https://discord.gg/yfyUfv

Interactive malware hunting service

General Info

URL: https://discord.gg/yfyUfv

Full analysis: https://app.any.run/tasks/eaf0c6cc-1345-425b-a216-6e287fdb7523

Verdict: Malicious activity

Analysis date: 3/1/2020, 16:59:39

OS:: Windows 7 Professional Service Pack 1 (build: 7601, 32 bit)

Indicators:

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distorted by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

Software environment set and analysis options

Launch configuration

Task duration: 300 seconds

Additional time used: 240 seconds

Fakenet option: off

Heavy Evaision option: off

MITM proxy: off

Route via Tor: off

Network geolocation: off

Privacy: Public submission

Autoconfirmation of UAC: on

Software preset

Internet Explorer 11.0.9600.17843 KB3058515
Adobe Acrobat Reader DC MUI (15.023.20070)
Adobe Flash Player 26 ActiveX (26.0.0.131)
Adobe Flash Player 26 NPAPI (26.0.0.131)
Adobe Flash Player 26 PPAPI (26.0.0.131)
Adobe Refresh Manager (1.8.0)
CCleaner (5.35)
FileZilla Client 3.36.0 (3.36.0)
Google Chrome (75.0.3770.100)
Google Update Helper (1.3.34.7)
Java 8 Update 92 (8.0.920.14)
Java Auto Updater (2.8.92.14)
Microsoft .NET Framework 4.7.2 (4.7.03062)
Microsoft Office Access MUI (English) 2010 (14.0.6029.1000)
Microsoft Office Access MUI (French) 2010 (14.0.4763.1000)
Microsoft Office Access MUI (German) 2010 (14.0.4763.1000)
Microsoft Office Access MUI (Italian) 2010 (14.0.4763.1000)
Microsoft Office Access MUI (Japanese) 2010 (14.0.4763.1000)
Microsoft Office Access MUI (Korean) 2010 (14.0.4763.1000)
Microsoft Office Access MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
Microsoft Office Access MUI (Russian) 2010 (14.0.4763.1000)
Microsoft Office Access MUI (Spanish) 2010 (14.0.4763.1000)
Microsoft Office Access MUI (Turkish) 2010 (14.0.4763.1013)
Microsoft Office Access Setup Metadata MUI (English) 2010 (14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (14.0.6029.1000)
Microsoft Office Excel MUI (French) 2010 (14.0.4763.1000)
Microsoft Office Excel MUI (German) 2010 (14.0.4763.1000)
Microsoft Office Excel MUI (Italian) 2010 (14.0.4763.1000)
Microsoft Office Excel MUI (Japanese) 2010 (14.0.4763.1000)
Microsoft Office Excel MUI (Korean) 2010 (14.0.4763.1000)
Microsoft Office Excel MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
Microsoft Office Excel MUI (Russian) 2010 (14.0.4763.1000)
Microsoft Office Excel MUI (Spanish) 2010 (14.0.4763.1000)
Microsoft Office Excel MUI (Turkish) 2010 (14.0.4763.1013)
Microsoft Office Groove MUI (French) 2010 (14.0.4763.1000)
Microsoft Office Groove MUI (German) 2010 (14.0.4763.1000)
Microsoft Office Groove MUI (Italian) 2010 (14.0.4763.1000)
Microsoft Office Groove MUI (Japanese) 2010 (14.0.4763.1000)
Microsoft Office Groove MUI (Korean) 2010 (14.0.4763.1000)
Microsoft Office Groove MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
Microsoft Office Groove MUI (Russian) 2010 (14.0.4763.1000)
Microsoft Office Groove MUI (Spanish) 2010 (14.0.4763.1000)
Microsoft Office Groove MUI (Turkish) 2010 (14.0.4763.1013)
Microsoft Office IME (Japanese) 2010 (14.0.4763.1000)
Microsoft Office IME (Korean) 2010 (14.0.4763.1000)
Microsoft Office InfoPath MUI (French) 2010 (14.0.4763.1000)
Microsoft Office InfoPath MUI (German) 2010 (14.0.4763.1000)
Microsoft Office InfoPath MUI (Italian) 2010 (14.0.4763.1000)
Microsoft Office InfoPath MUI (Japanese) 2010 (14.0.4763.1000)
Microsoft Office InfoPath MUI (Korean) 2010 (14.0.4763.1000)
Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
Microsoft Office InfoPath MUI (Russian) 2010 (14.0.4763.1000)
Microsoft Office InfoPath MUI (Spanish) 2010 (14.0.4763.1000)
Microsoft Office InfoPath MUI (Turkish) 2010 (14.0.4763.1013)
Microsoft Office Language Pack 2010 - French/Français (14.0.4763.1000)
Microsoft Office Language Pack 2010 - German/Deutsch (14.0.4763.1000)
Microsoft Office Language Pack 2010 - Italian/Italiano (14.0.4763.1000)
Microsoft Office Language Pack 2010 - Japanese/日本語 (14.0.4763.1000)
Microsoft Office Language Pack 2010 - Korean/한국어 (14.0.4763.1000)
Microsoft Office Language Pack 2010 - Portuguese/Português (Brasil) (14.0.4763.1000)
Microsoft Office Language Pack 2010 - Russian/русский (14.0.4763.1000)
Microsoft Office Language Pack 2010 - Spanish/Español (14.0.4763.1000)
Microsoft Office Language Pack 2010 - Turkish/Türkçe (14.0.4763.1013)
Microsoft Office O MUI (French) 2010 (14.0.4763.1000)
Microsoft Office O MUI (German) 2010 (14.0.4763.1000)
Microsoft Office O MUI (Italian) 2010 (14.0.4763.1000)
Microsoft Office O MUI (Japanese) 2010 (14.0.4763.1000)
Microsoft Office O MUI (Korean) 2010 (14.0.4763.1000)
Microsoft Office O MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
Microsoft Office O MUI (Russian) 2010 (14.0.4763.1000)
Microsoft Office O MUI (Spanish) 2010 (14.0.4763.1000)
Microsoft Office O MUI (Turkish) 2010 (14.0.4763.1013)
Microsoft Office OneNote MUI (English) 2010 (14.0.6029.1000)
Microsoft Office OneNote MUI (French) 2010 (14.0.4763.1000)
Microsoft Office OneNote MUI (German) 2010 (14.0.4763.1000)
Microsoft Office OneNote MUI (Italian) 2010 (14.0.4763.1000)
Microsoft Office OneNote MUI (Japanese) 2010 (14.0.4763.1000)
Microsoft Office OneNote MUI (Korean) 2010 (14.0.4763.1000)
Microsoft Office OneNote MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
Microsoft Office OneNote MUI (Russian) 2010 (14.0.4763.1000)
Microsoft Office OneNote MUI (Spanish) 2010 (14.0.4763.1000)
Microsoft Office OneNote MUI (Turkish) 2010 (14.0.4763.1013)
Microsoft Office Outlook MUI (English) 2010 (14.0.6029.1000)
Microsoft Office Outlook MUI (French) 2010 (14.0.4763.1000)
Microsoft Office Outlook MUI (German) 2010 (14.0.4763.1000)
Microsoft Office Outlook MUI (Italian) 2010 (14.0.4763.1000)
Microsoft Office Outlook MUI (Japanese) 2010 (14.0.4763.1000)
Microsoft Office Outlook MUI (Korean) 2010 (14.0.4763.1000)
Microsoft Office Outlook MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
Microsoft Office Outlook MUI (Russian) 2010 (14.0.4763.1000)
Microsoft Office Outlook MUI (Spanish) 2010 (14.0.4763.1000)
Microsoft Office Outlook MUI (Turkish) 2010 (14.0.4763.1013)
Microsoft Office PowerPoint MUI (English) 2010 (14.0.6029.1000)
Microsoft Office PowerPoint MUI (French) 2010 (14.0.4763.1000)
Microsoft Office PowerPoint MUI (German) 2010 (14.0.4763.1000)
Microsoft Office PowerPoint MUI (Italian) 2010 (14.0.4763.1000)
Microsoft Office PowerPoint MUI (Japanese) 2010 (14.0.4763.1000)
Microsoft Office PowerPoint MUI (Korean) 2010 (14.0.4763.1000)
Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
Microsoft Office PowerPoint MUI (Russian) 2010 (14.0.4763.1000)
Microsoft Office PowerPoint MUI (Spanish) 2010 (14.0.4763.1000)
Microsoft Office PowerPoint MUI (Turkish) 2010 (14.0.4763.1013)
Microsoft Office Professional 2010 (14.0.6029.1000)
Microsoft Office Proof (Arabic) 2010 (14.0.4763.1000)
Microsoft Office Proof (Basque) 2010 (14.0.4763.1000)
Microsoft Office Proof (Catalan) 2010 (14.0.4763.1000)
Microsoft Office Proof (Dutch) 2010 (14.0.4763.1000)
Microsoft Office Proof (English) 2010 (14.0.6029.1000)
Microsoft Office Proof (French) 2010 (14.0.6029.1000)
Microsoft Office Proof (Galician) 2010 (14.0.4763.1000)
Microsoft Office Proof (German) 2010 (14.0.4763.1000)
Microsoft Office Proof (Italian) 2010 (14.0.4763.1000)
Microsoft Office Proof (Japanese) 2010 (14.0.4763.1000)
Microsoft Office Proof (Korean) 2010 (14.0.4763.1000)
Microsoft Office Proof (Portuguese (Brazil)) 2010 (14.0.4763.1000)
Microsoft Office Proof (Russian) 2010 (14.0.4763.1000)
Microsoft Office Proof (Spanish) 2010 (14.0.6029.1000)
Microsoft Office Proof (Turkish) 2010 (14.0.4763.1013)
Microsoft Office Proof (Ukrainian) 2010 (14.0.4763.1000)
Microsoft Office Proofing (English) 2010 (14.0.6029.1000)
Microsoft Office Proofing (French) 2010 (14.0.4763.1000)
Microsoft Office Proofing (German) 2010 (14.0.4763.1000)
Microsoft Office Proofing (Italian) 2010 (14.0.4763.1000)
Microsoft Office Proofing (Japanese) 2010 (14.0.4763.1000)
Microsoft Office Proofing (Korean) 2010 (14.0.4763.1000)
Microsoft Office Proofing (Portuguese (Brazil)) 2010 (14.0.4763.1000)
Microsoft Office Proofing (Russian) 2010 (14.0.4763.1000)
Microsoft Office Proofing (Spanish) 2010 (14.0.4763.1000)
Microsoft Office Proofing (Turkish) 2010 (14.0.4763.1013)
Microsoft Office Publisher MUI (English) 2010 (14.0.6029.1000)
Microsoft Office Publisher MUI (French) 2010 (14.0.4763.1000)
Microsoft Office Publisher MUI (German) 2010 (14.0.4763.1000)
Microsoft Office Publisher MUI (Italian) 2010 (14.0.4763.1000)
Microsoft Office Publisher MUI (Japanese) 2010 (14.0.4763.1000)
Microsoft Office Publisher MUI (Korean) 2010 (14.0.4763.1000)
Microsoft Office Publisher MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
Microsoft Office Publisher MUI (Russian) 2010 (14.0.4763.1000)
Microsoft Office Publisher MUI (Spanish) 2010 (14.0.4763.1000)
Microsoft Office Publisher MUI (Turkish) 2010 (14.0.4763.1013)
Microsoft Office SharePoint Designer MUI (French) 2010 (14.0.4763.1000)
Microsoft Office SharePoint Designer MUI (German) 2010 (14.0.4763.1000)
Microsoft Office SharePoint Designer MUI (Italian) 2010 (14.0.4763.1000)
Microsoft Office SharePoint Designer MUI (Japanese) 2010 (14.0.4763.1000)
Microsoft Office SharePoint Designer MUI (Korean) 2010 (14.0.4763.1000)
Microsoft Office SharePoint Designer MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
Microsoft Office SharePoint Designer MUI (Russian) 2010 (14.0.4763.1000)
Microsoft Office SharePoint Designer MUI (Spanish) 2010 (14.0.4763.1000)
Microsoft Office SharePoint Designer MUI (Turkish) 2010 (14.0.4763.1013)
Microsoft Office Shared MUI (English) 2010 (14.0.6029.1000)
Microsoft Office Shared MUI (French) 2010 (14.0.4763.1000)
Microsoft Office Shared MUI (German) 2010 (14.0.4763.1000)
Microsoft Office Shared MUI (Italian) 2010 (14.0.4763.1000)
Microsoft Office Shared MUI (Japanese) 2010 (14.0.4763.1000)
Microsoft Office Shared MUI (Korean) 2010 (14.0.4763.1000)
Microsoft Office Shared MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
Microsoft Office Shared MUI (Russian) 2010 (14.0.4763.1000)
Microsoft Office Shared MUI (Spanish) 2010 (14.0.4763.1000)
Microsoft Office Shared MUI (Turkish) 2010 (14.0.4763.1013)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (14.0.6029.1000)
Microsoft Office Single Image 2010 (14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (14.0.6029.1000)
Microsoft Office Word MUI (French) 2010 (14.0.4763.1000)
Microsoft Office Word MUI (German) 2010 (14.0.4763.1000)
Microsoft Office Word MUI (Italian) 2010 (14.0.4763.1000)
Microsoft Office Word MUI (Japanese) 2010 (14.0.4763.1000)
Microsoft Office Word MUI (Korean) 2010 (14.0.4763.1000)
Microsoft Office Word MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
Microsoft Office Word MUI (Russian) 2010 (14.0.4763.1000)
Microsoft Office Word MUI (Spanish) 2010 (14.0.4763.1000)
Microsoft Office Word MUI (Turkish) 2010 (14.0.4763.1013)
Microsoft Office X MUI (French) 2010 (14.0.4763.1000)
Microsoft Office X MUI (German) 2010 (14.0.4763.1000)
Microsoft Office X MUI (Italian) 2010 (14.0.4763.1000)
Microsoft Office X MUI (Japanese) 2010 (14.0.4763.1000)
Microsoft Office X MUI (Korean) 2010 (14.0.4763.1000)
Microsoft Office X MUI (Portuguese (Brazil)) 2010 (14.0.4763.1000)
Microsoft Office X MUI (Russian) 2010 (14.0.4763.1000)
Microsoft Office X MUI (Spanish) 2010 (14.0.4763.1000)
Microsoft Office X MUI (Turkish) 2010 (14.0.4763.1013)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (10.0.40219)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (12.0.30501.0)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (12.0.21005)
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (12.0.21005)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.21.27702 (14.21.27702.2)
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.21.27702 (14.21.27702)
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.21.27702 (14.21.27702)
Mozilla Firefox 68.0.1 (x86 en-US) (68.0.1)
Notepad++ (32-bit x86) (7.5.1)
Opera 12.15 (12.15.1748)
Skype version 8.29 (8.29)
Update for Microsoft .NET Framework 4.7.2 (KB4087364) (1)
VLC media player (2.2.6)
WinRAR 5.60 (32-bit) (5.60.0)

Hotfixes

Client LanguagePack Package
Client Refresh LanguagePack Package
CodecPack Basic Package
Foundation Package
IE Hyphenation Parent Package English
IE Spelling Parent Package English
IE Troubleshooters Package
InternetExplorer Optional Package
InternetExplorer Package TopLevel
KB2533623
KB2534111
KB2639308
KB2729094
KB2731771
KB2786081
KB2834140
KB2882822
KB2888049
KB2999226
KB4019990
KB976902
LocalPack AU Package
LocalPack CA Package
LocalPack GB Package
LocalPack US Package
LocalPack ZA Package
PlatformUpdate Win7 SRV08R2 Package TopLevel
ProfessionalEdition
UltimateEdition

Behavior activities

MALICIOUS	SUSPICIOUS	INFO
No malicious indicators.	Modifies files in Chrome extension folder chrome.exe (PID: 3236)	Creates files in the user directory chrome.exe (PID: 3236) Reads Internet Cache Settings chrome.exe (PID: 3236) Reads the hosts file chrome.exe (PID: 2948) chrome.exe (PID: 3236) Application launched itself chrome.exe (PID: 3236)

MALICIOUS

SUSPICIOUS

INFO

No malicious indicators.

Modifies files in Chrome extension folder

chrome.exe (PID: 3236)

Creates files in the user directory

chrome.exe (PID: 3236)

Reads Internet Cache Settings

chrome.exe (PID: 3236)

Reads the hosts file

chrome.exe (PID: 2948)
chrome.exe (PID: 3236)

Application launched itself

chrome.exe (PID: 3236)

Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report

Screenshots

Screenshot of unknown taken from 16366 ms from task started

Screenshot of unknown taken from 17379 ms from task started

Screenshot of unknown taken from 18394 ms from task started

Screenshot of unknown taken from 19395 ms from task started

Screenshot of unknown taken from 20396 ms from task started

Screenshot of unknown taken from 21398 ms from task started

Screenshot of unknown taken from 22399 ms from task started

Screenshot of unknown taken from 23401 ms from task started

Screenshot of unknown taken from 24402 ms from task started

Screenshot of unknown taken from 25403 ms from task started

Screenshot of unknown taken from 26404 ms from task started

Screenshot of unknown taken from 27404 ms from task started

Screenshot of unknown taken from 28405 ms from task started

Screenshot of unknown taken from 29409 ms from task started

Screenshot of unknown taken from 30409 ms from task started

Screenshot of unknown taken from 31419 ms from task started

Screenshot of unknown taken from 32422 ms from task started

Screenshot of unknown taken from 33425 ms from task started

Screenshot of unknown taken from 34434 ms from task started

Screenshot of unknown taken from 35443 ms from task started

Screenshot of unknown taken from 36444 ms from task started

Screenshot of unknown taken from 37470 ms from task started

Screenshot of unknown taken from 38473 ms from task started

Screenshot of unknown taken from 39486 ms from task started

Screenshot of unknown taken from 41487 ms from task started

Screenshot of unknown taken from 44529 ms from task started

Screenshot of unknown taken from 46530 ms from task started

Screenshot of unknown taken from 47531 ms from task started

Screenshot of unknown taken from 48534 ms from task started

Screenshot of unknown taken from 49542 ms from task started

Screenshot of unknown taken from 50560 ms from task started

Screenshot of unknown taken from 51580 ms from task started

Screenshot of unknown taken from 52581 ms from task started

Screenshot of unknown taken from 53582 ms from task started

Screenshot of unknown taken from 54583 ms from task started

Screenshot of unknown taken from 55584 ms from task started

Screenshot of unknown taken from 56584 ms from task started

Screenshot of unknown taken from 57585 ms from task started

Screenshot of unknown taken from 59613 ms from task started

Screenshot of unknown taken from 61614 ms from task started

Screenshot of unknown taken from 62624 ms from task started

Screenshot of unknown taken from 64666 ms from task started

Screenshot of unknown taken from 65669 ms from task started

Screenshot of unknown taken from 66689 ms from task started

Screenshot of unknown taken from 67690 ms from task started

Screenshot of unknown taken from 68691 ms from task started

Screenshot of unknown taken from 69693 ms from task started

Screenshot of unknown taken from 70703 ms from task started

Screenshot of unknown taken from 71704 ms from task started

Screenshot of unknown taken from 73744 ms from task started

Screenshot of unknown taken from 74745 ms from task started

Screenshot of unknown taken from 75746 ms from task started

Screenshot of unknown taken from 76747 ms from task started

Screenshot of unknown taken from 77776 ms from task started

Screenshot of unknown taken from 78798 ms from task started

Screenshot of unknown taken from 79816 ms from task started

Screenshot of unknown taken from 80830 ms from task started

Screenshot of unknown taken from 82831 ms from task started

Screenshot of unknown taken from 83851 ms from task started

Screenshot of unknown taken from 84852 ms from task started

Screenshot of unknown taken from 86884 ms from task started

Screenshot of unknown taken from 88895 ms from task started

Screenshot of unknown taken from 89895 ms from task started

Screenshot of unknown taken from 90896 ms from task started

Screenshot of unknown taken from 91917 ms from task started

Screenshot of unknown taken from 92921 ms from task started

Screenshot of unknown taken from 93955 ms from task started

Screenshot of unknown taken from 94956 ms from task started

Screenshot of unknown taken from 95956 ms from task started

Screenshot of unknown taken from 96977 ms from task started

Screenshot of unknown taken from 97977 ms from task started

Screenshot of unknown taken from 98979 ms from task started

Screenshot of unknown taken from 99984 ms from task started

Screenshot of unknown taken from 100985 ms from task started

Screenshot of unknown taken from 102019 ms from task started

Screenshot of unknown taken from 107098 ms from task started

Screenshot of unknown taken from 108100 ms from task started

Screenshot of unknown taken from 109101 ms from task started

Screenshot of unknown taken from 110103 ms from task started

Screenshot of unknown taken from 111103 ms from task started

Screenshot of unknown taken from 112106 ms from task started

Screenshot of unknown taken from 113113 ms from task started

Screenshot of unknown taken from 114130 ms from task started

Screenshot of unknown taken from 115131 ms from task started

Screenshot of unknown taken from 116131 ms from task started

Screenshot of unknown taken from 117157 ms from task started

Screenshot of unknown taken from 118188 ms from task started

Screenshot of unknown taken from 119189 ms from task started

Screenshot of unknown taken from 120190 ms from task started

Screenshot of unknown taken from 121218 ms from task started

Screenshot of unknown taken from 124229 ms from task started

Screenshot of unknown taken from 127252 ms from task started

Screenshot of unknown taken from 128282 ms from task started

Screenshot of unknown taken from 129285 ms from task started

Screenshot of unknown taken from 130286 ms from task started

Screenshot of unknown taken from 133327 ms from task started

Screenshot of unknown taken from 136363 ms from task started

Screenshot of unknown taken from 139379 ms from task started

Screenshot of unknown taken from 142384 ms from task started

Screenshot of unknown taken from 146392 ms from task started

Screenshot of unknown taken from 150442 ms from task started

Screenshot of unknown taken from 153476 ms from task started

Screenshot of unknown taken from 156519 ms from task started

Screenshot of unknown taken from 158520 ms from task started

Screenshot of unknown taken from 159529 ms from task started

Screenshot of unknown taken from 161541 ms from task started

Screenshot of unknown taken from 162541 ms from task started

Screenshot of unknown taken from 163552 ms from task started

Screenshot of unknown taken from 165552 ms from task started

Screenshot of unknown taken from 166554 ms from task started

Screenshot of unknown taken from 167554 ms from task started

Screenshot of unknown taken from 168555 ms from task started

Screenshot of unknown taken from 169555 ms from task started

Screenshot of unknown taken from 170567 ms from task started

Screenshot of unknown taken from 171568 ms from task started

Screenshot of unknown taken from 174580 ms from task started

Screenshot of unknown taken from 178597 ms from task started

Screenshot of unknown taken from 181627 ms from task started

Screenshot of unknown taken from 184654 ms from task started

Screenshot of unknown taken from 187655 ms from task started

Screenshot of unknown taken from 191705 ms from task started

Screenshot of unknown taken from 194705 ms from task started

Screenshot of unknown taken from 196707 ms from task started

Screenshot of unknown taken from 199708 ms from task started

Screenshot of unknown taken from 202717 ms from task started

Screenshot of unknown taken from 205735 ms from task started

Screenshot of unknown taken from 206737 ms from task started

Screenshot of unknown taken from 207738 ms from task started

Screenshot of unknown taken from 208739 ms from task started

Screenshot of unknown taken from 209762 ms from task started

Screenshot of unknown taken from 212780 ms from task started

Screenshot of unknown taken from 215802 ms from task started

Screenshot of unknown taken from 216803 ms from task started

Screenshot of unknown taken from 217804 ms from task started

Screenshot of unknown taken from 218804 ms from task started

Screenshot of unknown taken from 219804 ms from task started

Screenshot of unknown taken from 220812 ms from task started

Screenshot of unknown taken from 221813 ms from task started

Screenshot of unknown taken from 223815 ms from task started

Screenshot of unknown taken from 224823 ms from task started

Screenshot of unknown taken from 225823 ms from task started

Screenshot of unknown taken from 226836 ms from task started

Screenshot of unknown taken from 227847 ms from task started

Screenshot of unknown taken from 230866 ms from task started

Screenshot of unknown taken from 233867 ms from task started

Screenshot of unknown taken from 236910 ms from task started

Screenshot of unknown taken from 238920 ms from task started

Screenshot of unknown taken from 239920 ms from task started

Screenshot of unknown taken from 240920 ms from task started

Screenshot of unknown taken from 243949 ms from task started

Screenshot of unknown taken from 247961 ms from task started

Screenshot of unknown taken from 248978 ms from task started

Screenshot of unknown taken from 249978 ms from task started

Screenshot of unknown taken from 250986 ms from task started

Screenshot of unknown taken from 251986 ms from task started

Screenshot of unknown taken from 252987 ms from task started

Screenshot of unknown taken from 253988 ms from task started

Screenshot of unknown taken from 254991 ms from task started

Screenshot of unknown taken from 258004 ms from task started

Screenshot of unknown taken from 261047 ms from task started

Screenshot of unknown taken from 264061 ms from task started

Screenshot of unknown taken from 265062 ms from task started

Screenshot of unknown taken from 266063 ms from task started

Screenshot of unknown taken from 270073 ms from task started

Screenshot of unknown taken from 271074 ms from task started

Screenshot of unknown taken from 273074 ms from task started

Screenshot of unknown taken from 275116 ms from task started

Screenshot of unknown taken from 276135 ms from task started

Screenshot of unknown taken from 277141 ms from task started

Screenshot of unknown taken from 279151 ms from task started

Screenshot of unknown taken from 280159 ms from task started

Screenshot of unknown taken from 282171 ms from task started

Screenshot of unknown taken from 283198 ms from task started

Screenshot of unknown taken from 285228 ms from task started

Screenshot of unknown taken from 286240 ms from task started

Screenshot of unknown taken from 289282 ms from task started

Screenshot of unknown taken from 292344 ms from task started

Screenshot of unknown taken from 295345 ms from task started

Screenshot of unknown taken from 298365 ms from task started

Screenshot of unknown taken from 301396 ms from task started

Screenshot of unknown taken from 304467 ms from task started

Screenshot of unknown taken from 307509 ms from task started

Screenshot of unknown taken from 310545 ms from task started

Screenshot of unknown taken from 313565 ms from task started

Processes

Total processes

Monitored processes

Malicious processes

Suspicious processes

Behavior graph

–

Specs description

Program did not start

Integrity level elevation

Task сontains an error or was rebooted

Process has crashed

Task contains several apps running

Executable file was dropped

Debug information is available

Process was injected

Network attacks were detected

Application downloaded the executable file

Actions similar to stealing personal data

Behavior similar to exploiting the vulnerability

Inspected object has sucpicious PE structure

File is detected by antivirus software

CPU overrun

RAM overrun

Process starts the services

Process was added to the startup

Behavior similar to spam

Low-level access to the HDD

Probably Tor was used

System was rebooted

Connects to the network

Known threat

Process information

Click at the process to see the details.

PID: 3236

CMD: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://discord.gg/yfyUfv"

Path: C:\Program Files\Google\Chrome\Application\chrome.exe

Indicators

Parent process: ––

User: admin

Integrity Level: MEDIUM

Version:

Company: Google LLC

Description: Google Chrome

Version: 75.0.3770.100

Modules

Image
c:\windows\system32\ole32.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\netutils.dll
c:\windows\system32\srvcli.dll
c:\windows\system32\wkscli.dll
c:\windows\system32\samcli.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\uiautomationcore.dll
c:\windows\system32\psapi.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\hid.dll
c:\windows\system32\propsys.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\d3d11.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\credui.dll
c:\windows\system32\ncrypt.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\winusb.dll
c:\windows\system32\msi.dll
c:\windows\system32\wevtapi.dll
c:\windows\system32\gpapi.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\dhcpcsvc6.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\mscms.dll
c:\windows\system32\winsta.dll
c:\windows\system32\wlanapi.dll
c:\windows\system32\wlanutil.dll
c:\windows\system32\mmdevapi.dll
c:\windows\system32\wbem\wbemprox.dll
c:\windows\system32\wbemcomn.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\wpc.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\rpcrtremote.dll
c:\windows\system32\samlib.dll
c:\windows\system32\wbem\wbemsvc.dll
c:\windows\system32\wbem\fastprox.dll
c:\windows\system32\ntdsapi.dll
c:\windows\system32\wbem\wmiutils.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\firewallapi.dll
c:\windows\system32\kbdus.dll
c:\windows\system32\explorerframe.dll
c:\windows\system32\duser.dll
c:\windows\system32\dui70.dll
c:\windows\system32\windowscodecs.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\linkinfo.dll
c:\windows\system32\ehstorshell.dll
c:\windows\system32\wship6.dll
c:\windows\system32\cscui.dll
c:\windows\system32\cscdll.dll
c:\windows\system32\cscapi.dll
c:\windows\system32\ntshrui.dll
c:\windows\system32\slc.dll
c:\windows\system32\imageres.dll
c:\windows\system32\speech\common\sapi.dll
c:\windows\system32\msacm32.dll
c:\windows\system32\msdmo.dll
c:\program files\common files\speechengines\microsoft\tts20\msttsloc.dll
c:\windows\system32\bcryptprimitives.dll
c:\windows\system32\imagehlp.dll
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\wbem\wmiperfinst.dll
c:\windows\system32\pdh.dll
c:\windows\system32\colorui.dll
c:\windows\system32\cryptext.dll
c:\windows\system32\stobject.dll
c:\program files\windows sidebar\sbdrop.dll
c:\program files\notepad++\nppshell_06.dll
c:\windows\system32\syncui.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\webcheck.dll
c:\program files\common files\microsoft shared\ime14\imekr\imkrtip.dll
c:\program files\common files\microsoft shared\ime14\imejp\imjptip.dll
c:\program files\winrar\rarext.dll
c:\program files\microsoft office\office14\olkfstub.dll
c:\progra~1\micros~1\office14\mlshext.dll
c:\program files\microsoft office\office14\onfilter.dll
c:\program files\microsoft office\office14\visshe.dll
c:\program files\common files\microsoft shared\office14\msoshext.dll
c:\program files\microsoft office\office14\msohevi.dll
c:\windows\system32\mf.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_child.dll
c:\windows\system32\winspool.drv
c:\windows\system32\comdlg32.dll
c:\windows\system32\shdocvw.dll
c:\program files\filezilla ftp client\fzshellext.dll
c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
c:\windows\system32\audioses.dll
c:\windows\system32\mssprxy.dll
c:\windows\system32\wshext.dll
c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
c:\windows\system32\avrt.dll
c:\windows\system32\msacm32.drv
c:\windows\system32\wdscore.dll
c:\windows\system32\winshfhc.dll
c:\windows\system32\wdmaud.drv
c:\windows\system32\ksuser.dll
c:\windows\system32\midimap.dll
c:\windows\system32\msisip.dll
c:\windows\system32\windowspowershell\v1.0\pwrshsip.dll
c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
c:\program files\internet explorer\iexplore.exe
c:\windows\system32\dnsapi.dll

PID: 1468

CMD: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=75.0.3770.100 --initial-client-data=0x7c,0x80,0x84,0x78,0x88,0x6fa8a9d0,0x6fa8a9e0,0x6fa8a9ec

Path: C:\Program Files\Google\Chrome\Application\chrome.exe

Indicators: No indicators

Parent process: chrome.exe

User: admin

Integrity Level: MEDIUM

Version:

Company: Google LLC

Description: Google Chrome

Version: 75.0.3770.100

Modules

Image
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\profapi.dll
c:\windows\system32\userenv.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\cryptbase.dll
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll

PID: 1744

CMD: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=3440 --on-initialized-event-handle=324 --parent-handle=328 /prefetch:6

Path: C:\Program Files\Google\Chrome\Application\chrome.exe

Indicators: No indicators

Parent process: chrome.exe

User: admin

Integrity Level: MEDIUM

Version:

Company: Google LLC

Description: Google Chrome

Version: 75.0.3770.100

Modules

Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\ole32.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_watcher.dll

PID: 2524

CMD: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=964,13122921986071910869,16698460852706446142,131072 --enable-features=PasswordImport --gpu-preferences=KAAAAAAAAADgAAAgAQAAAAAAAAAAAGAAAAAAAAAAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --service-request-channel-token=5441031730174990297 --mojo-platform-channel-handle=1036 --ignored=" --type=renderer " /prefetch:2

Path: C:\Program Files\Google\Chrome\Application\chrome.exe

Indicators: No indicators

Parent process: chrome.exe

User: admin

Integrity Level: LOW

Version:

Company: Google LLC

Description: Google Chrome

Version: 75.0.3770.100

Modules

Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\uiautomationcore.dll
c:\windows\system32\psapi.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\wininet.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\mf.dll
c:\windows\system32\atl.dll
c:\windows\system32\mfplat.dll
c:\windows\system32\avrt.dll
c:\windows\system32\ksuser.dll
c:\windows\system32\msmpeg2vdec.dll
c:\windows\system32\evr.dll
c:\windows\system32\powrprof.dll
c:\windows\system32\slc.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\dxva2.dll
c:\windows\system32\d3dcompiler_47.dll
c:\windows\system32\ddraw.dll
c:\windows\system32\dciman32.dll
c:\program files\google\chrome\application\75.0.3770.100\swiftshader\libglesv2.dll
c:\program files\google\chrome\application\75.0.3770.100\swiftshader\libegl.dll

PID: 2948

CMD: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=964,13122921986071910869,16698460852706446142,131072 --enable-features=PasswordImport --lang=en-US --service-sandbox-type=network --service-request-channel-token=1909292167208691508 --mojo-platform-channel-handle=1652 /prefetch:8

Path: C:\Program Files\Google\Chrome\Application\chrome.exe

Indicators

Parent process: chrome.exe

User: admin

Integrity Level: MEDIUM

Version:

Company: Google LLC

Description: Google Chrome

Version: 75.0.3770.100

Modules

Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\uiautomationcore.dll
c:\windows\system32\psapi.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\wininet.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\dhcpcsvc6.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\wship6.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\fwpuclnt.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\gpapi.dll
c:\windows\system32\ncrypt.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\bcryptprimitives.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\cryptnet.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\qwave.dll
c:\windows\system32\wmi.dll
c:\windows\system32\slc.dll
c:\windows\system32\traffic.dll

PID: 3140

CMD: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=964,13122921986071910869,16698460852706446142,131072 --enable-features=PasswordImport --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=17938980516783378516 --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2276 /prefetch:1

Path: C:\Program Files\Google\Chrome\Application\chrome.exe

Indicators: No indicators

Parent process: chrome.exe

User: admin

Integrity Level: LOW

Version:

Company: Google LLC

Description: Google Chrome

Version: 75.0.3770.100

Modules

Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\uiautomationcore.dll
c:\windows\system32\psapi.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\wininet.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID: 3760

CMD: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=964,13122921986071910869,16698460852706446142,131072 --enable-features=PasswordImport --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=6784639170855153679 --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2236 /prefetch:1

Path: C:\Program Files\Google\Chrome\Application\chrome.exe

Indicators: No indicators

Parent process: chrome.exe

User: admin

Integrity Level: LOW

Exit code: 0

Version:

Company: Google LLC

Description: Google Chrome

Version: 75.0.3770.100

Modules

Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\uiautomationcore.dll
c:\windows\system32\psapi.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\wininet.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID: 2828

CMD: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=964,13122921986071910869,16698460852706446142,131072 --enable-features=PasswordImport --lang=en-US --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=11406742444426953001 --renderer-client-id=4 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2572 /prefetch:1

Path: C:\Program Files\Google\Chrome\Application\chrome.exe

Indicators: No indicators

Parent process: chrome.exe

User: admin

Integrity Level: LOW

Exit code: 0

Version:

Company: Google LLC

Description: Google Chrome

Version: 75.0.3770.100

Modules

Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\uiautomationcore.dll
c:\windows\system32\psapi.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\wininet.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID: 3012

CMD: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=964,13122921986071910869,16698460852706446142,131072 --enable-features=PasswordImport --disable-gpu-compositing --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=7057484234475064095 --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3320 /prefetch:1

Path: C:\Program Files\Google\Chrome\Application\chrome.exe

Indicators: No indicators

Parent process: chrome.exe

User: admin

Integrity Level: LOW

Exit code: 0

Version:

Company: Google LLC

Description: Google Chrome

Version: 75.0.3770.100

Modules

Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\uiautomationcore.dll
c:\windows\system32\psapi.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\wininet.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID: 3788

CMD: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=964,13122921986071910869,16698460852706446142,131072 --enable-features=PasswordImport --lang=en-US --service-sandbox-type=utility --service-request-channel-token=8952764914955049673 --mojo-platform-channel-handle=3536 --ignored=" --type=renderer " /prefetch:8

Path: C:\Program Files\Google\Chrome\Application\chrome.exe

Indicators: No indicators

Parent process: chrome.exe

User: admin

Integrity Level: LOW

Exit code: 0

Version:

Company: Google LLC

Description: Google Chrome

Version: 75.0.3770.100

Modules

Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\uiautomationcore.dll
c:\windows\system32\psapi.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\wininet.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID: 3888

CMD: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=964,13122921986071910869,16698460852706446142,131072 --enable-features=PasswordImport --lang=en-US --service-sandbox-type=utility --service-request-channel-token=75859929159994676 --mojo-platform-channel-handle=3712 --ignored=" --type=renderer " /prefetch:8

Path: C:\Program Files\Google\Chrome\Application\chrome.exe

Indicators: No indicators

Parent process: chrome.exe

User: admin

Integrity Level: LOW

Exit code: 0

Version:

Company: Google LLC

Description: Google Chrome

Version: 75.0.3770.100

Modules

Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\winmm.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_child.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\comdlg32.dll
c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
c:\windows\system32\wininet.dll
c:\windows\system32\secur32.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
c:\windows\system32\urlmon.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\usp10.dll
c:\windows\system32\lpk.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\shell32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\userenv.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\msctf.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\uiautomationcore.dll
c:\windows\system32\psapi.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\sspicli.dll

PID: 3044

CMD: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=964,13122921986071910869,16698460852706446142,131072 --enable-features=PasswordImport --lang=en-US --service-sandbox-type=utility --service-request-channel-token=887889071253727822 --mojo-platform-channel-handle=3548 --ignored=" --type=renderer " /prefetch:8

Path: C:\Program Files\Google\Chrome\Application\chrome.exe

Indicators: No indicators

Parent process: chrome.exe

User: admin

Integrity Level: LOW

Exit code: 0

Version:

Company: Google LLC

Description: Google Chrome

Version: 75.0.3770.100

Modules

Image
c:\windows\system32\kernel32.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\user32.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\userenv.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\uiautomationcore.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\wininet.dll
c:\windows\system32\secur32.dll
c:\windows\system32\dhcpcsvc.dll
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_elf.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\profapi.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\psapi.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\cryptbase.dll

PID: 3960

CMD: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=964,13122921986071910869,16698460852706446142,131072 --enable-features=PasswordImport --lang=en-US --service-sandbox-type=utility --service-request-channel-token=2739521017904036287 --mojo-platform-channel-handle=3776 --ignored=" --type=renderer " /prefetch:8

Path: C:\Program Files\Google\Chrome\Application\chrome.exe

Indicators: No indicators

Parent process: chrome.exe

User: admin

Integrity Level: LOW

Exit code: 0

Version:

Company: Google LLC

Description: Google Chrome

Version: 75.0.3770.100

Modules

Image
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_elf.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\uiautomationcore.dll
c:\windows\system32\psapi.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\wininet.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\version.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll

PID: 332

CMD: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=964,13122921986071910869,16698460852706446142,131072 --enable-features=PasswordImport --lang=en-US --service-sandbox-type=utility --service-request-channel-token=6700928424303779505 --mojo-platform-channel-handle=4180 --ignored=" --type=renderer " /prefetch:8

Path: C:\Program Files\Google\Chrome\Application\chrome.exe

Indicators: No indicators

Parent process: chrome.exe

User: admin

Integrity Level: LOW

Exit code: 0

Version:

Company: Google LLC

Description: Google Chrome

Version: 75.0.3770.100

Modules

Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\uiautomationcore.dll
c:\windows\system32\psapi.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\wininet.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID: 1440

CMD: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=964,13122921986071910869,16698460852706446142,131072 --enable-features=PasswordImport --disable-gpu-compositing --lang=en-US --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=9535536443882053417 --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3948 /prefetch:1

Path: C:\Program Files\Google\Chrome\Application\chrome.exe

Indicators: No indicators

Parent process: chrome.exe

User: admin

Integrity Level: LOW

Exit code: 0

Version:

Company: Google LLC

Description: Google Chrome

Version: 75.0.3770.100

Modules

Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\uiautomationcore.dll
c:\windows\system32\psapi.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\wininet.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID: 3592

CMD: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=964,13122921986071910869,16698460852706446142,131072 --enable-features=PasswordImport --lang=en-US --service-sandbox-type=utility --service-request-channel-token=11190818818414258064 --mojo-platform-channel-handle=3976 --ignored=" --type=renderer " /prefetch:8

Path: C:\Program Files\Google\Chrome\Application\chrome.exe

Indicators: No indicators

Parent process: chrome.exe

User: admin

Integrity Level: LOW

Exit code: 0

Version:

Company: Google LLC

Description: Google Chrome

Version: 75.0.3770.100

Modules

Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\uiautomationcore.dll
c:\windows\system32\psapi.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\wininet.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID: 1692

CMD: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=964,13122921986071910869,16698460852706446142,131072 --enable-features=PasswordImport --lang=en-US --service-sandbox-type=utility --service-request-channel-token=486460267773979193 --mojo-platform-channel-handle=4176 --ignored=" --type=renderer " /prefetch:8

Path: C:\Program Files\Google\Chrome\Application\chrome.exe

Indicators: No indicators

Parent process: chrome.exe

User: admin

Integrity Level: LOW

Exit code: 0

Version:

Company: Google LLC

Description: Google Chrome

Version: 75.0.3770.100

Modules

Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\uiautomationcore.dll
c:\windows\system32\psapi.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\wininet.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID: 3292

CMD: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=964,13122921986071910869,16698460852706446142,131072 --enable-features=PasswordImport --lang=en-US --service-sandbox-type=utility --service-request-channel-token=13696103414369470179 --mojo-platform-channel-handle=4012 --ignored=" --type=renderer " /prefetch:8

Path: C:\Program Files\Google\Chrome\Application\chrome.exe

Indicators: No indicators

Parent process: chrome.exe

User: admin

Integrity Level: LOW

Exit code: 0

Version:

Company: Google LLC

Description: Google Chrome

Version: 75.0.3770.100

Modules

Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\uiautomationcore.dll
c:\windows\system32\psapi.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\wininet.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID: 3308

CMD: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=964,13122921986071910869,16698460852706446142,131072 --enable-features=PasswordImport --lang=en-US --service-sandbox-type=utility --service-request-channel-token=9372456397633554818 --mojo-platform-channel-handle=4344 --ignored=" --type=renderer " /prefetch:8

Path: C:\Program Files\Google\Chrome\Application\chrome.exe

Indicators: No indicators

Parent process: chrome.exe

User: admin

Integrity Level: LOW

Exit code: 0

Version:

Company: Google LLC

Description: Google Chrome

Version: 75.0.3770.100

Modules

Image
c:\windows\system32\dbghelp.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\dhcpcsvc.dll
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\uiautomationcore.dll
c:\windows\system32\psapi.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\wininet.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\cryptbase.dll

PID: 2728

CMD: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=964,13122921986071910869,16698460852706446142,131072 --enable-features=PasswordImport --lang=en-US --service-sandbox-type=utility --service-request-channel-token=482100179824928771 --mojo-platform-channel-handle=3636 --ignored=" --type=renderer " /prefetch:8

Path: C:\Program Files\Google\Chrome\Application\chrome.exe

Indicators: No indicators

Parent process: chrome.exe

User: admin

Integrity Level: LOW

Exit code: 0

Version:

Company: Google LLC

Description: Google Chrome

Version: 75.0.3770.100

Modules

Image
c:\windows\system32\kernel32.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_elf.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_child.dll
c:\windows\system32\uiautomationcore.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\nsi.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\userenv.dll
c:\windows\system32\winmm.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\kernelbase.dll
c:\systemroot\system32\ntdll.dll
c:\program files\google\chrome\application\chrome.exe
c:\windows\system32\version.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\profapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\psapi.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\comdlg32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
c:\windows\system32\wininet.dll
c:\windows\system32\secur32.dll
c:\windows\system32\cryptbase.dll

PID: 3616

CMD: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=964,13122921986071910869,16698460852706446142,131072 --enable-features=PasswordImport --lang=en-US --service-sandbox-type=utility --service-request-channel-token=6468108593769511280 --mojo-platform-channel-handle=3644 --ignored=" --type=renderer " /prefetch:8

Path: C:\Program Files\Google\Chrome\Application\chrome.exe

Indicators: No indicators

Parent process: chrome.exe

User: admin

Integrity Level: LOW

Exit code: 0

Version:

Company: Google LLC

Description: Google Chrome

Version: 75.0.3770.100

Modules

Image
c:\windows\system32\kernel32.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_elf.dll
c:\windows\system32\shell32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\winmm.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\uiautomationcore.dll
c:\windows\system32\psapi.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\wininet.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\userenv.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll

PID: 2900

CMD: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=964,13122921986071910869,16698460852706446142,131072 --enable-features=PasswordImport --lang=en-US --service-sandbox-type=utility --service-request-channel-token=4499297319330305927 --mojo-platform-channel-handle=3896 --ignored=" --type=renderer " /prefetch:8

Path: C:\Program Files\Google\Chrome\Application\chrome.exe

Indicators: No indicators

Parent process: chrome.exe

User: admin

Integrity Level: LOW

Exit code: 0

Version:

Company: Google LLC

Description: Google Chrome

Version: 75.0.3770.100

Modules

Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\uiautomationcore.dll
c:\windows\system32\psapi.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\wininet.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID: 2796

CMD: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=964,13122921986071910869,16698460852706446142,131072 --enable-features=PasswordImport --lang=en-US --service-sandbox-type=utility --service-request-channel-token=6104188312403966818 --mojo-platform-channel-handle=3908 --ignored=" --type=renderer " /prefetch:8

Path: C:\Program Files\Google\Chrome\Application\chrome.exe

Indicators: No indicators

Parent process: chrome.exe

User: admin

Integrity Level: LOW

Exit code: 0

Version:

Company: Google LLC

Description: Google Chrome

Version: 75.0.3770.100

Modules

Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\uiautomationcore.dll
c:\windows\system32\psapi.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\wininet.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID: 312

CMD: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=964,13122921986071910869,16698460852706446142,131072 --enable-features=PasswordImport --disable-gpu-compositing --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=7134709073403187155 --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3612 /prefetch:1

Path: C:\Program Files\Google\Chrome\Application\chrome.exe

Indicators: No indicators

Parent process: chrome.exe

User: admin

Integrity Level: LOW

Exit code: 0

Version:

Company: Google LLC

Description: Google Chrome

Version: 75.0.3770.100

Modules

Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\uiautomationcore.dll
c:\windows\system32\psapi.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\wininet.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID: 1024

CMD: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=964,13122921986071910869,16698460852706446142,131072 --enable-features=PasswordImport --disable-gpu-sandbox --use-gl=disabled --gpu-preferences=KAAAAAAAAADgAAAgAQAAAAAAAAAAAGAAAAAAAAAAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --service-request-channel-token=10735218719534702737 --mojo-platform-channel-handle=4488 /prefetch:2

Path: C:\Program Files\Google\Chrome\Application\chrome.exe

Indicators: No indicators

Parent process: chrome.exe

User: admin

Integrity Level: MEDIUM

Exit code: 0

Version:

Company: Google LLC

Description: Google Chrome

Version: 75.0.3770.100

Modules

Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\shell32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\uiautomationcore.dll
c:\windows\system32\psapi.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\wininet.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\mf.dll
c:\windows\system32\atl.dll
c:\windows\system32\mfplat.dll
c:\windows\system32\avrt.dll
c:\windows\system32\ksuser.dll
c:\windows\system32\msmpeg2vdec.dll
c:\windows\system32\evr.dll
c:\windows\system32\powrprof.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\slc.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\dxva2.dll

PID: 3640

CMD: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=964,13122921986071910869,16698460852706446142,131072 --enable-features=PasswordImport --disable-gpu-compositing --lang=en-US --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=4318988243276776454 --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4300 /prefetch:1

Path: C:\Program Files\Google\Chrome\Application\chrome.exe

Indicators: No indicators

Parent process: chrome.exe

User: admin

Integrity Level: LOW

Exit code: 0

Version:

Company: Google LLC

Description: Google Chrome

Version: 75.0.3770.100

Modules

Image
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\uiautomationcore.dll
c:\windows\system32\psapi.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dbghelp.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\webio.dll
c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\wininet.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll
c:\program files\google\chrome\application\chrome.exe
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_elf.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\lpk.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\comdlg32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll

PID: 3552

CMD: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=964,13122921986071910869,16698460852706446142,131072 --enable-features=PasswordImport --disable-gpu-compositing --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=17059305099019219098 --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2120 /prefetch:1

Path: C:\Program Files\Google\Chrome\Application\chrome.exe

Indicators: No indicators

Parent process: chrome.exe

User: admin

Integrity Level: LOW

Exit code: 0

Version:

Company: Google LLC

Description: Google Chrome

Version: 75.0.3770.100

Modules

Image
c:\program files\google\chrome\application\chrome.exe
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\profapi.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\imm32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\iphlpapi.dll
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_elf.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_child.dll
c:\windows\system32\nsi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\psapi.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\wininet.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\uiautomationcore.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
c:\windows\system32\normaliz.dll

PID: 2400

CMD: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=964,13122921986071910869,16698460852706446142,131072 --enable-features=PasswordImport --lang=en-US --no-sandbox --service-request-channel-token=17778064357763175775 --mojo-platform-channel-handle=4332 /prefetch:8

Path: C:\Program Files\Google\Chrome\Application\chrome.exe

Indicators: No indicators

Parent process: chrome.exe

User: admin

Integrity Level: MEDIUM

Exit code: 0

Version:

Company: Google LLC

Description: Google Chrome

Version: 75.0.3770.100

Modules

Image
c:\program files\google\chrome\application\chrome.exe
c:\windows\system32\kernel32.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_elf.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\user32.dll
c:\windows\system32\usp10.dll
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\version.dll
c:\windows\system32\shell32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\psapi.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\comdlg32.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\wininet.dll
c:\windows\system32\secur32.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\propsys.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\twext.dll
c:\windows\system32\cscui.dll
c:\windows\system32\cscdll.dll
c:\windows\system32\cscapi.dll
c:\windows\system32\rpcrtremote.dll
c:\windows\system32\zipfldr.dll
c:\windows\system32\msimg32.dll
c:\windows\system32\windowscodecs.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\ntshrui.dll
c:\windows\system32\srvcli.dll
c:\windows\system32\slc.dll
c:\program files\notepad++\nppshell_06.dll
c:\windows\system32\acppage.dll
c:\windows\system32\sfc.dll
c:\windows\system32\wer.dll
c:\windows\system32\devrtl.dll
c:\windows\system32\netutils.dll
c:\windows\system32\sfc_os.dll
c:\windows\system32\synceng.dll
c:\windows\system32\syncui.dll
c:\windows\system32\linkinfo.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\uiautomationcore.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\dbghelp.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\devobj.dll
c:\windows\system32\shdocvw.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\rsaenh.dll
c:\program files\winrar\rarext.dll
c:\windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll
c:\windows\system32\msi.dll

PID: 3736

CMD: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=964,13122921986071910869,16698460852706446142,131072 --enable-features=PasswordImport --lang=en-US --service-sandbox-type=utility --service-request-channel-token=8057007096369066402 --mojo-platform-channel-handle=3084 --ignored=" --type=renderer " /prefetch:8

Path: C:\Program Files\Google\Chrome\Application\chrome.exe

Indicators: No indicators

Parent process: chrome.exe

User: admin

Integrity Level: LOW

Exit code: 0

Version:

Company: Google LLC

Description: Google Chrome

Version: 75.0.3770.100

Modules

Image
c:\windows\system32\winhttp.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\uiautomationcore.dll
c:\windows\system32\ole32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\msctf.dll
c:\windows\system32\lpk.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\msvcrt.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_elf.dll
c:\windows\system32\kernel32.dll
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\version.dll
c:\windows\system32\user32.dll
c:\windows\system32\usp10.dll
c:\windows\system32\sechost.dll
c:\windows\system32\winmm.dll
c:\windows\system32\profapi.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\dwrite.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\webio.dll
c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\psapi.dll
c:\windows\system32\oleaut32.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_child.dll
c:\windows\system32\shell32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\userenv.dll
c:\windows\system32\imm32.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\comdlg32.dll
c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\wininet.dll
c:\windows\system32\sspicli.dll

PID: 2104

CMD: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=964,13122921986071910869,16698460852706446142,131072 --enable-features=PasswordImport --disable-gpu-compositing --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=7014270315369967893 --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3744 /prefetch:1

Path: C:\Program Files\Google\Chrome\Application\chrome.exe

Indicators: No indicators

Parent process: chrome.exe

User: admin

Integrity Level: LOW

Version:

Company: Google LLC

Description: Google Chrome

Version: 75.0.3770.100

Modules

Image
c:\program files\google\chrome\application\chrome.exe
c:\windows\system32\kernelbase.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\winmm.dll
c:\windows\system32\profapi.dll
c:\windows\system32\msctf.dll
c:\windows\system32\nsi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\uiautomationcore.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\comdlg32.dll
c:\windows\system32\webio.dll
c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
c:\windows\system32\wininet.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\systemroot\system32\ntdll.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_elf.dll
c:\windows\system32\shell32.dll
c:\windows\system32\user32.dll
c:\windows\system32\imm32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\psapi.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\version.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\userenv.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\program files\google\chrome\application\75.0.3770.100\chrome_child.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\dhcpcsvc.dll

Registry activity

Total events

1024

Read events

Write events

Delete events

Modification events

PID

Process

Operation

Key

Name

Value

3236

chrome.exe

delete key

HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings

3236

chrome.exe

delete key

HKEY_CURRENT_USER\Software\Google\Chrome\BrowserExitCodes

3236

chrome.exe

write

HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty

StatusCodes

01000000

3236

chrome.exe

write

HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}

3236

chrome.exe

write

HKEY_CURRENT_USER\Software\Google\Chrome\StabilityMetrics

user_experience_metrics.stability.exited_cleanly

3236

chrome.exe

write

HKEY_CURRENT_USER\Software\Google\Chrome

UsageStatsInSample

3236

chrome.exe

write

HKEY_CLASSES_ROOT\Local Settings\MuiCache\12B\52C64B7E

LanguageList

en-US

3236

chrome.exe

write

HKEY_CLASSES_ROOT\Local Settings\MuiCache\12B\52C64B7E

@%CommonProgramFiles%\SpeechEngines\Microsoft\TTS20\MSTTSLoc.dll,-1033

Microsoft Anna - English (United States)

3236

chrome.exe

write

HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings

ahfgeienlihckogmohjhadlkjgocpleb

15B1C3FE35F29528448F36A72A4DFBC58A8083C7190559D25865779166D220A2

3236

chrome.exe

write

HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings

apdfllckaahabafndbhieahigkjlhalf

49E0FCA6BC590FFDBDF5005D09FEF9C1E28EAA0360CBEE3049239FD42768CFE4

3236

chrome.exe

write

HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings

blpcfgokakmgnkcojhhkbfbldkacnbeo

DE3A28F237FFDFB1E4AC493384E27886BE54EEB7C69E19ABBB6F8CD4053EE9B6

3236

chrome.exe

write

HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings

gfdkimpbcpahaombhbimeihdjnejgicl

D6B079666F209503A09486C70AC09307652A0F7F783166A999B27C99D0DA79E2

3236

chrome.exe

write

HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings

ghbmnnjooekpmoecnnnilnnbdlolhkhi

1F03A1E70C673E7F6AD8AF3BC8F5AE130135C4DE37A02971F0D585F7DCD9BDAD

3236

chrome.exe

write

HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings

kmendfapggjehodndflmmgagdbamhnfd

00175B8120231631976CA8B862A3416996C9373BA3D289F0619DDA992973DDFA

3236

chrome.exe

write

HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings

mfehgcgbbipciphmccgaenjidiccnmng

63355C14E8C7DF9A075F2EDDEA6F2807DC8166B83F96F4C975B9B6554C6324D7

3236

chrome.exe

write

HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings

mhjfbmdgcfjbbpaeojofohoefgiehjai

0E265BFED6F1C7D5F0A9BD790C50BB30E78E959631D51EEBB8BB0DE73E65763C

3236

chrome.exe

write

HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings

neajdppkdcdipfabeoofebfddakdcjhd

04A45240BDA55E8777FA04357712CA6DD942253A21323E4C7D3CCF769B34BFED

3236

chrome.exe

write

HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings

nkeimhogjdpnpccoofpliimaahmaaome

5D58C2FED93EFDED578B006CB02BBB8DEC329128E2D098172E1316CDD15254DC

3236

chrome.exe

write

HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings

nmmhkkegccagdldgiimedpiccmgmieda

23ECD3CF17151ABB09648984D8BB666987923CDCFBB175E83704AF2157D75C99

3236

chrome.exe

write

HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings

pjkljhegncpnkpknbcohdijeoejaedia

7283ABFCD0BCA8650E228F69807430667442B4E6EFE1725AEB90A978F852E3EC

3236

chrome.exe

write

HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings

pkedcjkdefgpdelpbcmbmeomcjbeemfm

1F80AC0F683633E08EC4CE4930EC4267B92B12AA782FA6B57C5349A59BAEF379

3236

chrome.exe

write

HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings

nmmhkkegccagdldgiimedpiccmgmieda

E9B7BAEC7788783F11ACD40D02B5AA9998FEC4DCED8C1546A567F473FC14517B

3236

chrome.exe

write

HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings

pkedcjkdefgpdelpbcmbmeomcjbeemfm

5ACC6E9F0AF045A13A56BC94607BF2DB0BCF0F9674D1017F0DFD55029B193127

3236

chrome.exe

write

HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon

failed_count

3236

chrome.exe

write

HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon

state

3236

chrome.exe

write

HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty

StatusCodes

3236

chrome.exe

write

HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon

state

3236

chrome.exe

write

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}

usagestats

3236

chrome.exe

write

HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}

metricsid

3236

chrome.exe

write

HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}

metricsid_installdate

3236

chrome.exe

write

HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}

metricsid_enableddate

3236

chrome.exe

write

HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}

lastrun

13227555595379250

3236

chrome.exe

write

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap

UNCAsIntranet

3236

chrome.exe

write

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap

AutoDetect

3236

chrome.exe

write

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\Component Categories\{56FFCC30-D398-11D0-B2AE-00A0C908FA49}\Enum

Implementing

1C00000001000000E407030000000100110001000C00190200000000

3236

chrome.exe

write

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings

ProxyEnable

3236

chrome.exe

write

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections

SavedLegacySettings

46000000A1000000010000000000000000000000000000000000000000000000C0E333BBEAB1D301000000000000000000000000020000001700000000000000FE800000000000007D6CB050D9C573F70B000000000000006D00330032005C004D00530049004D004700330032002E0064006C000100000004AA400014AA4000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000C0A8016400000000000000000000000000000000000000000800000000000000805D3F00983740000008000002000000000000600000002060040000B8A94000020000008802000060040000B8A9400004000000F8010000B284000088B64000B84B400043003A000000000000000000000000000000000000000000

3236

chrome.exe

write

HKEY_CURRENT_USER\Software\Google\Common\Rlz\PTimes

23CEB30AEBEFD501

3236

chrome.exe

write

HKEY_CURRENT_USER\Software\Google\Common\Rlz\RLZs

1C1GCEA_enUA812UA812

3236

chrome.exe

write

HKEY_CURRENT_USER\Software\Google\Common\Rlz\RLZs

1C2GCEA_enUA812

3236

chrome.exe

write

HKEY_CURRENT_USER\Software\Google\Common\Rlz\RLZs

1C7GCEA_enUA812

1744

chrome.exe

write

HKEY_CURRENT_USER\Software\Google\Chrome\BrowserExitCodes

3236-13227555594426125

259

2948

chrome.exe

write

HKEY_CLASSES_ROOT\Local Settings\MuiCache\12B\52C64B7E

LanguageList

en-US

2400

chrome.exe

write

HKEY_CLASSES_ROOT\Local Settings\MuiCache\12B\52C64B7E

LanguageList

en-US

Files activity

Executable files

Suspicious files

157

Text files

330

Unknown types

Dropped files

PID

Process

Filename

Type

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\87eaac9a-f001-4fbc-b7cf-371543e825e8.tmp

––

MD5: ––

SHA256: ––

2900

chrome.exe

C:\Users\admin\AppData\Local\Temp\scoped_dir3236_31069\CRX_INSTALL\_locales\bg\messages.json

text

MD5: 7fd8c905eb48cbfad9297f5095160732

SHA256: 1bdf7f4c73b820712111fcafee6cf24166b1391927d512d2491d372fd02415b5

2948

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\e955fc48-c43d-4b89-9471-491f673a58b1.tmp

––

MD5: ––

SHA256: ––

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index

––

MD5: ––

SHA256: ––

2948

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\ceb789ea-9b63-4540-8adc-93101e1f4628.tmp

––

MD5: ––

SHA256: ––

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Safe Browsing\UrlBilling.store_new

––

MD5: ––

SHA256: ––

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Safe Browsing\UrlSuspiciousSite.store_new

––

MD5: ––

SHA256: ––

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Safe Browsing\UrlUws.store_new

––

MD5: ––

SHA256: ––

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Safe Browsing\ChromeUrlClientIncident.store_new

––

MD5: ––

SHA256: ––

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Safe Browsing\UrlMalware.store_new

––

MD5: ––

SHA256: ––

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Safe Browsing\UrlSubresourceFilter.store_new

––

MD5: ––

SHA256: ––

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Safe Browsing\UrlCsdWhitelist.store_new

––

MD5: ––

SHA256: ––

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Safe Browsing\UrlCsdDownloadWhitelist.store_new

––

MD5: ––

SHA256: ––

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Safe Browsing\ChromeExtMalware.store_new

––

MD5: ––

SHA256: ––

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Safe Browsing\UrlSoceng.store

––

MD5: ––

SHA256: ––

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Safe Browsing\UrlSoceng.store_new

––

MD5: ––

SHA256: ––

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Safe Browsing\UrlMalBin.store_new

––

MD5: ––

SHA256: ––

2948

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity~RFaa19f5.TMP

text

MD5: 839d7b41727662097c48a1cb83863429

SHA256: 935a0d92746600fee2c7ff20f7d575ba6a715b1c5df5761dc0388d4a19b73097

2948

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity~RFaa6baf.TMP

text

MD5: 4cc06b0e5e1b6b946887ff1c3b53d970

SHA256: 5e71167f2bcae0894acda30fc8899959d6cc9a88d46a3762aadc7b8586651bca

2948

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00003c

mp3

MD5: 7e125dc075ec6e5ae796e4c3ab83abb3

SHA256: c06c7e58099969eacc5f8eb925fb381f445250b9f37acf959b11df72aabb44ca

2948

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity

text

MD5: 4cc06b0e5e1b6b946887ff1c3b53d970

SHA256: 5e71167f2bcae0894acda30fc8899959d6cc9a88d46a3762aadc7b8586651bca

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Local State

text

MD5: 9df9e93d0dc2d9194c7c653d9ae96727

SHA256: 4a6a35698fcf63d948285c2db79dc7af91b83a580994f6a2d3b32d92fe7039d0

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Safe Browsing\CertCsdDownloadWhitelist.store_new

––

MD5: ––

SHA256: ––

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Local State~RFaa6b22.TMP

text

MD5: 9df9e93d0dc2d9194c7c653d9ae96727

SHA256: 4a6a35698fcf63d948285c2db79dc7af91b83a580994f6a2d3b32d92fe7039d0

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Safe Browsing\IpMalware.store_new

––

MD5: ––

SHA256: ––

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

binary

MD5: 7ab4ff5156801e04efa86dc9c6e1ecb4

SHA256: cd08f6695d4a88c4428db915fda91b26e2ed17c98d26af4a52571aa2a36b9dc3

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index~RFa9cba6.TMP

binary

MD5: 7ab4ff5156801e04efa86dc9c6e1ecb4

SHA256: cd08f6695d4a88c4428db915fda91b26e2ed17c98d26af4a52571aa2a36b9dc3

2948

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity~RFa9a458.TMP

text

MD5: 45817e5d3a646cd495cb92cf1d68d87c

SHA256: aa6bc8bbd661f666faff61f896f7825d75c6920bf71216da5efd5312ccc132c2

2948

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\b8d26c1e-26a6-425b-8ea6-bc51b33e4860.tmp

––

MD5: ––

SHA256: ––

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Safe Browsing\UrlUws.store

binary

MD5: 167786c852f3d672731cf50ff4bbe851

SHA256: 7a634a6b0384997ff9a64195a1d56fa0ca0ed0ac4dae7c2d2ce2bf6ef05ddf0d

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Safe Browsing\UrlBilling.store

binary

MD5: 7b61b52efc41dd046bba9d1474126a7a

SHA256: b3083ed0b821cd26b0f655bed4ffc3ad11eae16dcfeaad61357282d65bd8ccc2

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Safe Browsing\UrlMalware.store

binary

MD5: d438c8942e5d6d7be2960fa08be4e52f

SHA256: 791522815fb70c1ce37cd1735bfd1b41ece2fb9e985dc2c403538c12b4387770

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Safe Browsing\UrlSuspiciousSite.store

binary

MD5: 792ec9ecea274bbca940a88107d7ca1d

SHA256: 3a3290ff250cf2b6c5144e8888e8284a00323e4993accbae5922dedce7c482be

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Safe Browsing\ChromeUrlClientIncident.store

binary

MD5: bd2a05bc63a946ea99e1de94c59059c0

SHA256: 46a9238c3152029a3371ba7b757cac42b7feb9bfbf9f196b1fdd990261065978

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Safe Browsing\UrlCsdWhitelist.store

binary

MD5: 343c096aae30082a73dac48ebf2dc6e8

SHA256: af4b48c6dcc010c2f24ca40a3f52f7a295586d115383e68894b22dd06c5d543b

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Safe Browsing\UrlSubresourceFilter.store

binary

MD5: c10ebff7ee54ef1ea6f98f4dd564bb9f

SHA256: 9eedf497689bfe62d1cad7587b91c33a98689517be629752e566b3694a22827b

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Safe Browsing\UrlCsdDownloadWhitelist.store

binary

MD5: 485430146f34400f03c7ed0c7da54430

SHA256: db7915d7fe659b49321970d99c4909e3f99bcf727e9b41e7443e6d9c7791f5f5

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Safe Browsing\ChromeExtMalware.store

binary

MD5: d0abf4961eb3e31bbae039d4c304d2c7

SHA256: 12141ef01ecbcb351862276e9b817d789556f149f39806afa8e502c7faa1845f

2948

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\4d7dde25-032c-4fb7-a49f-f7fa27c77a99.tmp

––

MD5: ––

SHA256: ––

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Safe Browsing\CertCsdDownloadWhitelist.store

binary

MD5: b06ddcd50c679bd9a09db40df296fbb5

SHA256: fce25e91048a0613ccccec8d8be83175784404d7f1146ed68a12b27b61f96c53

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Safe Browsing\UrlMalBin.store

binary

MD5: e89669943da36865d17c0788246f87da

SHA256: c2e520d5f0087009da81bdcb626edede3964fb913c965e2a91d239aa98b3969f

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Safe Browsing\IpMalware.store

binary

MD5: 43424ec9a25f29f141319f796f26ce91

SHA256: 2906a981195b60d9d011e0447981e7f9082c2b2089517e81f42b380f5c9248d8

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\98a5745d29a04c40_0

binary

MD5: be86bda2cbd6bae0bd2e851ae587b72c

SHA256: 1ed880496bf019e8a48deb11c19967592ffe94f7b7793cdfca5ede2c44806ef3

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\a6bb0c42-eb85-4c28-94a7-7b685bdf4505.tmp

––

MD5: ––

SHA256: ––

2948

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00003b

mp3

MD5: 5dd43c946894005258d85770f0d10cff

SHA256: d30746caf3e4675ae0d822d51461a9ad24832afa1e20179c3c2fc7b50b911a26

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\b5d3716837a6a11b_0

binary

MD5: 6aadd1e3fb08c672e2bb63c4265d20f2

SHA256: 77427498707cd5340ba6e12cf78f07f3cb01832f9553791dd2ee4a784867a765

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index~RFa8fe73.TMP

binary

MD5: f254a7597dbe2fd581c9ea0655a2e3a0

SHA256: 2fafb1a53bf584dc675923703669cccda87109b410511025d1393c0dbe72c727

2948

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity~RFa8c439.TMP

text

MD5: 1810e03b49aab4e82ed04b5f3087e39c

SHA256: e0d15e7c1411126f165eb3305880873aa5f948eeae7b7b83ded7ae2fb1f68e0a

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\cc09c06d-2e15-47a5-8895-5b430bbede30.tmp

––

MD5: ––

SHA256: ––

3236

chrome.exe

C:\Users\admin\Downloads\Unconfirmed 84451.crdownload

––

MD5: ––

SHA256: ––

3236

chrome.exe

C:\Users\admin\Downloads\3e57b5e5-9790-403d-9aa5-cfee2db41a90.tmp

––

MD5: ––

SHA256: ––

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\62a0d899f9d84d10_0

binary

MD5: 5107205a7555e9a6af3d99c6ee9bdd60

SHA256: 8ad917b55cb3c707d3b4c3e4bed427494020b436dea44b4ebf84cccc6271fa17

2948

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00003a

mp3

MD5: 5a000a0d4dff083d12a1d4fc2c7cbf66

SHA256: 690b64977594baa41c7978d76259224f67799ba337df2d1045dce970ef82b243

2948

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000039

mp3

MD5: e4d539271704b87764dc465b1a061abd

SHA256: dee4468bbafb321b159dcab42f52d1fbfb1d01358437e0a3088c3345979211b8

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index~RFa82c4e.TMP

binary

MD5: 08ff22b401787f1d1f848eb1b306558e

SHA256: 956b6163fa9713eccebd7935f4de663791ca5c291ec84f7111aee73b4cd437ff

2948

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000035

image

MD5: ef5eaedcc1b3aca0aae04704458b0e20

SHA256: 5bbe5e9f3faa5494c8f4e020a1f295c48aa8a205bc9b35a625be7a0e10690717

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\2e7e7954d81a9fd9_0

binary

MD5: bc75edb1330f45012869c6877faf15ca

SHA256: 99235ab55576aaa95d118b60aac8595450f82945f8cc2886f53aa81148f431bb

2948

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000037

image

MD5: bc9773220a7c518b783cc2192bcf138f

SHA256: 984e34776d5822524fa1d387681bc256ea161debe1253604da399a2e9f0fcd34

2948

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000038

image

MD5: 6bd5e65bc3dca0d4d30840dffbbf20d4

SHA256: 057835a91b206d4bbca86ba1fbbc4c2f1a9df676793c64a8842182a83e306b76

2948

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000036

image

MD5: c634a66fac29bcb064d0df359109b8b2

SHA256: c5bd15dde3912e89605879dd7927adfa0d5c2a732bfa8b4cc3f3969b88f16fe6

3236

chrome.exe

C:\Users\admin\Downloads\669591250344607744.htm:Zone.Identifier

text

MD5: fbccf14d504b7b2dbcb5a5bda75bd93b

SHA256: eacd09517ce90d34ba562171d15ac40d302f0e691b439f91be1b6406e25f5913

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Local State~RFa8007b.TMP

text

MD5: d06c0f018ab63019f098adaa7077fa6a

SHA256: 8397151448c80cfdcf26f14b0c3c5bd187bcdd0895f9b84dfc06dace8fed1509

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\DownloadMetadata~RFa7f07e.TMP

binary

MD5: 12a10ce2af51323665c8afbd4fb4ac67

SHA256: 985a11f5170438219ae6392ac2e241fe5af0f83be82dc38a58c057e9f9eb824a

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\DownloadMetadata

binary

MD5: 12a10ce2af51323665c8afbd4fb4ac67

SHA256: 985a11f5170438219ae6392ac2e241fe5af0f83be82dc38a58c057e9f9eb824a

2948

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity~RFa80118.TMP

text

MD5: 22e7fe6f8536c69b3dbdff6aa4f5f5b6

SHA256: 1a43b0cd5642727e08689cbbfa7c5af78c876d034054bf90069a55ecfe7babb8

3236

chrome.exe

C:\Users\admin\Downloads\669591250344607744.htm

html

MD5: 1a7e50f709d41a0fe3bff9e30f5a4221

SHA256: 2146de2a1ac6f33f6c45621ae01c22365e2b928e71f94bf0acc1ddea9c20779e

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\31edbb890c4afcb3_0

binary

MD5: 80e631ceb8bc64a990877f3928403774

SHA256: 2bdf032104e9c86dbb1b756a5443d94f9a1f96086828492c533026679d8f71ed

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\679f9f263bf01bd8_0

binary

MD5: 1b79a2dbb72fe6401f353cfbb8a8ae9e

SHA256: 3c271eeca107dae0da31f25d84d933479c85f070410fa29924db2ac3446dbd84

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\8367f591687c8d87_0

binary

MD5: fabbfe545f25a316819983b7d2158657

SHA256: 6aedacc27ce459bb477498efffa4f7c5d30d9cce9073e2ced10e08f80b770274

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\8d51e7e5a3f6670b_0

binary

MD5: af127037e97b55235888dbae79134748

SHA256: 4844857193f6606756a5fd98a8cf512a0bedd9453d1b59cd751f6b62e1dd787e

2948

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000033

image

MD5: 57f567a1e568fe209c8009cff7b0e214

SHA256: 8b665fced917649c278490fbd45207ce9a69289e4908c92fb8a1c8173f67c6e8

2948

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000032

image

MD5: 8176bb43d38fff54691863c5659d7130

SHA256: b12ca0c8e75dff2f7af2421d35a254e84a202788034521994ce10ffc4f9cfb1c

2948

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000034

compressed

MD5: 5f7193b3c9865e7639f3664df5858b55

SHA256: 608092e7df21dbccfc471345cc0ad535fcaf6667d5df6921a24021feff7a2339

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\385f8f21adfd14bf_0

binary

MD5: 034b0d2508e454f1a590b5ca1ed271e4

SHA256: 7fc93f70bd8fab43e8c75baeeeaa7da794ca605619eac800bdd84608d70afc0a

2948

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000031

image

MD5: dae2df25a176612634d976b2246b1f4e

SHA256: cc05b05032b895c5d4389f57b574009362dd073a0ed187cebfad00958f089a49

2948

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000030

image

MD5: f1751683f72e7fc23fd270a0a6a3c57d

SHA256: 0d69dec1738f1fc7a1d8d7945e31157cb2aa7a37559d5b06b434e10586b9dcf0

2948

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00002f

image

MD5: 432985538b84bdd0d5d92d71943dbbe3

SHA256: 0ffb6657420097ab8006332a4b19254e83dd22d65faa176a3e825e35b60910dc

2948

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00002e

image

MD5: 654d64db3b266267c71daffacbd75a19

SHA256: 8b0c79676a264f56fb44d3bfd8dd9cd9439645c8e1e92e1650f07b206a12b145

2948

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00002d

image

MD5: 982b17314eb465b18e9047d1cb2c5af0

SHA256: db4134fef924644972e0f2366c3fe6b5086ee55b35d3821a4a28ce0bee146ad7

2948

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00002c

image

MD5: 897f73003a7f946fa3574c413660d975

SHA256: 83402b4e593524321ae13748f477a6ad51b2f1078c109ff35d5c7c91bf1a6400

2948

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00002b

image

MD5: 2d2a28e0f683e3dc1ea064205c78ff68

SHA256: 917c49ccdc2375e45c7bba34c7f7dbdaa39b10b4ce97dfcedba93cc063ef2a78

3236

chrome.exe

C:\Users\admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5Z392BNL3QL1L784GYXY.temp

––

MD5: ––

SHA256: ––

2948

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\49e28aa7-6d01-4ef7-a765-5e28dc220194.tmp

––

MD5: ––

SHA256: ––

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\BrowserMetrics-spare.pma

––

MD5: ––

SHA256: ––

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\866f8c01-159c-4f3e-b538-5caab99342bf.tmp

––

MD5: ––

SHA256: ––

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\3af8d19f-90e2-49d8-9eb1-1b16cfe697d4.tmp

––

MD5: ––

SHA256: ––

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\d50026c3-0312-401a-95a2-72fd5ac04089.tmp

––

MD5: ––

SHA256: ––

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\ad54f664-5ecd-4f4c-9b52-95ab83548659.tmp

––

MD5: ––

SHA256: ––

3236

chrome.exe

C:\Users\admin\Downloads\Unconfirmed 608136.crdownload

––

MD5: ––

SHA256: ––

3236

chrome.exe

C:\Users\admin\Downloads\79c3c3bb-2112-4bb2-aa02-f7a6a53ad869.tmp

––

MD5: ––

SHA256: ––

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Local State~RFa7bd19.TMP

text

MD5: 6efdd546866fb4552c3767b2623a8a0d

SHA256: f86969f7dd84fa5a0fddf42319f45257d217a0a50b82c72a746a8615dabbd65f

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\JumpListIconsRecentClosed\109d0c30-72d9-41a4-b16c-3a7c5ae04df1.tmp

image

MD5: af67f8e5e76e86a029f4d70fd4570a95

SHA256: 7c0320f86eb7a50b1d33f59cccb1a4f54307a8e9bdee2fbfcc944bc8beb880c1

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Preferences~RFa7ad6a.TMP

text

MD5: 52966eb9e2d5cba7472a20dbe72956ee

SHA256: 389a749300854468c321fca7f6bbd7208cf49add221727938aba4574d11df412

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

text

MD5: 52966eb9e2d5cba7472a20dbe72956ee

SHA256: 389a749300854468c321fca7f6bbd7208cf49add221727938aba4574d11df412

2948

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity~RFa7cd94.TMP

text

MD5: e8ffff0067515e19d695a7c95c9fcf0c

SHA256: 9e7eae37b762a42c478248694be254b455ef29f097ef88656764db4b275ad4ba

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\JumpListIconsRecentClosed\a0145038-9e67-495a-a067-213b0ba9e01f.tmp

image

MD5: db6c383a254fb526164959fa52983c72

SHA256: f01ad3c31248c4bc384d92e467393c1c3f2c9ecf729201695b779056ecc0f28e

3236

chrome.exe

C:\Users\admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

binary

MD5: e664bcaf638e2d3ec289fe0ab99a5bc4

SHA256: 0f8f5bb30c6d8c515d048161abc91c34b11fd62cc319411e525a9109788effb4

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\DownloadMetadata~RFa7af1f.TMP

binary

MD5: 03410b73618f3d413e1565e8ae8515e1

SHA256: ec1d43881a02ccc8a1c460b192c064698a79beb64c41a9203deea02438894a2b

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\DownloadMetadata~RFa7a711.TMP

binary

MD5: 5e9b3f49345fa041b37c7291830323cf

SHA256: 1895e1c6e11a50ab00eee2e38fc78766c4b8a6fe0f89d1b1ccfbe4d6f1e5d8df

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index~RFa7a2ac.TMP

binary

MD5: 8655b0980b339d50b2534cef84f82f9c

SHA256: 009b0835ca7a49d6cd56b647f2a1562251d54c8abd284d8804ab1fb2b84b6496

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\e9bf7c9e-c2f3-40d9-9fa2-26034072cf62.tmp

––

MD5: ––

SHA256: ––

2948

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\82199571-d877-4031-90b8-3e0f2343c228.tmp

––

MD5: ––

SHA256: ––

3236

chrome.exe

C:\Users\admin\Downloads\Unconfirmed 726758.crdownload

––

MD5: ––

SHA256: ––

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\000006.dbtmp

––

MD5: ––

SHA256: ––

3236

chrome.exe

C:\Users\admin\Downloads\682470055564542033 (1).htm:Zone.Identifier

text

MD5: fbccf14d504b7b2dbcb5a5bda75bd93b

SHA256: eacd09517ce90d34ba562171d15ac40d302f0e691b439f91be1b6406e25f5913

3236

chrome.exe

C:\Users\admin\Downloads\682470055564542033 (1).htm

html

MD5: 37c4b3e1c9901d9eec357fe4ebea2cf7

SHA256: 1986fd8f7fd6ad3df31ca4bf21ccd7c02b12d583153615f86bfda2506922f3fd

2948

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\8422f9c7-3d79-49e8-91db-ee9a006bd281.tmp

––

MD5: ––

SHA256: ––

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\118b2c41-c58c-46ae-8680-d53076d376dc.tmp

––

MD5: ––

SHA256: ––

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\35133653-ca95-463a-8638-991996582602.tmp

––

MD5: ––

SHA256: ––

3236

chrome.exe

C:\Users\admin\Downloads\682470055564542033.htm:Zone.Identifier

text

MD5: fbccf14d504b7b2dbcb5a5bda75bd93b

SHA256: eacd09517ce90d34ba562171d15ac40d302f0e691b439f91be1b6406e25f5913

2948

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\12429e83-4b05-454f-ac99-537308c36c23.tmp

––

MD5: ––

SHA256: ––

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\CURRENT

text

MD5: aefd77f47fb84fae5ea194496b44c67a

SHA256: 4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611

2948

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity~RFa797fd.TMP

text

MD5: 755df7ff7a02101b10736d27d8f13c19

SHA256: 71572b8ed6536467eb7f81f75a4b5b8cf165c7881dad8489382fb6e9d1aab07e

3236

chrome.exe

C:\Users\admin\Downloads\dfd5ead0-5ede-4bc9-ad02-cbfe7295aaf6.tmp

html

MD5: efadf0ac949e48f1dd5ae296d3509907

SHA256: 7eee3e921a5a80db6346be2a709256952524f8dad9f39e35f9d818bd9da27c30

3236

chrome.exe

C:\Users\admin\Downloads\682470055564542033.htm

html

MD5: efadf0ac949e48f1dd5ae296d3509907

SHA256: 7eee3e921a5a80db6346be2a709256952524f8dad9f39e35f9d818bd9da27c30

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\CURRENT~RFa79629.TMP

text

MD5: aefd77f47fb84fae5ea194496b44c67a

SHA256: 4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\LOG.old

text

MD5: 85fd0babd47003dbe44093531bacb0fd

SHA256: 2370fab9c9e75b5746ed9d8e9c5c5a1968b7ddec72a4c57fe1dff48d72e4fdad

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\LOG.old~RFa79619.TMP

text

MD5: 85fd0babd47003dbe44093531bacb0fd

SHA256: 2370fab9c9e75b5746ed9d8e9c5c5a1968b7ddec72a4c57fe1dff48d72e4fdad

2948

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State~RFa7831e.TMP

text

MD5: e8addf566c0876ca5d3e36b04c207ad1

SHA256: 693b5834b9c6342872a184f56e6c959997bf66c6bb7816227b9a1698685e99b0

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Preferences~RFa77b1f.TMP

text

MD5: a3add06359170c72c70243ad58d6fd60

SHA256: 0b0b1fc5db6a6cbcfbdde8716605216032df302d78f25d1690fd5e41e54f16ad

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Local State~RFa77533.TMP

text

MD5: e7be877e2d520aed5acd555433cf435d

SHA256: ebf40bfd56fa8f1943b84a24fcc22da3e27e8f3064052beb7428f41620a91af8

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\ea75e736b7ecc784_0

binary

MD5: 8d9576e45d0446a5b019d3cbf5cdfaa8

SHA256: 3fb9e54e7451a7031cf0087eee4796ea286727bc5bb83e29443e014e9b64a7e7

2948

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00002a

image

MD5: 5bb7d7c335874a5140756dc6415fcd6a

SHA256: 78eac903080373636420e4ab4ea59a372c66b540d3d01a65ba115d808f068f14

2948

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State

text

MD5: e8addf566c0876ca5d3e36b04c207ad1

SHA256: 693b5834b9c6342872a184f56e6c959997bf66c6bb7816227b9a1698685e99b0

2948

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000029

binary

MD5: 5c6d59ebbfe85e3b271c43a45eef5963

SHA256: 1516d636254386d0656fb51329fae5505bbc4dff202285c9802b3d727a509dde

2948

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity~RFa75fb7.TMP

text

MD5: aa5ea43ed9d01572ce2a6260645cb383

SHA256: 2daae4bce9226cd8c81969304af09c506ea408be6f57f1038502cf13f97e5055

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\44862abe24d96045_0

binary

MD5: 8505a02f4259479ee36cafe17bb18b7e

SHA256: 08418f95c906ecedac69e227edd817e9d8b767966fa538c04699274112dbe80f

2948

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000028

binary

MD5: ae0b72449ddc18d62000ac957f02ad66

SHA256: 447942bbf3722e50609ae28148a06e3c915d809e9aa4d34842df95b1ba1b5427

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\4a43fb74fdd173ef_0

binary

MD5: 556f7bcd0ea82723512e05d8579ad26a

SHA256: 6bbc2ed81631c9a7509245d7827cb09e878b39eadb8e1df35d22588e978d36c0

2948

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000026

binary

MD5: 2391a2f0d6bceeab3e87e3d41bb6a9d4

SHA256: 2ec70181aed05ebbf91ca7cb58f5726f6237b038b2d71dfef08dfbe5338eda31

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\c36e5acb98f4ffcb_0

binary

MD5: c4ef6d26878ea663b3fc12043f020b71

SHA256: 56adfcf2a553f529505c8730828d716b7058f3a47514193eb7eed153a831a0e7

2948

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000027

binary

MD5: 1027a979b97e757df20b6db5e20bf4ee

SHA256: d4d2ddcee74ce3ab3c32e8532389dbeac9cb1caa3e8906e7f0d628a48c964746

2948

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000025

image

MD5: ef098b04fb3d724191f406311331b0e6

SHA256: 51d2a1b4ebd7cba5b171bbc5b6c91824bfe14d2daf48eb704d9a49e5a333172a

2948

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000024

compressed

MD5: 786b28b1afc92906a3ddedd8d4582153

SHA256: 6a8b2e2c992fdfbbe37e6aeb67e782b9b503cca59cb8dbae87837027a5b50847

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\bfb5759b01020bec_0

binary

MD5: e7a61c04d70d7f62f906b4f7468289a1

SHA256: ad58195424cecdd0f76671eeaeba46b7a8e295c7a3d23168f4a90ed4e404dc52

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\f201024b475f27d8_0

binary

MD5: 57f49b05b50338a5b30748347988222b

SHA256: a7e53d4e3c1f6213a62c056491191e56b239f952bb470092f364433ffe068ef3

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\06dbe58cd8db29cf_0

binary

MD5: 7ead162305eea1b80a511e6a3b77e2b1

SHA256: 3127b7b2bb2bfa20e90a00a3fc08b75b616f05dcda99cbd81ac946318392281d

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\22928a19489bd0de_0

binary

MD5: aec460b08e5b2584f33e360a36ad5cdc

SHA256: 2d6ae02798951f9dc6f5545687cfa7636b2ca64afa81d83142e72f7640cdac92

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\7f3fba9047b0e481_0

binary

MD5: 490f901ad55f4557e3deb4616e2f78ea

SHA256: 11ae1ac0b58bd366d9d93aafdf2799ab6856454f30644942904369b96a34412e

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\ff066b315c3939c3_0

binary

MD5: 11aa92defde7a288d0110dadc1239ef8

SHA256: 7f3217cf61082e1e833088949358dc161006131c0313e088f520ce2d274853ee

2948

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000023

binary

MD5: 336dab9cc277010d8ca6ba018a5a1603

SHA256: 72fa1c8422843cc605d45987f36e495d6da89827445b489c24315cba63f9c251

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\c9a827f782933d2b_0

binary

MD5: ee1caf40a7657635cedc4521a3ce7200

SHA256: 4108bfaefafbd6365a804c0f38aed07b9ce53921bcb8b02129c47a5e38d6066d

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\06a82d3a-29ae-4059-ab48-d0e3bd559646.tmp

––

MD5: ––

SHA256: ––

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\723cb068-8627-4b44-910e-8015c67084f4.tmp

––

MD5: ––

SHA256: ––

2948

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\e28c1e68-220c-4a1c-8e38-0bf4b8d9439f.tmp

––

MD5: ––

SHA256: ––

2948

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000020

binary

MD5: 01e6e374ebb89e32b74312889e8f418a

SHA256: 2506e68d66af8f81913bca80222b0778ec8d955a90a41b46560746e4d1dec0ca

2948

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000021

binary

MD5: 7339446f919d07c9f999fb45146c9202

SHA256: f129668b7975c46bc2ec10b207a9e478e03242343c9db68aaead6da34aef3d36

2948

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000022

binary

MD5: dd70fba692e3ed12b6dea410c0d6ab72

SHA256: b7feac08621cbe5daf3c30f71d2c76e5f5f25b3e814f83687559a153f28eff51

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\405b04cca56efc42_0

binary

MD5: af21a0a2502a202cb0ac0cc35c69a51f

SHA256: 68130a1286ab2296d91c0c7e991278edcf8a7b49af7573c728d5ed7e9af8af3d

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Preferences~RFa72ed4.TMP

text

MD5: 0d522c12d113fb74f4f67c224902fd4c

SHA256: 0ab7b3cad94a77d815f35e557831c37f4fdcdd0febb47e391513e42c79e7dd66

2948

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00001f

mp3

MD5: dd920c06a01e5bb8b09678581e29d56f

SHA256: 31ad0482eee7770597b8aa723a80fd041ade0b076679b12293664f1f1777211b

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\bc5fca540d14974a_0

binary

MD5: b166bd1cf81cfbab68bc53bd87cdb0b0

SHA256: 2530d594b413683a9242257b18ba5397fa6f3fac491b71dd9792500d9cdb497c

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Local State~RFa72aec.TMP

text

MD5: 296fcb9ce58fa44850b44f842ef4a661

SHA256: f5768d0833765137d1bd849d835597e1a4c772dbace9ab7178f1d892f29952b4

2948

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity~RFa723a8.TMP

text

MD5: b77391495e032cc66473eeba62c36e50

SHA256: 8fcd9f2796d57a4cfdd72fc9fc1b524cbf84ece35a80b71cc89410c82fa54e04

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\b0f835ca08a3f749_0

binary

MD5: 1e7394c0277b99356e617d23cb690d4d

SHA256: 233752df9920787d0363843c19887e4cec0cc7f8056c0c2fadf71a57e403ed06

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\65b9e2ea8293405d_0

binary

MD5: e423dc2116e04bc7cef5146023675acf

SHA256: 880f44323382d94a7d8a70287ac8cff456af5a753c76f2a67c3282c8b893c778

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\3fdeb5aab1775a58_0

binary

MD5: 17754ad60d9890a57bf179a1a37a6e9e

SHA256: d66910766d114ab23000e74046da76c7ae6e9413e5803713b4ec5ec5908191b4

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\c3dc5a0b75e23838_0

binary

MD5: 8cc5f957dbad230fb74a7b09704ce0e9

SHA256: 1d6d76f6da606309df6daf1daa50621edfd75e92c324766631102a55ca1560d7

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\6f1f2060be774fa2_0

binary

MD5: 3e4241c97c78fc54b405d4cddde48937

SHA256: 5a6f96f6e302611387eb1d2bcae8f456dd005d15616efa09842a4e874b3d08c1

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\210f6f92326b0272_0

binary

MD5: bcdb1a11c9a6a14d872dcde3be8a1164

SHA256: cc772700c2bb4d81118b7447ad0955723ee387ed08e8a71a1e84a75865d11253

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\88c9a7c74032ac21_0

binary

MD5: 37a8d232aff2c206423248a2b0b29c29

SHA256: 9beec018400e510167b79720f2273dd63e51c0c2bab56e95e58bbbb75f90b018

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\307542f3b0f6715e_0

binary

MD5: d6b04fca6e61c44305a0ee88dec5caf2

SHA256: a771fb2abeef2bf7f463ade861e82cf60ce010887c53de4a8142aeec924d4330

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e6299581bdd5819a_0

binary

MD5: 27cc50f1a94ddcf134c5bf2f9ef9828e

SHA256: 32a0148d79735180c7f341e5cc054f8c8adf685f84736e2e66ab96c84aaa94e1

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\94169f2e6f69bea4_0

binary

MD5: 0ea614568d9dec773c1a68eeac372441

SHA256: 8f60f3b82b4b1d7c242e7c14b8556a210cf01d6c0beb431f749bf23fd50d08e4

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\629a2abee18dc54a_0

binary

MD5: 1201ba2c917162e6cb0e7c61e657938c

SHA256: a39fef687a0e3ac74aa2dbb4521901b57ebdab77edb5bc8982e8538ac6b18a96

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\4b62871499fdfab5_0

binary

MD5: 20ba31fe020f659cd9148f5ed3d73da1

SHA256: 5dfafe2c2acf456cd64e05a60cbe86377c759a08e7421a24e74c96c889bef6b2

2948

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00001e

image

MD5: f307550b0e648168fc41b9ec4dc7ed5c

SHA256: 034c89314ea3d02ce6b9696b985b7951d015431cc9ce1a6bb9f53ce28bb34672

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\fbc89962cf5e25de_0

binary

MD5: b519283fa04821a4b2452a8d29509398

SHA256: 2453e823c9096c391982eddccc7cb513ce99f1f6eba07b8e89ed4f00a8215cc9

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e9bc8f786e284c9f_0

binary

MD5: 44a91655469aa0f2a6ca4656521311ce

SHA256: b885b9b69d526d96f48de0977f9ec7aa788ebcc65783fc9225a90cc6e8f017c1

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\b981c1b4d228ba9a_0

binary

MD5: 4d0d8e7d634dcf4e9c4d1c0b20dc4882

SHA256: 83c6c8587926ca2367a396f7269b45a496bcb9ec4129401899f4aa6bccb473e1

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\bd787adfbf5824ac_0

binary

MD5: 9834641a6d9930540aa6a744c02501ed

SHA256: b24de2c36819b7c6e203f03ce9f51434ec8aa11fc5e21706c4e8c63bbe2629ad

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\0cc551bee7418628_0

binary

MD5: 20459eba5e15d52be7b6c06f9cf4cf6d

SHA256: 5968e00cb7f8dee2fc4a87e24f83d35429629a3a49be36dfcc8e4ae785022217

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\99204d88878ad98a_0

binary

MD5: 8e07ba9ba12d444283a0093a05afe572

SHA256: fffa53c78e14a930550c37c4abbe8ccb93cca02a68d16be022cdf67bb7851c9a

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\2a6305d7db6e607d_0

binary

MD5: 5e289553688f3a499fc755d3f8d4221d

SHA256: e94f0f5365e606ed08aa97845644e60764cacdb810b73d01290408fc95cfabcb

2948

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00001d

mp3

MD5: ae7d16bb2eea76b9b9977db0fad66658

SHA256: 1e7f6ea1298758403297e8f9049b072db59dceb3518186164ffc16550c5c5ac3

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\62c5d5abf25d6d3e_0

binary

MD5: 8e90395b22d5d94aac489f3c4e9de105

SHA256: db11eb959600f2eb4f544aa3b0e174ee2e86a221091534f7d14b3a17b66e7100

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\51459b5c18f7dfe6_0

binary

MD5: 64c62f4a4c39b8969314daf002f9d61c

SHA256: b85de13933f399af08ad2dd1c53f04e324880ee3922578c267d1943d172032f7

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\9184468c192a3aca_0

binary

MD5: b324eb744e2119baa972c1857da52415

SHA256: b7f7aec849d67eb0427f5277ae05ff6978a1dcb38775a91018317c9c754a82a5

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\c33cdcbedd584721_0

binary

MD5: a9b8430cbbd783cc2def88d43fa24d08

SHA256: ee65fbc600801cbb68e97a8599d2cab0d930ebfb4f22b5016893785282ef1b0a

2948

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00001a

compressed

MD5: ba84f43b84ad21a3638ee01dcb6e53e5

SHA256: d7eda1d7408f100abfc954798ca8c4d75f8f1bea842cc6500767d2875edb25e4

2948

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000017

compressed

MD5: 6e85f2f722eb02d9f81f71d99ad5155d

SHA256: 58232fa16ef3e8b76c73770622a47d47b645b3bb3142cbe559e27b20b506fd7b

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\a16d31cc9110c9f0_0

binary

MD5: 9786354638516409d04f68c924df518e

SHA256: e6668e873fd3a49ce285ed80890b1d3333a51cd0be78e2ef42624cfe290e8505

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\96d77f1357dd357c_0

binary

MD5: b2a2ef56141c814e2a7a4d09ad88d5b8

SHA256: 341e57546495ee8082c3fc49168333e9de39e486aa6db169aabd77341f806330

2948

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000018

compressed

MD5: fe9a87c70cb0e5a324c62c83a39065bf

SHA256: 2205e87fe8cd205b1c1a9dca1bf086563541a9e39ffbcc6a27916b97f7e0d03e

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\97905248a96e06c9_0

binary

MD5: 0cf77b00a16d343f634fd7ff3ab665b8

SHA256: 01294cda58c242bb6e24b472bb8430fa80b5057357ab57b1d7f5dc53cfae50d4

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\87febea2da147672_0

binary

MD5: 723c7db312e782c171af77c2044d9874

SHA256: 4171280e70b7bfd80d82fbccd0cf71a5dc280bf6bb57e23d10bc0d20c71ced3c

3236

chrome.exe

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\be93ba4de0daeac9_0

General Info

Take your security to the next level

Launch configuration

Software preset

Hotfixes

Behavior activities

Screenshots

Processes

Behavior graph

Process information

Registry activity

Modification events

Files activity

Dropped files

Take your security
to the next level