General Info

URL

http://ant.trenz.pl

Full analysis
https://app.any.run/tasks/c6ad8e39-f864-4128-903a-4a684e486c85
Verdict
Malicious activity
Analysis date
4/15/2019, 16:03:32
OS:
Windows 7 Professional Service Pack 1 (build: 7601, 32 bit)
Tags:

trojan

sinkhole

Indicators:

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distored by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

Software environment set and analysis options

Launch configuration

Task duration
120 seconds
Additional time used
60 seconds
Fakenet option
off
Heavy Evaision option
off
MITM proxy
off
Route via Tor
off
Network geolocation
off
Privacy
Public submission
Autoconfirmation of UAC
on

Software preset

  • Internet Explorer 8.0.7601.17514
  • Adobe Acrobat Reader DC MUI (15.023.20070)
  • Adobe Flash Player 26 ActiveX (26.0.0.131)
  • Adobe Flash Player 26 NPAPI (26.0.0.131)
  • Adobe Flash Player 26 PPAPI (26.0.0.131)
  • Adobe Refresh Manager (1.8.0)
  • CCleaner (5.35)
  • FileZilla Client 3.36.0 (3.36.0)
  • Google Chrome (73.0.3683.75)
  • Google Update Helper (1.3.33.23)
  • Java 8 Update 92 (8.0.920.14)
  • Java Auto Updater (2.8.92.14)
  • Microsoft .NET Framework 4.6.1 (4.6.01055)
  • Microsoft Office Access MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Access Setup Metadata MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Excel MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office OneNote MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Outlook MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office PowerPoint MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Professional 2010 (14.0.6029.1000)
  • Microsoft Office Proof (English) 2010 (14.0.6029.1000)
  • Microsoft Office Proof (French) 2010 (14.0.6029.1000)
  • Microsoft Office Proof (Spanish) 2010 (14.0.6029.1000)
  • Microsoft Office Proofing (English) 2010 (14.0.6029.1000)
  • Microsoft Office Publisher MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Shared MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Shared Setup Metadata MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Single Image 2010 (14.0.6029.1000)
  • Microsoft Office Word MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (9.0.30729.6161)
  • Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (10.0.40219)
  • Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (12.0.30501.0)
  • Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (12.0.21005)
  • Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (12.0.21005)
  • Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (14.15.26706.0)
  • Microsoft Visual C++ 2017 x86 Additional Runtime - 14.15.26706 (14.15.26706)
  • Microsoft Visual C++ 2017 x86 Minimum Runtime - 14.15.26706 (14.15.26706)
  • Mozilla Firefox 65.0.2 (x86 en-US) (65.0.2)
  • Notepad++ (32-bit x86) (7.5.1)
  • Opera 12.15 (12.15.1748)
  • Skype version 8.29 (8.29)
  • VLC media player (2.2.6)
  • WinRAR 5.60 (32-bit) (5.60.0)

Hotfixes

  • Client LanguagePack Package
  • Client Refresh LanguagePack Package
  • CodecPack Basic Package
  • Foundation Package
  • IE Troubleshooters Package
  • InternetExplorer Optional Package
  • KB2534111
  • KB2999226
  • KB976902
  • LocalPack AU Package
  • LocalPack CA Package
  • LocalPack GB Package
  • LocalPack US Package
  • LocalPack ZA Package
  • ProfessionalEdition
  • UltimateEdition

Behavior activities

MALICIOUS SUSPICIOUS INFO

No malicious indicators.

Modifies files in Chrome extension folder
  • chrome.exe (PID: 2936)
Reads settings of System Certificates
  • chrome.exe (PID: 2356)
Application launched itself
  • chrome.exe (PID: 2572)
  • chrome.exe (PID: 2936)

Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report

Screenshots

Processes

Total processes
64
Monitored processes
33
Malicious processes
0
Suspicious processes
0

Behavior graph

+
start chrome.exe chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs
Specs description
Program did not start
Integrity level elevation
Task сontains an error or was rebooted
Process has crashed
Task contains several apps running
Executable file was dropped
Debug information is available
Process was injected
Network attacks were detected
Application downloaded the executable file
Actions similar to stealing personal data
Behavior similar to exploiting the vulnerability
Inspected object has sucpicious PE structure
File is detected by antivirus software
CPU overrun
RAM overrun
Process starts the services
Process was added to the startup
Behavior similar to spam
Low-level access to the HDD
Probably Tor was used
System was rebooted
Connects to the network
Known threat

Process information

Click at the process to see the details.

PID
2936
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" http://ant.trenz.pl
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
Parent process
––
User
admin
Integrity Level
MEDIUM
Exit code
3221225547
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.75
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\ole32.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\netutils.dll
c:\windows\system32\srvcli.dll
c:\windows\system32\wkscli.dll
c:\windows\system32\samcli.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\oleacc.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\hid.dll
c:\windows\system32\propsys.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\d3d11.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\credui.dll
c:\windows\system32\ncrypt.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\winusb.dll
c:\windows\system32\msi.dll
c:\windows\system32\wevtapi.dll
c:\windows\system32\gpapi.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\dhcpcsvc6.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\mscms.dll
c:\windows\system32\winsta.dll
c:\windows\system32\wlanapi.dll
c:\windows\system32\wlanutil.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\mmdevapi.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\wpc.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\samlib.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\firewallapi.dll
c:\windows\system32\kbdus.dll
c:\windows\system32\explorerframe.dll
c:\windows\system32\duser.dll
c:\windows\system32\dui70.dll
c:\windows\system32\windowscodecs.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\ehstorshell.dll
c:\windows\system32\linkinfo.dll
c:\windows\system32\cscui.dll
c:\windows\system32\cscdll.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\cscapi.dll
c:\windows\system32\wship6.dll
c:\windows\system32\ntshrui.dll
c:\windows\system32\slc.dll
c:\windows\system32\imageres.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\bcryptprimitives.dll
c:\windows\system32\imagehlp.dll
c:\program files\winrar\rarext.dll
c:\program files\microsoft office\office14\olkfstub.dll
c:\progra~1\micros~1\office14\mlshext.dll
c:\program files\microsoft office\office14\onfilter.dll
c:\program files\microsoft office\office14\visshe.dll
c:\program files\common files\microsoft shared\office14\msoshext.dll
c:\program files\microsoft office\office14\msohevi.dll
c:\windows\system32\mf.dll
c:\windows\system32\shdocvw.dll
c:\program files\filezilla ftp client\fzshellext.dll
c:\windows\system32\syncui.dll
c:\program files\notepad++\nppshell_06.dll
c:\program files\windows sidebar\sbdrop.dll
c:\windows\system32\stobject.dll
c:\windows\system32\cryptext.dll
c:\windows\system32\colorui.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\wininet.dll
c:\windows\system32\winspool.drv
c:\windows\system32\comdlg32.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_child.dll

PID
3544
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=73.0.3683.75 --initial-client-data=0x7c,0x80,0x84,0x78,0x88,0x6ebb0f18,0x6ebb0f28,0x6ebb0f34
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
MEDIUM
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.75
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\cryptbase.dll

PID
2624
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=2940 --on-initialized-event-handle=308 --parent-handle=312 /prefetch:6
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
MEDIUM
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.75
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\msctf.dll
c:\windows\system32\imm32.dll
c:\windows\system32\ole32.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_watcher.dll

PID
3744
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=956,8145731737619825880,15429340508233278846,131072 --enable-features=PasswordImport --gpu-preferences=KAAAAAAAAACAAwAAAQAAAAAAAAAAAGAAAAAAAAEAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --service-request-channel-token=14520903678509141690 --mojo-platform-channel-handle=932 --ignored=" --type=renderer " /prefetch:2
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.75
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\mf.dll
c:\windows\system32\atl.dll
c:\windows\system32\mfplat.dll
c:\windows\system32\avrt.dll
c:\windows\system32\ksuser.dll
c:\windows\system32\msmpeg2vdec.dll
c:\windows\system32\evr.dll
c:\windows\system32\powrprof.dll
c:\windows\system32\slc.dll
c:\windows\system32\sqmapi.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\dxva2.dll
c:\program files\google\chrome\application\73.0.3683.75\d3dcompiler_47.dll
c:\windows\system32\ddraw.dll
c:\windows\system32\dciman32.dll
c:\program files\google\chrome\application\73.0.3683.75\swiftshader\libglesv2.dll
c:\program files\google\chrome\application\73.0.3683.75\swiftshader\libegl.dll

PID
1948
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=956,8145731737619825880,15429340508233278846,131072 --enable-features=PasswordImport --lang=en-US --service-sandbox-type=network --service-request-channel-token=2221104833569819538 --mojo-platform-channel-handle=1472 /prefetch:8
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
Parent process
chrome.exe
User
admin
Integrity Level
MEDIUM
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.75
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\usp10.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\dhcpcsvc6.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\wship6.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\fwpuclnt.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\gpapi.dll
c:\windows\system32\ncrypt.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\bcryptprimitives.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\cryptnet.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\ntmarta.dll

PID
2436
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=956,8145731737619825880,15429340508233278846,131072 --enable-features=PasswordImport --service-pipe-token=12088818467191561819 --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=12088818467191561819 --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2036 /prefetch:1
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.75
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
2848
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=956,8145731737619825880,15429340508233278846,131072 --enable-features=PasswordImport --service-pipe-token=10077549942079905173 --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=10077549942079905173 --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2068 /prefetch:1
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.75
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
3992
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=956,8145731737619825880,15429340508233278846,131072 --enable-features=PasswordImport --service-pipe-token=10686420061057107470 --lang=en-US --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=10686420061057107470 --renderer-client-id=4 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2268 /prefetch:1
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.75
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
2100
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=956,8145731737619825880,15429340508233278846,131072 --enable-features=PasswordImport --disable-gpu-sandbox --use-gl=disabled --gpu-preferences=KAAAAAAAAACAAwAAAQAAAAAAAAAAAGAAAAAAAAEAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --service-request-channel-token=8329209183638662937 --mojo-platform-channel-handle=3060 /prefetch:2
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
MEDIUM
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.75
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\mf.dll
c:\windows\system32\atl.dll
c:\windows\system32\mfplat.dll
c:\windows\system32\avrt.dll
c:\windows\system32\ksuser.dll
c:\windows\system32\msmpeg2vdec.dll
c:\windows\system32\evr.dll
c:\windows\system32\powrprof.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\slc.dll
c:\windows\system32\sqmapi.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\dxva2.dll

PID
2480
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=956,8145731737619825880,15429340508233278846,131072 --enable-features=PasswordImport --lang=en-US --service-sandbox-type=utility --service-request-channel-token=9949469944087294458 --mojo-platform-channel-handle=3140 --ignored=" --type=renderer " /prefetch:8
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.75
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
3760
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=956,8145731737619825880,15429340508233278846,131072 --enable-features=PasswordImport --lang=en-US --service-sandbox-type=utility --service-request-channel-token=16711015956950061223 --mojo-platform-channel-handle=3296 --ignored=" --type=renderer " /prefetch:8
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.75
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
4004
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=956,8145731737619825880,15429340508233278846,131072 --enable-features=PasswordImport --lang=en-US --service-sandbox-type=utility --service-request-channel-token=5467315048086282212 --mojo-platform-channel-handle=3276 --ignored=" --type=renderer " /prefetch:8
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.75
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
356
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=956,8145731737619825880,15429340508233278846,131072 --enable-features=PasswordImport --lang=en-US --service-sandbox-type=utility --service-request-channel-token=15742779786968967872 --mojo-platform-channel-handle=3384 --ignored=" --type=renderer " /prefetch:8
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.75
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
3828
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=956,8145731737619825880,15429340508233278846,131072 --enable-features=PasswordImport --lang=en-US --service-sandbox-type=utility --service-request-channel-token=8256701679705662383 --mojo-platform-channel-handle=3404 --ignored=" --type=renderer " /prefetch:8
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.75
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
2668
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=956,8145731737619825880,15429340508233278846,131072 --enable-features=PasswordImport --disable-gpu-compositing --service-pipe-token=2860876122777080544 --lang=en-US --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=2860876122777080544 --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3536 /prefetch:1
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.75
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
3304
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=956,8145731737619825880,15429340508233278846,131072 --enable-features=PasswordImport --lang=en-US --no-sandbox --service-request-channel-token=17789155488192882973 --mojo-platform-channel-handle=3300 /prefetch:8
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
MEDIUM
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.75
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\propsys.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\linkinfo.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\shdocvw.dll
c:\windows\system32\twext.dll
c:\windows\system32\cscui.dll
c:\windows\system32\cscdll.dll
c:\windows\system32\cscapi.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\rpcrtremote.dll
c:\windows\system32\sendmail.dll
c:\windows\system32\zipfldr.dll
c:\windows\system32\fxsresm.dll
c:\program files\winrar\rarext.dll
c:\windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll
c:\windows\system32\msimg32.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\windowscodecs.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\ntshrui.dll
c:\windows\system32\srvcli.dll
c:\windows\system32\slc.dll
c:\windows\system32\syncui.dll
c:\windows\system32\synceng.dll
c:\program files\notepad++\nppshell_06.dll
c:\windows\system32\acppage.dll
c:\windows\system32\sfc.dll
c:\windows\system32\sfc_os.dll
c:\windows\system32\msi.dll
c:\windows\system32\wer.dll
c:\windows\system32\devrtl.dll
c:\windows\system32\netutils.dll

PID
3676
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=956,8145731737619825880,15429340508233278846,131072 --enable-features=PasswordImport --lang=en-US --service-sandbox-type=utility --service-request-channel-token=12872520436647883029 --mojo-platform-channel-handle=3072 --ignored=" --type=renderer " /prefetch:8
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.75
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
588
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=956,8145731737619825880,15429340508233278846,131072 --enable-features=PasswordImport --disable-gpu-compositing --service-pipe-token=8267606383562784961 --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=8267606383562784961 --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=936 /prefetch:1
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.75
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
2244
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=956,8145731737619825880,15429340508233278846,131072 --enable-features=PasswordImport --disable-gpu-compositing --service-pipe-token=7959919463247706845 --lang=en-US --instant-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=7959919463247706845 --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1556 /prefetch:1
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.75
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
2292
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=956,8145731737619825880,15429340508233278846,131072 --enable-features=PasswordImport --disable-gpu-compositing --service-pipe-token=10235740849638840834 --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=10235740849638840834 --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1080 /prefetch:1
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.75
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
3704
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=956,8145731737619825880,15429340508233278846,131072 --enable-features=PasswordImport --disable-gpu-compositing --service-pipe-token=12244772036158270560 --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=12244772036158270560 --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3432 /prefetch:1
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.75
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
1796
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=956,8145731737619825880,15429340508233278846,131072 --enable-features=PasswordImport --disable-gpu-compositing --service-pipe-token=9511048558681155649 --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=9511048558681155649 --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3212 /prefetch:1
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.75
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
2572
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe"
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
Parent process
––
User
admin
Integrity Level
MEDIUM
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.75
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\ole32.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\netutils.dll
c:\windows\system32\srvcli.dll
c:\windows\system32\wkscli.dll
c:\windows\system32\samcli.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\oleacc.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\hid.dll
c:\windows\system32\propsys.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\d3d11.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\credui.dll
c:\windows\system32\ncrypt.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\winusb.dll
c:\windows\system32\msi.dll
c:\windows\system32\wevtapi.dll
c:\windows\system32\gpapi.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\dhcpcsvc6.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\mscms.dll
c:\windows\system32\wlanapi.dll
c:\windows\system32\wlanutil.dll
c:\windows\system32\winsta.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\mmdevapi.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\wpc.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\samlib.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\firewallapi.dll
c:\windows\system32\kbdus.dll
c:\windows\system32\explorerframe.dll
c:\windows\system32\duser.dll
c:\windows\system32\dui70.dll
c:\windows\system32\linkinfo.dll
c:\windows\system32\windowscodecs.dll
c:\windows\system32\ehstorshell.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\cscui.dll
c:\windows\system32\cscdll.dll
c:\windows\system32\cscapi.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\wship6.dll
c:\windows\system32\ntshrui.dll
c:\windows\system32\slc.dll
c:\windows\system32\imageres.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\bcryptprimitives.dll
c:\windows\system32\imagehlp.dll
c:\program files\winrar\rarext.dll
c:\program files\microsoft office\office14\olkfstub.dll
c:\progra~1\micros~1\office14\mlshext.dll
c:\program files\microsoft office\office14\onfilter.dll
c:\program files\microsoft office\office14\visshe.dll
c:\program files\common files\microsoft shared\office14\msoshext.dll
c:\program files\microsoft office\office14\msohevi.dll
c:\windows\system32\mf.dll
c:\windows\system32\shdocvw.dll
c:\program files\filezilla ftp client\fzshellext.dll
c:\windows\system32\syncui.dll
c:\program files\notepad++\nppshell_06.dll
c:\program files\windows sidebar\sbdrop.dll
c:\windows\system32\stobject.dll
c:\windows\system32\cryptext.dll
c:\windows\system32\colorui.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_child.dll
c:\windows\system32\comdlg32.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\wininet.dll

PID
2680
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=73.0.3683.75 --initial-client-data=0x7c,0x80,0x84,0x78,0x88,0x6de30f18,0x6de30f28,0x6de30f34
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
MEDIUM
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.75
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\cryptbase.dll

PID
2272
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=2860 --on-initialized-event-handle=308 --parent-handle=312 /prefetch:6
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
MEDIUM
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.75
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\kernel32.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\ole32.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_watcher.dll

PID
1632
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=980,11879174880122228267,6649080501243639048,131072 --enable-features=PasswordImport --gpu-preferences=KAAAAAAAAACAAwAAAQAAAAAAAAAAAGAAAAAAAAEAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --service-request-channel-token=673585098638050555 --mojo-platform-channel-handle=992 --ignored=" --type=renderer " /prefetch:2
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.75
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\mf.dll
c:\windows\system32\atl.dll
c:\windows\system32\mfplat.dll
c:\windows\system32\avrt.dll
c:\windows\system32\ksuser.dll
c:\windows\system32\msmpeg2vdec.dll
c:\windows\system32\evr.dll
c:\windows\system32\powrprof.dll
c:\windows\system32\slc.dll
c:\windows\system32\sqmapi.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\dxva2.dll
c:\program files\google\chrome\application\73.0.3683.75\d3dcompiler_47.dll
c:\windows\system32\ddraw.dll
c:\windows\system32\dciman32.dll
c:\program files\google\chrome\application\73.0.3683.75\swiftshader\libglesv2.dll
c:\program files\google\chrome\application\73.0.3683.75\swiftshader\libegl.dll

PID
2356
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=980,11879174880122228267,6649080501243639048,131072 --enable-features=PasswordImport --lang=en-US --service-sandbox-type=network --service-request-channel-token=8729587313982660778 --mojo-platform-channel-handle=1516 /prefetch:8
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
Parent process
chrome.exe
User
admin
Integrity Level
MEDIUM
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.75
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\user32.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\wininet.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\dhcpcsvc6.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\wship6.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\fwpuclnt.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\gpapi.dll
c:\windows\system32\ncrypt.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\bcryptprimitives.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\cryptnet.dll
c:\windows\system32\wldap32.dll

PID
3284
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=980,11879174880122228267,6649080501243639048,131072 --enable-features=PasswordImport --service-pipe-token=6462239167725754630 --lang=en-US --instant-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=6462239167725754630 --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1872 /prefetch:1
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.75
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
3032
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=980,11879174880122228267,6649080501243639048,131072 --enable-features=PasswordImport --service-pipe-token=16199134350905936066 --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=16199134350905936066 --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2292 /prefetch:1
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.75
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
3944
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=980,11879174880122228267,6649080501243639048,131072 --enable-features=PasswordImport --service-pipe-token=8033110293415619082 --lang=en-US --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=8033110293415619082 --renderer-client-id=4 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2284 /prefetch:1
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.75
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
2632
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=980,11879174880122228267,6649080501243639048,131072 --enable-features=PasswordImport --lang=en-US --service-sandbox-type=utility --service-request-channel-token=12735472226873675613 --mojo-platform-channel-handle=3148 --ignored=" --type=renderer " /prefetch:8
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.75
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
4080
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=980,11879174880122228267,6649080501243639048,131072 --enable-features=PasswordImport --lang=en-US --service-sandbox-type=utility --service-request-channel-token=640992977256037015 --mojo-platform-channel-handle=3184 --ignored=" --type=renderer " /prefetch:8
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.75
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
3436
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=980,11879174880122228267,6649080501243639048,131072 --enable-features=PasswordImport --disable-gpu-compositing --service-pipe-token=15415976762431097078 --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=15415976762431097078 --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3268 /prefetch:1
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.75
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

Registry activity

Total events
702
Read events
565
Write events
134
Delete events
3

Modification events

PID
Process
Operation
Key
Name
Value
2936
chrome.exe
delete key
HKEY_CURRENT_USER\Software\Google\Chrome\BrowserExitCodes
2936
chrome.exe
delete key
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
2936
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
failed_count
0
2936
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
state
2
2936
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
StatusCodes
2936
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
StatusCodes
01000000
2936
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
state
1
2936
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
dr
1
2936
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome
UsageStatsInSample
0
2936
chrome.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}
usagestats
0
2936
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
metricsid
2936
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
metricsid_installdate
0
2936
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
metricsid_enableddate
0
2936
chrome.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\_NumAccounts
aggregate
sum()
2936
chrome.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\_NumAccounts
S-1-5-21-1302019708-1500728564-335382590-1000
1
2936
chrome.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\_NumSignedIn
aggregate
sum()
2936
chrome.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\_NumSignedIn
S-1-5-21-1302019708-1500728564-335382590-1000
0
2936
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\StabilityMetrics
user_experience_metrics.stability.exited_cleanly
0
2936
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
lastrun
13199810629851250
2936
chrome.exe
write
HKEY_CLASSES_ROOT\Local Settings\MuiCache\62\52C64B7E
LanguageList
en-US
2936
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
aapocclcgogkmnckokdopfmhonfmgoek
E79DA0F8951939DF9BFB49F716FD5D6586B0BDF85163C5EFCEFFB24CDDD8EDA4
2936
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
ahfgeienlihckogmohjhadlkjgocpleb
15B1C3FE35F29528448F36A72A4DFBC58A8083C7190559D25865779166D220A2
2936
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
aohghmighlieiainnegkcijnfilokake
152942CA2F22DB337E15F80B0C3A886C7E48C50B40A6497333E50DCB90E634F6
2936
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
apdfllckaahabafndbhieahigkjlhalf
42CE98EF27778CDB60638CB402C247D7B8B93B3F850748BCB8F3F28E548317DC
2936
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
blpcfgokakmgnkcojhhkbfbldkacnbeo
F6D9EFB216D54B363388255D40554CFF4AD72643FE0B1C404A48A04FCDE61B11
2936
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
felcaaldnbdncclmgdcncolpebgiejap
D5B7D454983B0D3DB6A964E6133A60F14A6FBD9505FEAB9CB7456937FC85A0FE
2936
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
gfdkimpbcpahaombhbimeihdjnejgicl
D6B079666F209503A09486C70AC09307652A0F7F783166A999B27C99D0DA79E2
2936
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
ghbmnnjooekpmoecnnnilnnbdlolhkhi
564815CAA3B811196396094B9084D1E9EE3C0370A6A7E5B8866AD193295CBBFD
2936
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
kmendfapggjehodndflmmgagdbamhnfd
00175B8120231631976CA8B862A3416996C9373BA3D289F0619DDA992973DDFA
2936
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
mfehgcgbbipciphmccgaenjidiccnmng
63355C14E8C7DF9A075F2EDDEA6F2807DC8166B83F96F4C975B9B6554C6324D7
2936
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
mhjfbmdgcfjbbpaeojofohoefgiehjai
0E265BFED6F1C7D5F0A9BD790C50BB30E78E959631D51EEBB8BB0DE73E65763C
2936
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
neajdppkdcdipfabeoofebfddakdcjhd
04A45240BDA55E8777FA04357712CA6DD942253A21323E4C7D3CCF769B34BFED
2936
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nkeimhogjdpnpccoofpliimaahmaaome
EFA63CBF982B82CF44E63E567FF3BB95FE3F51570D9A0CED8846E77B13199169
2936
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nmmhkkegccagdldgiimedpiccmgmieda
23494879B97443D5FFBD281342AD022B641903195373A5795A5890E7CB70D570
2936
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
pjkljhegncpnkpknbcohdijeoejaedia
01656EA3D9B5707591A055A61E06326B2C30261E7EA66B1203FA02F11AAD8944
2936
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
pkedcjkdefgpdelpbcmbmeomcjbeemfm
C7E923BB29822A80FFDD7A3D1792ECCD742E8BD88934C0FA90643B2B96308655
2936
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Common\Rlz\PTimes
C
4AE8814294F3D401
2936
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Common\Rlz\RLZs
C1
1C1GCEA_enUA812UA812
2936
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Common\Rlz\RLZs
C2
1C2GCEA_enUA812
2936
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Common\Rlz\RLZs
C7
1C7GCEA_enUA812
2936
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\StabilityMetrics
user_experience_metrics.stability.exited_cleanly
1
2624
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\BrowserExitCodes
2936-13199810628882500
259
2624
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\BrowserExitCodes
2936-13199810628882500
0
1948
chrome.exe
write
HKEY_CLASSES_ROOT\Local Settings\MuiCache\62\52C64B7E
LanguageList
en-US
3304
chrome.exe
write
HKEY_CLASSES_ROOT\Local Settings\MuiCache\62\52C64B7E
LanguageList
en-US
3304
chrome.exe
write
HKEY_CLASSES_ROOT\Local Settings\MuiCache\62\52C64B7E
@sendmail.dll,-21
Desktop (create shortcut)
3304
chrome.exe
write
HKEY_CLASSES_ROOT\Local Settings\MuiCache\62\52C64B7E
@zipfldr.dll,-10148
Compressed (zipped) folder
3304
chrome.exe
write
HKEY_CLASSES_ROOT\Local Settings\MuiCache\62\52C64B7E
@sendmail.dll,-4
Mail recipient
3304
chrome.exe
write
HKEY_CLASSES_ROOT\Local Settings\MuiCache\62\52C64B7E
@C:\Windows\system32\FXSRESM.dll,-120
Fax recipient
2572
chrome.exe
delete key
HKEY_CURRENT_USER\Software\Google\Chrome\BrowserExitCodes
2572
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
failed_count
0
2572
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
state
2
2572
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
StatusCodes
2572
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
StatusCodes
01000000
2572
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
state
1
2572
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
dr
1
2572
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome
UsageStatsInSample
0
2572
chrome.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}
usagestats
0
2572
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
metricsid
2572
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
metricsid_installdate
0
2572
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
metricsid_enableddate
0
2572
chrome.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\_NumAccounts
aggregate
sum()
2572
chrome.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\_NumAccounts
S-1-5-21-1302019708-1500728564-335382590-1000
1
2572
chrome.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\_NumSignedIn
aggregate
sum()
2572
chrome.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\_NumSignedIn
S-1-5-21-1302019708-1500728564-335382590-1000
0
2572
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\StabilityMetrics
user_experience_metrics.stability.exited_cleanly
0
2572
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
lastrun
13199810738699882
2572
chrome.exe
write
HKEY_CLASSES_ROOT\Local Settings\MuiCache\62\52C64B7E
LanguageList
en-US
2272
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\BrowserExitCodes
2572-13199810738199882
259
2356
chrome.exe
write
HKEY_CLASSES_ROOT\Local Settings\MuiCache\62\52C64B7E
LanguageList
en-US

Files activity

Executable files
0
Suspicious files
74
Text files
188
Unknown types
10

Dropped files

PID
Process
Filename
Type
2572
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Preferences~RF14cd8f.TMP
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Local State
text
MD5: c82631a37eaf92235195c3b725590ced
SHA256: fcb2ce1315913398df8609facc1e394ce8470f4eafee64bb2384fa58c8eed4f5
2572
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\0e0552f4-575d-4018-9a00-6c7e8db36e53.tmp
––
MD5:  ––
SHA256:  ––
2572
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Local State
text
MD5: 9d8fb35d611853baa3cf3a63d7c69798
SHA256: de6f8d56a3aecb50fcf9acc53ed0686191b73568fb25b92c9d63e05d030785e7
2572
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Local State~RF14cd12.TMP
text
MD5: 9d8fb35d611853baa3cf3a63d7c69798
SHA256: de6f8d56a3aecb50fcf9acc53ed0686191b73568fb25b92c9d63e05d030785e7
2572
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\834d3850-23b1-4264-b8fc-7182aae27d75.tmp
––
MD5:  ––
SHA256:  ––
2572
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Last Session
binary
MD5: 46b92997c09f31a21600082080b85fd9
SHA256: ff96d036a0b7287a3c3038e7af91763061c1e84b2d89e5d9301f9bee33e3b630
2572
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG.old
text
MD5: da6de2a0a50572d952f808437ab4d486
SHA256: cf6d7875b5b423dc1a1956f2ad0c39924666bd721c08dff87d56843f18c50645
2572
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\502a3edb0524aa20_0
binary
MD5: 98c69a4181ea6a3f37443d893aac2d39
SHA256: 2428a81278c1cab5bc0211ae34c098876ad6b843e552102ff4dc0b98aec2403c
2572
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\adfb193e4c471897_0
binary
MD5: f47a82c8128ecfa515624515c305e68d
SHA256: 65529ceb31312a518b4b3261a7fd835a33ffea3bff473af9cadfcb4155271d5d
2356
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000009
compressed
MD5: 573e5af4b1a67628a419fe5795f4cf3d
SHA256: 928949cd684618bb1807e3026c68286f3a80a122ce7facbb4320dde4aefac65e
2356
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000008
binary
MD5: ef7d2daf084768b5c4390eb8e3794fa2
SHA256: 8e123a28556c53ed27f713a7875ec79092f82e20a9352d1f87d9e475a8853a4b
2572
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG.old~RF14ab13.TMP
text
MD5: 813ec5d4e0cea22783946b89ed958f86
SHA256: c824b549a3df77d92d0c001ec4eaf84e8e76316182cb01866e1e494a1cdac186
2572
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG.old
text
MD5: 813ec5d4e0cea22783946b89ed958f86
SHA256: c824b549a3df77d92d0c001ec4eaf84e8e76316182cb01866e1e494a1cdac186
2572
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\000003.ldb
binary
MD5: a194ab654bea129b7ca9fba52956c1a9
SHA256: fad35990c65e0402821ce9d3f823592a78fab901846b99cbc9e352168c92b1b2
2572
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG.old
text
MD5: 8957588e1428f6515b68410d73c5eb0f
SHA256: f1fc28bed502a1cf6d4e9e133d35d9c5374261e725b55586fdbd21cd359f0106
2572
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG.old~RF14aac5.TMP
text
MD5: 8957588e1428f6515b68410d73c5eb0f
SHA256: f1fc28bed502a1cf6d4e9e133d35d9c5374261e725b55586fdbd21cd359f0106
2572
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\ShaderCache\GPUCache\data_1
––
MD5:  ––
SHA256:  ––
2572
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1
binary
MD5: e8ee9b7c223429e734c23a16b90fa896
SHA256: 84b2c3d10a08759680403d277142d3d708c16d0a9856da7c77657a6a8e1349a0
2572
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache
binary
MD5: baf986d44c1cd1467f310ade56b97e0e
SHA256: 115350db2dbf86d18dc03b6d20f065f74c7911884d82726ec34c61d665bad797
2572
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT
text
MD5: a874f3e3462932a0c15ed8f780124fc5
SHA256: 01bd196d6a114691ec642082ebf6591765c0168d4098a0cd834869bd11c8b87d
2572
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT~RF14a71c.TMP
text
MD5: a874f3e3462932a0c15ed8f780124fc5
SHA256: 01bd196d6a114691ec642082ebf6591765c0168d4098a0cd834869bd11c8b87d
2572
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000020.dbtmp
––
MD5:  ––
SHA256:  ––
2572
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old
text
MD5: 57e05c483dd0f601732c19d430572330
SHA256: d3810f534ad4dfe658dc78dc8453bcaad5bce90aca2fb52e5088b0434b7ad207
2572
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\410e0f68-732d-455c-8e5c-6d2c0774cb57.tmp
––
MD5:  ––
SHA256:  ––
2572
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG.old
text
MD5: 23d6dd71761eea556297dd146fc32356
SHA256: a568f2ed1c7586f53f63f6cfe60cc55ec336545c8412cf73c3412e9b7a4ca003
2572
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old~RF14a6be.TMP
text
MD5: 57e05c483dd0f601732c19d430572330
SHA256: d3810f534ad4dfe658dc78dc8453bcaad5bce90aca2fb52e5088b0434b7ad207
2572
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG.old~RF14a69f.TMP
text
MD5: f2fd8cd5cac2589ed96630c6c2e9c099
SHA256: 39d78eba93c82e0d2cefbc1b5df541f875e135856a19aad6a87837affb623931
2572
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG.old~RF14a6ae.TMP
text
MD5: 23d6dd71761eea556297dd146fc32356
SHA256: a568f2ed1c7586f53f63f6cfe60cc55ec336545c8412cf73c3412e9b7a4ca003
2572
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG.old
text
MD5: f2fd8cd5cac2589ed96630c6c2e9c099
SHA256: 39d78eba93c82e0d2cefbc1b5df541f875e135856a19aad6a87837affb623931
2572
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG.old
text
MD5: 385ec6da6e92b9278e465f9788e16268
SHA256: 6a76dd6fb714f14242635af5d924f2a63e4bb60a9f3eb315d9a659b14821cff3
2572
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG.old~RF14a68f.TMP
text
MD5: 385ec6da6e92b9278e465f9788e16268
SHA256: 6a76dd6fb714f14242635af5d924f2a63e4bb60a9f3eb315d9a659b14821cff3
2572
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\LOG.old
text
MD5: ac6326012db8f3c919b586a7cc853f01
SHA256: 14b3f7b6e426d06de25a824ed2aa425c86d3f6ac227c5d1cc76573ec731eaa1b
2572
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\BrowserMetrics\BrowserMetrics-5CB48FB2-A0C.pma
––
MD5:  ––
SHA256:  ––
2572
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Last Version
text
MD5: f679598350690f14a2479935d826682b
SHA256: 4e7e1987eaf5ec751eb16b9f7cbae1c55873f1afe8e2b52416ed454f4efbf239
2680
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\CrashpadMetrics.pma
binary
MD5: 9543068b6751e1f3e11f91d72ee78d95
SHA256: d060ad21ae6e04cb58668caa52adfca573e018102cc07554d2ed3eae11ab7785
2572
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
binary
MD5: 9c016064a1f864c8140915d77cf3389a
SHA256: 0e7265d4a8c16223538edd8cd620b8820611c74538e420a88e333be7f62ac787
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\ShaderCache\GPUCache\data_1
binary
MD5: aadba0c54f1236fdcae29d751f0b8e18
SHA256: ae6cf442d574c533b96d5116677b0ea2b4e487f8a85e9b5a7b67e52ddf12609d
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\chrome_shutdown_ms.txt
text
MD5: 7d4c2fe47ec12543128cbbacf8784ae7
SHA256: 1e3668da84bdda65ceb67e90ae6fb3c53a0a91cad1b653ab7a041b48820f45ba
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1
binary
MD5: e8ee9b7c223429e734c23a16b90fa896
SHA256: 84b2c3d10a08759680403d277142d3d708c16d0a9856da7c77657a6a8e1349a0
1948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State~RF148bf2.TMP
text
MD5: 4d5fdebe305fb81d224c6ab65802924a
SHA256: d3eb37748a495342f0da2251c41d546ff7d44d0c57ac5a4393359bf0c489f991
1948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State
text
MD5: 4d5fdebe305fb81d224c6ab65802924a
SHA256: d3eb37748a495342f0da2251c41d546ff7d44d0c57ac5a4393359bf0c489f991
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Preferences~RF148bf2.TMP
text
MD5: 9f62ab7d74185719e4fe4c4a0d2c268d
SHA256: ceab428e6c7ce7449c82a9e62c8e4df61a2fb2832f84226206d6090b11431423
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Local State~RF148bf2.TMP
text
MD5: 7721ad66e31abe14bca9e6e5d3e9b29e
SHA256: bbfd858ce4be8c44748a06d7e32e6459c488891d2f14d3ff74851ec4b8986d58
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
text
MD5: 9f62ab7d74185719e4fe4c4a0d2c268d
SHA256: ceab428e6c7ce7449c82a9e62c8e4df61a2fb2832f84226206d6090b11431423
1948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\9ebe52d2-55d5-47cb-b785-7e6f4e67d499.tmp
––
MD5:  ––
SHA256:  ––
1948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1
binary
MD5: 668efb5cd2cdcf8494c9a6074d94c890
SHA256: 9420a7bfe342b6e3969a566d570d0d8a6fbdaaf3e44137bbf4deeaa75b7e53c0
1948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2
binary
MD5: 10c2bb3ddc73f357bf188c9baf38ad33
SHA256: dfe9210c5388d8a57b83194a15867bacb0625c6e39a060a0fdecf34f3d2c19c9
1948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cookies
sqlite
MD5: 68667f62fe4ad768765bb761fbbef45e
SHA256: d6fe82e47ab010509a834e36667898c94443742458323af1bb555dfb54fb79bd
1948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0
binary
MD5: 82c65c66169e0c6290fa21ada7bd9011
SHA256: 21cdfe0c5bbfba851f1f536c802388c85889ac1dfef7bb67f41fff5de1f4f006
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000003.log
binary
MD5: d9d9c2aae5810700c96a025d14c94e1b
SHA256: f1f4e3749f4e9dc861f93bc130560f3ca3096cc51ed403e69d2a1b51100b7810
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\QuotaManager
sqlite
MD5: 36aa6d0603c27f2e8fbfc504fef4e237
SHA256: 98ad22246068a1055e1fc3a538096c55bdae04512e28b9651484d2fb17e39ecd
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\000003.log
binary
MD5: 089879b645338c7869285a5433fb0fb5
SHA256: e65fbfb0451f4c9700935811a9ac8be74fef0b8e8384ba8d72a6f0ea41cce56d
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG
text
MD5: 0a1bca486a6fbeeec296db9b89231245
SHA256: f634c3b74c6bea1b8bd81aac2766636437398d2be8407434f212c8e005508755
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\LOG
text
MD5: ac6326012db8f3c919b586a7cc853f01
SHA256: 14b3f7b6e426d06de25a824ed2aa425c86d3f6ac227c5d1cc76573ec731eaa1b
1948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cookies-journal
––
MD5:  ––
SHA256:  ––
1948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\5f1068b7-0172-41bc-9f63-a6fd2796026e.tmp
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\bed716d1-8a47-42fc-af5a-c87e2fc481ab.tmp
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\QuotaManager-journal
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG
text
MD5: 23d6dd71761eea556297dd146fc32356
SHA256: a568f2ed1c7586f53f63f6cfe60cc55ec336545c8412cf73c3412e9b7a4ca003
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor
sqlite
MD5: d5a38ff34170edfcd7b25fb782d54861
SHA256: 405ac0ee04ba36a174f79e9005e16b46d1691ad9cf05a5d951c8c18d5ce66db5
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG
text
MD5: da6de2a0a50572d952f808437ab4d486
SHA256: cf6d7875b5b423dc1a1956f2ad0c39924666bd721c08dff87d56843f18c50645
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG
text
MD5: 813ec5d4e0cea22783946b89ed958f86
SHA256: c824b549a3df77d92d0c001ec4eaf84e8e76316182cb01866e1e494a1cdac186
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG
text
MD5: 8957588e1428f6515b68410d73c5eb0f
SHA256: f1fc28bed502a1cf6d4e9e133d35d9c5374261e725b55586fdbd21cd359f0106
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG
text
MD5: c3aec3e8306de1748acc90dd9840f058
SHA256: 8b4a9d988c80c28d0581428bf7470b0f4d7113ce9f0f29911563df3a54573e5b
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Current Tabs
binary
MD5: 50b6299f9354a89dcaccf70d927559a1
SHA256: 462759701b21c2f79804e46a62c785fbbb18daf08188b6a581fd71e2e1218eea
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG
text
MD5: 7ead8c0c0ed0d60183f66ea0fd7a9545
SHA256: 8a8bb54df6e8cce20bb1c126727970c94f4a784a6a187bbf1cc6a4e285055c50
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG
text
MD5: ab15ae8dfe8221d66e85c139d3e9d0ab
SHA256: 562fe63d5b85d7b6ba2b593fd3456f1e46a88e3b7fb95dc50c1ed0a7feebe1f1
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG
text
MD5: f2fd8cd5cac2589ed96630c6c2e9c099
SHA256: 39d78eba93c82e0d2cefbc1b5df541f875e135856a19aad6a87837affb623931
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extension State\000003.log
binary
MD5: 41c7d1373de8e7bd508c548a70910e51
SHA256: 99c59cbe7db56d56a286485635e4467004641c6275e708887dd35728eb05109a
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\MANIFEST-000018
binary
MD5: dc50999a09b1e2f6e9350855136b865e
SHA256: f759b718dac41a2b27aca56179793c7063060dd8dc1bc051948866503c275b6f
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG
text
MD5: 385ec6da6e92b9278e465f9788e16268
SHA256: 6a76dd6fb714f14242635af5d924f2a63e4bb60a9f3eb315d9a659b14821cff3
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG
text
MD5: 57e05c483dd0f601732c19d430572330
SHA256: d3810f534ad4dfe658dc78dc8453bcaad5bce90aca2fb52e5088b0434b7ad207
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\000003.log
binary
MD5: 47755d758ff3b7335ca27f6313d4c2be
SHA256: 1744842f55053137f5a2505747766decebaba068c91ae3d80a9fa37af60c106e
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\000003.log
binary
MD5: b27e5fbec74aa38eb531951043b569ba
SHA256: cbd0cf15007dd9d81af512313125fa300ef164cda13522b3431c6c007055cc92
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\000003.log
binary
MD5: 32eaf59e6861e70eab372489eb4a3dfa
SHA256: edd9f4d64c0018336349d6c3769b81235b3b20fcd4059ebe7bc7c594f5b133dd
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\000003.log
binary
MD5: f89a0be81d1917af4cb21a251af50749
SHA256: a0b1d7a2634264b25d5b8b4b817b0e5e2db35249cbf5c810a1edb50d1da3d73c
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor-journal
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Favicons
sqlite
MD5: b4fa2216a9f85964add3951bc789f243
SHA256: 838d9ae0e3aa66b45a9007993c5cf1a704f529e702bcd3f770090641fb23e8a3
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Visited Links
binary
MD5: 7b4ff416c2d2901c309aced50d774ec3
SHA256: 83caf48f6ba22b61c7eeb145c1ec4e4ab41791a9fdde55dd9ae8fe519f9c2946
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\History
sqlite
MD5: aea093a6aa54851698c20d937334bc5b
SHA256: bdf315c825a6ca36462873766cc4c36ea275a9dd92f98cfb56e904fe6d0472a7
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Local State
text
MD5: 7721ad66e31abe14bca9e6e5d3e9b29e
SHA256: bbfd858ce4be8c44748a06d7e32e6459c488891d2f14d3ff74851ec4b8986d58
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Web Data
sqlite
MD5: 7e3c1d082ac38e9acb3ee1f77a1b0175
SHA256: 33e0bc91aa5158664287cad7adff0f546291ce2917235c061dea11297d43f38e
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\History-journal
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Favicons-journal
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Local State~RF148bb4.TMP
text
MD5: 7721ad66e31abe14bca9e6e5d3e9b29e
SHA256: bbfd858ce4be8c44748a06d7e32e6459c488891d2f14d3ff74851ec4b8986d58
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Top Sites
sqlite
MD5: ce3615469d3c267d58692854cdfd2fe1
SHA256: 5d1274b58203d224625ef41c7d560835a9bd45415c60a87b0b2d1b3ca06ca794
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Login Data
sqlite
MD5: 89c00a8e4f5230432acea5e752ed1170
SHA256: 23550ad3798aff7c3fa2b3b06f807ff63af264f257945a8525ccaa6c07ac4bfe
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache
binary
MD5: 90073bcca045658192f9074e8d97a039
SHA256: f9efb5dacb85e9d4e7edb224ab43bbfda44377706491117754cf0d66570838d8
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Login Data-journal
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\2cfedc36-a131-417a-acf8-2d6c8b5be550.tmp
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Top Sites-journal
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Current Session
binary
MD5: 46b92997c09f31a21600082080b85fd9
SHA256: ff96d036a0b7287a3c3038e7af91763061c1e84b2d89e5d9301f9bee33e3b630
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
binary
MD5: e76754ea96b32e874def26db228171a9
SHA256: 507335463b4e7c931f2053fffadd2b14bfc1cb7965c8816965761c15e2d71ee3
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index~RF1467c1.TMP
binary
MD5: e76754ea96b32e874def26db228171a9
SHA256: 507335463b4e7c931f2053fffadd2b14bfc1cb7965c8816965761c15e2d71ee3
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\28da9c56fde4021055a681112c092453f74d8dd8\d259839a-85c7-4683-a5fd-3e59e00ffba4\index-dir\the-real-index~RF146511.TMP
binary
MD5: 7292b7ddd8ac17ef1c7a5f96d45ff655
SHA256: 6fc165ec9504e5feca12fb1ece7672afdf6cc05d08f311cb27767502d81796e1
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\28da9c56fde4021055a681112c092453f74d8dd8\d259839a-85c7-4683-a5fd-3e59e00ffba4\index-dir\the-real-index
binary
MD5: 7292b7ddd8ac17ef1c7a5f96d45ff655
SHA256: 6fc165ec9504e5feca12fb1ece7672afdf6cc05d08f311cb27767502d81796e1
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\28da9c56fde4021055a681112c092453f74d8dd8\d259839a-85c7-4683-a5fd-3e59e00ffba4\index-dir\temp-index
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
binary
MD5: 17484fc99e57192aabaaf169b2dc3419
SHA256: 94f54463e6e35c7bf947ddb2f443691c65fda13235df6eae9b5a98675a7d769a
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RF146408.TMP
binary
MD5: 17484fc99e57192aabaaf169b2dc3419
SHA256: 94f54463e6e35c7bf947ddb2f443691c65fda13235df6eae9b5a98675a7d769a
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\temp-index
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
text
MD5: b0949f02de32912ceb84a3b6656a2723
SHA256: 85c1813ce3d9ff04c26adc594ce0b27f77de24b25b7ca52bb98d26eb13facf67
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Preferences~RF145cc4.TMP
text
MD5: b0949f02de32912ceb84a3b6656a2723
SHA256: 85c1813ce3d9ff04c26adc594ce0b27f77de24b25b7ca52bb98d26eb13facf67
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\1bc5b375-9f40-43c0-8825-5a055a6f13bd.tmp
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\BrowserMetrics-spare.pma
––
MD5:  ––
SHA256:  ––
1948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity~RF143da4.TMP
text
MD5: cb74d3b2497dce5176b988d8d7196257
SHA256: ce0f883b7de230b8332a4038b6a6634358bb81f0d944722edef65c90c9c7ca2f
1948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity
text
MD5: cb74d3b2497dce5176b988d8d7196257
SHA256: ce0f883b7de230b8332a4038b6a6634358bb81f0d944722edef65c90c9c7ca2f
1948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\0091162f-a68d-4ee3-9f24-29d4f42ff2f7.tmp
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.google.com_0.indexeddb.leveldb\LOG
text
MD5: b85e41d2e0e22eff56fb199fc0e1485e
SHA256: eb2bc0594313fde2cb25ca8afb6f86c74cb351e57f476e8cc4c80815c574e6b6
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.google.com_0.indexeddb.leveldb\000003.log
binary
MD5: 74424459b114b75ddd8e3a156ee3b617
SHA256: ecb087c1b56c98f7da871cdb9d910c379632a38547d52047fc24dea792f8af8b
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Local State
text
MD5: 5240364b4321987ffa253054ddeb4623
SHA256: 1dd66238eba4281d98c67fde9a387c103a27aeca25c687366927ddaf03633bb3
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Local State~RF143ac5.TMP
text
MD5: 5240364b4321987ffa253054ddeb4623
SHA256: 1dd66238eba4281d98c67fde9a387c103a27aeca25c687366927ddaf03633bb3
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\fdc612e1-18de-4773-899c-92e52daf92fc.tmp
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\28da9c56fde4021055a681112c092453f74d8dd8\index.txt
binary
MD5: ca2dbc0a8f598d9287d9cbbcc13ba1ff
SHA256: bbfff973e0df619cfc47c7347998f9c73089700c1edb47aa35d7886bc1d8907c
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\28da9c56fde4021055a681112c092453f74d8dd8\index.txt~RF142a79.TMP
binary
MD5: ca2dbc0a8f598d9287d9cbbcc13ba1ff
SHA256: bbfff973e0df619cfc47c7347998f9c73089700c1edb47aa35d7886bc1d8907c
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\28da9c56fde4021055a681112c092453f74d8dd8\index.txt.tmp
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\502a3edb0524aa20_0
binary
MD5: 3b110cc0af26526dafd99f7c5a410690
SHA256: cb5c2a41d01eba25b0e9f4c6585d2b75936f04c468d09e463b41683f9380fd71
1948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000007
compressed
MD5: e527612057a54668170bd5e343aafad6
SHA256: 8d23a8a1e1bd298cf0bf7d749a35d2fab47b03f041379134cb6f5236e9786068
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\aa3abbe71413e7c4_0
binary
MD5: 85d1770e5287f3b5a6406d7ba0844b51
SHA256: a8baefc03077e45568ec7078e15a8562f899ac380ea81dd7e55fbfc5a2cbebac
1948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000006
compressed
MD5: 48c4122ac24d3c0c953d9ac1c6dc5184
SHA256: 3e8670ecfba8bab1d76360c14604dec69552c444bba055269aed30d973587892
1948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000005
image
MD5: 7941e62d27d42b5960029cffb4fada3b
SHA256: 7ca40d7689200cec17f9c2c2f64e9a76590fe894a760545dcdde0a27820e7e2f
1948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000004
binary
MD5: a4a068f18a2bf84f8f18101558d33802
SHA256: 0a2180a91752c2ddf77961124746d18d2b1a8acded3e33fac8174d161df2ecf6
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\28da9c56fde4021055a681112c092453f74d8dd8\d259839a-85c7-4683-a5fd-3e59e00ffba4\bd2ac9401e71e2d5_0
binary
MD5: 992df4ceac8ef7c4c033b7447eb1740a
SHA256: 655a74ffc4f7be550b34a26904284477e12c038a67afbff330512da757dcb9e0
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\28da9c56fde4021055a681112c092453f74d8dd8\d259839a-85c7-4683-a5fd-3e59e00ffba4\bd2ac9401e71e2d5_1
binary
MD5: 7fc7c16619e23dcd33bc20752df5a8c8
SHA256: 3fadb951cada2df1a7dde694c39df7ee2a3334f6effc61e6bb99388b331e88a7
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\28da9c56fde4021055a681112c092453f74d8dd8\d259839a-85c7-4683-a5fd-3e59e00ffba4\5ca50924ce3c5c59_0
binary
MD5: 96dfe8d39c36e30d47ad74f4858a97f7
SHA256: 1a5cde37dcc57c1397cf44214c31cd4448fed6b9e0d4a33dc8326aa3ec141d57
1948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000003
binary
MD5: 1a4a6fecb72bdc67303fb3df796c8f91
SHA256: 54f9122c85c6afbbcb0ce127a53704e1d00fb574023a593e582c9f3fccac41f2
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\9cbb2d28459bc049_0
binary
MD5: 5648df2826217637b14dfffcd72675d9
SHA256: 0f2b6452a3c7ffaf381ebde21731804b392abe3297b2a3e1e5a438b688758888
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\28da9c56fde4021055a681112c092453f74d8dd8\d259839a-85c7-4683-a5fd-3e59e00ffba4\index-dir\the-real-index
binary
MD5: 12b43cfb78293b4403e935dfc4e0cb1d
SHA256: 6a014dae70c486aa6f43148f4e2de9e37a5a87239bd5e94f00db704256d829e7
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\28da9c56fde4021055a681112c092453f74d8dd8\index.txt
binary
MD5: a21597a1c769d697b0d42d745f4cb80b
SHA256: 6eb79685fc75236dfbbe1f41dd3d9713a1eefbbb75087217f4e458c456996793
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\28da9c56fde4021055a681112c092453f74d8dd8\d259839a-85c7-4683-a5fd-3e59e00ffba4\index
text
MD5: 54cb446f628b2ea4a5bce5769910512e
SHA256: fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.google.com_0.indexeddb.leveldb\CURRENT
text
MD5: 46295cac801e5d4857d09837238a6394
SHA256: 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.google.com_0.indexeddb.leveldb\000001.dbtmp
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\2cc80dabc69f58b6_1
binary
MD5: 16ca74147273f3328ac55c43b07db281
SHA256: 000f9760b20b306861c2f727c35a4e806d271387f633490342257e0b89abf4b0
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.google.com_0.indexeddb.leveldb\MANIFEST-000001
binary
MD5: 3fd11ff447c1ee23538dc4d9724427a3
SHA256: 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\2cc80dabc69f58b6_0
binary
MD5: 6b4e82a15ae28c171e84ad2b26b07d61
SHA256: 2fcea8d4ca7a4cc8c112682763e5459e5afe2360e4e556e3ea8dc1cc053a88dd
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\94854a4d2cc11b03_0
binary
MD5: c7d17c4207f7b4bfc6f0064cfd626a26
SHA256: c5e3889c31811d353366ec3d0909883492a4c496b180c0862e530e4ab88b9a14
1948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000002
compressed
MD5: 4f0f603a74d03043125376621159870e
SHA256: e72868e36a01ddf3394e2026eb1bdef44e11d0d8c996c0c7211b3d4ea6bd053c
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\CURRENT
text
MD5: 46295cac801e5d4857d09837238a6394
SHA256: 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
binary
MD5: 77b5a4bf7a461ef693febeb172d1af40
SHA256: dfb16655055d508e766470ce00b08d3b90e9851b56622361bc10146fae67beed
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\000001.dbtmp
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\MANIFEST-000001
binary
MD5: 5af87dfd673ba2115e2fcf5cfdb727ab
SHA256: f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index
text
MD5: 54cb446f628b2ea4a5bce5769910512e
SHA256: fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\8a292ed2628c7128_0
binary
MD5: d2a0329238e6fd122d9ba158a78f3d66
SHA256: d5b932cf5f350672b216edcfba3aa6f06cf533597dbabc6cf136ae6d334ff1f6
1948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000001
binary
MD5: 1e977c01a8d092a992cbfe4515e0b1f3
SHA256: 87b3a5b61f4812f5bf195d37335fcf2b1bdce2d9c3f45429afff243b6defda58
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG
text
MD5: a6df622f62c89918a2805409cc492116
SHA256: 89f669580e5f5a3a1c8f9732e002837efad41a282d593a182cbbbc2f48d7318c
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log
binary
MD5: 021b8d293c14358bb37b18ba45792aa5
SHA256: 5b149d68659ebeab90f1116b8704a32dc240fbf85171bd4a4f70d57a3d8d4bb8
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\CURRENT
text
MD5: 46295cac801e5d4857d09837238a6394
SHA256: 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\000001.dbtmp
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG.old
text
MD5: 8ddcd8b46559486c5c65d91b1964f9b1
SHA256: 30953aa5d4726c71b4e633a258e82d3979243f4597973adfbe45f005d79bcc8b
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG.old~RF141403.TMP
text
MD5: 8ddcd8b46559486c5c65d91b1964f9b1
SHA256: 30953aa5d4726c71b4e633a258e82d3979243f4597973adfbe45f005d79bcc8b
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\MANIFEST-000001
binary
MD5: 5af87dfd673ba2115e2fcf5cfdb727ab
SHA256: f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG.old
text
MD5: b36272766fafe4f495f275ab24d055a4
SHA256: c6ed4b87e6b46abc8f08c947e4c78f8d4416b35ab63980b8314794cc43d0c365
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\EventDB\LOG.old~RF1413b5.TMP
text
MD5: b36272766fafe4f495f275ab24d055a4
SHA256: c6ed4b87e6b46abc8f08c947e4c78f8d4416b35ab63980b8314794cc43d0c365
1948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State~RF1412fa.TMP
text
MD5: b6f8101a57c966eabd851eae9e501cd3
SHA256: ab338add869b3c883be6ff64b80dc23e3afdf0eb70a9d7ba905c4da4b30bd1e5
1948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State
text
MD5: b6f8101a57c966eabd851eae9e501cd3
SHA256: ab338add869b3c883be6ff64b80dc23e3afdf0eb70a9d7ba905c4da4b30bd1e5
1948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\314c3f04-fd86-4d5d-bc6e-50f48eca0f94.tmp
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Local State~RF140fae.TMP
text
MD5: 3db5c1a0ee0854f0f4b7fb291f83e7f7
SHA256: fd2e6ec4730ab743c13dd9c85e16528303623255196bd4ca62fe5f2f5bfd8f5f
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Local State
text
MD5: 3db5c1a0ee0854f0f4b7fb291f83e7f7
SHA256: fd2e6ec4730ab743c13dd9c85e16528303623255196bd4ca62fe5f2f5bfd8f5f
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\0d6180cb-56e0-4a36-a437-f97b3b4127b7.tmp
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
text
MD5: 0f42228a303dac0ad2e6df0002a68bbd
SHA256: 5bbbd0cc6b284e9728243b0dddda5c35bf50fac5f8ae7903bf10006adcd6f16d
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Preferences~RF140ea4.TMP
text
MD5: 0f42228a303dac0ad2e6df0002a68bbd
SHA256: 5bbbd0cc6b284e9728243b0dddda5c35bf50fac5f8ae7903bf10006adcd6f16d
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\a5b1bbe4-07f9-4cea-bd72-5bc7cc09c002.tmp
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\CURRENT
text
MD5: 46295cac801e5d4857d09837238a6394
SHA256: 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\MANIFEST-000001
binary
MD5: 5af87dfd673ba2115e2fcf5cfdb727ab
SHA256: f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000001.dbtmp
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Local State~RF13aaf9.TMP
text
MD5: 20179ae3b9c4f8deb7a9a1e14d558a92
SHA256: ccac21cce3b501c02b5c1ea1a12d1bfcddd4fc01e9b3e6117b52abc80286a10d
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Local State
text
MD5: 20179ae3b9c4f8deb7a9a1e14d558a92
SHA256: ccac21cce3b501c02b5c1ea1a12d1bfcddd4fc01e9b3e6117b52abc80286a10d
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\683548ac-c3f0-464a-a056-a4f5fa7912db.tmp
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
text
MD5: c7a7be6538c12dad73eee39bf51687f1
SHA256: 640f55d0bf8592ae6cc389ecdafe562207b4f3eae9692fc5fbb112a44c336ec7
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Preferences~RF139965.TMP
text
MD5: c7a7be6538c12dad73eee39bf51687f1
SHA256: 640f55d0bf8592ae6cc389ecdafe562207b4f3eae9692fc5fbb112a44c336ec7
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\d1ca0798-b42f-46e8-b919-9ec10870e13d.tmp
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
text
MD5: e24da2efd95664fe22789252f74f38ae
SHA256: bfad41abcea801bb97efedcfece4e103e84ada9fe87d9500916f15e98553c2f4
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences~RF137061.TMP
text
MD5: e24da2efd95664fe22789252f74f38ae
SHA256: bfad41abcea801bb97efedcfece4e103e84ada9fe87d9500916f15e98553c2f4
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\e7a9816e-d6c3-49b4-8283-8810cf6ce7d2.tmp
––
MD5:  ––
SHA256:  ––
2572
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
text
MD5: 114a2dcaeb3541a8355a5c0835552bae
SHA256: ac964e4a3d0f3365ab96e0b26f80dfeef58763b005c2adc0983f2b37124a709e
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Local State~RF13615d.TMP
text
MD5: c82631a37eaf92235195c3b725590ced
SHA256: fcb2ce1315913398df8609facc1e394ce8470f4eafee64bb2384fa58c8eed4f5
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\1c844957-6354-4271-acee-8a04f216f38a.tmp
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7319.128.0.1_0\_metadata\computed_hashes.json
text
MD5: cb8c355bee1282f8b6e4b1302687e63e
SHA256: c27278a1ea72223df17c925c534fd74239bc6311514725e9910852c9ab8fbaa2
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG.old
text
MD5: 3a23147e96fec0d004fec1e7612d0ce1
SHA256: 92c740cd8e31b886690c1d69ae6467339c55fbd77cdc0800ba1fb161036f1fb6
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extension Rules\LOG.old~RF135269.TMP
text
MD5: 3a23147e96fec0d004fec1e7612d0ce1
SHA256: 92c740cd8e31b886690c1d69ae6467339c55fbd77cdc0800ba1fb161036f1fb6
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7319.128.0.1_0
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\sw\messages.json
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir2936_1321\CRX_INSTALL
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\th\messages.json
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\ta\messages.json
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\sl\messages.json
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\ru\messages.json
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\ro\messages.json
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\tr\messages.json
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\vi\messages.json
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\zh\messages.json
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\sv\messages.json
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\te\messages.json
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\sr\messages.json
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\sk\messages.json
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\uk\messages.json
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\zh_TW\messages.json
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\ml\messages.json
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\hu\messages.json
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\nb\messages.json
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\en\messages.json
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\kn\messages.json
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\it\messages.json
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\cs\messages.json
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\hi\messages.json
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\fil\messages.json
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\el\messages.json
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\lv\messages.json
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\ja\messages.json
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\nl\messages.json
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\ko\messages.json
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\hr\messages.json
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\mr\messages.json
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\id\messages.json
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\et\messages.json
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\gu\messages.json
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\pt\messages.json
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\ca\messages.json
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\es\messages.json
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\ms\messages.json
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\pl\messages.json
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\lt\messages.json
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\fi\messages.json
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\fr\messages.json
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\bn\messages.json
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\de\messages.json
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\fa\messages.json
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\da\messages.json
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\bg\messages.json
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\ar\messages.json
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\am\messages.json
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\manifest.json
––
MD5:  ––
SHA256:  ––
356
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_metadata\verified_contents.json
––
MD5:  ––
SHA256:  ––
356
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\mirroring_webrtc.js
––
MD5:  ––
SHA256:  ––
356
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\mirroring_hangouts.js
––
MD5:  ––
SHA256:  ––
356
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\mirroring_common.js
––
MD5:  ––
SHA256:  ––
356
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\mirroring_cast_streaming.js
––
MD5:  ––
SHA256:  ––
356
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\feedback_script.js
––
MD5:  ––
SHA256:  ––
356
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\feedback.html
––
MD5:  ––
SHA256:  ––
356
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\material_css_min.css
––
MD5:  ––
SHA256:  ––
356
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\feedback.css
––
MD5:  ––
SHA256:  ––
356
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\common.js
––
MD5:  ––
SHA256:  ––
356
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\cast_setup\index.html
––
MD5:  ––
SHA256:  ––
356
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\cast_setup\setup.html
––
MD5:  ––
SHA256:  ––
356
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\cast_setup\offers.html
––
MD5:  ––
SHA256:  ––
356
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\cast_setup\devices.html
––
MD5:  ––
SHA256:  ––
356
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\cast_setup\cast_app_min.css
text
MD5: acf54711f0b70a104e4e3afad9142856
SHA256: deb1d6a67165e2225d1d4b8b3cf50299078b20b733516622600e4cd032dd6d2b
356
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\cast_setup\chromecast_logo_grey.png
image
MD5: a7099e08e14f10d8f47a0cd7b8bc003b
SHA256: 59fe744de6c2636df554075ffb1c28aa3f8fd75830434e28c1f85b19eb9d566b
356
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\cast_setup\cast_app_redirect.js
text
MD5: a2a7a6c00091ead24b4476bc6131c8f9
SHA256: 753c002de0970d0732be1cacba9ac3e38e75b28d2e8221f9fa7fbb477011b71a
356
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\cast_sender.js
text
MD5: 4811c1bad63fad553090315710df4522
SHA256: 0ed8e460ad47eb6b3bb6151cc1eaa0d67554266ae0b543addc8c4b200accbb4b
356
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\cast_game_sender.js
text
MD5: 0b363a38dfb5f71870c6cce3314a81f0
SHA256: 09583d0b906e1be8707d53ce5ad33ef35de2ae33887767bbf206068f67508383
356
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\background_script.js
text
MD5: 36db5de50640307501492aa794718ef0
SHA256: 346468148d51c889c0662f5229df9890dea98ac5353ae5759a4c7e1f75a2d59d
356
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\cast_setup\cast_app.js
text
MD5: 3c9d2a76ce88f23b2ce051444667862c
SHA256: 17942f2e603c99fd2c571f42229fc7a6242095dcf74d3e4d219f7fd2ec290db1
356
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\zh_TW\messages.json
html
MD5: c6f48c269246a6fa0e2f0b396b7604df
SHA256: 81bc1bc507238ab26ffaf68003d811fd603e5f4bdc1b0b94d0f4506cbbe97241
356
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\angular.js
text
MD5: cc86f1d45febd80dd24791d59b2aa616
SHA256: f321dc8d9a4d8a779add44180974e59a43d5bd10744542a768c1b15d7e63a832
356
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\zh\messages.json
html
MD5: 0a57b005bd27db7a0070f914c354a072
SHA256: 91a4c7d3fbd1e41d0801029bda6f14e52c8653a648fc5f39fe1f046564d0f60b
356
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\vi\messages.json
html
MD5: 47bbd75f76e25d79ea10f2014f7d9bc7
SHA256: 53b2b2454bb45be824119b15dda1ea2226958794fc259d80f0347d1bc706eb7b
356
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\uk\messages.json
text
MD5: ae50bf36f89d4706da22d21959863425
SHA256: 6b7f56819e94b99b792fe0c11273e259ce18c7fb57392bb47be8b0fd29b24e7d
356
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\tr\messages.json
html
MD5: 2b0dfabc643cff3ec13e96e3ec842258
SHA256: 816add33835ba6028915b4532d5b45a71a280de6788398b008bd60733326ceb7
356
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\te\messages.json
text
MD5: cebd49bb6f838e23140cee4118c76dfb
SHA256: 0b71586dee26943b55899583ad4355b8f4007a4853510364faa76a99ba9a0566
356
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\th\messages.json
html
MD5: 84140112d747bd5176c96a374a18ad1a
SHA256: b60a1cbb9ac067f4e903170c8564e4bc2c3572f76a5b09bbeedbd6e1b88df1e1
356
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\ta\messages.json
text
MD5: 5f7b6880dbea25f769f97d2c99e7b7f6
SHA256: 5a22269c0eda694e0131b0ac52ebfdf828aad3c735b592a54d210f6b8db0ab82
356
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\sw\messages.json
html
MD5: 1712a3588bafaee411bc46ec5dcb8ca2
SHA256: 8485722d70475c9d98a8a7d6d2613117149bfaea487ad7f92d9a6e094de949f0
356
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\sr\messages.json
text
MD5: 59cdbb02241ab4e8a3e4421ee7800474
SHA256: 4d71ed4a97228755c0861b04da1a4c97eef7562406afc29e4213faba36fa3511
356
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\sl\messages.json
html
MD5: 22a021701f9572cb94606ad35a9be88a
SHA256: 6adf87ecfc785e46593f8a8975989d344dfec3ac0e5672c394d999b7eef70a2c
356
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\sv\messages.json
html
MD5: cf637a380c4aecd9778a46a19108c406
SHA256: 4010ebf76c0af564b9c3026b98ff2885af77955be12d77a05a508ff7d5f8366d
356
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\sk\messages.json
html
MD5: 7c3596001e0e44f016816e422f664763
SHA256: d4f5ccd81ed83b460fe2dc51a8415076716c0aa593edb28bbbbaf76a2a49ca47
356
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\ro\messages.json
html
MD5: 2228b9adecbfb55d24890c9510f20b5b
SHA256: d2ce829cc617a8d01c366ec60d1718f52c63f1a9515fb0b1611e55b22f909c69
356
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\ru\messages.json
text
MD5: e61ccfd8f13aa36fef4fd8d651aca7aa
SHA256: 04c6ac4f77a59052f5ceb07c06e6e1cf311b5d5231e8732d837c7f936c3ae219
356
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\pt\messages.json
html
MD5: 816dc05089e3ec573f5d4341a748fefb
SHA256: d610e5f9fae2d429ca1ba5c41bb52b93d2551222ceb751f335b0d43695544351
356
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\pl\messages.json
html
MD5: 0bd6d31a53f196364e23f00f1f5b0768
SHA256: 4ea7d131167712c8756062d7b6e8f8ae6de7eb2be91c440d3b8b260b7c7d494e
356
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\nb\messages.json
html
MD5: 3f56c75fcbcc66ba27df14b9ca5a1119
SHA256: d09c1ed9753d6ba323012a4b4ea4f186321bc3ae9bbaa7990b5773d95cc9a242
356
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\nl\messages.json
html
MD5: 8e38c515a274c55a4b003c47a23ddb4e
SHA256: ed0c2304a02cc8c49d5f4b055b73412b31505ce290a5af73858761c50f2000ef
356
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\mr\messages.json
text
MD5: df8ae4588605c10278c88d94e9c1dbbc
SHA256: b783440d2b13c18b97b02f24e953aa7a0c778817162ac91c9afbfead2d0bc8ff
356
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\ms\messages.json
html
MD5: 9c3779e6e9f6f10e232ee7ad03d75921
SHA256: 6d7e1a3b52ea61d53cf44e770c89b4a370075b786dfa64174fa8b4565d0fadf3
356
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\ml\messages.json
text
MD5: 90f5f8ccfc9001b7845e2437d5b83740
SHA256: a0d6831c4dcb9492ceb7d8b1ff0426bf6bc7f6a9ceec7b26dafacde8ae06a3c3
356
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\lv\messages.json
html
MD5: 0cfd87cf25cd27b7928925f136978097
SHA256: a6dbd930c083e2e5dfb665131d9f1e6e6bd8896753cdb79cf059e21488a920da
356
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\lt\messages.json
html
MD5: a4e08cf83276578f0444c5c0a5b5196d
SHA256: c8a5d07ff98a92409aadcacd7ae99809e5f6e3be634ded7626dad8c00ec663e1
356
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\ko\messages.json
html
MD5: 46060399fc358c0c0620463fbfd3f325
SHA256: 139c7f78ca0f385cfaf9f08066d3347eeeba8705f746bee8eae4e15c82ba40cc
356
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\kn\messages.json
text
MD5: b79cb28daffc5af94b6ecd39a3aa4032
SHA256: 27e2c6d453cd3398f8cb64fb9d4a8776be0d80eb608088804bb23ac985a3aae7
356
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\iw\messages.json
html
MD5: 4b3a7915595b1f5a74027909bce968dd
SHA256: f95692a9717639fb9d3886efa9de71808cb5c6b0f4354e9b99816a996298fa8f
356
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\ja\messages.json
html
MD5: d38392c4246c105fe2f394c7ef41d0a8
SHA256: d61644907520d8a808aed9fb1532ec0f5ef12461e66a5acc7327c9ed6c2a2681
356
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\id\messages.json
html
MD5: 7b9a0847c6faa8402eab61c096024d33
SHA256: 5e50b077a10a977de39a8a99dbe25ee4c022e88f34d009a665ebf4b7cff688dc
356
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\it\messages.json
html
MD5: c248ee6105ae77036fbb4c4e3e9d66e7
SHA256: c7451e207005197a225a3e43b479643c4dbe03865c2fff052acb9facc1025980
356
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\hu\messages.json
html
MD5: 2d794e2754e5c80f54bff8ed635184d0
SHA256: c83ec71e1b3b7f14910d05e962ecfc61dad91b034a6fa8abe6afaa5b968689e9
356
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\hi\messages.json
html
MD5: 46fca60f4c16afd5b68738750a16057e
SHA256: 61c146d44f9c4c054c9dbe79d565463496aae7fa95f784164649026eb852dee6
356
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\hr\messages.json
html
MD5: 444cd89a9aab432251330292216f8dae
SHA256: 2defd1bcbd8d822f07a9c79e13e10bba7e61f49aa4d395b1315321dee6df6503
356
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\gu\messages.json
html
MD5: 18bd0fa4585a840991bbe01ea1d6bff9
SHA256: 5537157a0078c9485699fc8b103ffbbd069532e29245430c60cac08d6fc50e6e
356
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\fil\messages.json
html
MD5: ec51f209a7be042e832b851430ff75c6
SHA256: c137bd71c5266addf08cac46a606285e1be10e555eef8f0dbe804effe1d94d57
356
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\fr\messages.json
html
MD5: 4d3875bef5c65792c16abe203fde1f16
SHA256: a34353385db3b07a96bb1c2da7a8e623ee296618845858a239834f7371685144
356
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\fi\messages.json
html
MD5: 9ad4a516864a35f4225410d0f353fb58
SHA256: 0ee5e9fd9615920fa51e50667f19e8ae4399f591de1d702516779f20d62e75f4
356
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\fa\messages.json
html
MD5: edb2ec2c7f482909a814b903024ac672
SHA256: 60ce4f04acfba61db4c54f7e5e990a06535b205a12d53b62d36075b84bb5cbd8
356
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\et\messages.json
html
MD5: 2e75cee7712c279bf151d93c40757e81
SHA256: 953cad518d95ade3150c43eb753ae24057164d3c2a2bd31109e45b9e0b42bf1b
356
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\es\messages.json
html
MD5: f76e1dec23c5b058be8d85ecf814ab45
SHA256: 1eda00d6c22c88a6bdec3fd9926f842ab845555096be68a492b92a983beab199
356
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\en\messages.json
html
MD5: 54536c1afc37045fc1e67404d3247775
SHA256: 525f6693856ec39183a2713b1f79decd65c82c7bde0ce426200fb288f791e5ad
356
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\el\messages.json
text
MD5: 9463fd9c6e74bc71fd662b25719d2429
SHA256: 59a2e6a9682f367c81f381cdf0633b3217cc538604faa53f04116407f5d15608
356
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\de\messages.json
html
MD5: fc9bd60c101f41758269170812356cea
SHA256: 0bc5972106aa310219404ba5b9518b4d2f0f5780624ca7dd40321c4adce804ba
356
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\da\messages.json
html
MD5: d7a7b55a20e71db0c5924ba061362bdf
SHA256: 270ad3210aa587ee077b0762e0f38aa694f06f298a2f0a8531dda812843421d1
356
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\cs\messages.json
html
MD5: 6c2f7dd3e5d63d41d463fb53d890f17d
SHA256: 7891476c3333a760037df7f9f319b1e47cc19058b66a208fa0127c9d7eb962ba
356
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\ca\messages.json
html
MD5: e3cbb47ad514c8679a9681fcd22a19b7
SHA256: c0e35c1d23b8c5cf553772434d96a10e5ecf1f70170a81deca882b3f705d65d8
356
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\bg\messages.json
text
MD5: c7d7597209588826f1612285261af898
SHA256: 31aac8506daa5f302f6c4167b923788df4aab7cdf4f0673e712ad823b63536c0
356
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\bn\messages.json
text
MD5: 98c0e976877ae91edc3dabdcea30b227
SHA256: e74817f1f5868faece3bbe1aefb3f7967969f0ad26b7c507b04787106d22ef0e
356
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\ar\messages.json
html
MD5: cdfef1cc3d9b1a7f8295f469e5d7cce1
SHA256: 1fd3e52e3082ada8fad1f2f2ce654edaf7e99177b43f468016e8e09f11d061a9
356
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\_locales\am\messages.json
html
MD5: 544acece47a9653d8908af804aa24c4f
SHA256: 4b1bdceed72e74dc5a64ef305c8dc476f5e2a56e00eb6884d09b0e82e59a69f5
3760
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\CRX_INSTALL\manifest.json
text
MD5: aa820edca2a1d86c3b0a259f28cd4b6c
SHA256: 0cb121b2c53dee18adedc1fa004ca640c88644fd75c5f062ce749401f96ebf49
2936
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2936_30164\6a47473e-2394-47d5-b2da-48007cf95dbb.tmp
crx
MD5: c9f1737667f13e06aa8cfb26416cd7f9
SHA256: d9a59c97ed4b1dc1c15ce3136afc93fc45d7a2253f7e9e26100f35499f3e94bf
2936
chrome.exe
C:\Users\admin\AppData\Local\Temp\6a47473e-2394-47d5-b2da-48007cf95dbb.tmp
crx
MD5: c9f1737667f13e06aa8cfb26416cd7f9
SHA256: d9a59c97ed4b1dc1c15ce3136afc93fc45d7a2253f7e9e26100f35499f3e94bf
2936
chrome.exe
C:\Users\admin\AppData\Local\Temp\779d02f7-3826-4303-89ae-2da2f3991ebd.tmp
––
MD5:  ––
SHA256:  ––
1948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity
text
MD5: b592a779cb01142d4aaa49daf1690648
SHA256: 4c4266d17e74c904fdea430aec255e28af38f5c35a2ab29eb86d608777367341
1948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity~RF13289a.TMP
text
MD5: b592a779cb01142d4aaa49daf1690648
SHA256: 4c4266d17e74c904fdea430aec255e28af38f5c35a2ab29eb86d608777367341
1948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\00c7efe5-8953-4dac-8c3f-18f56d0e4069.tmp
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
text
MD5: 7d6443d258771a8741a80f43b656aa59
SHA256: c8331ae165665c5c58041f082870b894c015af07d4ad8befb0a640a03132292f
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Preferences~RF1323e7.TMP
text
MD5: 7d6443d258771a8741a80f43b656aa59
SHA256: c8331ae165665c5c58041f082870b894c015af07d4ad8befb0a640a03132292f
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\281f70dd-59f8-4d31-8c72-c36a9b52388d.tmp
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Local State~RF13236a.TMP
text
MD5: dbd6bf8fa6af6eafcdf7243c104ade41
SHA256: cf29f20921fe09bc27dd3fc9647820125506a1d1baf81612b20441c7821fc43c
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Local State
text
MD5: dbd6bf8fa6af6eafcdf7243c104ade41
SHA256: cf29f20921fe09bc27dd3fc9647820125506a1d1baf81612b20441c7821fc43c
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\834e9b67-011a-4503-b9df-f6636ada5403.tmp
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extension State\CURRENT
text
MD5: 46295cac801e5d4857d09837238a6394
SHA256: 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extension State\000001.dbtmp
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extension State\MANIFEST-000001
binary
MD5: 5af87dfd673ba2115e2fcf5cfdb727ab
SHA256: f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG.old~RF1301c8.TMP
text
MD5: 1c2c4bb805e49e0719deef84894dbb1f
SHA256: 1afb26b8e579f076590e61bb63648bb0230fee4516c08ebe588dfc31efd616da
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG.old
text
MD5: 1c2c4bb805e49e0719deef84894dbb1f
SHA256: 1afb26b8e579f076590e61bb63648bb0230fee4516c08ebe588dfc31efd616da
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG.old
text
MD5: 1b8036252b09dda7ad0963a5a40e4aba
SHA256: 89e90f5dc88f667b89afa57d04c939a3c7397bb98b9d259766fa452ec297ec06
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG.old~RF13018a.TMP
text
MD5: 1b8036252b09dda7ad0963a5a40e4aba
SHA256: 89e90f5dc88f667b89afa57d04c939a3c7397bb98b9d259766fa452ec297ec06
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\ShaderCache\GPUCache\data_1
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1
binary
MD5: f50f89a0a91564d0b8a211f8921aa7de
SHA256: b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec
1948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2
––
MD5:  ––
SHA256:  ––
1948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1
––
MD5:  ––
SHA256:  ––
1948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0
––
MD5:  ––
SHA256:  ––
1948
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\index
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_3
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_2
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_0
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\index
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT~RF12fd92.TMP
text
MD5: 904754a73eb4f8a75410a92b2b7a920c
SHA256: c3225bb8babf9823a2daf2bccae0cafc5d3e0857c5f24187dc004f1b2560b4db
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
binary
MD5: 9c016064a1f864c8140915d77cf3389a
SHA256: 0e7265d4a8c16223538edd8cd620b8820611c74538e420a88e333be7f62ac787
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT
text
MD5: 904754a73eb4f8a75410a92b2b7a920c
SHA256: c3225bb8babf9823a2daf2bccae0cafc5d3e0857c5f24187dc004f1b2560b4db
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000018.dbtmp
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\b85bf134-79da-48aa-b2c9-7af4505f79d7.tmp
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old~RF12fd63.TMP
text
MD5: c5a804a5780cfc948a8db73979de968b
SHA256: 2c6f183b3e9dfa1bdf791091ad09cdcb079307d23864dbc07c81f280aa7d9227
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old
text
MD5: c5a804a5780cfc948a8db73979de968b
SHA256: 2c6f183b3e9dfa1bdf791091ad09cdcb079307d23864dbc07c81f280aa7d9227
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG.old
text
MD5: 70f27bb5ff84782e8065f81ee64e6008
SHA256: fd5dd0c6f1056c6ee6c2d29bd31653abb589e7d528957942e65b3972b7ecb4e9
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG.old
text
MD5: 768258eee3510091c97ade3bca3dc828
SHA256: 1f00cceba22a3fa7d0fffdebb99b95f0dfe19d2cda162abc09fc0d8a6e8ff21d
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG.old~RF12fd15.TMP
text
MD5: 768258eee3510091c97ade3bca3dc828
SHA256: 1f00cceba22a3fa7d0fffdebb99b95f0dfe19d2cda162abc09fc0d8a6e8ff21d
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG.old
text
MD5: 007e2c8f160468cc5a8b6c225f0ac40c
SHA256: 7f09cf7ac785c12f0062eb23854505c4ed396c6522eca7109b43ad5cc1a5f74b
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\ShaderCache\GPUCache\data_2
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\ShaderCache\GPUCache\data_0
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\ShaderCache\GPUCache\data_3
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\ShaderCache\GPUCache\index
––
MD5:  ––
SHA256:  ––
2936
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Last Version
text
MD5: f679598350690f14a2479935d826682b
SHA256: 4e7e1987eaf5ec751eb16b9f7cbae1c55873f1afe8e2b52416ed454f4efbf239
3544
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\CrashpadMetrics.pma
binary
MD5: b59113c2dcd2d346f31a64f231162ada
SHA256: 1d97c69aea85d3b06787458ea47576b192ce5c5db9940e5eaa514ff977ce2dc2

Find more information of the staic content and download it at the full report

Network activity

HTTP(S) requests
4
TCP/UDP connections
30
DNS requests
14
Threats
3

HTTP requests

PID Process Method HTTP Code IP URL CN Type Size Reputation
1948 chrome.exe GET 200 148.81.111.121:80 http://ant.trenz.pl/ PL
text
malicious
1948 chrome.exe GET 302 172.217.16.206:80 http://redirector.gvt1.com/edgedl/chromewebstore/L2Nocm9tZV9leHRlbnNpb24vYmxvYnMvMjJlQUFXRC12Ny1ldUFnMXF3SDlXZDlFZw/7319.128.0.1_pkedcjkdefgpdelpbcmbmeomcjbeemfm.crx US
html
whitelisted
1948 chrome.exe GET 200 194.9.24.113:80 http://r6---sn-5uh5o-f5fd.gvt1.com/edgedl/chromewebstore/L2Nocm9tZV9leHRlbnNpb24vYmxvYnMvMjJlQUFXRC12Ny1ldUFnMXF3SDlXZDlFZw/7319.128.0.1_pkedcjkdefgpdelpbcmbmeomcjbeemfm.crx?cms_redirect=yes&mip=212.7.217.54&mm=28&mn=sn-5uh5o-f5fd&ms=nvh&mt=1555336888&mv=m&pl=21&shardbypass=yes PL
crx
whitelisted
2356 chrome.exe GET –– 148.81.111.121:80 http://ant.trenz.pl/ PL
––
––
malicious

Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID Process IP ASN CN Reputation
1948 chrome.exe 148.81.111.121:80 Naukowa I Akademicka Siec Komputerowa Instytut Badawczy PL malicious
1948 chrome.exe 172.217.22.35:443 Google Inc. US whitelisted
1948 chrome.exe 172.217.16.141:443 Google Inc. US suspicious
1948 chrome.exe 216.58.205.227:443 Google Inc. US whitelisted
1948 chrome.exe 172.217.23.142:443 Google Inc. US whitelisted
1948 chrome.exe 172.217.16.206:80 Google Inc. US whitelisted
1948 chrome.exe 194.9.24.113:80 ATM S.A. PL whitelisted
1948 chrome.exe 172.217.22.3:443 Google Inc. US whitelisted
1948 chrome.exe 216.58.205.228:443 Google Inc. US whitelisted
1948 chrome.exe 172.217.18.14:443 Google Inc. US whitelisted
1948 chrome.exe 216.58.206.14:443 Google Inc. US whitelisted
2356 chrome.exe 216.58.205.228:443 Google Inc. US whitelisted
–– –– 216.58.205.228:443 Google Inc. US whitelisted
–– –– 172.217.22.35:443 Google Inc. US whitelisted
2356 chrome.exe 172.217.16.141:443 Google Inc. US suspicious
–– –– 172.217.18.170:443 Google Inc. US whitelisted
–– –– 172.217.22.3:443 Google Inc. US whitelisted
–– –– 172.217.23.163:443 Google Inc. US whitelisted
–– –– 148.81.111.121:80 Naukowa I Akademicka Siec Komputerowa Instytut Badawczy PL malicious

DNS requests

Domain IP Reputation
clientservices.googleapis.com 172.217.22.35
whitelisted
ant.trenz.pl 148.81.111.121
malicious
accounts.google.com 172.217.16.141
shared
ssl.gstatic.com 216.58.205.227
whitelisted
clients2.google.com 172.217.23.142
whitelisted
redirector.gvt1.com 172.217.16.206
whitelisted
r6---sn-5uh5o-f5fd.gvt1.com 194.9.24.113
whitelisted
www.gstatic.com 172.217.22.3
whitelisted
www.google.com 216.58.205.228
whitelisted
clients1.google.com 172.217.23.142
whitelisted
apis.google.com 172.217.18.14
whitelisted
play.google.com 216.58.206.14
whitelisted
fonts.googleapis.com 172.217.18.170
whitelisted
fonts.gstatic.com 172.217.23.163
whitelisted

Threats

PID Process Class Message
–– –– A Network Trojan was detected ET TROJAN Known Hostile Domain ant.trenz .pl Lookup
1948 chrome.exe A Network Trojan was detected ET TROJAN Known Sinkhole Response Header CERT.PL
1948 chrome.exe A Network Trojan was detected ET TROJAN Known Sinkhole Response Header CERT.PL

Debug output strings

No debug info.