OpenWith.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3972667009-3658015838-2693993929-1000_Classes\ૈ翾 | C:\Windows\system32\OpenWith.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3972667009-3658015838-2693993929-1000_Classes\Local Settings | C:\Windows\system32\OpenWith.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3972667009-3658015838-2693993929-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell | C:\Windows\system32\OpenWith.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3972667009-3658015838-2693993929-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\Shell\SniffedFolderType = "Generic" | C:\Windows\system32\OpenWith.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3972667009-3658015838-2693993929-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a0000001001000030f125b7ef471a10a5f102608c9eebac0e0000009000000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000 | C:\Windows\system32\OpenWith.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3972667009-3658015838-2693993929-1000_Classes\.ps1 | C:\Windows\system32\OpenWith.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3972667009-3658015838-2693993929-1000_Classes\𨄄ʨ\ = "ps1_auto_file" | C:\Windows\system32\OpenWith.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3972667009-3658015838-2693993929-1000_Classes\ﶆﰀꍜ退턀㔄ʨ\ = "ps1_auto_file" | C:\Windows\system32\OpenWith.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3972667009-3658015838-2693993929-1000_Classes\sh_auto_file | C:\Windows\system32\OpenWith.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3972667009-3658015838-2693993929-1000_Classes\湁啎 耀 | C:\Windows\system32\OpenWith.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32\ThreadingModel = "Apartment" | C:\Users\Admin\Downloads\7z2409-x64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\7-Zip\ = "{23170F69-40C1-278A-1000-000100020000}" | C:\Users\Admin\Downloads\7z2409-x64.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3972667009-3658015838-2693993929-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0a00000001000000 | C:\Windows\system32\OpenWith.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3972667009-3658015838-2693993929-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg | C:\Windows\system32\OpenWith.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3972667009-3658015838-2693993929-1000_Classes\湁啎 耀\ = "sh_auto_file" | C:\Windows\system32\OpenWith.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3972667009-3658015838-2693993929-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\LogicalViewMode = "1" | C:\Windows\system32\OpenWith.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32 | C:\Users\Admin\Downloads\7z2409-x64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\7-Zip | C:\Users\Admin\Downloads\7z2409-x64.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\e7355ef74b876ed4626a3929704248d36fc4b59a2c75f24f98f7ad64ec171c34.zip:Zone.Identifier | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\7z2409-x64.exe:Zone.Identifier | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\AppSuite-PDF.msi:Zone.Identifier | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Five Nights At Freddys.7z:Zone.Identifier | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\OPTIMIZAR%20ROBLOX.zip:Zone.Identifier | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\869d7bedc22424a8007fdfa76a135f1213518d355f1458e9bb9590e5cc853565.zip:Zone.Identifier | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\cf5d70bc2f2964f3bc07b6d6bdf73afec2eae99234a71322493184261dd5782d.zip:Zone.Identifier | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\3f61bcf9c3e8eda19e85cd3aedf42acd2e1fb87bb23ab221f9532d398dfad6b9.zip:Zone.Identifier | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Runs net.exe
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\OpenWith.exe | N/A |
| N/A | N/A | C:\Windows\system32\OpenWith.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\Five Nights At Freddys\Five Nights At Freddy's\fnafdata\FNAF1.exe | N/A |
| N/A | N/A | C:\Windows\system32\OpenWith.exe | N/A |
| N/A | N/A | C:\Windows\system32\OpenWith.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
Suspicious use of UnmapMainImage
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\ReShade_Setup_6.5.1.exe
"C:\Users\Admin\AppData\Local\Temp\ReShade_Setup_6.5.1.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=133.0.6943.60 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffde4a9dcf8,0x7ffde4a9dd04,0x7ffde4a9dd10
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --field-trial-handle=1972,i,17538127434136164475,12197937570006189356,262144 --variations-seed-version=20250618-180047.684000 --mojo-platform-channel-handle=1960 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --field-trial-handle=2260,i,17538127434136164475,12197937570006189356,262144 --variations-seed-version=20250618-180047.684000 --mojo-platform-channel-handle=2312 /prefetch:11
C:\Program Files\Google\Chrome\Application\133.0.6943.60\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\133.0.6943.60\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --field-trial-handle=2384,i,17538127434136164475,12197937570006189356,262144 --variations-seed-version=20250618-180047.684000 --mojo-platform-channel-handle=2400 /prefetch:13
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3216,i,17538127434136164475,12197937570006189356,262144 --variations-seed-version=20250618-180047.684000 --mojo-platform-channel-handle=3268 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3224,i,17538127434136164475,12197937570006189356,262144 --variations-seed-version=20250618-180047.684000 --mojo-platform-channel-handle=3288 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --extension-process --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4232,i,17538127434136164475,12197937570006189356,262144 --variations-seed-version=20250618-180047.684000 --mojo-platform-channel-handle=4268 /prefetch:9
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=4696,i,17538127434136164475,12197937570006189356,262144 --variations-seed-version=20250618-180047.684000 --mojo-platform-channel-handle=4652 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5264,i,17538127434136164475,12197937570006189356,262144 --variations-seed-version=20250618-180047.684000 --mojo-platform-channel-handle=5284 /prefetch:14
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5508,i,17538127434136164475,12197937570006189356,262144 --variations-seed-version=20250618-180047.684000 --mojo-platform-channel-handle=5524 /prefetch:14
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=5272,i,17538127434136164475,12197937570006189356,262144 --variations-seed-version=20250618-180047.684000 --mojo-platform-channel-handle=5520 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=4532,i,17538127434136164475,12197937570006189356,262144 --variations-seed-version=20250618-180047.684000 --mojo-platform-channel-handle=5532 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=3612,i,17538127434136164475,12197937570006189356,262144 --variations-seed-version=20250618-180047.684000 --mojo-platform-channel-handle=5652 /prefetch:14
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=3532,i,17538127434136164475,12197937570006189356,262144 --variations-seed-version=20250618-180047.684000 --mojo-platform-channel-handle=5584 /prefetch:14
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=3600,i,17538127434136164475,12197937570006189356,262144 --variations-seed-version=20250618-180047.684000 --mojo-platform-channel-handle=3332 /prefetch:14
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=3560,i,17538127434136164475,12197937570006189356,262144 --variations-seed-version=20250618-180047.684000 --mojo-platform-channel-handle=3696 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=4468,i,17538127434136164475,12197937570006189356,262144 --variations-seed-version=20250618-180047.684000 --mojo-platform-channel-handle=4256 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=4196,i,17538127434136164475,12197937570006189356,262144 --variations-seed-version=20250618-180047.684000 --mojo-platform-channel-handle=4836 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=5912,i,17538127434136164475,12197937570006189356,262144 --variations-seed-version=20250618-180047.684000 --mojo-platform-channel-handle=5948 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --field-trial-handle=5868,i,17538127434136164475,12197937570006189356,262144 --variations-seed-version=20250618-180047.684000 --mojo-platform-channel-handle=3900 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --field-trial-handle=6380,i,17538127434136164475,12197937570006189356,262144 --variations-seed-version=20250618-180047.684000 --mojo-platform-channel-handle=6360 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --field-trial-handle=6524,i,17538127434136164475,12197937570006189356,262144 --variations-seed-version=20250618-180047.684000 --mojo-platform-channel-handle=6548 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --field-trial-handle=5616,i,17538127434136164475,12197937570006189356,262144 --variations-seed-version=20250618-180047.684000 --mojo-platform-channel-handle=5896 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --field-trial-handle=6692,i,17538127434136164475,12197937570006189356,262144 --variations-seed-version=20250618-180047.684000 --mojo-platform-channel-handle=6676 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --field-trial-handle=6860,i,17538127434136164475,12197937570006189356,262144 --variations-seed-version=20250618-180047.684000 --mojo-platform-channel-handle=6844 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --field-trial-handle=7048,i,17538127434136164475,12197937570006189356,262144 --variations-seed-version=20250618-180047.684000 --mojo-platform-channel-handle=7064 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --field-trial-handle=7200,i,17538127434136164475,12197937570006189356,262144 --variations-seed-version=20250618-180047.684000 --mojo-platform-channel-handle=7256 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --field-trial-handle=7296,i,17538127434136164475,12197937570006189356,262144 --variations-seed-version=20250618-180047.684000 --mojo-platform-channel-handle=7324 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --field-trial-handle=6452,i,17538127434136164475,12197937570006189356,262144 --variations-seed-version=20250618-180047.684000 --mojo-platform-channel-handle=6660 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --field-trial-handle=7544,i,17538127434136164475,12197937570006189356,262144 --variations-seed-version=20250618-180047.684000 --mojo-platform-channel-handle=7516 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --string-annotations --gpu-preferences=UAAAAAAAAADoAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAABCAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --field-trial-handle=6608,i,17538127434136164475,12197937570006189356,262144 --variations-seed-version=20250618-180047.684000 --mojo-platform-channel-handle=7236 /prefetch:10
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --field-trial-handle=6596,i,17538127434136164475,12197937570006189356,262144 --variations-seed-version=20250618-180047.684000 --mojo-platform-channel-handle=7696 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --field-trial-handle=7176,i,17538127434136164475,12197937570006189356,262144 --variations-seed-version=20250618-180047.684000 --mojo-platform-channel-handle=7384 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --field-trial-handle=4612,i,17538127434136164475,12197937570006189356,262144 --variations-seed-version=20250618-180047.684000 --mojo-platform-channel-handle=7036 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --field-trial-handle=7668,i,17538127434136164475,12197937570006189356,262144 --variations-seed-version=20250618-180047.684000 --mojo-platform-channel-handle=7616 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --field-trial-handle=6888,i,17538127434136164475,12197937570006189356,262144 --variations-seed-version=20250618-180047.684000 --mojo-platform-channel-handle=6656 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=8032,i,17538127434136164475,12197937570006189356,262144 --variations-seed-version=20250618-180047.684000 --mojo-platform-channel-handle=7868 /prefetch:14
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Users\Admin\Downloads\7z2409-x64.exe
"C:\Users\Admin\Downloads\7z2409-x64.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=on_device_model.mojom.OnDeviceModelService --lang=en-US --service-sandbox-type=on_device_model_execution --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5856,i,17538127434136164475,12197937570006189356,262144 --variations-seed-version=20250618-180047.684000 --mojo-platform-channel-handle=5820 /prefetch:14
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --field-trial-handle=6520,i,17538127434136164475,12197937570006189356,262144 --variations-seed-version=20250618-180047.684000 --mojo-platform-channel-handle=7332 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --field-trial-handle=7744,i,17538127434136164475,12197937570006189356,262144 --variations-seed-version=20250618-180047.684000 --mojo-platform-channel-handle=7036 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=7236,i,17538127434136164475,12197937570006189356,262144 --variations-seed-version=20250618-180047.684000 --mojo-platform-channel-handle=7896 /prefetch:12
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x00000000000004EC 0x00000000000004E4
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalService -p -s NPSMSvc
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=8156,i,17538127434136164475,12197937570006189356,262144 --variations-seed-version=20250618-180047.684000 --mojo-platform-channel-handle=8168 /prefetch:14
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --field-trial-handle=8016,i,17538127434136164475,12197937570006189356,262144 --variations-seed-version=20250618-180047.684000 --mojo-platform-channel-handle=7240 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --field-trial-handle=8020,i,17538127434136164475,12197937570006189356,262144 --variations-seed-version=20250618-180047.684000 --mojo-platform-channel-handle=7656 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --field-trial-handle=8320,i,17538127434136164475,12197937570006189356,262144 --variations-seed-version=20250618-180047.684000 --mojo-platform-channel-handle=7184 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --field-trial-handle=7344,i,17538127434136164475,12197937570006189356,262144 --variations-seed-version=20250618-180047.684000 --mojo-platform-channel-handle=8184 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --field-trial-handle=8332,i,17538127434136164475,12197937570006189356,262144 --variations-seed-version=20250618-180047.684000 --mojo-platform-channel-handle=8140 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=8700,i,17538127434136164475,12197937570006189356,262144 --variations-seed-version=20250618-180047.684000 --mojo-platform-channel-handle=8712 /prefetch:14
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=8628,i,17538127434136164475,12197937570006189356,262144 --variations-seed-version=20250618-180047.684000 --mojo-platform-channel-handle=7328 /prefetch:14
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=8860,i,17538127434136164475,12197937570006189356,262144 --variations-seed-version=20250618-180047.684000 --mojo-platform-channel-handle=8940 /prefetch:14
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
C:\Program Files\7-Zip\7z.exe
"C:\Program Files\7-Zip\7z.exe" "C:\Users\Admin\Downloads\Five Nights At Freddys.7z"
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
C:\Program Files\7-Zip\7z.exe
"C:\Program Files\7-Zip\7z.exe" "C:\Users\Admin\Downloads\Five Nights At Freddys.7z"
C:\Program Files\7-Zip\7z.exe
"C:\Program Files\7-Zip\7z.exe" "C:\Users\Admin\Downloads\Five Nights At Freddys.7z"
C:\Program Files\7-Zip\7z.exe
"C:\Program Files\7-Zip\7z.exe" "C:\Users\Admin\Downloads\Five Nights At Freddys.7z"
C:\Program Files\7-Zip\7z.exe
"C:\Program Files\7-Zip\7z.exe" "C:\Users\Admin\Downloads\Five Nights At Freddys.7z"
C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\Five Nights At Freddys\" -ad -an -ai#7zMap13381:104:7zEvent17003
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\Downloads\Five Nights At Freddys\Five Nights At Freddy's\1-FNAFS.bat" "
C:\Windows\system32\cacls.exe
"C:\Windows\system32\cacls.exe" "C:\Windows\system32\config\system"
C:\Users\Admin\Downloads\Five Nights At Freddys\Five Nights At Freddy's\fnafdata\FNAF1.exe
"FNAF1.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "FNAF1.exe"
C:\Windows\system32\timeout.exe
timeout /t 15 /nobreak
C:\Windows\system32\taskkill.exe
taskkill /f /im mmc.exe
C:\Windows\system32\taskkill.exe
taskkill /f /im MicrosoftEdgeUpdate.exe
C:\Windows\system32\taskkill.exe
taskkill /f /im onedrive.exe
C:\Windows\system32\taskkill.exe
taskkill /f /im jusched.exe
C:\Windows\system32\taskkill.exe
taskkill /f /im SearchApp.exe
C:\Windows\system32\net.exe
net stop XboxNetApiSvc
C:\Windows\system32\net1.exe
C:\Windows\system32\net1 stop XboxNetApiSvc
C:\Windows\system32\net.exe
net stop XblAuthManager
C:\Windows\system32\net1.exe
C:\Windows\system32\net1 stop XblAuthManager
C:\Windows\system32\net.exe
net stop SecurityHealthService
C:\Windows\system32\net1.exe
C:\Windows\system32\net1 stop SecurityHealthService
C:\Windows\system32\net.exe
net stop uxsms
C:\Windows\system32\net1.exe
C:\Windows\system32\net1 stop uxsms
C:\Windows\system32\net.exe
net stop wuauserv
C:\Windows\system32\net1.exe
C:\Windows\system32\net1 stop wuauserv
C:\Windows\system32\net.exe
net stop SysMain
C:\Windows\system32\net1.exe
C:\Windows\system32\net1 stop SysMain
C:\Windows\system32\net.exe
net stop WSearch
C:\Windows\system32\net1.exe
C:\Windows\system32\net1 stop WSearch
C:\Windows\system32\net.exe
net stop Themes
C:\Windows\system32\net1.exe
C:\Windows\system32\net1 stop Themes
C:\Windows\system32\net.exe
net stop DiagTrack
C:\Windows\system32\net1.exe
C:\Windows\system32\net1 stop DiagTrack
C:\Windows\system32\net.exe
net stop DusmSvc
C:\Windows\system32\net1.exe
C:\Windows\system32\net1 stop DusmSvc
C:\Windows\system32\net.exe
net stop UsoSvc
C:\Windows\system32\net1.exe
C:\Windows\system32\net1 stop UsoSvc
C:\Windows\system32\net.exe
net stop WDefender
C:\Windows\system32\net1.exe
C:\Windows\system32\net1 stop WDefender
C:\Windows\system32\net.exe
net stop mpssvc
C:\Windows\system32\net1.exe
C:\Windows\system32\net1 stop mpssvc
C:\Windows\System32\Wbem\WMIC.exe
wmic process where name="GTA5.exe" CALL setpriority "32768"
C:\Windows\System32\Wbem\WMIC.exe
wmic process where name="audiodg.exe" CALL setpriority "64"
C:\Windows\System32\Wbem\WMIC.exe
wmic process where name="svchost.exe" CALL setpriority "64"
C:\Windows\System32\Wbem\WMIC.exe
wmic process where name="csrss.exe" CALL setpriority "64"
C:\Windows\System32\Wbem\WMIC.exe
wmic process where name="winlogon.exe" CALL setpriority "64"
C:\Windows\System32\Wbem\WMIC.exe
wmic process where name="dwm.exe" CALL setpriority "64"
C:\Windows\System32\Wbem\WMIC.exe
wmic process where name="ntoskrnl.exe" CALL setpriority "64"
C:\Windows\system32\timeout.exe
timeout /t 10 /nobreak
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "FNAF1.exe"
C:\Windows\system32\timeout.exe
timeout /t 10 /nobreak
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "FNAF1.exe"
C:\Windows\system32\timeout.exe
timeout /t 10 /nobreak
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "FNAF1.exe"
C:\Windows\system32\timeout.exe
timeout /t 10 /nobreak
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "FNAF1.exe"
C:\Windows\system32\timeout.exe
timeout /t 10 /nobreak
C:\Windows\system32\NOTEPAD.EXE
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Downloads\Five Nights At Freddys\Five Nights At Freddy's\ATENCION!!.txt
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --field-trial-handle=8920,i,17538127434136164475,12197937570006189356,262144 --variations-seed-version=20250618-180047.684000 --mojo-platform-channel-handle=8888 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=7240,i,17538127434136164475,12197937570006189356,262144 --variations-seed-version=20250618-180047.684000 --mojo-platform-channel-handle=7608 /prefetch:14
C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\OPTIMIZAR%20ROBLOX\" -ad -an -ai#7zMap6718:98:7zEvent853
C:\Users\Admin\Downloads\OPTIMIZAR%20ROBLOX\OPTIMIZAR ROBLOX\data\QRes.exe
"C:\Users\Admin\Downloads\OPTIMIZAR%20ROBLOX\OPTIMIZAR ROBLOX\data\QRes.exe"
C:\Users\Admin\Downloads\OPTIMIZAR%20ROBLOX\OPTIMIZAR ROBLOX\data\QRes.exe
"C:\Users\Admin\Downloads\OPTIMIZAR%20ROBLOX\OPTIMIZAR ROBLOX\data\QRes.exe"
C:\Users\Admin\Downloads\OPTIMIZAR%20ROBLOX\OPTIMIZAR ROBLOX\data\QRes.exe
"C:\Users\Admin\Downloads\OPTIMIZAR%20ROBLOX\OPTIMIZAR ROBLOX\data\QRes.exe"
C:\Users\Admin\Downloads\OPTIMIZAR%20ROBLOX\OPTIMIZAR ROBLOX\data\QRes.exe
"C:\Users\Admin\Downloads\OPTIMIZAR%20ROBLOX\OPTIMIZAR ROBLOX\data\QRes.exe"
C:\Users\Admin\Downloads\OPTIMIZAR%20ROBLOX\OPTIMIZAR ROBLOX\data\QRes.exe
"C:\Users\Admin\Downloads\OPTIMIZAR%20ROBLOX\OPTIMIZAR ROBLOX\data\QRes.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\Downloads\OPTIMIZAR%20ROBLOX\OPTIMIZAR ROBLOX\1-Optimizar Roblox.bat" "
C:\Windows\system32\cacls.exe
"C:\Windows\system32\cacls.exe" "C:\Windows\system32\config\system"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\System32\cmd.exe
"C:\Windows\System32\cmd.exe" /C "C:\Users\Admin\Downloads\OPTIMIZAR%20ROBLOX\OPTIMIZAR ROBLOX\1-Optimizar Roblox.bat"
C:\Windows\system32\cacls.exe
"C:\Windows\system32\cacls.exe" "C:\Windows\system32\config\system"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Windows\system32\tasklist.exe
tasklist
C:\Windows\system32\find.exe
find /i "RobloxPlayerBeta.exe"
C:\Users\Admin\Downloads\OPTIMIZAR%20ROBLOX\OPTIMIZAR ROBLOX\data\QRes.exe
"C:\Users\Admin\Downloads\OPTIMIZAR%20ROBLOX\OPTIMIZAR ROBLOX\data\QRes.exe"
C:\Users\Admin\Downloads\OPTIMIZAR%20ROBLOX\OPTIMIZAR ROBLOX\data\QRes.exe
"C:\Users\Admin\Downloads\OPTIMIZAR%20ROBLOX\OPTIMIZAR ROBLOX\data\QRes.exe"
C:\Users\Admin\Downloads\OPTIMIZAR%20ROBLOX\OPTIMIZAR ROBLOX\data\QRes.exe
"C:\Users\Admin\Downloads\OPTIMIZAR%20ROBLOX\OPTIMIZAR ROBLOX\data\QRes.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --field-trial-handle=8172,i,17538127434136164475,12197937570006189356,262144 --variations-seed-version=20250618-180047.684000 --mojo-platform-channel-handle=6572 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --field-trial-handle=8548,i,17538127434136164475,12197937570006189356,262144 --variations-seed-version=20250618-180047.684000 --mojo-platform-channel-handle=4608 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --field-trial-handle=8408,i,17538127434136164475,12197937570006189356,262144 --variations-seed-version=20250618-180047.684000 --mojo-platform-channel-handle=8472 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --field-trial-handle=8680,i,17538127434136164475,12197937570006189356,262144 --variations-seed-version=20250618-180047.684000 --mojo-platform-channel-handle=7128 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --field-trial-handle=7300,i,17538127434136164475,12197937570006189356,262144 --variations-seed-version=20250618-180047.684000 --mojo-platform-channel-handle=7992 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=7776,i,17538127434136164475,12197937570006189356,262144 --variations-seed-version=20250618-180047.684000 --mojo-platform-channel-handle=7096 /prefetch:14
C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\869d7bedc22424a8007fdfa76a135f1213518d355f1458e9bb9590e5cc853565\" -ad -an -ai#7zMap2137:190:7zEvent30393
C:\Users\Admin\Downloads\869d7bedc22424a8007fdfa76a135f1213518d355f1458e9bb9590e5cc853565\869d7bedc22424a8007fdfa76a135f1213518d355f1458e9bb9590e5cc853565.exe
"C:\Users\Admin\Downloads\869d7bedc22424a8007fdfa76a135f1213518d355f1458e9bb9590e5cc853565\869d7bedc22424a8007fdfa76a135f1213518d355f1458e9bb9590e5cc853565.exe"
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 452 -p 4328 -ip 4328
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 4328 -s 300
C:\Users\Admin\Downloads\869d7bedc22424a8007fdfa76a135f1213518d355f1458e9bb9590e5cc853565\869d7bedc22424a8007fdfa76a135f1213518d355f1458e9bb9590e5cc853565.exe
"C:\Users\Admin\Downloads\869d7bedc22424a8007fdfa76a135f1213518d355f1458e9bb9590e5cc853565\869d7bedc22424a8007fdfa76a135f1213518d355f1458e9bb9590e5cc853565.exe"
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 448 -p 5948 -ip 5948
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 5948 -s 236
C:\Users\Admin\Downloads\869d7bedc22424a8007fdfa76a135f1213518d355f1458e9bb9590e5cc853565\869d7bedc22424a8007fdfa76a135f1213518d355f1458e9bb9590e5cc853565.exe
"C:\Users\Admin\Downloads\869d7bedc22424a8007fdfa76a135f1213518d355f1458e9bb9590e5cc853565\869d7bedc22424a8007fdfa76a135f1213518d355f1458e9bb9590e5cc853565.exe"
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 548 -p 5776 -ip 5776
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 5776 -s 196
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --field-trial-handle=7368,i,17538127434136164475,12197937570006189356,262144 --variations-seed-version=20250618-180047.684000 --mojo-platform-channel-handle=8312 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=1436,i,17538127434136164475,12197937570006189356,262144 --variations-seed-version=20250618-180047.684000 --mojo-platform-channel-handle=8848 /prefetch:14
C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\" -an -ai#7zMap22301:190:7zEvent5203
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
C:\Program Files\7-Zip\7z.exe
"C:\Program Files\7-Zip\7z.exe" "C:\Users\Admin\Downloads\e7355ef74b876ed4626a3929704248d36fc4b59a2c75f24f98f7ad64ec171c34.ps1"
C:\Program Files\7-Zip\7z.exe
"C:\Program Files\7-Zip\7z.exe" "C:\Users\Admin\Downloads\e7355ef74b876ed4626a3929704248d36fc4b59a2c75f24f98f7ad64ec171c34.ps1"
C:\Program Files\7-Zip\7z.exe
"C:\Program Files\7-Zip\7z.exe" "C:\Users\Admin\Downloads\e7355ef74b876ed4626a3929704248d36fc4b59a2c75f24f98f7ad64ec171c34.ps1"
C:\Users\Admin\Downloads\869d7bedc22424a8007fdfa76a135f1213518d355f1458e9bb9590e5cc853565\869d7bedc22424a8007fdfa76a135f1213518d355f1458e9bb9590e5cc853565.exe
"C:\Users\Admin\Downloads\869d7bedc22424a8007fdfa76a135f1213518d355f1458e9bb9590e5cc853565\869d7bedc22424a8007fdfa76a135f1213518d355f1458e9bb9590e5cc853565.exe"
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 540 -p 1488 -ip 1488
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 1488 -s 268
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=8864,i,17538127434136164475,12197937570006189356,262144 --variations-seed-version=20250618-180047.684000 --mojo-platform-channel-handle=8816 /prefetch:14
C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\" -an -ai#7zMap2781:190:7zEvent29462
C:\Program Files\7-Zip\7z.exe
"C:\Program Files\7-Zip\7z.exe" "C:\Users\Admin\Downloads\e7355ef74b876ed4626a3929704248d36fc4b59a2c75f24f98f7ad64ec171c34.ps1"
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
C:\Program Files\7-Zip\7z.exe
"C:\Program Files\7-Zip\7z.exe" "C:\Users\Admin\Downloads\cf5d70bc2f2964f3bc07b6d6bdf73afec2eae99234a71322493184261dd5782d.sh"
C:\Program Files\7-Zip\7z.exe
"C:\Program Files\7-Zip\7z.exe" "C:\Users\Admin\Downloads\cf5d70bc2f2964f3bc07b6d6bdf73afec2eae99234a71322493184261dd5782d.sh"
C:\Program Files\7-Zip\7z.exe
"C:\Program Files\7-Zip\7z.exe" "C:\Users\Admin\Downloads\cf5d70bc2f2964f3bc07b6d6bdf73afec2eae99234a71322493184261dd5782d.sh"
C:\Program Files\7-Zip\7z.exe
"C:\Program Files\7-Zip\7z.exe" "C:\Users\Admin\Downloads\e7355ef74b876ed4626a3929704248d36fc4b59a2c75f24f98f7ad64ec171c34.ps1"
C:\Program Files\7-Zip\7z.exe
"C:\Program Files\7-Zip\7z.exe" "C:\Users\Admin\Downloads\e7355ef74b876ed4626a3929704248d36fc4b59a2c75f24f98f7ad64ec171c34.ps1"
C:\Users\Admin\Downloads\869d7bedc22424a8007fdfa76a135f1213518d355f1458e9bb9590e5cc853565\869d7bedc22424a8007fdfa76a135f1213518d355f1458e9bb9590e5cc853565.exe
"C:\Users\Admin\Downloads\869d7bedc22424a8007fdfa76a135f1213518d355f1458e9bb9590e5cc853565\869d7bedc22424a8007fdfa76a135f1213518d355f1458e9bb9590e5cc853565.exe"
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 544 -p 2976 -ip 2976
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 2976 -s 232
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=7672,i,17538127434136164475,12197937570006189356,262144 --variations-seed-version=20250618-180047.684000 --mojo-platform-channel-handle=8396 /prefetch:14
C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\" -an -ai#7zMap28936:190:7zEvent3238
C:\Users\Admin\Desktop\sigma adobe acrobat no virus hehe.exe
"C:\Users\Admin\Desktop\sigma adobe acrobat no virus hehe.exe"
C:\Users\Admin\Desktop\sigma adobe acrobat no virus hehe.exe
"C:\Users\Admin\Desktop\sigma adobe acrobat no virus hehe.exe"
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | api.github.com | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 192.178.223.105:443 | www.google.com | tcp |
| US | 192.178.223.105:443 | www.google.com | tcp |
| US | 192.178.223.105:443 | www.google.com | udp |
| GB | 172.217.169.74:443 | content-autofill.googleapis.com | udp |
| GB | 142.250.117.113:443 | apis.google.com | udp |
| GB | 172.217.169.74:443 | content-autofill.googleapis.com | tcp |
| GB | 172.217.169.74:443 | content-autofill.googleapis.com | udp |
| GB | 142.250.179.238:443 | translate.google.com | udp |
| GB | 142.250.179.238:443 | translate.google.com | tcp |
| GB | 142.250.179.238:443 | translate.google.com | udp |
| GB | 216.58.212.238:443 | clients2.google.com | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| GB | 172.217.169.74:443 | content-autofill.googleapis.com | tcp |
| GB | 172.217.169.74:443 | content-autofill.googleapis.com | udp |
| US | 192.178.223.105:443 | www.google.com | udp |
| GB | 142.250.179.238:443 | translate.google.com | tcp |
| GB | 142.250.179.238:443 | translate.google.com | udp |
| GB | 142.250.200.14:443 | consent.google.com | tcp |
| GB | 172.217.169.46:443 | encrypted-tbn0.gstatic.com | tcp |
| GB | 172.217.169.46:443 | encrypted-tbn0.gstatic.com | tcp |
| GB | 172.217.169.46:443 | encrypted-tbn0.gstatic.com | udp |
| GB | 216.58.201.97:443 | lh3.googleusercontent.com | tcp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 104.21.32.1:443 | optijuegos.net | tcp |
| US | 104.21.32.1:443 | optijuegos.net | tcp |
| GB | 79.127.237.104:443 | fonts.bunny.net | tcp |
| US | 208.93.230.26:443 | ust.chatango.com | tcp |
| GB | 79.127.237.104:443 | fonts.bunny.net | tcp |
| GB | 216.58.212.202:443 | content-autofill.googleapis.com | tcp |
| GB | 142.251.30.95:443 | translate.googleapis.com | tcp |
| GB | 216.58.201.98:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.179.238:443 | play.google.com | tcp |
| GB | 142.250.179.238:443 | play.google.com | udp |
| GB | 142.250.179.238:443 | play.google.com | udp |
| US | 208.93.230.26:443 | ust.chatango.com | tcp |
| US | 208.93.230.26:443 | ust.chatango.com | tcp |
| GB | 216.58.201.98:443 | googleads.g.doubleclick.net | tcp |
| GB | 216.58.201.98:443 | googleads.g.doubleclick.net | tcp |
| US | 208.93.230.28:443 | ust.chatango.com | tcp |
| GB | 216.58.212.202:443 | translate-pa.googleapis.com | tcp |
| US | 208.93.230.158:8081 | s43.chatango.com | tcp |
| GB | 216.58.212.202:443 | translate-pa.googleapis.com | udp |
| GB | 216.58.201.98:443 | googleads.g.doubleclick.net | udp |
| GB | 142.250.200.1:443 | tpc.googlesyndication.com | tcp |
| GB | 142.250.200.1:443 | tpc.googlesyndication.com | tcp |
| GB | 142.250.200.1:443 | tpc.googlesyndication.com | tcp |
| GB | 142.250.200.1:443 | tpc.googlesyndication.com | tcp |
| GB | 142.250.200.1:443 | tpc.googlesyndication.com | tcp |
| GB | 142.250.200.1:443 | tpc.googlesyndication.com | tcp |
| GB | 172.217.16.226:443 | www.googletagservices.com | tcp |
| GB | 142.250.187.194:443 | cm.g.doubleclick.net | tcp |
| GB | 172.217.16.226:443 | www.googletagservices.com | udp |
| US | 192.178.223.132:443 | ep2.adtrafficquality.google | tcp |
| US | 192.178.223.132:443 | ep2.adtrafficquality.google | tcp |
| GB | 172.217.169.36:443 | www.google.com | tcp |
| NL | 139.45.197.107:443 | gizokraijaw.net | tcp |
| US | 172.67.154.171:443 | bvtpk.com | tcp |
| US | 192.178.223.132:443 | ep2.adtrafficquality.google | udp |
| US | 104.18.41.22:443 | my.rtmark.net | tcp |
| NL | 139.45.197.107:443 | gizokraijaw.net | tcp |
| US | 104.21.11.245:443 | tzegilo.com | tcp |
| NL | 139.45.195.252:443 | flerap.com | tcp |
| NL | 139.45.195.252:443 | flerap.com | tcp |
| GB | 142.250.187.194:443 | cm.g.doubleclick.net | udp |
| NL | 139.45.195.9:443 | amt3.com | tcp |
| US | 104.17.151.117:443 | www.mediafire.com | tcp |
| US | 104.17.151.117:443 | www.mediafire.com | tcp |
| GB | 142.250.187.227:443 | beacons.gcp.gvt2.com | tcp |
| US | 104.21.42.32:443 | privacy.gatekeeperconsent.com | tcp |
| GB | 142.250.187.227:443 | beacons.gcp.gvt2.com | tcp |
| GB | 142.250.187.227:443 | beacons.gcp.gvt2.com | tcp |
| GB | 142.250.187.227:443 | beacons.gcp.gvt2.com | tcp |
| US | 104.17.151.117:443 | www.mediafire.com | udp |
| US | 172.67.199.186:443 | privacy.gatekeeperconsent.com | tcp |
| US | 104.22.75.216:443 | btloader.com | tcp |
| GB | 18.154.84.20:443 | cdn.amplitude.com | tcp |
| US | 104.16.79.73:443 | static.cloudflareinsights.com | tcp |
| US | 104.21.63.106:443 | www.ezojs.com | tcp |
| GB | 142.250.179.238:443 | play.google.com | tcp |
| US | 104.26.8.66:443 | econventa.com | tcp |
| US | 172.67.199.186:443 | privacy.gatekeeperconsent.com | udp |
| US | 104.21.42.32:443 | privacy.gatekeeperconsent.com | udp |
| GB | 216.58.212.202:443 | translate-pa.googleapis.com | tcp |
| US | 104.21.42.32:443 | privacy.gatekeeperconsent.com | udp |
| US | 104.22.4.65:443 | ad-delivery.net | tcp |
| US | 104.22.4.65:443 | ad-delivery.net | tcp |
| US | 34.36.200.111:443 | ag.dns-finder.com | tcp |
| GB | 142.251.30.95:443 | translate.googleapis.com | tcp |
| US | 50.112.193.210:443 | api.amplitude.com | tcp |
| FR | 13.37.187.223:443 | g.ezoic.net | tcp |
| US | 104.21.63.106:443 | www.ezojs.com | udp |
| US | 172.67.142.121:443 | go.ezodn.com | tcp |
| US | 172.67.142.121:443 | go.ezodn.com | tcp |
| US | 104.22.75.216:443 | btloader.com | tcp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| GB | 216.58.212.202:443 | translate-pa.googleapis.com | udp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| US | 172.67.142.121:443 | go.ezodn.com | udp |
| FR | 13.37.187.223:443 | g.ezoic.net | tcp |
| GB | 142.250.200.10:443 | translate-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | www.mediafiredls.com | udp |
| US | 104.16.79.73:443 | static.cloudflareinsights.com | tcp |
| US | 104.26.3.173:443 | www.mediafiredls.com | tcp |
| US | 216.239.32.36:443 | region1.google-analytics.com | tcp |
| GB | 142.251.30.94:443 | www.google.co.uk | tcp |
| US | 192.178.223.156:443 | stats.g.doubleclick.net | tcp |
| US | 172.67.38.106:443 | cdn.id5-sync.com | tcp |
| GB | 184.26.57.73:443 | link.rubiconproject.com | tcp |
| GB | 172.217.169.66:443 | securepubads.g.doubleclick.net | tcp |
| US | 52.91.215.149:443 | script-api.ccgateway.net | tcp |
| US | 172.67.142.121:443 | bshr.ezodn.com | tcp |
| GB | 172.217.169.66:443 | securepubads.g.doubleclick.net | udp |
| GB | 172.217.169.66:443 | securepubads.g.doubleclick.net | udp |
| DE | 162.19.138.82:443 | lb.eu-1-id5-sync.com | tcp |
| NL | 79.127.227.46:443 | c3.a-mo.net | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| GB | 87.248.114.12:443 | ups.analytics.yahoo.com | tcp |
| US | 172.67.23.234:443 | id.hadron.ad.gt | tcp |
| US | 34.120.133.55:443 | api.rlcdn.com | tcp |
| IE | 52.19.146.55:443 | id.crwdcntrl.net | tcp |
| US | 35.71.131.137:443 | match.adsrvr.org | tcp |
| US | 172.67.142.121:443 | bshr.ezodn.com | udp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| NL | 79.127.227.46:443 | c3.a-mo.net | tcp |
| DE | 162.19.138.118:443 | lb.eu-1-id5-sync.com | tcp |
| US | 18.212.140.196:443 | script-api.ccgateway.net | tcp |
| GB | 142.250.179.238:443 | play.google.com | udp |
| GB | 142.250.179.238:443 | play.google.com | udp |
| GB | 172.217.169.66:443 | securepubads.g.doubleclick.net | tcp |
| GB | 142.250.187.194:443 | cm.g.doubleclick.net | tcp |
| GB | 18.245.143.83:443 | tags.crwdcntrl.net | tcp |
| GB | 18.245.162.54:443 | connectid.analytics.yahoo.com | tcp |
| US | 34.102.146.192:443 | oa.openxcdn.net | tcp |
| DE | 162.19.138.82:443 | lb.eu-1-id5-sync.com | tcp |
| BE | 18.239.213.76:443 | cdn.prod.uidapi.com | tcp |
| US | 151.101.129.229:443 | cdn.jsdelivr.net | tcp |
| US | 34.96.70.87:443 | invstatic101.creativecdn.com | tcp |
| NL | 178.250.1.39:443 | static.criteo.net | tcp |
| GB | 142.250.179.225:443 | 17ee5325a97aa4c446b1d240484db050.safeframe.googlesyndication.com | tcp |
| DE | 162.19.223.4:443 | lbs.eu-1-id5-sync.com | tcp |
| N/A | 127.0.0.1:443 | tcp | |
| US | 192.178.223.132:443 | ep2.adtrafficquality.google | tcp |
| US | 34.120.107.143:443 | oajs.openx.net | tcp |
| US | 192.178.223.132:443 | ep2.adtrafficquality.google | tcp |
| GB | 172.217.169.36:443 | www.google.com | tcp |
| GB | 142.250.200.1:443 | tpc.googlesyndication.com | tcp |
| GB | 142.250.200.1:443 | tpc.googlesyndication.com | tcp |
| GB | 172.217.169.36:443 | www.google.com | tcp |
| GB | 216.58.212.193:443 | cdn.ampproject.org | tcp |
| GB | 216.58.212.193:443 | cdn.ampproject.org | tcp |
| GB | 216.58.212.193:443 | cdn.ampproject.org | tcp |
| GB | 216.58.212.193:443 | cdn.ampproject.org | tcp |
| GB | 216.58.212.193:443 | cdn.ampproject.org | tcp |
| IE | 34.254.166.34:443 | rtb.gumgum.com | tcp |
| US | 34.120.107.143:443 | oajs.openx.net | udp |
| GB | 142.250.200.1:443 | tpc.googlesyndication.com | udp |
| GB | 172.217.169.36:443 | www.google.com | udp |
| US | 35.244.159.8:443 | google-bidout-d.openx.net | tcp |
| GB | 216.58.201.98:443 | googleads.g.doubleclick.net | tcp |
| NL | 178.250.1.9:443 | dis.eu.criteo.com | tcp |
| GB | 216.58.201.98:443 | googleads.g.doubleclick.net | udp |
| US | 192.178.223.132:443 | tpc.googlesyndication.com | udp |
| DK | 77.243.51.122:443 | uipglob.semasio.net | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| N/A | 127.0.0.1:443 | tcp | |
| DE | 37.252.171.21:443 | ib.adnxs.com | tcp |
| IE | 52.17.201.241:443 | ice.360yield.com | tcp |
| GB | 142.250.187.194:443 | cm.g.doubleclick.net | udp |
| IE | 99.80.100.79:443 | ce.lijit.com | tcp |
| GB | 142.250.187.194:443 | cm.g.doubleclick.net | tcp |
| DE | 91.228.74.166:443 | pixel.quantserve.com | tcp |
| GB | 18.245.187.38:443 | rules.quantcount.com | tcp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| GB | 142.251.30.95:443 | jnn-pa.googleapis.com | udp |
| US | 199.91.155.89:443 | download2348.mediafire.com | tcp |
| US | 199.91.155.89:443 | download2348.mediafire.com | tcp |
| US | 104.26.8.66:443 | econventa.com | tcp |
| US | 104.26.8.66:443 | econventa.com | tcp |
| US | 150.171.28.10:443 | bat.bing.com | tcp |
| GB | 163.70.147.23:443 | connect.facebook.net | tcp |
| GB | 216.58.213.2:443 | td.doubleclick.net | tcp |
| GB | 216.58.213.2:443 | td.doubleclick.net | tcp |
| GB | 142.251.30.94:443 | www.google.co.uk | udp |
| GB | 163.70.147.23:443 | connect.facebook.net | udp |
| US | 104.26.8.66:443 | econventa.com | udp |
| US | 13.107.246.64:443 | www.clarity.ms | tcp |
| GB | 163.70.147.35:443 | www.facebook.com | tcp |
| GB | 163.70.147.35:443 | www.facebook.com | tcp |
| GB | 163.70.147.35:443 | www.facebook.com | tcp |
| IE | 13.74.129.1:443 | c.clarity.ms | tcp |
| US | 104.26.8.66:80 | econventa.com | tcp |
| US | 104.26.8.66:80 | econventa.com | tcp |
| US | 13.225.239.91:443 | woreppercomming.com | tcp |
| US | 172.67.141.135:443 | www.chancial.com | tcp |
| DE | 18.194.54.143:443 | www.opera.com | tcp |
| GB | 172.217.169.78:443 | www.googleoptimize.com | tcp |
| GB | 2.22.104.208:443 | cdn-production-opera-website.operacdn.com | tcp |
| GB | 2.22.104.208:443 | cdn-production-opera-website.operacdn.com | tcp |
| GB | 2.22.104.208:443 | cdn-production-opera-website.operacdn.com | tcp |
| GB | 2.22.104.208:443 | cdn-production-opera-website.operacdn.com | tcp |
| GB | 2.22.104.208:443 | cdn-production-opera-website.operacdn.com | tcp |
| GB | 2.22.104.208:443 | cdn-production-opera-website.operacdn.com | tcp |
| GB | 2.22.104.208:443 | cdn-production-opera-website.operacdn.com | tcp |
| US | 216.239.32.36:443 | region1.analytics.google.com | tcp |
| DE | 18.194.54.143:443 | www.opera.com | tcp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| GB | 216.58.201.98:443 | googleads.g.doubleclick.net | udp |
| GB | 142.250.200.1:443 | tpc.googlesyndication.com | udp |
| GB | 172.217.169.36:443 | www.google.com | udp |
| GB | 172.217.169.74:443 | content-autofill.googleapis.com | udp |
| GB | 172.217.169.66:443 | securepubads.g.doubleclick.net | udp |
| GB | 142.250.179.238:443 | play.google.com | udp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| GB | 172.217.169.74:443 | content-autofill.googleapis.com | udp |
| GB | 172.217.169.46:443 | www.youtube.com | udp |
| GB | 216.58.201.110:443 | www.youtube.com | udp |
| GB | 216.58.201.110:443 | www.youtube.com | tcp |
| GB | 216.58.201.110:443 | www.youtube.com | udp |
| GB | 142.250.179.238:443 | play.google.com | udp |
| GB | 142.250.178.22:443 | i.ytimg.com | tcp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| GB | 216.58.201.98:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.200.38:443 | static.doubleclick.net | tcp |
| GB | 142.250.140.95:443 | jnn-pa.googleapis.com | tcp |
| GB | 142.250.140.95:443 | jnn-pa.googleapis.com | udp |
| GB | 142.250.179.238:443 | play.google.com | tcp |
| GB | 142.250.179.238:443 | play.google.com | tcp |
| GB | 142.250.200.1:443 | tpc.googlesyndication.com | udp |
| DE | 49.12.202.237:443 | www.7-zip.org | tcp |
| DE | 49.12.202.237:443 | www.7-zip.org | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 185.199.109.133:443 | objects.githubusercontent.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| GB | 142.250.187.227:443 | beacons.gcp.gvt2.com | udp |
| GB | 142.250.187.227:443 | beacons.gcp.gvt2.com | tcp |
| GB | 34.105.225.79:443 | e2c15.gcp.gvt2.com | tcp |
| GB | 172.217.169.66:443 | securepubads.g.doubleclick.net | udp |
| GB | 142.250.187.227:443 | beacons.gcp.gvt2.com | tcp |
| GB | 142.251.30.94:443 | www.google.co.uk | udp |
| GB | 142.250.200.35:443 | beacons.gvt2.com | tcp |
| US | 216.239.34.36:443 | region1.analytics.google.com | udp |
| GB | 142.250.187.227:443 | beacons.gcp.gvt2.com | tcp |
| PL | 34.0.245.166:443 | e2c73.gcp.gvt2.com | tcp |
| GB | 142.250.187.227:443 | beacons.gcp.gvt2.com | udp |
| GB | 142.250.200.35:443 | beacons.gvt2.com | tcp |
| GB | 142.250.200.1:443 | tpc.googlesyndication.com | udp |
| GB | 142.250.187.227:443 | beacons.gcp.gvt2.com | udp |
| GB | 142.250.187.238:443 | www.youtube.com | tcp |
| US | 192.178.223.105:443 | www.google.com | udp |
| GB | 216.58.201.98:443 | googleads.g.doubleclick.net | udp |
| US | 216.239.34.36:443 | region1.analytics.google.com | udp |
| US | 104.17.151.117:443 | www.mediafire.com | udp |
| GB | 163.70.147.35:443 | www.facebook.com | tcp |
| GB | 142.250.200.1:443 | tpc.googlesyndication.com | udp |
| GB | 142.250.187.227:443 | beacons.gcp.gvt2.com | udp |
| BE | 18.239.208.127:443 | pdfmeta.com | tcp |
| BE | 18.239.208.127:443 | pdfmeta.com | tcp |
| US | 104.18.14.11:443 | app.termly.io | tcp |
| US | 13.225.239.13:443 | content.pdfmeta.com | tcp |
| US | 13.225.239.13:443 | content.pdfmeta.com | tcp |
| US | 13.225.239.13:443 | content.pdfmeta.com | tcp |
| GB | 172.217.16.234:443 | content-autofill.googleapis.com | tcp |
| US | 104.18.14.11:443 | app.termly.io | udp |
| US | 104.18.14.11:443 | app.termly.io | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | tcp |
| US | 104.18.31.234:443 | us.consent.api.termly.io | tcp |
| US | 104.18.31.234:443 | us.consent.api.termly.io | udp |
| GB | 216.58.213.2:443 | td.doubleclick.net | tcp |
| US | 192.178.223.156:443 | stats.g.doubleclick.net | tcp |
| US | 192.178.223.104:443 | www.google.com | tcp |
| GB | 142.250.140.156:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.251.30.94:443 | www.google.co.uk | tcp |
| US | 192.178.223.104:443 | www.google.com | udp |
| US | 34.54.30.30:443 | publickeyservice.pa.gcp.privacysandboxservices.com | tcp |
| GB | 18.154.84.82:443 | publickeyservice.pa.aws.privacysandboxservices.com | tcp |
| US | 216.239.34.36:443 | region1.analytics.google.com | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| US | 192.178.223.156:443 | stats.g.doubleclick.net | udp |
| GB | 142.251.30.94:443 | www.google.co.uk | udp |
| GB | 142.250.187.227:443 | beacons.gcp.gvt2.com | tcp |
| TW | 35.206.197.180:443 | e2c31.gcp.gvt2.com | tcp |
| TW | 35.206.197.180:443 | e2c31.gcp.gvt2.com | tcp |
| GB | 142.250.200.35:443 | beacons.gvt2.com | tcp |
| GB | 172.217.169.66:443 | securepubads.g.doubleclick.net | udp |
| GB | 142.251.30.94:443 | www.google.co.uk | udp |
| GB | 142.250.187.238:443 | www.youtube.com | udp |
| GB | 216.58.213.2:443 | td.doubleclick.net | udp |
| GB | 163.70.147.35:443 | www.facebook.com | udp |
| US | 150.171.28.10:443 | bat.bing.com | tcp |
| GB | 142.250.140.156:443 | googleads.g.doubleclick.net | udp |
| US | 192.178.223.105:443 | www.google.com | udp |
| GB | 142.250.187.227:443 | beacons.gcp.gvt2.com | udp |
| GB | 142.250.187.227:443 | beacons.gcp.gvt2.com | udp |
| GB | 142.250.187.227:443 | beacons.gcp.gvt2.com | tcp |
| GB | 142.250.187.227:443 | beacons.gcp.gvt2.com | udp |
| GB | 142.250.187.227:443 | beacons.gcp.gvt2.com | udp |
| GB | 142.250.187.227:443 | beacons.gcp.gvt2.com | udp |
| GB | 142.250.187.227:443 | beacons.gcp.gvt2.com | udp |
| US | 192.178.223.132:443 | tpc.googlesyndication.com | udp |
| GB | 172.217.169.66:443 | securepubads.g.doubleclick.net | udp |
| GB | 172.217.169.66:443 | securepubads.g.doubleclick.net | udp |
| FR | 13.37.187.223:443 | g.ezoic.net | tcp |
| US | 192.178.223.104:443 | www.google.com | udp |
| US | 216.239.34.36:443 | region1.analytics.google.com | udp |
| GB | 142.251.30.94:443 | www.google.co.uk | udp |
| GB | 142.250.140.156:443 | googleads.g.doubleclick.net | udp |
| GB | 142.250.140.156:443 | googleads.g.doubleclick.net | udp |
| GB | 163.70.151.35:443 | www.facebook.com | udp |
| US | 150.171.28.10:443 | bat.bing.com | tcp |
| GB | 216.58.204.66:443 | td.doubleclick.net | udp |
| GB | 142.250.140.156:443 | googleads.g.doubleclick.net | udp |
| GB | 142.250.187.227:443 | beacons.gcp.gvt2.com | udp |
| US | 192.178.223.104:443 | www.google.com | udp |
| GB | 216.58.201.106:443 | content-autofill.googleapis.com | udp |
| GB | 142.250.179.238:443 | play.google.com | udp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| GB | 216.58.201.106:443 | content-autofill.googleapis.com | udp |
| GB | 142.250.187.206:443 | encrypted-tbn0.gstatic.com | udp |
| US | 192.178.223.136:443 | www.youtube.com | udp |
| US | 192.178.223.136:443 | www.youtube.com | udp |
| GB | 142.250.187.246:443 | i.ytimg.com | tcp |
| GB | 142.250.140.190:443 | youtube.com | tcp |
| GB | 142.250.140.190:443 | youtube.com | tcp |
| GB | 142.251.30.154:443 | googleads.g.doubleclick.net | udp |
| GB | 142.250.179.238:443 | play.google.com | udp |
| US | 192.178.223.136:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| GB | 142.250.187.234:443 | jnn-pa.googleapis.com | udp |
| US | 192.178.223.136:443 | www.youtube.com | udp |
| GB | 142.250.187.246:443 | i.ytimg.com | tcp |
| BE | 64.233.184.84:443 | accounts.google.com | tcp |
| BE | 64.233.184.84:443 | accounts.google.com | udp |
| US | 192.178.223.104:443 | www.google.com | tcp |
| GB | 172.217.16.227:443 | beacons.gcp.gvt2.com | udp |
| GB | 142.250.179.234:443 | jnn-pa.googleapis.com | tcp |
| IN | 34.93.91.7:443 | e2c6.gcp.gvt2.com | tcp |
| GB | 142.250.140.190:443 | youtube.com | udp |
| GB | 142.250.179.238:443 | play.google.com | tcp |
| GB | 142.250.179.238:443 | play.google.com | tcp |
| GB | 142.250.200.35:443 | beacons.gvt2.com | tcp |
| GB | 142.250.179.234:443 | jnn-pa.googleapis.com | udp |
| GB | 142.250.179.238:443 | play.google.com | udp |
| GB | 142.250.180.14:443 | consent.youtube.com | tcp |
| GB | 142.250.187.246:443 | i.ytimg.com | udp |
| GB | 142.251.30.154:443 | googleads.g.doubleclick.net | tcp |
| US | 173.194.141.138:443 | rr5---sn-q4fl6ndz.googlevideo.com | tcp |
| US | 173.194.141.138:443 | rr5---sn-q4fl6ndz.googlevideo.com | tcp |
| US | 192.178.223.104:443 | www.google.com | udp |
| US | 173.194.141.138:443 | rr5---sn-q4fl6ndz.googlevideo.com | tcp |
| US | 173.194.141.138:443 | rr5---sn-q4fl6ndz.googlevideo.com | tcp |
| GB | 142.250.200.38:443 | static.doubleclick.net | tcp |
| US | 173.194.141.138:443 | rr5---sn-q4fl6ndz.googlevideo.com | tcp |
| US | 173.194.141.138:443 | rr5---sn-q4fl6ndz.googlevideo.com | tcp |
| GB | 142.250.178.14:443 | suggestqueries-clients6.youtube.com | tcp |
| GB | 142.250.178.14:443 | suggestqueries-clients6.youtube.com | udp |
| GB | 142.250.178.14:443 | suggestqueries-clients6.youtube.com | udp |
| GB | 172.217.16.227:443 | beacons.gcp.gvt2.com | udp |
| GB | 216.58.201.97:443 | yt3.ggpht.com | tcp |
| GB | 216.58.201.97:443 | yt3.ggpht.com | tcp |
| US | 8.8.8.8:53 | rr2---sn-aigl6nl7.googlevideo.com | udp |
| GB | 173.194.183.199:443 | rr2---sn-aigl6nl7.googlevideo.com | tcp |
| GB | 74.125.175.135:443 | rr2---sn-aigl6nzr.googlevideo.com | tcp |
| GB | 74.125.175.135:443 | rr2---sn-aigl6nzr.googlevideo.com | udp |
| GB | 216.58.201.97:443 | yt3.ggpht.com | udp |
| GB | 142.251.30.154:443 | googleads.g.doubleclick.net | udp |
| GB | 74.125.175.135:443 | rr2---sn-aigl6nzr.googlevideo.com | udp |
| GB | 74.125.175.135:443 | rr2---sn-aigl6nzr.googlevideo.com | udp |
| GB | 142.250.187.227:443 | beacons.gcp.gvt2.com | tcp |
| GB | 142.250.187.227:443 | beacons.gcp.gvt2.com | udp |
| GB | 142.251.30.154:443 | googleads.g.doubleclick.net | udp |
| GB | 142.250.187.227:443 | beacons.gcp.gvt2.com | udp |
| BE | 64.233.184.84:443 | accounts.google.com | udp |
| GB | 142.250.200.35:443 | beacons.gvt2.com | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 192.178.223.132:443 | tpc.googlesyndication.com | udp |
| GB | 142.251.30.94:443 | www.google.co.uk | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| GB | 172.217.169.66:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | g.ezoic.net | udp |
| FR | 13.37.187.223:443 | g.ezoic.net | tcp |
| GB | 142.250.187.227:443 | beacons.gcp.gvt2.com | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| GB | 142.251.30.94:443 | www.google.co.uk | udp |
| US | 192.178.223.106:443 | www.google.com | udp |
| GB | 142.251.30.154:443 | googleads.g.doubleclick.net | udp |
| US | 192.178.223.94:443 | beacons.gcp.gvt2.com | udp |
| US | 192.178.223.94:443 | beacons.gcp.gvt2.com | udp |
| US | 192.178.223.94:443 | beacons.gcp.gvt2.com | udp |
| BE | 74.125.133.84:443 | accounts.google.com | udp |
| IE | 52.210.223.100:443 | littletest-sorryplease.hf.space | tcp |
| IE | 52.210.223.100:443 | littletest-sorryplease.hf.space | tcp |
| US | 8.8.8.8:53 | hf.co | udp |
| US | 34.198.14.237:443 | hf.co | tcp |
| US | 13.225.239.2:443 | huggingface.co | tcp |
| US | 8.8.8.8:53 | hf-hub-lfs-us-east-1.s3.us-east-1.amazonaws.com | udp |
| US | 16.182.41.42:443 | hf-hub-lfs-us-east-1.s3.us-east-1.amazonaws.com | tcp |
| US | 192.178.223.94:443 | beacons.gcp.gvt2.com | udp |
| US | 192.178.223.94:443 | beacons.gcp.gvt2.com | udp |
| GB | 142.250.187.194:443 | googleads.g.doubleclick.net | udp |
| US | 35.206.11.92:443 | e2c58.gcp.gvt2.com | tcp |
| US | 192.178.223.99:443 | www.google.com | udp |
| US | 192.178.223.99:443 | www.google.com | udp |
| US | 192.178.223.94:443 | beacons.gcp.gvt2.com | udp |
| GB | 216.58.212.234:443 | ogads-pa.clients6.google.com | udp |
| GB | 142.250.179.238:443 | play.google.com | udp |
| US | 192.178.223.99:443 | www.google.com | udp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| GB | 216.58.212.234:443 | ogads-pa.clients6.google.com | udp |
| GB | 216.58.212.234:443 | ogads-pa.clients6.google.com | udp |
| GB | 142.250.179.238:443 | play.google.com | udp |
| US | 151.101.66.49:443 | bazaar.abuse.ch | tcp |
| US | 151.101.66.49:443 | bazaar.abuse.ch | tcp |
| US | 151.101.66.49:443 | bazaar.abuse.ch | tcp |
| US | 151.101.66.49:443 | bazaar.abuse.ch | tcp |
| US | 151.101.66.49:443 | bazaar.abuse.ch | tcp |
| US | 151.101.66.49:443 | bazaar.abuse.ch | tcp |
| GB | 142.250.179.238:443 | play.google.com | udp |
| GB | 142.250.187.234:443 | content-autofill.googleapis.com | tcp |
| GB | 142.250.187.234:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | js.hcaptcha.com | udp |
| US | 192.178.223.94:443 | beacons.gcp.gvt2.com | udp |
| US | 192.178.223.94:443 | beacons.gcp.gvt2.com | udp |
| US | 192.178.223.94:443 | beacons.gcp.gvt2.com | tcp |
| US | 192.178.223.94:443 | beacons.gcp.gvt2.com | udp |
| US | 104.19.230.21:443 | js.hcaptcha.com | tcp |
| BR | 35.215.235.162:443 | e2c46.gcp.gvt2.com | tcp |
| US | 104.19.229.21:443 | js.hcaptcha.com | tcp |
| GB | 142.250.187.234:443 | content-autofill.googleapis.com | udp |
| US | 104.19.229.21:443 | js.hcaptcha.com | udp |
| US | 104.19.229.21:443 | imgs3.hcaptcha.com | udp |
| PL | 34.0.245.166:443 | e2c73.gcp.gvt2.com | tcp |
| US | 104.19.230.21:443 | imgs3.hcaptcha.com | tcp |
| TW | 74.125.204.94:443 | beacons2.gvt2.com | tcp |
| TW | 74.125.204.94:443 | beacons2.gvt2.com | tcp |
| TW | 34.80.89.126:443 | e2c1.gcp.gvt2.com | tcp |
| TW | 34.80.89.126:443 | e2c1.gcp.gvt2.com | tcp |
| GB | 142.250.187.227:443 | beacons3.gvt2.com | tcp |
| GB | 2.18.27.82:443 | www.bing.com | tcp |
| GB | 23.206.79.163:443 | cxcs.microsoft.net | tcp |
| US | 192.178.223.94:443 | beacons.gcp.gvt2.com | udp |
| US | 192.178.223.94:443 | beacons.gcp.gvt2.com | udp |
| US | 104.19.229.21:443 | imgs3.hcaptcha.com | udp |
| US | 104.19.230.21:443 | imgs3.hcaptcha.com | udp |
| GB | 142.250.180.3:80 | c.pki.goog | tcp |
| GB | 172.217.16.227:443 | beacons.gcp.gvt2.com | udp |
| GB | 172.217.16.227:443 | beacons.gcp.gvt2.com | udp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 69.62.111.217:80 | galilaospa.com | tcp |
| US | 69.62.111.217:80 | galilaospa.com | tcp |
| US | 69.62.111.217:80 | galilaospa.com | tcp |
| US | 8.8.8.8:53 | bat.bing.com | udp |
| FR | 13.37.187.223:443 | g.ezoic.net | tcp |
| US | 69.62.111.217:80 | galilaospa.com | tcp |
Files
memory/3484-0-0x0000025B58390000-0x0000025B583BA000-memory.dmp
memory/3484-1-0x0000025B72B90000-0x0000025B72BA0000-memory.dmp
memory/3484-2-0x0000025B72990000-0x0000025B72998000-memory.dmp
memory/3484-3-0x0000025B72B00000-0x0000025B72B38000-memory.dmp
memory/3484-4-0x0000025B729A0000-0x0000025B729AE000-memory.dmp
memory/3484-5-0x0000025B72B90000-0x0000025B72BA0000-memory.dmp
memory/3484-6-0x0000025B72B90000-0x0000025B72BA0000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 4e87a655de673d665a5c17841aec9998 |
| SHA1 | 2575ae8891f0645cd0bffa41227c5b7ac17ffcf3 |
| SHA256 | 1e8389fc1f3e9710249898fd6ceee059d204a6de56981dae602ac3ab6a7415a9 |
| SHA512 | 0334cd5423563f004424118ccca2b00cd9ef7d3ab316987ae982cf18c75340302e1556127f73b3bedd42b226c0598de369858c3471e84f49cc8aaf8fdab22d2a |
\??\pipe\crashpad_380_VMZSPIGCZWAAYZIT
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
memory/3484-54-0x0000025B72B90000-0x0000025B72BA0000-memory.dmp
memory/3484-65-0x0000025B72B90000-0x0000025B72BA0000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState
| MD5 | f81de8fbd2b23421e0924cd63b15238e |
| SHA1 | 9f6841377556ef52c0ca47a2d4b67b94a43e912f |
| SHA256 | ecf1b31d254f6f483aa6607befb3cf00b1ca3976639daad4e1177e9b08a42341 |
| SHA512 | eb31f2ae6e12e8e92067c500d648f044c38a45326f1fdb4bacb94ade88c43e241c766ddf57b30db771e26ed82e0a127e4043da68aa6ab4fa50ec54ffcc5c9471 |
memory/3484-77-0x0000025B72B90000-0x0000025B72BA0000-memory.dmp
memory/3484-78-0x0000025B72B90000-0x0000025B72BA0000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | c4cf42614210f824c2ca93155a19ab9b |
| SHA1 | e8150df7e6f6cb9514a656d1cebd8e831e0c8f30 |
| SHA256 | 8436e6a6bc3e99c1599e171eb984f3b1a284591697a85d5eb5fe16a47ce7b070 |
| SHA512 | 404e5be7d097ac43a92742f4e8a9b80fe393df62d501377df20e517ad07e129d49b4f1bd88c43f0b0a230c56958a2c953455f165bf8a7251b5169aa5c7f156c6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8b80512f710a5a1a0417552b44042690 |
| SHA1 | 1d9d7ef35ba7f0307bdae890c363e1ab9ceccdd7 |
| SHA256 | 58fec9ef5adc9874dc069c057c17993088499e5cbfde01f3ecf355f3b129951b |
| SHA512 | 5ffc53466d53a714092ff1656296e2f91ce6d4ce04fa0cf9e0763906dc6825e1d6584cd7d4cb516b324e14a8ce09c209988ef48966eecb1149f335b4dee7e4fd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
| MD5 | 6eace527707a0e159399c9d6adb33733 |
| SHA1 | 6034ec648b2b6851cad12fb1293c40619e2a81a6 |
| SHA256 | b2c71b8868acdfddbe58f20cb0aaf4acb6ec84b6f79dc4428d9eda3e084f9197 |
| SHA512 | 1b4c743a1f7b55c6936147fe446b3b33fc2c26eebc72004acb0378710baaa83e9e362670f4a4af157f08a891ff53c20f3405cc36b02a242b4a8bf6ed3ce4e6ea |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | e502c53a34f82208770ca82f5be9d50c |
| SHA1 | 9556f7b0e597a14eea682c430007580a0480a6b3 |
| SHA256 | d303a2f1c802c2c68eb3e31886fa244eedb8824de29f61b6038a888e065a67a6 |
| SHA512 | 98b3735a1500956858e9e796784b80b3235d5237e9e16c96ee62ed352c22a46f2e69c1af0e94cb6feaa4b5de0c7db8275d0a5caf7d9e3b82ae2c43d18a86e598 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe5817d8.TMP
| MD5 | c1cbe7b1a80df21cfeb64cc2a2917e4e |
| SHA1 | 2cba3e423023d25dd03b5edd2876df0f5a5d1472 |
| SHA256 | d643889247031b917095c1dc8b3333f83371cfc8e4eef0e132da7a067b8f55e4 |
| SHA512 | f92ef857711b390a074fd87c04de6a368f35c5af36192f79753ef027628ce4d818e6a9f764f6c22aa52bafc68e42ed07d1c383f7252eec20269b67eace4025f0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Shared Dictionary\cache\index-dir\the-real-index
| MD5 | e0701d9d7b7a14039e6f9a53078fd23e |
| SHA1 | 201d5c31df1233b7129295fb755d5955dedd0f45 |
| SHA256 | 5852825eef895cb6866ba9e265afb25c4a0283c98388135326e413886b6efb1e |
| SHA512 | 9e660e9cf2180269bdfd0d250ad6265334ea67e7ac4914b8f01158f0962300a5b4c612563eaeaf55a1f0d15eab9e86064e54b00d9281aa51ee850e7679043c77 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c466311457d5028833229f40cdca9d15 |
| SHA1 | aafcc2d305e20003724f07968031ca03452c3616 |
| SHA256 | c7df5f762465034349c8416ef5d67388e3ee436b88433dafee45cb4681c89628 |
| SHA512 | ec7206e3c588344de1f6015ca13dcf176baa922d764c6d21b6ec0ca1f1ebbf8dc20e1ee9dbe461095cc817f42f9d341f4a883f0becee65133549f5218480c057 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 698df1f6840a283b6288904ee3503ca7 |
| SHA1 | d0a965b84b51aab15521bef48cccdef5073341d4 |
| SHA256 | 6793e75a0a2252d38012ef0ab1ba17e8848e2ef4174d98792a73900110ebd1c7 |
| SHA512 | 4e887bed2d7e5dbc019c617b1673fe4c2d1282341d7d079cb0497b1f2393a6bc4e80f7e4e6372987d68a9e202449fcc6f30fbaaaf82016a032c861cc83e94c85 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 21dd433668f959864955f5204268462c |
| SHA1 | 8d99abd7da81be69a8e554590695e2a19254412b |
| SHA256 | 8dd6587f6a291e868943f21c6dc24fa67bf3c6aef317c07715274c7d76edb6c8 |
| SHA512 | 2ddf75619ec3aba3de0ca5fc719df260af013ae586633fa4321bd411fe2370abb33b9ee06e76a7d41bbb9e347a07317d0966fef79728f963a022dc9a75a9b208 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 44d241c2c763e109312d2dcf66be0379 |
| SHA1 | 89d3fa6220f9c15db6b83651b4236e2228d6e6d9 |
| SHA256 | bb9b2a66d2779f10094af5e522891f4271a4713738067a8ef82602c8d8113ca1 |
| SHA512 | 296ca69409802d0995af6823796226865a9698a903045281764f425f3cad15bd173b8e664de1b40d05f5a854c610e5b9cf33e52ac56d2dfb62807e4bebb60280 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | af344d721303ef3968894a7be9731750 |
| SHA1 | 8d7eefbf469ee281e69b9fd92959b6928a93ac44 |
| SHA256 | 3dbf4a75120c373dda17e3584fae60771f981228807d7bf173c97a5a207a4656 |
| SHA512 | 61ebafa80924911086f30d5cf162a4d444e1d1bc370bcaf28e0a6b05a8bf0341fdcb05e70430c7a6b9fdddc5f4d7a26151ce686ed5bbe21b6a8726f539bbbbee |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00006f
| MD5 | 87e8230a9ca3f0c5ccfa56f70276e2f2 |
| SHA1 | eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7 |
| SHA256 | e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9 |
| SHA512 | 37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
| MD5 | 476e416300b683dacf0e28677a409755 |
| SHA1 | 9c1c085ac9e9b85a69528cc4c5a9dba6d9294912 |
| SHA256 | d8c1b5f445c912772931368a35e7b17980c309ce8b727a6ef38e5d112aead667 |
| SHA512 | d58642ffdaff3bcc695ac7377f6b24ed2f0cf083b6ffd6d1239ad725764c93bdb004e2826378b2086e95dac8dddee5d62a9f857247efd452aaee37b2f5ba2282 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Shared Dictionary\cache\index-dir\the-real-index
| MD5 | 5427f2d4843d91fe53bd105f84cf23eb |
| SHA1 | 6b319541e4409449e9ae0cdabbf5fa652c97ce3c |
| SHA256 | 7747fc230a3b330e98845f1e6a02413dd2eab9dcf878814d4e7be935d17997f5 |
| SHA512 | 3d5f3d66b115f1791ec69c5df30a6dcc037c6886b5c40cd23ce1c2622c5131a3280a5c366b235dfb0554e6d350e656062d1e54a0fbb14c6a321ec845c4ccad7b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ad2f61137b5341a4cc3c67b30d81dfdc |
| SHA1 | f6e7a12de7eb1fb1fba8df4c76bad0d7da944852 |
| SHA256 | 27dd70d67919c9d77c89f37ea1f7a1c81b77ef3bb28803ea3b466828e68e4922 |
| SHA512 | 8be2ec40d97c1ad61589b8cd456e33450ac1a53d744f195b4f7b80c23f62e439dc3e0bafa58be05f193872e928c097c80740403b453dbcf68d127d4d9e6951b5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c5f0c2935c7ad649c8a4e16716067813 |
| SHA1 | dda1207a7ad960fc1f100bda3c0e6e270f99ff32 |
| SHA256 | 867337320771ed83127d3e89e712d49a8b9f2a34a82bbc3cd26d25cc2a159552 |
| SHA512 | 3e0694861dd03ba4206e05a8931bcab57e27a642ffde902884e84c4f6ec3755ed298c24109bd9e4ce726e998255c37e0ea920e293a35833066ed3fa06b69c6a1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 31f8ca8baed32504a1580af990ac3cb2 |
| SHA1 | be6a0713cce8720f106b361244390085786f0a4e |
| SHA256 | 4e00e918ea137482a53af3c3e13ae206339ddee031370256366cd5965a16f463 |
| SHA512 | 5694c2d1c91e248e4bc67acd818594a47596d0597ad196b1a16a89db42cd095d5576c9a35f3978758b73f6f23275c3ae55022089184bd4f1e12687e6a6c8bdc2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Shared Dictionary\cache\50b7e00dbeb43403_0
| MD5 | 72ff3866d873c34d19378391997f4bcd |
| SHA1 | bae587075773794bbf00a871b82e41dd19df2dd3 |
| SHA256 | 5fb63c1285b49edd0f8bd1f6437387e04127fd943acc51864d83d4613b53bc83 |
| SHA512 | 48b1b87caa62f6e769038f72892301a5add7c20c48812bf4cd507af531532b409206d1519bd1d13ed8c7cc7a519a7ec2ba742dc4276644ecc13845df638d6bfc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 1e39413985d6800c413b3f95182803f6 |
| SHA1 | f11f58ac65ef7568b6f52582912eaa548a2e2443 |
| SHA256 | 7fcf691265b330bec61ab370deb9707328879fc6601a2f261f9f67b2da907890 |
| SHA512 | 88db6458e692ec18dab0c02830d5b37a4ac94f574e1c035892c763428bed67b866cb4eb9f55cbfc53f1098de3513b25358691334d29a3d44d54ccf41f395f4e1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 8ef5519f576d897796aab865f689ebb9 |
| SHA1 | 2dc8418dece21d2016ddfb664c525b9a88a2f13a |
| SHA256 | c62f434ba3854ddd4cc4625c77f855233fcec6b88790a6bf624145ae36c431d6 |
| SHA512 | 43b58cb52553322c58599f0f40d6d7d4a854508edf15cbda7b41b2376b7ee5c479284f3df398965207089a19d9a9310b4f268ac1f9c1dd870d1da3cf8060359f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000016
| MD5 | 7d63d3d7cb9eed15021ed91754cbdfc8 |
| SHA1 | 2dda903f77162fc26a50c77ff2b7ed81d2121a50 |
| SHA256 | 082dfddfd32a16b4367ea78f47d8ffd99fbab54e0390cd17b62cb971b8ec481b |
| SHA512 | b65fb32944c2f3e088e3ac44c6a06b7a24bed49bb38eea6312b8396ebbb15f773296f2d7451bead975179e8c778ee6ccdfb580d43a8b63bdc19b4a606721ec63 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\6\IndexedDB\indexeddb.leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\6\CacheStorage\index.txt
| MD5 | 84936fe5235594f7e8e28c728416127a |
| SHA1 | 6cb9676704d2770c4335c758b74a2c7d1e97b69c |
| SHA256 | e40a236e4e7952ade2b3434037777845f937243ba304dedd5b18a534367a5c03 |
| SHA512 | 049975936c59c16cb62d7b8712d26c5e76d0ce0cfb3f2bb7e10dfd6a115d078bbc52e32aae4244dc17e74828c6ef5e3be297822a2bd9e90394d9288c51810e8d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\6\CacheStorage\index.txt~RFe59d70d.TMP
| MD5 | 8f8927d7159d53c4dad17479b5162f61 |
| SHA1 | 45f66e3471b55687b50e2da69821b22dd78ecf8b |
| SHA256 | 07d2e0bd05f33a367f2b8cfbb0654871f0d4c4b92cc8a57bcce3643add30cad6 |
| SHA512 | 9b76ee5cfef630c6d73b9df6dd042d4a5c7f92b1c6a1cd39c82868114fd029e3a0c4bc1d2d055ae26b4d479983aec7c0ada229355a7fa043b7d7008f89b6d689 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 591c474f8e30bbcb2a6edf6047022c34 |
| SHA1 | f55d35ac81d6b69d0badfcaf106964e3f92edab0 |
| SHA256 | fbe57d7a714f28c9226eac59af23bbaf5ec06d8b4e571cb0231d89fd65e62252 |
| SHA512 | e47261bd281e0e8d960e343356439d500c216afb7c3536f88e52ca4a5026eca765feae3e1387770348f7874741d05d84c755717599931a34740a13190de34185 |
C:\Users\Admin\Downloads\7z2409-x64.exe:Zone.Identifier
| MD5 | fbccf14d504b7b2dbcb5a5bda75bd93b |
| SHA1 | d59fc84cdd5217c6cf74785703655f78da6b582b |
| SHA256 | eacd09517ce90d34ba562171d15ac40d302f0e691b439f91be1b6406e25f5913 |
| SHA512 | aa1d2b1ea3c9de3ccadb319d4e3e3276a2f27dd1a5244fe72de2b6f94083dddc762480482c5c2e53f803cd9e3973ddefc68966f974e124307b5043e654443b98 |
C:\Users\Admin\Downloads\7z2409-x64.exe
| MD5 | 6c73cc4c494be8f4e680de1a20262c8a |
| SHA1 | 28b53835fe92c3fa6e0c422fc3b17c6bc1cb27e0 |
| SHA256 | bdd1a33de78618d16ee4ce148b849932c05d0015491c34887846d431d29f308e |
| SHA512 | 2e8b746c51132f933cc526db661c2cb8cee889f390e3ce19dabbad1a2e6e13bed7a60f08809282df8d43c1c528a8ce7ce28e9e39fea8c16fd3fcda5604ae0c85 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 07e29567ea1828184b2d715f5cc83ff1 |
| SHA1 | 76f8e321472d88b07529daf194d7143f25781a7d |
| SHA256 | ea618c16df84e61936b5b58576e3956e6e80d23144f39dcd7afdc58b3160d5d5 |
| SHA512 | 8eb9fba2256409826de715af490cf34b414b19bfa0b60fba77f724f701e8e5d51ccbf716ccb1efbdc0ce24df5d444a617f2325ec87b192242f86a8bca69aca6d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 0f976927676e02b90e933f6755d34847 |
| SHA1 | dc511767bce8e4bfe1a044e8f11700aba5a26874 |
| SHA256 | 3d2644388bfbf38bf1755009d26a1e24abb5ae11b83ceb5073c1573976531790 |
| SHA512 | 95958e4471eb04b1dd7716f9ecd8647d1aebf1fdebc877696f54575e494916ec56e2baae231328b64191c443f977f3958b9c2665d446615f12df5237f0d35783 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f305a0b71143794ebc47a2c60176cca4 |
| SHA1 | f23706d09715bf92519d826cea8d4a45568947dd |
| SHA256 | 7a91b1189891b24d919303136909c70a943e2512643075cb7706f5dfa81eaab5 |
| SHA512 | b6c10e6ba7d6a315be0ddd63c3d0db2638b3accab997988e567a28b76cdbb41c1fb90d53c3d1f514279500922510925d1dcf2db9c46280772a2bff5179129330 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 49e7c3143e0db7909d9359059a6890d5 |
| SHA1 | 15640de9965e2101065ead418ae9aa00c5600f5e |
| SHA256 | 6aa545a703134292d66403c289b0beee3a13261586b2356aca759d8fd3ce363e |
| SHA512 | 5390e314bc61873c91760fcd5f77ebe4fb702b8347c0ac74e90d6b4ba13a70b4dfc3ce9d4e19e13d743b34e46d57a7a8cd251816779d9e81443216a0c5257e48 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\6\IndexedDB\indexeddb.leveldb\MANIFEST-000001
| MD5 | 3fd11ff447c1ee23538dc4d9724427a3 |
| SHA1 | 1335e6f71cc4e3cf7025233523b4760f8893e9c9 |
| SHA256 | 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed |
| SHA512 | 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e5bafc799ce9dde7285fd5a900bc2486 |
| SHA1 | 4c680c66d0438c1f27b881cf63b49dc4c3dc6583 |
| SHA256 | 144b7c55f37a0c689f6859ae5ef47fb9a6e70b24968a5a7ff823fce997e9ef6d |
| SHA512 | 3d75b65ec9b5ec273ee179b0aeec280fc335720def373592e6291cfef8dc059218d134a27957bb0c30f0e99d249b6ddc9195a23b632cb8cb7b5cbf58175f2ec8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d553f1e8cae991ded1f84b161018d26d |
| SHA1 | 01d727ec2415ad7f4c2a1581ad66c17e1a85f310 |
| SHA256 | 2fcd95bb033100b0ee044066fd07a5733bf31cec7b2c33d72131844321ef9243 |
| SHA512 | 24a1fb80ed673d8170db1f2abfcc49dc75ef6614fd27db73dfdc19ed37bc025816d0ecb90f53d37e46f03f321bf757d9b2a73e7ba185987d91423cf3c20289e7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00008d
| MD5 | b31d6c3a52ee38ee4d969480c712cf93 |
| SHA1 | 0cf2958ba2caf005c6666372d65a955b56bbf450 |
| SHA256 | 1a37f663403fdd7b5d9c6577ded75fdce0bf8b8be3ceedf3839dbffd419e08cf |
| SHA512 | 1dc117306dda82ad7820b17674685ee8172bc054c92da58ef62091470965d5b72b5fc167a1de1ce5ba32b728d86ad88169f5c388bc46e6e8b35de4819e32d56e |
C:\Users\Admin\Downloads\Unconfirmed 380283.crdownload
| MD5 | 08e42764571804aa3e27530b03dd5d99 |
| SHA1 | 82ca6c9c8b0cf59f8dce178352360abcb99637ac |
| SHA256 | b66d89ee13a48e9c8d4a7aa2e3e1cb2b79f0b95e4f74f4184b85628656281588 |
| SHA512 | 90fdb4f191a1a26e04fcc2df045d74fec998b968506d7e8f16ec6f5cca7068093de106b9de4009ba6ebe085e9036358553d19af1b7ed4202f86ba3d2aaa7a62d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e3d40fb33f326a08d1846105edc63d45 |
| SHA1 | c6a68bd64d889bde3c4289834a42fe9790a0489b |
| SHA256 | 1d0c5c331ddaffc58f3d77ee4dc9c2558d916c3db7adbe5727fafcd84c96b148 |
| SHA512 | 17a8b9b3f9715f4c654449483a788d7879406a6cfc8ab61dd10a90aef0073fa5a9e6b15c1789b59f350a02e50e429fa03517ceb11ba3bed7fc469a23807f1992 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 8cfbc9163dd09eda2c9f755ad16ff173 |
| SHA1 | 2d0b72070eb671143c15dadcf19fbf677e020d63 |
| SHA256 | 1ba8e0b3c04122aedc1978b8eff524fbc14b687a1885779ac99a85e5145833d6 |
| SHA512 | 5ca3b7543cc8ea61186a3011287d063b67a6ed0861810a2c45d0ccd118a10ae7a59f2abeb0c01093e2aa8fb1b8fddf15ea74d7eaea2335c462777ea1cfc31ba6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 23c1b5d0fdda8fd724e6a6dd97a7a052 |
| SHA1 | 5e666fd99ba92d6870fb6ada6ec8ff96cba8a901 |
| SHA256 | 035688bf31983ae4d2d7cbb0c67238aeea0a4fd076dd501829bacbe2376ff732 |
| SHA512 | 89c2fb26ba20ae4341740cb399404338530a592e63f725eaeccd8524abe4205e244af5239d77a052c3d7434f8ddb764853f66dc98beae36477034b66c5291ecb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e1c04e85b1c8c0beb6a22d0ed56e51da |
| SHA1 | 8f7b191c69a99badb87699bcb115ef42a2f80488 |
| SHA256 | fb9678be7e3ccebf9e8b5153fa81e2f01218be8ec0062ab24861a22b4d2767c9 |
| SHA512 | b3c4c14f3410d372170b1bd9113dbe2655754aad25765414809f7db5ed476580fa502cea555af785b5b20cedf8eede76b735a5a370a040e2a093d5b99760f390 |
C:\Program Files\7-Zip\7-zip.dll
| MD5 | 88518dec90d627d9d455d8159cf660c5 |
| SHA1 | e13c305d35385e5fb7f6d95bb457b944a1d5a2ca |
| SHA256 | f39996ab8eabdffe4f9a22abb1a97665816ec77b64440e0a20a80a41f0810ced |
| SHA512 | 7c9d7bd455064d09307d42935c57de687764cf77d3c9ba417c448f4f2c4b87bcd6fea66354dfe80842a2fa3f96c81cc25e8bf77307b4ace1bbe1346cbe68435f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 0b6b53b1c6fdf9bd488c353f4d13e46a |
| SHA1 | f36c15b159f30b78c0a145837895e95415019f22 |
| SHA256 | 407961237cccab6b3761cbeece63b125268f06bd99eb59951530fbb560195799 |
| SHA512 | 8d3e6f1f24707d5afacc48a74574cd174f8be35f3eaab0bd8e3433403b13ce749633cc32f060ff75b6895193d63542f4711ee22074e0d305b34f47725e10d5c5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 02393ab3a3b2303ed8b1dfc6ed3f76bd |
| SHA1 | 914e0987687682819def4a3b88c1fbe13fb45146 |
| SHA256 | 180e95c1fc1d4b316d88b1ca83c572c21137009d022addc8ab56a212dd0ac41f |
| SHA512 | cb239bc45f6ae8ca7ba79edc8d2611588ef4da88d15e4171d7970be2024f52b77cb4df42cbef1859251c897e143c8b4ab59896dfe2a56c37b4ce8ac401097562 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 64dc8a1dce891284b09016a418eab7b7 |
| SHA1 | d3676322e4ec20b2f98b9b339b04ba43ac3dce94 |
| SHA256 | 4df7cbf6114cce0d02765f28882a0f55131e037cf5f29958c4e2fc049f7f753c |
| SHA512 | cfb04615fab7b47e06db9d9ea2061197d69eed38175dacde9cfd0e609b8ccef72d83716aba828b3b5ce244e20699427a1eab281c9a0b2802b42e8c7203ff5e29 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 5210b1dad15ea4947446f0d23bf39bc5 |
| SHA1 | e434db8ecf6d48163554d8893cf9e0f3f7fe5b2a |
| SHA256 | 542294c241cf61c9fb5a18a9da13d705cd9d4ffcca1cdf3c653d0e0eb477e607 |
| SHA512 | 3dc50c79888892349e612bd3070f18e957577ad82a3ff5f8ae412fe7b3360e3219abcd05e336a04fad4baea630cb3d8f8423e925163040508718c0d80fbc0533 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006
| MD5 | 3a866ce162809fb0361766635013d99b |
| SHA1 | 5884c0771adcc2ca34e7ba35aa327223f52c284a |
| SHA256 | 417afab46c974859ae7049ab35b65ed21d5a0b74d53e9427b0d017445b07b3d1 |
| SHA512 | d69989ba95d40ad85c0caf25b262319540991e0392683c2e26645e8bc440c4b7b2bb9280435fa788bb9e82cc542a6fb35c8abb2b920e70febefa1bff91c5aa53 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000007
| MD5 | ed81ae6e321fbfbc6cb3dff94779e4be |
| SHA1 | 1f0c0cae6cf9366424323db0b0739facd69afdfb |
| SHA256 | d22632c84b8b935a2451ed89ef446356ab024bb761c52cf8ace17068a655be0a |
| SHA512 | 60dde1068dca1305c488fb5bc43bcd77d8da22ca0b7d61515c777510cae0045d054094b5c52e27b7d9f2b536342f18e9358b806e9bd67f15ca4da0702b3b985f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a
| MD5 | 9436affc97843765a966b3568fa7e5ec |
| SHA1 | 7bfda74bb30589c75d718fbc997f18c6d5cc4a0b |
| SHA256 | 7165713d3e1a610399471a5e93d5677508f62ef072c1151e72273bf4bd54f916 |
| SHA512 | 473ec3a843c33e18d6d194651fe11353fcd03a7959225faeabf8c77484155ea6a7bccb72dbaf2093ed53c408faa3be9f6fc907f7a5ddf8223375f9d09b504456 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000b
| MD5 | 83b7855cfa4a74f261d3763b73141e37 |
| SHA1 | 306f4e4a8b4635711d0933147ce79f37416fdb8a |
| SHA256 | e2e45af9cd69dfd5425ba5ca0b5f5bc1494808e5db081bc94fbae965a7a21a79 |
| SHA512 | 29c580b51f25148683e46f0f7b154b4a4a56057d27d3b7f796acae8331050a5f853c0d957daddfd4d57226ff8bc5e632304b0c4a9a92afa1169f6c18c92bd2da |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000014
| MD5 | ff19e38e855d869d3e084149adfb6e05 |
| SHA1 | 22c9b84a4bd7dc4766b60698d96686f150a60fac |
| SHA256 | 4437283ff4c34c5097ea6e95556342f03846595b755f2ab03ab2aabf92d83a07 |
| SHA512 | 01dd5c2217f506af2df1bbb0a0c7e483f749e2d59d7b3882ba699293fc9969d4d83c95f87d0c16884bc5063ad29eb389b0433770fe416591de61907f30fac34c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\6\CacheStorage\index.txt
| MD5 | b2955f4a7cbf5fbb4065524342f74f67 |
| SHA1 | 372cbc7687d38445fc0bd7c1f1c2e1625022e2ad |
| SHA256 | 15caef00a69b0de3fa9c297b88127f345d74020cba8308587b6ab8d57c0f8b86 |
| SHA512 | f13ef962b166d8bf37653c84e2be616a9673feac11900c3c1d8917d3c0c3a820f129c6cc2f09d829fd9bd18a87154c08115af07d5db8569c40607f6bf7b5dc63 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000a2
| MD5 | 9a01b69183a9604ab3a439e388b30501 |
| SHA1 | 8ed1d59003d0dbe6360481017b44665153665fbe |
| SHA256 | 20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2 |
| SHA512 | 0e6795255b6eea00b5403fd7e3b904d52776d49ac63a31c2778361262883697943aedcb29feee85694ba6f19eaa34dddb9a5bfe7118f4a25b4757e92c331feca |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 36d21883d3c68837a1d49e28f6239d84 |
| SHA1 | f3868f4d11e7cb176fe1c0da9f739430d8f1a2c1 |
| SHA256 | 829366e01a1ee65377c21ec25ae8651998fc695eebaf272e64803b58f5b5039f |
| SHA512 | 9e70b2aa2b0e83efa6291cc3bf99203fd670086afb6026b2588a68523dc9c6d63da5a680d0f579bf3ba44418c70b00e3de779cac697176f5a27dca7b59a67767 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | f1a74d825aaaf6ba775e8557322be994 |
| SHA1 | 23166612e844c159bad027095c5fffeb609cff17 |
| SHA256 | ff1c8afcb70f950ff436ccfdb206469d64157b848794286ad851d090b5b74808 |
| SHA512 | 944b856396cbba9924972848ab9af1ca79827f49899f18c17de9cd4c7435f1f0e54773089e43d20921492f26acd5a7edcfac60057ab3e60c0e9e0b799a3a04bd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe5faa72.TMP
| MD5 | df80ad833b167fb286b26ffd9ef78399 |
| SHA1 | c60b925f6fa30573a6679233742ce46f28bb115c |
| SHA256 | 271b21ca9e94687406bb94ed483493cf1b7ffb93294dbb64911dd4091897eaa4 |
| SHA512 | 868aba294a8a903e6a701ff10688083fd6976fb534eb8390f9b8ef9040a6c55817ef39a6d4b9c0bdbde4026313dfc51d56e4d2e3d5cb300c2c19baab0c3525b3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 35e6ce7d4442ce3590d5c7983dca7cf4 |
| SHA1 | d87f5813a87f8891b8a045e744e57d8d4967612b |
| SHA256 | 8fd2c4c7dd9e8d9747a57e7632446ff5ab751805e4e9f54e303a213e69787db7 |
| SHA512 | 8573817393cff82e913922b899f33f920b83660d747826eb51b82ac5162130a56e62b5be69858280ee6b978d26e743df1b29f95c034a93b79d90c048f28ed371 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000a5
| MD5 | da236b92727776e61fc844ade9957716 |
| SHA1 | 8fbc2c3184a71b360480586441cb109abcb2f623 |
| SHA256 | 5ae8416d0eb18b306becb570e1c88a4619dad21136d42c0fb31a828fb8004600 |
| SHA512 | 7e463084fabb53263c8e7721fc6adbd52c2c29b918697656705bdc830ba2ec8487d324ad991795fa55b3ca34e315c31de842a88fc858876b3df313172fb5a71b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\LOG
| MD5 | 5924a1bd285bfd91183352477cd12b57 |
| SHA1 | e539f11612be0592025dee9631f3e812891437b5 |
| SHA256 | e22cd6fda72814f129fceae63a0c4d858dde4a6f903b96fe77a8f264594f8cba |
| SHA512 | 53abc17893b7013e9ba64cb42d79d33d4ed031d942dbee22a7894e15ffa8d418af68ca3f1ec0b89fca17fd240a7030f939a4ae83364ef5e1c7216b191fc2382e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\000003.log
| MD5 | 9c528d42e41e8e850330a3705c1de2bb |
| SHA1 | b1f09b844d1c68496cf5d98f69a9cbb01c7cc4dc |
| SHA256 | 144acbe981f2cd3bcabde30764ef35ae8d8750a3e874ad4e6ca6733d20e89b5d |
| SHA512 | 744f5b6dfc2bb54ed2b6ccbe88128b62f37045f7ae6a4df621b56e6f36564fa5bb7e8e40868cd597369cb974184985653c187141a1040abed7d6861afa6e2051 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\e63406b3-f0d2-4855-93fa-8d8f627eb7d6\index-dir\the-real-index
| MD5 | e7607f2712c87053f5daec738c58880c |
| SHA1 | 5c6847ed7ca72f48a0c1ebdada1c194070e8a56b |
| SHA256 | b603ba1100984a4549a45bb468eec79cd0a6dd6a16d661ab5e5f5980c630b556 |
| SHA512 | f126dc78782bb5041b60ae5220633fce45128f474c224532520e024b6c8c1b7f0e8f2bebc2f506a4e8124c7afb96f778de6255c4d845ae72008020b92ce7dda1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\e63406b3-f0d2-4855-93fa-8d8f627eb7d6\index-dir\the-real-index
| MD5 | 1f6992a33720fd026260a492c1ebc01e |
| SHA1 | d4408bc07ccc65cdc53099f6f9fbef5be4e5dc3c |
| SHA256 | ebb3d5c962872a32b2e2565d4679c363e788b512c1d09bcfffd948d518c8a076 |
| SHA512 | 7cc1c7c1640eb9df0049d46af20bbbceb360b004644c97c8921589b5d91835c60b0089f99a0fbcc3a89eb7a6d85961c51254ec47cbf7d297f9fee7fd7b5118c5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\e63406b3-f0d2-4855-93fa-8d8f627eb7d6\index
| MD5 | 54cb446f628b2ea4a5bce5769910512e |
| SHA1 | c27ca848427fe87f5cf4d0e0e3cd57151b0d820d |
| SHA256 | fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d |
| SHA512 | 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 646bc8b6ba12fc0f3b55a8f95293caa2 |
| SHA1 | 39e38226b33a9531d102f0a0bd1afd603faa7767 |
| SHA256 | 474c3816b85d5e8024943804cb641ea400efadc511509f1e8f21a9eca4478a3a |
| SHA512 | 747c6ed56c155f13a94eb42778c83736f94c503ac4eba6d80afe4744c684cc30f11a10ee03884efed1ae534114a3046be44d581ccef9cd9e2d07945030329ded |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | c888f7dcce2784996612262b194618bd |
| SHA1 | 771a888273424578b5be7c2a68111563f1c83bd6 |
| SHA256 | 83c6e558386741d7ee0d607075021bbba203cbc595c97e9ffb871539f379406f |
| SHA512 | b7e79c88e44e5151877b219b0a2cb8a3fa9da757e911252b8d6c99f8d9b4561e9b419da5c2faae509bb12e18642e40cdd4b6f4436096a00e41d8dc4a263678fa |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | b06f1c6618c9a41f41f4f899ec647c1a |
| SHA1 | c11d3dcd437c72f9b716a00cfb49b2b12a5f147a |
| SHA256 | 540abf8cfe8de53789cb801af040dcac32e2d4c532c14643732d71e6ae8f04b6 |
| SHA512 | 2dca5f99fd952fa4d799bed8dc151e4c2669c513e9a2e26abe59eedefc7e224123062919b26552cf79a370ef13b9c0758ce46852c2a59f82d2cd5bd8997d3672 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 8c90baffd2a142b127cf7085fcf349fc |
| SHA1 | 2e275299889d06dbb9f16f0c676b89b2bb572c31 |
| SHA256 | 7e6185923012bb299adff7d186484fdc1afc02b9b22a921bf45ca301915761d7 |
| SHA512 | ce496893b18eb07e5f8391f6336f93c63455398396e8674d2ba114002cbc6087e68aac05bd315e8e1b2b68b7886ec5caac59676e93e52703ab71fa30d130f8d7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | c55209d4599ae1bd0479b01a1184a32a |
| SHA1 | 007998690ebe2e4e8dd3136bf4f418a8fa0964a1 |
| SHA256 | 82caa8c0686390d859f39304a2ffaa69bd48b6b3d228148fcee29d85e33007e5 |
| SHA512 | f9a4f7135f7fa7f76a7dc6162185ad1c9436c6f6c99f294227e4903ecb639f3c5b3114d9a9a419560ceb832eca64de8bbb5c2638650fe05b2cdfec3d37699033 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\000008.ldb
| MD5 | ac1a01179996465dd2636c10a088f781 |
| SHA1 | 9bb3e08aab62872522cc06657c300789cecb72be |
| SHA256 | d736176075d95915fa399359ffd3c9074d8c4e4173f3fb4d011f96307ff145db |
| SHA512 | 53b1081f4c21b16c5c8f10b0bcb095465d237ec1151d93ee46ee5fa494803366e8434cb013f84d88a961dea7ca6caa3b25f6abed599a261dd4262a0d1d1e849c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000a9
| MD5 | 9c6534c5fe296439d52f022bb1e381ec |
| SHA1 | 56589abe1eada3a56bb92cafc37a76e0f69711ae |
| SHA256 | 71160660a41c2e9a37c7257470c7f122642e965375bce17818e06a141b3cef6e |
| SHA512 | 4bf5b007fa3763cf291ce591829257aa2e0b261f0bb25c02a5acb59b4eef66ae7e68c6b8d3fe35a34cacdbbaaa4a7c24dd1b91688df714c5387a84612278cda1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000a6
| MD5 | 570fd8396930c3b38ead9c3afea2937c |
| SHA1 | 51fd573c11d03b0c888c0fa06857442f225443ed |
| SHA256 | ada564fc741ad3708d4de72d0846672066dd9b005c30ada5a153a620e8642230 |
| SHA512 | 523720f597c9852bcba1a6a0edba850fbe230cfd3b40281f27e537f5d910886cf5e6d57d5a54a8ae40ddef6af1702ad2db880043bb4429c5f87af372f20c160b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000a7
| MD5 | dc776a4fe6a45e9d3218f46c697d49e7 |
| SHA1 | c0d2b392a6a21f230de390249127fe744cf3df07 |
| SHA256 | a8acb67b930d80f3af5adf0d9d4edf8ade02fce8d6f07ac1e7398dba5b6ad4f5 |
| SHA512 | 4eccd006659cbc7eb20564511e36c259bc6201f006b6878459f513a9e9dec7ec80478fc39f70c59d1c5ae75d2a54e2bef210917d410a4777839fe01aa957486e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000a8
| MD5 | 5a4a3f087756bcc70d1b5ba3071b18bd |
| SHA1 | 0af45720626ff6fc20825426b801a07105fd2814 |
| SHA256 | a47c4a48c14c849d7aae7768f7ac571ba7c55d3efa70283e0c7528dc6221e878 |
| SHA512 | dc3cf82c4c1cf7c1e10bf5825a6f3c6d8e6308ead565ba8333e2887e383600bc4c5315e183c6c052523d1244edd638df98360b3c753d00dfaeaf36c9800384e9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\MANIFEST-000001
| MD5 | d61daa971ba63425a1caa1eaf3d75332 |
| SHA1 | f88698d70aed655c3913320cd5b45fd238cecffc |
| SHA256 | 44577766fb1fbbfe1ac84fb64bd162f2f22ac3b2b3479af7a7b35aae1fcc61d3 |
| SHA512 | 4eeb2bab998a376391b96bba02bd2b7cefd9376499977bc516d8c0879a1f4893e78fdf6a4743df7ba6980b81c7e419c57535a1bcc8fb2fb15299b7366080d14d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\LOG
| MD5 | daf3c2bb7119e334b8a43e35209c8be0 |
| SHA1 | 89db244097aab84efaf28432b9e515949551ae83 |
| SHA256 | 9172965380ac346c8b2d02c5fed2203426dfca75571dda683ae7ff68fece13f1 |
| SHA512 | 8b005b8286bf6a13ca916b29daff52c875950a37a399ea39e81e5cfcb9aeca965c781b25bb081463192ecd55f07f9f57e183692e7c5e04c961b2dd85867fc4a2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\000011.ldb
| MD5 | 2f25a8991b5325cbd23a7a9c1839d0d0 |
| SHA1 | 798fce3f362d5c450c969cdb7e353523fa373ca7 |
| SHA256 | 399a1c72f2705ae8bdefa32a5b0350c198ec212b74042e38bbdb27ae5415aa59 |
| SHA512 | a91017b5ffd52df4d295c316b6086e90dd89877c0538e58329a314d513da91f564d51c2e2385788f7f3521a10057f3149bee6c12c23c567cca91ebdc597595fa |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\000009.log
| MD5 | 1f4ed4e76c1e228bbb59c612d8054c86 |
| SHA1 | 54a5a8347ca4fd7b4abd2edae5c5c409d3254b6e |
| SHA256 | 49c22f7d0a74612e438fa4d665b8abd4b5e62211d42f7c66fafcc597ca21e334 |
| SHA512 | 8ab0dc2c0a0d89ead6760dfe9624fdf5dd410ba545f8b04a53091fb5078cca1fecd5b913fdc3cbf67e8ca55fd601b25bd0f0598e40008d044cfa10d055de6a50 |
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic
| MD5 | f3b25701fe362ec84616a93a45ce9998 |
| SHA1 | d62636d8caec13f04e28442a0a6fa1afeb024bbb |
| SHA256 | b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209 |
| SHA512 | 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3a21912fbb431fcc43239640b248f8e0 |
| SHA1 | dedb1c2c3b76282ab8fdbb73d57a34c721bacbcc |
| SHA256 | 4bf060c9f5ffeb2112ac8a96f6b7ea7dca229ddfe8cef89c2125b97dcde932eb |
| SHA512 | deeea96eccf512db9b5c4ae3863d5c9ecdc339a7ce60ad3b204a0120f8286a779f136deb68a30258d2ba69d59bc575326335cd2597426375b7dfd46267b281dc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 99e598a0afe09e8cb9e9c58f259b993e |
| SHA1 | 2df0228196586ed7c53e63f18b52ceebb2d091d6 |
| SHA256 | 70bd15440a933159050830f6845b9a372f4c225d1c0400f10a67a327cebc3129 |
| SHA512 | 67daa256e08c43a5d9ef5ab0bafac9a9a4d2a356a539d37504ae0e695dbd50fb43056bb62b9fcbb2e543ab4bda8fa5667627b19e7c83cd020bfd960ce2cb9f5c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 6e372b9f64e1a029116500929d0d79ed |
| SHA1 | 6e5eff2d45d5c0c4fde0d7f72f212a787f4163e9 |
| SHA256 | 4a7aabdf0211cbc88ab22d6bc3e15287d19afe555996aafce3a91a34f8a68dfe |
| SHA512 | dbb45415e260173255d0fd9bcbb580ecc749f4293f61363a67a97b6bd757ff8eab90ec1270c84d8f4b28738364778f7b6cb28d944db14db7515667dd8b6971f6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\6bec5bc7-4464-40ba-b8aa-e61093c7ab8b\index-dir\the-real-index
| MD5 | 35bef5b04b13a01f4f86dbec6a183253 |
| SHA1 | bc7716ef970b54ab47ddeaa022169ceb7f00ccdc |
| SHA256 | af31bfcc8efcd0d2f4b334c86375d42f1938721bcf72a937f4c6db6be5a11f90 |
| SHA512 | c08972b2288316b993c4aea74cfb875c6ffc2fe899824e3ca51f97195d15d40f2a4eeeae32738557531304f41399ec8289fe49d856fa0b277d514a823840f844 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\6bec5bc7-4464-40ba-b8aa-e61093c7ab8b\index-dir\the-real-index~RFe600ec9.TMP
| MD5 | ab43db9d0ac87c0f33f14e0415e37587 |
| SHA1 | 6b85adbdec0602f06e2d0b182514569b2db16f8f |
| SHA256 | e6427aa7561afde46c03ad0b30486bb1607be263ca739fd6abdfd215dc915ac8 |
| SHA512 | 37c3877d19eee964f0b42bc9aff17230b7bda321372c1fab49c989457eb172f71cb00b58ec44762a7e54ea7224934a8dc0be301eedb6d19554cdf71d3570ebff |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8d40be6207c8e2dcaaa25774af9def28 |
| SHA1 | 5612b9dd036b546fa1a44cdf0d33d47be82c7d96 |
| SHA256 | 14a955d69768df04f6850e37d2c117745de900326967800b1036db2ff22e48d7 |
| SHA512 | 4922eabea88c8568c1d3f9408e1f2b24ee1c72b5c672fcec8ec710eb2689310110ef0fddd0727133b8a455e3a994b7e4b8f0f387d18d2868cae5e604a0095385 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 32125b2a53cc625c6a4da9072e20ded1 |
| SHA1 | 41714c6f24ab0cf078e46385878214f7123c4652 |
| SHA256 | f96aa8827f641be2e8f67028ad2072d0a64ca7d8de357f2b40a998fd98db54da |
| SHA512 | 1a6c24115f8513fbb206305f494280820c1949703c84553bce1377f8536ab307b2de1335e710ad9534f0f9903f43df7ab12311716af5ac3f447989033e6b27d1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\509e9c9a-220a-4f5f-bbab-6e779e87f4c1\index-dir\the-real-index
| MD5 | 38fe6a7fae8a8d9e1127c4effc1b56bb |
| SHA1 | b557c311cd7c35394669bcb85517fa9081d93f1b |
| SHA256 | 33582d714af9777bc6fd583359a168422b821cd471df0d70132e970582cf5aa1 |
| SHA512 | 65431f17a3792f02d06cb3ff4b8ba53e61152e52f83ab126393434a6cbaf25db1974fc1aeffaff7c980c38af1c602d215cec255e75e0d41d1ee35006e536cc9e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\509e9c9a-220a-4f5f-bbab-6e779e87f4c1\index-dir\the-real-index~RFe604896.TMP
| MD5 | f5f539a592a73b8be0df2a41952aa4ef |
| SHA1 | af89b3950c943f90f4b35ab09144653c0199b020 |
| SHA256 | d70ca574c12564609ef4dc4f1cbd8e9d5e909075130db612b3ff53232694c179 |
| SHA512 | 3b6bd4a3163a923152eb1a153e5f1cefa1edc5914bf25af3c976aaff3ec39807f1e8c03c52d36e27e660da9db320c35d9ca923d80cc5c4c01fd8c9520bf9e08f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | f03dceacbf50d74b4fdadd89ab74b2bc |
| SHA1 | 473ff256659319243add62d64000b28594e83ede |
| SHA256 | 5c7d2ea4c882b3b653d4d77fd9ab5910a10f0d59ae80c4c154d0b67fc3bb8fa8 |
| SHA512 | 82d1e13652af2ed8bd62097bd581dd86f60fe5f53e9161e4f5fa7bbd7c0a7a4194a8cef683e1445f96882909161bf3db10007ebf9e72582064ed54f7e7c73049 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\6\IndexedDB\indexeddb.leveldb\000003.log
| MD5 | 45e4554e2bfc0b5877d25f826d43d720 |
| SHA1 | 4645cd6cd010f70348ca1a377fe1dc1a44c534f2 |
| SHA256 | 419bcd581309f277deb35f20a3a778b3aacfeafec1e3eca856a4bb3f4fd3860b |
| SHA512 | dbd0181df2a2c1012821a5e70f259873cf432fe3aa6227279758c9fe630015a8d51b96c0685b9216bb68940c04fa38e16dee4d7a9b0e5dff0e3fbbc768ebb3b2 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms
| MD5 | fa462b2936214a9bf9acc2452a70eb46 |
| SHA1 | 9f5b731ced13937ca684fdcc7fb767d80d0ef1a3 |
| SHA256 | ef746abeaf34b69e3230d0840f955658a56cb9888871c8397baddcb797689a69 |
| SHA512 | b30578f3c190a90d962b454921c7859e4d024b1e891e554e36ec5612d7e0767e2949c4e64d4b82de2e1329b647ebcd4334d14f7d93e9dccf9c7de64842e8ff71 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms
| MD5 | c9a321cd0d57b351a52988873a213b19 |
| SHA1 | 23cb7efffbd93ccc19b7eea7b1309236b43b1f1c |
| SHA256 | ef225ad7c2861489c2a01b6af6e2f72436bcad158916ad2810eed3a90fe46f0f |
| SHA512 | 7886ceddaf25e57cb788b19d12d63ec8d5e6f81e58eb8200f1c8bb311223474d0d86e68ffba7e3a96b14a1fa48a50a479bb404fd05eca17444b3d635933f4caa |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f48b3a8fd796d757abd1a8df43213f85 |
| SHA1 | e33840e5f4c75afa13ce2063bd6e764f036eeea5 |
| SHA256 | f6bc1fd5e3c883efd71fb7d754722e62e01355c4b5dd10ffd1d778bdf61eea65 |
| SHA512 | fbc116135f6a6105dcfe84ca0cfe8d836ccb6e8bb0f3e159848108d274d307b6396c5cb3c6b2b1a0531efd468d9c742f073019c86fd12e11e8af7eb8699dd539 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000055
| MD5 | 7c702451150c376ff54a34249bceb819 |
| SHA1 | 3ab4dc2f57c0fd141456c1cbe24f112adf3710e2 |
| SHA256 | 77d21084014dcb10980c296e583371786b3886f5814d8357127f36f8c6045583 |
| SHA512 | 9f1a79e93775dc5bd4aa9749387d5fa8ef55037ccda425039fe68a5634bb682656a9ed4b6940e15226f370e0111878ecd6ec357d55c4720f97a97e58ece78d59 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 51df4a3f01a91e32f92cd56c12b21fef |
| SHA1 | f43e29895297223e914889523e0b35d794e2af2f |
| SHA256 | e98cd54971d2e870f5cb3920772ed05ebabb7c4deb9e289e3da87a815d24bd11 |
| SHA512 | cca1d32b5379f36e8a0cff904c7a1d6a26efb231f8f913541d4d9951560236c671ea8f7f0a37a6a5119cd34acd2b8ec87aed48c5392de7a092d935dc853777ac |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 9cfa919fcd5c13ebba6cc7fcf7bcdbad |
| SHA1 | 665b778b8ab529036dcc535488ee62cfaca0c990 |
| SHA256 | 25d4e81c6dc18c49c26edb87e631d38a502b110dc7063c66e9c629f3166f9642 |
| SHA512 | 7fb3a4bb6452a4422e1349ba96e537371fa29179ea8b1faf8bc69bada441300c84ef09da02627fc97a1accb791588ce92fa583eeabdc3b7daba3d33c07ad0d81 |
C:\Program Files\7-Zip\7z.exe
| MD5 | b6d5860f368b28caa9dd14a51666a5cd |
| SHA1 | db96d4b476005a684f4a10480c722b3d89dde8a5 |
| SHA256 | e2ca3ec168ae9c0b4115cd4fe220145ea9b2dc4b6fc79d765e91f415b34d00de |
| SHA512 | d2bb1d4f194091fc9f3a2dd27d56105e72c46db19af24b91af84e223ffcc7fec44b064bf94b63876ee7c20d40c45730b61aa6b1e327947d6fb1633f482daa529 |
C:\Program Files\7-Zip\Uninstall.exe
| MD5 | e03115ee7530777231a0051667ab23d3 |
| SHA1 | 5ded32077cda52b5527f75017552a598b0523db7 |
| SHA256 | cccf6f489961bb78c5c4baecd964442b14593799403e2b6e4d50082c3e64803a |
| SHA512 | 053f81c647b55df05bef067f26be1d25b44cdd1d5a59c4341904f0b9173a1ad6cc3209035ed4782626b150f090f52276c7d99e77eaf108b2fed52f2179e959ee |
C:\Program Files\7-Zip\7zG.exe
| MD5 | d882650163a8f79c52e48aa9035bacbb |
| SHA1 | 9518c39c71af3cc77d7bbb1381160497778c3429 |
| SHA256 | 07a6236cd92901b459cd015b05f1eeaf9d36e7b11482fcfd2e81cd9ba4767bff |
| SHA512 | 8f4604d086bf79dc8f4ad26db2a3af6f724cc683fae2210b1e9e2adf074aad5b11f583af3c30088e5c186e8890f8ddcf32477130d1435c6837457cf6ddaa7ca1 |
C:\Program Files\7-Zip\7zFM.exe
| MD5 | 4eaae49d718451ec5442d4c8ef42b88b |
| SHA1 | bbac4f5d69a0a778db567e6978d4dabf2d763167 |
| SHA256 | dc4fdcd96efe7b41e123c4cba19059162b08449627d908570b534e7d6ec7bf58 |
| SHA512 | 41595b67c8506c054c28ce2b5dec9d304651449464c6e1eb092a049d49326594584900cff4e9b8210ca3ad8a23e9c22d8df1ae8af15f44a69f784cc546fcced3 |
memory/2344-2689-0x0000000008430000-0x0000000008440000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 09f055f6d19b94dab7ff2f56721b79c3 |
| SHA1 | 789293620f88869b29a46ee4d1cde606207f71b5 |
| SHA256 | f9c19b793f2d44001a737ea1efbfd3cd9a632ba5c8f5892159b1dbc16617a1d9 |
| SHA512 | 8bf73987e8001208939c1c81b55bdc7e9f35cf45885eb341bdb180c2473098f1542f98039ff8a4b33d718f03bb2093f7851e6414ad440882330827d7a600cc8a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d4356f7dae8944ed1cf051a4d946a08d |
| SHA1 | 2b7e6c6ea68019ed42e0f595f25939b7e2a5816a |
| SHA256 | 180a8fc4b17668f8de3f4470878f35846b31a83c2a70faea744c3eae13dfbc0e |
| SHA512 | cf39ae46e9e03d4e77c51ff6c5d7ab07fa9f4d2b0d6b8fc79e975ddb7ab4bffabc441fb94efda5cb24db2e30d1de3f5e2193a72924236767d026a8cd8175d35a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Shared Dictionary\cache\4a4b2231e13b3d27_0
| MD5 | b0fc75ca1530cda3a821e638daeb8bfe |
| SHA1 | e0712fe8d4d7dea71b9a09303bb096427b61c67b |
| SHA256 | 990466c9e801e13ea37abe6e9c9d1c137e25647a0183424ab743d8b43e106371 |
| SHA512 | 35f3604c749cb4706e58a77a38a9d6c422b6266205e3ec3ac5737200c11cbee95feca78f85963f29f10acff794ccbafcba9be3e9f9f8be99b623a5a9940e72cb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 66cef5d9afbee1d9dde948f96bc2d846 |
| SHA1 | 20229ab00dc66cffaaba3ece6702686250c71785 |
| SHA256 | 352fda36df7662122064747fbdad7a0f22c38081585a0eff69de0b03250364e6 |
| SHA512 | b6e437e085ff7d3a95f5e0ed6f6ce676075a64a6a22c0fbbea231941987236e435f3343a82f9c8b397ef49e792e8275e8ee353c01d15467bd5a38f99a4a21a57 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2b7738dc07fa81d6e0f3a5cb72df4748 |
| SHA1 | 0aed720568f51b8c5803d7acbe5a6c3ab3cbb519 |
| SHA256 | 343e5943e73dd9eae31b329189b46430b0da607d134a240d1cd137381663a3f6 |
| SHA512 | 99faa707330574479fbf0b92d3fd76e5aaafbd3e9b639d0b0661e95917fa4b1cb89bb19b70565950ae47d3aeb826687faa6a5538614f5cdebaa441b69cb5155c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 94eb221b610013df3260c71512e80b8b |
| SHA1 | 5da83f3d7c7cbf4cada4b2d7bf8aa305f75bbea5 |
| SHA256 | 40856d84489f190a9158e43f5963dfe30e7881c30dac56b4174cf879dde0e3b4 |
| SHA512 | a1d9e1d9ef78f77a3acca2c93ecae3343c5e080a91188c3f7c34edb84db75c10c1520ec3ea74dd9d5d3283a19ac6118e8d8bcb7efef5945a0dcd8288afd4ba70 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 39fa2eeeb1f6da0d12e48980edf5dfcb |
| SHA1 | 37ce2af8aabd0225108830d50e742bc8dc2cabf1 |
| SHA256 | 8348f0ccba81a5d44ec23ff997d54318f5242c8362a36c5998c007c47465e867 |
| SHA512 | 0b6bb09c30e02149155fcf1d1958fdb8247b229d9c774cde158522d2dd273bbe23f2ea4982746eed1fc917de36507008979e6c1de3dada995f5751810d7ec66a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 894b38049b6e37bfc25be858967ca0d9 |
| SHA1 | c91652b13f763650f707c1876ce2b5fa8c71aea6 |
| SHA256 | 15313984032a6a243dfc80dbb931ec910fbad10b15425b90a778135b499e496d |
| SHA512 | 2fa3a5998a9e018fd65c79ada03cce0bb9b531d0bce1684bc841ecc47af985b2bb9ec96e90d469333b293f6543a249082be37c4c667b4ac73c8e5ab0a515e00e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 686dc890932684f11699a36a5cbbcbb1 |
| SHA1 | 99ff63273f7cd529da1d4542198b8242ced15b09 |
| SHA256 | 32709b372e8d409d422ddcd501954742eab1fdb79cc4cf45f94dafd8dc3872d9 |
| SHA512 | 3b53425e5bfb840ed8e0f06f187b3cc8e64a7b6bf39504bd8f847c42224145eea99e49041b7ec07ad639369e3549d2198a4e6395fdee8a97ef95a5f3dfbb7e5f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | eadeb2219bbfe65c9bb7cf5597663efe |
| SHA1 | 2e8f3a8d289953e49e57e6209a701bf4a46eca70 |
| SHA256 | acec13fd8824e3ecd2bd1b0aa2705e2eee8246861c2666296562586a95907187 |
| SHA512 | 099b9631bbe4b821654845f24d93aae4a76a3313a0142c01f0556f91ee44757a028a185a62683168f0945e54ce67fde9b7aed3edc68e0490fcc18f3fa8d0343a |
memory/4328-3028-0x0000000000400000-0x0000000000427000-memory.dmp
memory/4328-3029-0x0000000000400000-0x0000000000425000-memory.dmp
memory/4328-3033-0x0000000000400000-0x0000000000425000-memory.dmp
memory/4328-3032-0x0000000000400000-0x0000000000425000-memory.dmp
memory/4328-3031-0x0000000000400000-0x0000000000425000-memory.dmp
memory/4328-3030-0x0000000000400000-0x0000000000425000-memory.dmp
memory/4328-3036-0x0000000000400000-0x0000000000425000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 659c46b4fc94f02ff4665a4f54cf6670 |
| SHA1 | 69e7ea0ba32ea79737a10612635042eaf13004b0 |
| SHA256 | 060860b935d97b16ed0640aeac1f1deaae708b36279a3f3692b95d494ae37e7d |
| SHA512 | 6d6f586b1847748cbb5403f630b37a249ae3392350023c9452a15b0af3886989b77a7710832e5119aa7172cfd1981b633bb66c9f9ba1c06ab0cc53720666c59d |
C:\Users\Admin\AppData\Local\Temp\~TM1BE.tmp
| MD5 | 1cf5669feb127f89f57e8e9d9ac11409 |
| SHA1 | d8aaccbbef08cde0161bfbc0f6b7b1e8a1c43d42 |
| SHA256 | 35f8d721f246ae3e19d204f9bcab3237448ed906a25bba14e7016e5cdd2fc2ce |
| SHA512 | 7ebf6cc1a5a0d1ad89666af09bbdd947c02fcb933aeb72c8aff1a378582e38e5c816f806afe87038f10215c3c6c11e50f3226146ba3358e4d6005553cf373b08 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | eca3f707ca328c38adb0c90c89c7bcac |
| SHA1 | 2602dee1591fd93e6d5a162d4ae472025002acd6 |
| SHA256 | 2c183f0bb818efc9d88de79d568371ceb1d8b3ceeb56298098553551d9cf9322 |
| SHA512 | 828da784610e72ee8a8d3cd32fbf1bb4d2da8e0b3344d419f7ca259560af106c2ae1a0c8d45e8be62ec14178b9d6cad8de1505a73bdbbc808f8f6a19d9a725a6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | a4a0debfe2f2689048e7d8353341a1ea |
| SHA1 | 0ce8d036ab3cedb1fb5b7aa7ae2cb5f74627535a |
| SHA256 | 1b0fa86979d06e4d69ca2144d58fcdfd5efebf13cda67cb74e4ea89c9318bb7d |
| SHA512 | bd2f4e16c6ec2b793f2b9f45bb9aa7c741a747536dd9e4ce87d1ef8d5f3d0d2bd0b3ed54c694e1a3f6d02076676f2a175b6c3b75e9ea7af283c4c1d5b578d3f1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b4ea3d5079cd2605ed75556a6e57f1af |
| SHA1 | 3a6242fabdbc86f660449876512d615c24d69cdf |
| SHA256 | b1b54beff56254aacfb5332787dae0e41abb2641da010158b373f7d2304cbcc6 |
| SHA512 | e3886f1ae15c945ca61c9b9d2e5b5869345529c0d6b29b8ba12cb447d44bc5fecae1e729292d03f8e777f1e0dd7c5e16e023d13a88d6f0dd75b4e5797c1349eb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000c3
| MD5 | 21f277f6116e70f60e75b5f3cdb5ad35 |
| SHA1 | 8ad28612e051b29f15335aaa10b58d082df616a9 |
| SHA256 | 1537b0c18a7facad4bdfa9ae3ec84095c91467aa5cfc1d8af2724909703c2fe4 |
| SHA512 | e619f92b1ec91e467e4b11d5ad25c99b62c7216f9da81c159ae0c9ef3f9e75f48dde7bad09ee38727b5a14b827f3b813c196504057708cbfaf4bc67dbd032816 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000c4
| MD5 | 5af6e20a3cb8fd7d6e9290d8b45d7626 |
| SHA1 | 01c5780d7a66c32906dcb51b62be20758e9cb019 |
| SHA256 | ef190557c15544c885d697097b9abcf38d7061c84f4ffd2cbfbdbf1a9e30cc50 |
| SHA512 | f634abfca30021a6688bdf50860a5509d69800375fc847d36cb948508d8636118b8a5b6126f4c54d45076e0135b4af54d813602d5b3a87f690487c6f3009fbc6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000c2
| MD5 | 531b945c783da57a8e6169a179367ed2 |
| SHA1 | 9b76921414abaf64e4f4f7d7eeeaee45090f8712 |
| SHA256 | f1f68df4fe7f8d1febbccd47b5b14d4d5a00b008e1d5a8ecf07f874c75d35cc9 |
| SHA512 | a21dac2a2d3d2f8694e55fb920ca9fd15b8fb3b58255e2729f7fb88e0cb7aa153f5e667237b4ad4a4d9a402c226fde539194bbbcd57e9229857d8e5278dd6041 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000c7
| MD5 | b15fe82b3220751c7563df73e9e6fbc8 |
| SHA1 | 5933edf186e8595438ab8a830b863b65e35e9e37 |
| SHA256 | 709b480ac69bf8352991fa0483d563e132cc5806429e3eaed8c3848a2b1bdd9e |
| SHA512 | c520ec05edf481dfac365bb075d516db056f076e55a8c298a20879e519a14050578950c1c784126e62aaa3592b42d4b3b91bb76c0e6e0fafddc21fa4d754919e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000c8
| MD5 | 880f40f23fce13eee9c52b71ddf6665b |
| SHA1 | 4a65d88ead3773649595656848c46e017f5ca414 |
| SHA256 | 11ade2ea70ea5f66a8a46c1e5f2b3699f649b03b8f5c1e7a908b308eb5bc2cf0 |
| SHA512 | 65decf167c5ce3af8c6252d2b80bbde245a2d0a1b1ae3cdf24fdfa345a60e0d206593b78e6e6407dc55e1feaad87cd30bdbb88d8034d94fa4b053a3eb6462798 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000c5
| MD5 | 69bdac1bdb8253f5f336736ca229c087 |
| SHA1 | b83471da9d34c3e39b1720c52dc330b37c2cc654 |
| SHA256 | cdb9e82f58bbaf31ff23f67fd6aeeab12aeb46a7fa0d527e883b6fff7ffb1371 |
| SHA512 | 3549ac5ed9a61d3a9718698868d23bedeef7f6a5f13ef508c19d240119d3f274069f38724e6d6d580573a0107668690bb38f9d0c45bcb35d8fe3834f226da299 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000bb
| MD5 | b78c208c87201efefbde1b05e311fe3f |
| SHA1 | 438bab4f023ecbc7d3d136b01966930823587804 |
| SHA256 | f6c6a469101626531293f2a4c594e86f5b8a620b9d351278d10b061e6b2b62fa |
| SHA512 | 09dd8ee68af111edebc0826a1de3bb525607828c97c377da2098522c2218bcbcbdf2eac6f58296409100a5985770f524fe5ce53fed3f6baa119b0c0eeebe1720 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000c6
| MD5 | ee7523e6a016c3281ec22a1943f8d6fc |
| SHA1 | ebd34e289ff772c59e801bd343cc49c1d03ae3fb |
| SHA256 | e3ba81a0ffb714577ba2b5dcb57ab14d1977d6571113c4612e8cc99e16266d23 |
| SHA512 | 7e48a17f609bc0c15c3a06007b64f1a4782ec563c655accbb1c44b7b648b3fdcd86ba3cb666a293e6c9a1552fb3e044047b60efba8d76c8487224556ba1ca2d4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000be
| MD5 | fef291823f143f0b6ab87ee2a459746b |
| SHA1 | 6f670fb5615157e3b857c1af70e3c80449c021aa |
| SHA256 | 2ccc2b4c56b1bc0813719c2ded1ef59cff91e7aeb5d1f3a62058bb33772b24be |
| SHA512 | cf28068cc1c1da29583c39d06f21ffa67f2b9a9c4a23e22cbfe98aacae6ddc3dde1f8dab7eaef371dc0a2230d21cc8fd41653fc5d812b14c389e07f5ef7fd5c4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 36797c36af0429edb7c6388eb1e46246 |
| SHA1 | 3c2d23f21cdaf9822e6d782165653ce2e163b4a4 |
| SHA256 | 9e9e5fdc92377465a7aa1a77e846907e4a5ab2b3c036d7db8fffb392e1cdc150 |
| SHA512 | e555b2c76e6e70942016665eda02642b2fd57ee9a65e6e90a29a96ac9bcd79d1c027f618b7cbd957eb8016dbdac59f50b381eb1ea9f5db99a3b3b8332dcb5718 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 50cbeefdd60489e7b40b1cbaccb4f1e6 |
| SHA1 | 1c418c3c1ed8b39264302f97f753b9f8b307da61 |
| SHA256 | 0451d44aad403891722c6db2c3cad8750be696bf6781e2f525f5d0a7bb19fdaf |
| SHA512 | a73268ef8b14622b86d87a608fcdfaf5141f0b6500b139f55869a378b7bab59ad2ce68822e5b80f8c500982a5f93a0514391315a229ecefb133ecaf8b21d236e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b1e2fa0229548642d17a951d260a71e6 |
| SHA1 | e8b875ea97a5ccfa3ea95b7af0c3db8b30ddbbe0 |
| SHA256 | 7aff67eaf1be4dd80935c78403f5401f775b188b1830e8a40f2ec146f7407a38 |
| SHA512 | 6f4d24e9161e00b417bc51dec115dd7bb03ba0b0fe2207651276489d3690ac5d3e8a832cfb7910b1356c303486d84fd7dd18f05d8acc4603db5181204575da28 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3a560bbef7681a16354d063c090ea03a |
| SHA1 | 996faa20381086af58f9d50cefac33fb4078f7a0 |
| SHA256 | 37a8252d60c3103e382c99073283ef1b148f38bbfa6e02e8742bb0765f5c465c |
| SHA512 | 83012e0c60d59dde691005993bb7ab2b44c687ad640e4a280be279e8d96a5fcaa2904d464a8cdf26ee898b5b6bcfff9205d9cbb68ffafee55b03563b07f36379 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ec4a92307888edb74616792401258b8b |
| SHA1 | 235637b1501f24cd7b21ee6859683ca4e76a1603 |
| SHA256 | c9a26e54d483ab48485524c7be92cb59bdada551f303a3527317c31338bdf12e |
| SHA512 | 8175a84ca75c00cf28ac162a701f711794e0158913c23a90b3eda961472ab7addc56d02349f92b276eb2bbeabf788937d8301a48144bd633f926b71511be966f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | f0958ed59a83ad2afd2fc0673443ad0f |
| SHA1 | c3a76a354d16de2690a96ede8d15c6ab533543ee |
| SHA256 | 98fc38014b8855872b7341b6d9fafb705019a68d56c4ac73c45d4268dc2af466 |
| SHA512 | 953b9c2ae0c3ef6a705bc959d9c42d96da7796d5776f35759bd997fa01eff0edc46fe3a6d1636cb0ae79acc60c73ff71b298cdc2f2001cba60dc689f2511cda4 |
memory/7060-3316-0x00000000000A0000-0x00000000000D2000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | c3c35e791c785c4ad7088736e6ed276e |
| SHA1 | 51bfeedccbe4d017ad00bb8ba7a2a4798cff26e1 |
| SHA256 | 0738ea18a6dd6b61a557de064fabe14de3dc7b8e74238b8acab224a931723ebc |
| SHA512 | 34e7a90f4585030197969d4441cb8b13de5ea91a71066ce2e5e9e217caec00c9dbf852f7ac800503b1e88144ee3c1b6c2557597daacd9c31daba340260382f9d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\DawnGraphiteCache\data_1
| MD5 | 65e2a12d698d554df2933d2546370330 |
| SHA1 | 9f39c5792fd680077fdde6798816345ed13483ae |
| SHA256 | db6b59e53eaf42b4d4b0f22b6d90e138fa260296c704ad96ae0db65de624bb84 |
| SHA512 | ee350cf29dffbfe6475ae7e487ccb78fa14160fbe4ef6c12b3a933636b7f16cc8ac03d49e3cf29d3a9301d837833693fb00fb902c40991c600640d7e61c63674 |