General Info

URL

https://blisk.io/

Full analysis
https://app.any.run/tasks/132a4503-9a9f-4b06-81f8-3671667ef391
Verdict
Malicious activity
Analysis date
4/14/2019, 23:31:23
OS:
Windows 7 Professional Service Pack 1 (build: 7601, 32 bit)
Tags:

trojan

adware

loader

Indicators:

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distored by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

Software environment set and analysis options

Launch configuration

Task duration
120 seconds
Additional time used
60 seconds
Fakenet option
off
Heavy Evaision option
on
MITM proxy
off
Route via Tor
off
Network geolocation
off
Privacy
Public submission
Autoconfirmation of UAC
on

Software preset

  • Internet Explorer 8.0.7601.17514
  • Adobe Acrobat Reader DC MUI (15.023.20070)
  • Adobe Flash Player 26 ActiveX (26.0.0.131)
  • Adobe Flash Player 26 NPAPI (26.0.0.131)
  • Adobe Flash Player 26 PPAPI (26.0.0.131)
  • Adobe Refresh Manager (1.8.0)
  • CCleaner (5.35)
  • FileZilla Client 3.36.0 (3.36.0)
  • Google Chrome (73.0.3683.75)
  • Google Update Helper (1.3.33.23)
  • Java 8 Update 92 (8.0.920.14)
  • Java Auto Updater (2.8.92.14)
  • Microsoft .NET Framework 4.6.1 (4.6.01055)
  • Microsoft Office Access MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Access Setup Metadata MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Excel MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office OneNote MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Outlook MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office PowerPoint MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Professional 2010 (14.0.6029.1000)
  • Microsoft Office Proof (English) 2010 (14.0.6029.1000)
  • Microsoft Office Proof (French) 2010 (14.0.6029.1000)
  • Microsoft Office Proof (Spanish) 2010 (14.0.6029.1000)
  • Microsoft Office Proofing (English) 2010 (14.0.6029.1000)
  • Microsoft Office Publisher MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Shared MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Shared Setup Metadata MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Office Single Image 2010 (14.0.6029.1000)
  • Microsoft Office Word MUI (English) 2010 (14.0.6029.1000)
  • Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (9.0.30729.6161)
  • Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (10.0.40219)
  • Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (12.0.30501.0)
  • Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (12.0.21005)
  • Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (12.0.21005)
  • Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (14.15.26706.0)
  • Microsoft Visual C++ 2017 x86 Additional Runtime - 14.15.26706 (14.15.26706)
  • Microsoft Visual C++ 2017 x86 Minimum Runtime - 14.15.26706 (14.15.26706)
  • Mozilla Firefox 65.0.2 (x86 en-US) (65.0.2)
  • Notepad++ (32-bit x86) (7.5.1)
  • Opera 12.15 (12.15.1748)
  • Skype version 8.29 (8.29)
  • VLC media player (2.2.6)
  • WinRAR 5.60 (32-bit) (5.60.0)

Hotfixes

  • Client LanguagePack Package
  • Client Refresh LanguagePack Package
  • CodecPack Basic Package
  • Foundation Package
  • IE Troubleshooters Package
  • InternetExplorer Optional Package
  • KB2534111
  • KB2999226
  • KB976902
  • LocalPack AU Package
  • LocalPack CA Package
  • LocalPack GB Package
  • LocalPack US Package
  • LocalPack ZA Package
  • ProfessionalEdition
  • UltimateEdition

Behavior activities

MALICIOUS SUSPICIOUS INFO
Application was dropped or rewritten from another process
  • blisk.exe (PID: 3840)
  • blisk.exe (PID: 3880)
  • blisk.exe (PID: 2760)
  • blisk.exe (PID: 2516)
  • blisk.exe (PID: 3568)
  • blisk.exe (PID: 2384)
  • blisk.exe (PID: 2392)
  • blisk.exe (PID: 3080)
  • blisk.exe (PID: 2240)
  • blisk.exe (PID: 3004)
  • blisk.exe (PID: 1308)
  • blisk.exe (PID: 3836)
  • Blisk_installer.exe (PID: 2552)
  • setup.exe (PID: 3492)
  • setup.exe (PID: 1032)
Downloads executable files from the Internet
  • Blisk_installer.exe (PID: 2552)
Loads dropped or rewritten executable
  • Blisk_installer.exe (PID: 2552)
Application launched itself
  • blisk.exe (PID: 3836)
  • setup.exe (PID: 1032)
Creates a software uninstall entry
  • setup.exe (PID: 1032)
Executable content was dropped or overwritten
  • Blisk_installer.exe (PID: 2552)
  • setup.exe (PID: 1032)
  • blisk_inst.exe (PID: 2920)
  • chrome.exe (PID: 2528)
Modifies the open verb of a shell class
  • setup.exe (PID: 1032)
Creates files in the user directory
  • setup.exe (PID: 1032)
Reads settings of System Certificates
  • blisk.exe (PID: 3836)
  • chrome.exe (PID: 2400)
Application launched itself
  • chrome.exe (PID: 2528)
Creates files in the user directory
  • chrome.exe (PID: 2528)

Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report

Screenshots

Processes

Total processes
62
Monitored processes
31
Malicious processes
5
Suspicious processes
0

Behavior graph

+
drop and start start drop and start drop and start drop and start chrome.exe chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs chrome.exe no specs blisk_installer.exe blisk_inst.exe setup.exe setup.exe no specs blisk.exe blisk.exe no specs blisk.exe no specs blisk.exe no specs blisk.exe no specs blisk.exe no specs blisk.exe no specs blisk.exe no specs blisk.exe no specs blisk.exe no specs blisk.exe no specs blisk.exe no specs
Specs description
Program did not start
Integrity level elevation
Task сontains an error or was rebooted
Process has crashed
Task contains several apps running
Executable file was dropped
Debug information is available
Process was injected
Network attacks were detected
Application downloaded the executable file
Actions similar to stealing personal data
Behavior similar to exploiting the vulnerability
Inspected object has sucpicious PE structure
File is detected by antivirus software
CPU overrun
RAM overrun
Process starts the services
Process was added to the startup
Behavior similar to spam
Low-level access to the HDD
Probably Tor was used
System was rebooted
Connects to the network
Known threat

Process information

Click at the process to see the details.

PID
2528
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" https://blisk.io/
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
Parent process
––
User
admin
Integrity Level
MEDIUM
Exit code
3221225547
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.75
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\ole32.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\netutils.dll
c:\windows\system32\srvcli.dll
c:\windows\system32\wkscli.dll
c:\windows\system32\samcli.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\oleacc.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\hid.dll
c:\windows\system32\propsys.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\d3d11.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\credui.dll
c:\windows\system32\ncrypt.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\winusb.dll
c:\windows\system32\msi.dll
c:\windows\system32\wevtapi.dll
c:\windows\system32\gpapi.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\dhcpcsvc6.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\mscms.dll
c:\windows\system32\winsta.dll
c:\windows\system32\wlanapi.dll
c:\windows\system32\wlanutil.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\mmdevapi.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\wpc.dll
c:\windows\system32\samlib.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\firewallapi.dll
c:\windows\system32\kbdus.dll
c:\windows\system32\explorerframe.dll
c:\windows\system32\duser.dll
c:\windows\system32\dui70.dll
c:\windows\system32\linkinfo.dll
c:\windows\system32\windowscodecs.dll
c:\windows\system32\ehstorshell.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\cscui.dll
c:\windows\system32\cscdll.dll
c:\windows\system32\cscapi.dll
c:\windows\system32\wship6.dll
c:\windows\system32\ntshrui.dll
c:\windows\system32\slc.dll
c:\windows\system32\imageres.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\bcryptprimitives.dll
c:\windows\system32\imagehlp.dll
c:\program files\winrar\rarext.dll
c:\program files\microsoft office\office14\olkfstub.dll
c:\progra~1\micros~1\office14\mlshext.dll
c:\program files\microsoft office\office14\onfilter.dll
c:\program files\microsoft office\office14\visshe.dll
c:\program files\common files\microsoft shared\office14\msoshext.dll
c:\program files\microsoft office\office14\msohevi.dll
c:\windows\system32\mf.dll
c:\windows\system32\shdocvw.dll
c:\program files\filezilla ftp client\fzshellext.dll
c:\windows\system32\syncui.dll
c:\program files\notepad++\nppshell_06.dll
c:\program files\windows sidebar\sbdrop.dll
c:\windows\system32\stobject.dll
c:\windows\system32\cryptext.dll
c:\windows\system32\colorui.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_child.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\comdlg32.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\wininet.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\winspool.drv
c:\windows\system32\rpcrtremote.dll
c:\windows\system32\mssprxy.dll
c:\windows\system32\cryptnet.dll
c:\windows\system32\cabinet.dll
c:\windows\system32\devrtl.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\rasapi32.dll
c:\windows\system32\rasman.dll
c:\windows\system32\rtutils.dll
c:\windows\system32\sensapi.dll
c:\windows\system32\rasadhlp.dll
c:\users\admin\downloads\blisk_installer.exe
c:\windows\system32\credssp.dll
c:\windows\system32\fwpuclnt.dll
c:\windows\system32\sfc.dll
c:\windows\system32\sfc_os.dll
c:\windows\system32\mpr.dll

PID
1480
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=73.0.3683.75 --initial-client-data=0x7c,0x80,0x84,0x78,0x88,0x6fa60f18,0x6fa60f28,0x6fa60f34
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
MEDIUM
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.75
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\cryptbase.dll

PID
3160
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=2532 --on-initialized-event-handle=308 --parent-handle=312 /prefetch:6
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
MEDIUM
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.75
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\ole32.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_watcher.dll

PID
1344
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=960,16757165573614761929,13464838209277135556,131072 --enable-features=PasswordImport --gpu-preferences=KAAAAAAAAACAAwAAAQAAAAAAAAAAAGAAAAAAAAEAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --service-request-channel-token=8016973629193070172 --mojo-platform-channel-handle=968 --ignored=" --type=renderer " /prefetch:2
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.75
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\mf.dll
c:\windows\system32\atl.dll
c:\windows\system32\mfplat.dll
c:\windows\system32\avrt.dll
c:\windows\system32\ksuser.dll
c:\windows\system32\msmpeg2vdec.dll
c:\windows\system32\evr.dll
c:\windows\system32\powrprof.dll
c:\windows\system32\slc.dll
c:\windows\system32\sqmapi.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\dxva2.dll
c:\program files\google\chrome\application\73.0.3683.75\d3dcompiler_47.dll
c:\windows\system32\ddraw.dll
c:\windows\system32\dciman32.dll
c:\program files\google\chrome\application\73.0.3683.75\swiftshader\libglesv2.dll
c:\program files\google\chrome\application\73.0.3683.75\swiftshader\libegl.dll

PID
2400
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=960,16757165573614761929,13464838209277135556,131072 --enable-features=PasswordImport --lang=en-US --service-sandbox-type=network --service-request-channel-token=13333574489058329730 --mojo-platform-channel-handle=1528 /prefetch:8
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
Parent process
chrome.exe
User
admin
Integrity Level
MEDIUM
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.75
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\dhcpcsvc6.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\wship6.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\fwpuclnt.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\gpapi.dll
c:\windows\system32\ncrypt.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\bcryptprimitives.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\cryptnet.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\ntmarta.dll

PID
2744
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=960,16757165573614761929,13464838209277135556,131072 --enable-features=PasswordImport --service-pipe-token=3771268817573407117 --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=3771268817573407117 --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1952 /prefetch:1
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.75
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
3056
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=960,16757165573614761929,13464838209277135556,131072 --enable-features=PasswordImport --service-pipe-token=18302979589496425780 --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=18302979589496425780 --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1940 /prefetch:1
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.75
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
3604
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=960,16757165573614761929,13464838209277135556,131072 --enable-features=PasswordImport --service-pipe-token=12133985021958363888 --lang=en-US --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=12133985021958363888 --renderer-client-id=4 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2252 /prefetch:1
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.75
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
3404
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=960,16757165573614761929,13464838209277135556,131072 --enable-features=PasswordImport --disable-gpu-compositing --service-pipe-token=5103030952564755078 --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=5103030952564755078 --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3120 /prefetch:1
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.75
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
3140
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=960,16757165573614761929,13464838209277135556,131072 --enable-features=PasswordImport --lang=en-US --service-sandbox-type=utility --service-request-channel-token=4873130136100800391 --mojo-platform-channel-handle=3460 --ignored=" --type=renderer " /prefetch:8
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.75
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\ws2_32.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_child.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
3052
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=960,16757165573614761929,13464838209277135556,131072 --enable-features=PasswordImport --lang=en-US --service-sandbox-type=utility --service-request-channel-token=12907557664935093694 --mojo-platform-channel-handle=3576 --ignored=" --type=renderer " /prefetch:8
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.75
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
3364
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=960,16757165573614761929,13464838209277135556,131072 --enable-features=PasswordImport --lang=en-US --service-sandbox-type=utility --service-request-channel-token=1879610331603089000 --mojo-platform-channel-handle=3560 --ignored=" --type=renderer " /prefetch:8
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.75
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
2692
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=960,16757165573614761929,13464838209277135556,131072 --enable-features=PasswordImport --lang=en-US --service-sandbox-type=utility --service-request-channel-token=14877700002593857732 --mojo-platform-channel-handle=3572 --ignored=" --type=renderer " /prefetch:8
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.75
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
3168
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=960,16757165573614761929,13464838209277135556,131072 --enable-features=PasswordImport --lang=en-US --service-sandbox-type=utility --service-request-channel-token=17690572980208034777 --mojo-platform-channel-handle=3608 --ignored=" --type=renderer " /prefetch:8
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.75
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
2932
CMD
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=960,16757165573614761929,13464838209277135556,131072 --enable-features=PasswordImport --disable-gpu-sandbox --use-gl=disabled --gpu-preferences=KAAAAAAAAACAAwAAAQAAAAAAAAAAAGAAAAAAAAEAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --service-request-channel-token=8410311702871664788 --mojo-platform-channel-handle=4028 /prefetch:2
Path
C:\Program Files\Google\Chrome\Application\chrome.exe
Indicators
No indicators
Parent process
chrome.exe
User
admin
Integrity Level
MEDIUM
Exit code
0
Version:
Company
Google Inc.
Description
Google Chrome
Version
73.0.3683.75
Modules
Image
c:\program files\google\chrome\application\chrome.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\google\chrome\application\73.0.3683.75\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\mf.dll
c:\windows\system32\atl.dll
c:\windows\system32\mfplat.dll
c:\windows\system32\avrt.dll
c:\windows\system32\ksuser.dll
c:\windows\system32\msmpeg2vdec.dll
c:\windows\system32\evr.dll
c:\windows\system32\powrprof.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\slc.dll
c:\windows\system32\sqmapi.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\dxva2.dll

PID
2552
CMD
"C:\Users\admin\Downloads\Blisk_installer.exe"
Path
C:\Users\admin\Downloads\Blisk_installer.exe
Indicators
Parent process
chrome.exe
User
admin
Integrity Level
MEDIUM
Exit code
0
Version:
Company
Syncui LLC
Description
BliskBrowser Installer
Version
1.0.0.0
Modules
Image
c:\users\admin\downloads\blisk_installer.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\shell32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\version.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\shfolder.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\devobj.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\propsys.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\profapi.dll
c:\windows\system32\riched20.dll
c:\users\admin\appdata\local\temp\nszc2b6.tmp\nsisdl.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\napinsp.dll
c:\windows\system32\pnrpnsp.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\fwpuclnt.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\apphelp.dll
c:\users\admin\appdata\local\temp\blisk_inst.exe

PID
2920
CMD
C:\Users\admin\AppData\Local\Temp\blisk_inst.exe --mini-installer-path="C:\Users\admin\Downloads\Blisk_installer.exe"
Path
C:\Users\admin\AppData\Local\Temp\blisk_inst.exe
Indicators
Parent process
Blisk_installer.exe
User
admin
Integrity Level
MEDIUM
Exit code
0
Version:
Company
The Blisk Authors
Description
Blisk Installer
Version
11.0.157.186
Modules
Image
c:\users\admin\appdata\local\temp\blisk_inst.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\cabinet.dll
c:\windows\system32\apphelp.dll
c:\users\admin\appdata\local\temp\cr_2a4f6.tmp\setup.exe

PID
1032
CMD
"C:\Users\admin\AppData\Local\Temp\CR_2A4F6.tmp\setup.exe" --install-archive="C:\Users\admin\AppData\Local\Temp\CR_2A4F6.tmp\CHROME.PACKED.7Z" --mini-installer-path="C:\Users\admin\Downloads\Blisk_installer.exe"
Path
C:\Users\admin\AppData\Local\Temp\CR_2A4F6.tmp\setup.exe
Indicators
Parent process
blisk_inst.exe
User
admin
Integrity Level
MEDIUM
Exit code
0
Version:
Company
The Blisk Authors
Description
Blisk Installer
Version
11.0.157.186
Modules
Image
c:\users\admin\appdata\local\temp\cr_2a4f6.tmp\setup.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\psapi.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\winmm.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\version.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\propsys.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\apphelp.dll
c:\windows\apppatch\acgenral.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\samcli.dll
c:\windows\system32\msacm32.dll
c:\windows\system32\sfc.dll
c:\windows\system32\sfc_os.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\mpr.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\firewallapi.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\rpcrtremote.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\shdocvw.dll
c:\windows\system32\linkinfo.dll
c:\windows\system32\ntshrui.dll
c:\windows\system32\srvcli.dll
c:\windows\system32\cscapi.dll
c:\windows\system32\slc.dll
c:\users\admin\appdata\local\blisk\application\blisk.exe
c:\windows\system32\twext.dll
c:\windows\system32\cscui.dll
c:\windows\system32\cscdll.dll
c:\windows\system32\acppage.dll
c:\windows\system32\msi.dll
c:\windows\system32\wer.dll
c:\windows\system32\devrtl.dll
c:\windows\system32\mssprxy.dll
c:\windows\system32\netutils.dll

PID
3492
CMD
C:\Users\admin\AppData\Local\Temp\CR_2A4F6.tmp\setup.exe --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\admin\AppData\Local\Blisk\User Data\Crashpad" --annotation=plat=Win32 --annotation=prod=Blisk --annotation=ver=11.0.157.186 --initial-client-data=0xf8,0xfc,0x100,0xec,0x104,0x313538,0x313548,0x313554
Path
C:\Users\admin\AppData\Local\Temp\CR_2A4F6.tmp\setup.exe
Indicators
No indicators
Parent process
setup.exe
User
admin
Integrity Level
MEDIUM
Exit code
0
Version:
Company
The Blisk Authors
Description
Blisk Installer
Version
11.0.157.186
Modules
Image
c:\users\admin\appdata\local\temp\cr_2a4f6.tmp\setup.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\psapi.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\winmm.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\version.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\propsys.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\apphelp.dll
c:\windows\apppatch\acgenral.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\samcli.dll
c:\windows\system32\msacm32.dll
c:\windows\system32\sfc.dll
c:\windows\system32\sfc_os.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\mpr.dll
c:\windows\system32\msctf.dll
c:\windows\system32\imm32.dll
c:\windows\system32\cryptbase.dll

PID
3836
CMD
"C:\Users\admin\AppData\Local\Blisk\Application\blisk.exe"
Path
C:\Users\admin\AppData\Local\Blisk\Application\blisk.exe
Indicators
Parent process
setup.exe
User
admin
Integrity Level
MEDIUM
Version:
Company
The Blisk Authors
Description
Blisk
Version
11.0.157.186
Modules
Image
c:\users\admin\appdata\local\blisk\application\blisk.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\users\admin\appdata\local\blisk\application\11.0.157.186\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\winmm.dll
c:\windows\system32\psapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\ole32.dll
c:\users\admin\appdata\local\blisk\application\11.0.157.186\chrome.dll
c:\windows\system32\msdmo.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\netutils.dll
c:\windows\system32\srvcli.dll
c:\windows\system32\wkscli.dll
c:\windows\system32\samcli.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\oleacc.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\hid.dll
c:\windows\system32\propsys.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\credui.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\ncrypt.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\winusb.dll
c:\windows\system32\d3d11.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\wevtapi.dll
c:\windows\system32\gpapi.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\nlaapi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\dhcpcsvc6.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\mscms.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\audioses.dll
c:\windows\system32\mmdevapi.dll
c:\windows\system32\wlanapi.dll
c:\windows\system32\wlanutil.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\wpc.dll
c:\windows\system32\samlib.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\firewallapi.dll
c:\windows\system32\winsta.dll
c:\windows\system32\kbdus.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\shdocvw.dll
c:\windows\system32\explorerframe.dll
c:\windows\system32\duser.dll
c:\windows\system32\dui70.dll
c:\windows\system32\linkinfo.dll
c:\windows\system32\wship6.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\fwpuclnt.dll
c:\windows\system32\p2pcollab.dll
c:\windows\system32\qagentrt.dll
c:\windows\system32\fveui.dll
c:\windows\system32\bcryptprimitives.dll
c:\windows\system32\cryptsp.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\cryptnet.dll
c:\windows\system32\imagehlp.dll
c:\program files\winrar\rarext.dll
c:\program files\microsoft office\office14\olkfstub.dll
c:\progra~1\micros~1\office14\mlshext.dll
c:\program files\microsoft office\office14\onfilter.dll
c:\program files\microsoft office\office14\visshe.dll
c:\program files\common files\microsoft shared\office14\msoshext.dll
c:\program files\microsoft office\office14\msohevi.dll
c:\windows\system32\mf.dll
c:\users\admin\appdata\local\blisk\application\11.0.157.186\chrome_child.dll
c:\windows\system32\comdlg32.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\wininet.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\winspool.drv

PID
3568
CMD
C:\Users\admin\AppData\Local\Blisk\Application\blisk.exe --type=crashpad-handler "--user-data-dir=C:\Users\admin\AppData\Local\Blisk\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\admin\AppData\Local\Blisk\User Data\Crashpad" "--metrics-dir=C:\Users\admin\AppData\Local\Blisk\User Data" --annotation=plat=Win32 --annotation=prod=Blisk --annotation=ver=11.0.157.186 --initial-client-data=0x68,0x6c,0x70,0x64,0x74,0x6f144e60,0x6f144e70,0x6f144e7c
Path
C:\Users\admin\AppData\Local\Blisk\Application\blisk.exe
Indicators
No indicators
Parent process
blisk.exe
User
admin
Integrity Level
MEDIUM
Version:
Company
The Blisk Authors
Description
Blisk
Version
11.0.157.186
Modules
Image
c:\users\admin\appdata\local\blisk\application\blisk.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\users\admin\appdata\local\blisk\application\11.0.157.186\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\winmm.dll
c:\windows\system32\psapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\cryptbase.dll

PID
2760
CMD
"C:\Users\admin\AppData\Local\Blisk\Application\blisk.exe" --type=gpu-process --field-trial-handle=916,8984022898348343128,15355111136530239512,131072 --gpu-preferences=KAAAAAAAAACAAwBgAQAAAAAAAAAAAGAAAAAAAAAAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAKAAAAEAAAAAAAAAAAAAAACwAAABAAAAAAAAAAAQAAAAoAAAAQAAAAAAAAAAEAAAALAAAA --service-request-channel-token=2594845930196003518 --mojo-platform-channel-handle=904 --ignored=" --type=renderer " /prefetch:2
Path
C:\Users\admin\AppData\Local\Blisk\Application\blisk.exe
Indicators
No indicators
Parent process
blisk.exe
User
admin
Integrity Level
LOW
Version:
Company
The Blisk Authors
Description
Blisk
Version
11.0.157.186
Modules
Image
c:\users\admin\appdata\local\blisk\application\blisk.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\users\admin\appdata\local\blisk\application\11.0.157.186\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\winmm.dll
c:\windows\system32\psapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\users\admin\appdata\local\blisk\application\11.0.157.186\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msdmo.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\mf.dll
c:\windows\system32\atl.dll
c:\windows\system32\mfplat.dll
c:\windows\system32\avrt.dll
c:\windows\system32\ksuser.dll
c:\windows\system32\msmpeg2vdec.dll
c:\windows\system32\evr.dll
c:\windows\system32\powrprof.dll
c:\windows\system32\slc.dll
c:\windows\system32\sqmapi.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\dxva2.dll
c:\users\admin\appdata\local\blisk\application\11.0.157.186\d3dcompiler_47.dll
c:\windows\system32\api-ms-win-crt-string-l1-1-0.dll
c:\windows\system32\ucrtbase.dll
c:\windows\system32\api-ms-win-core-timezone-l1-1-0.dll
c:\windows\system32\api-ms-win-core-file-l2-1-0.dll
c:\windows\system32\api-ms-win-core-localization-l1-2-0.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
c:\windows\system32\api-ms-win-core-file-l1-2-0.dll
c:\windows\system32\api-ms-win-crt-math-l1-1-0.dll
c:\windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
c:\windows\system32\api-ms-win-crt-private-l1-1-0.dll
c:\windows\system32\api-ms-win-crt-time-l1-1-0.dll
c:\windows\system32\ddraw.dll
c:\windows\system32\dciman32.dll
c:\users\admin\appdata\local\blisk\application\11.0.157.186\swiftshader\libglesv2.dll
c:\users\admin\appdata\local\blisk\application\11.0.157.186\swiftshader\libegl.dll

PID
2384
CMD
"C:\Users\admin\AppData\Local\Blisk\Application\blisk.exe" --type=renderer --field-trial-handle=916,8984022898348343128,15355111136530239512,131072 --service-pipe-token=8533136305059228815 --lang=en-US --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=8533136305059228815 --renderer-client-id=4 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1812 /prefetch:1
Path
C:\Users\admin\AppData\Local\Blisk\Application\blisk.exe
Indicators
No indicators
Parent process
blisk.exe
User
admin
Integrity Level
LOW
Version:
Company
The Blisk Authors
Description
Blisk
Version
11.0.157.186
Modules
Image
c:\users\admin\appdata\local\blisk\application\blisk.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\users\admin\appdata\local\blisk\application\11.0.157.186\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\winmm.dll
c:\windows\system32\psapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\users\admin\appdata\local\blisk\application\11.0.157.186\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msdmo.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
3840
CMD
"C:\Users\admin\AppData\Local\Blisk\Application\blisk.exe" --type=renderer --field-trial-handle=916,8984022898348343128,15355111136530239512,131072 --service-pipe-token=10857259785842570897 --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=10857259785842570897 --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1964 /prefetch:1
Path
C:\Users\admin\AppData\Local\Blisk\Application\blisk.exe
Indicators
No indicators
Parent process
blisk.exe
User
admin
Integrity Level
LOW
Version:
Company
The Blisk Authors
Description
Blisk
Version
11.0.157.186
Modules
Image
c:\users\admin\appdata\local\blisk\application\blisk.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\users\admin\appdata\local\blisk\application\11.0.157.186\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\winmm.dll
c:\windows\system32\psapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\users\admin\appdata\local\blisk\application\11.0.157.186\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msdmo.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
2240
CMD
"C:\Users\admin\AppData\Local\Blisk\Application\blisk.exe" --type=renderer --field-trial-handle=916,8984022898348343128,15355111136530239512,131072 --service-pipe-token=14192391933504063379 --lang=en-US --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=14192391933504063379 --renderer-client-id=3 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1984 /prefetch:1
Path
C:\Users\admin\AppData\Local\Blisk\Application\blisk.exe
Indicators
No indicators
Parent process
blisk.exe
User
admin
Integrity Level
LOW
Version:
Company
The Blisk Authors
Description
Blisk
Version
11.0.157.186
Modules
Image
c:\users\admin\appdata\local\blisk\application\blisk.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\users\admin\appdata\local\blisk\application\11.0.157.186\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\winmm.dll
c:\windows\system32\psapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\users\admin\appdata\local\blisk\application\11.0.157.186\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msdmo.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
3080
CMD
"C:\Users\admin\AppData\Local\Blisk\Application\blisk.exe" --type=renderer --field-trial-handle=916,8984022898348343128,15355111136530239512,131072 --service-pipe-token=16832724156228050790 --lang=en-US --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=16832724156228050790 --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2064 /prefetch:1
Path
C:\Users\admin\AppData\Local\Blisk\Application\blisk.exe
Indicators
No indicators
Parent process
blisk.exe
User
admin
Integrity Level
LOW
Version:
Company
The Blisk Authors
Description
Blisk
Version
11.0.157.186
Modules
Image
c:\users\admin\appdata\local\blisk\application\blisk.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\users\admin\appdata\local\blisk\application\11.0.157.186\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\winmm.dll
c:\windows\system32\psapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\users\admin\appdata\local\blisk\application\11.0.157.186\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msdmo.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
3004
CMD
"C:\Users\admin\AppData\Local\Blisk\Application\blisk.exe" --type=renderer --field-trial-handle=916,8984022898348343128,15355111136530239512,131072 --service-pipe-token=7276108549994513500 --lang=en-US --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=7276108549994513500 --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2004 /prefetch:1
Path
C:\Users\admin\AppData\Local\Blisk\Application\blisk.exe
Indicators
No indicators
Parent process
blisk.exe
User
admin
Integrity Level
LOW
Exit code
0
Version:
Company
The Blisk Authors
Description
Blisk
Version
11.0.157.186
Modules
Image
c:\users\admin\appdata\local\blisk\application\blisk.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\users\admin\appdata\local\blisk\application\11.0.157.186\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\winmm.dll
c:\windows\system32\psapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\users\admin\appdata\local\blisk\application\11.0.157.186\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msdmo.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
2516
CMD
"C:\Users\admin\AppData\Local\Blisk\Application\blisk.exe" --type=utility --field-trial-handle=916,8984022898348343128,15355111136530239512,131072 --lang=en-US --service-sandbox-type=audio --service-request-channel-token=3596318984184386803 --mojo-platform-channel-handle=3984 /prefetch:8
Path
C:\Users\admin\AppData\Local\Blisk\Application\blisk.exe
Indicators
No indicators
Parent process
blisk.exe
User
admin
Integrity Level
MEDIUM
Version:
Company
The Blisk Authors
Description
Blisk
Version
11.0.157.186
Modules
Image
c:\users\admin\appdata\local\blisk\application\blisk.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\users\admin\appdata\local\blisk\application\11.0.157.186\chrome_elf.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\version.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\user32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\shell32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\winmm.dll
c:\windows\system32\psapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\users\admin\appdata\local\blisk\application\11.0.157.186\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msdmo.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\audioses.dll
c:\windows\system32\mmdevapi.dll
c:\windows\system32\propsys.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll

PID
2392
CMD
"C:\Users\admin\AppData\Local\Blisk\Application\blisk.exe" --type=renderer --field-trial-handle=916,8984022898348343128,15355111136530239512,131072 --disable-gpu-compositing --service-pipe-token=3686050073247437977 --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=3686050073247437977 --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4260 /prefetch:1
Path
C:\Users\admin\AppData\Local\Blisk\Application\blisk.exe
Indicators
No indicators
Parent process
blisk.exe
User
admin
Integrity Level
LOW
Version:
Company
The Blisk Authors
Description
Blisk
Version
11.0.157.186
Modules
Image
c:\users\admin\appdata\local\blisk\application\blisk.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\users\admin\appdata\local\blisk\application\11.0.157.186\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\winmm.dll
c:\windows\system32\psapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\users\admin\appdata\local\blisk\application\11.0.157.186\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msdmo.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
3880
CMD
"C:\Users\admin\AppData\Local\Blisk\Application\blisk.exe" --type=renderer --field-trial-handle=916,8984022898348343128,15355111136530239512,131072 --disable-gpu-compositing --service-pipe-token=7541240486721353578 --lang=en-US --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=7541240486721353578 --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4484 /prefetch:1
Path
C:\Users\admin\AppData\Local\Blisk\Application\blisk.exe
Indicators
No indicators
Parent process
blisk.exe
User
admin
Integrity Level
LOW
Version:
Company
The Blisk Authors
Description
Blisk
Version
11.0.157.186
Modules
Image
c:\users\admin\appdata\local\blisk\application\blisk.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\users\admin\appdata\local\blisk\application\11.0.157.186\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\winmm.dll
c:\windows\system32\psapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\users\admin\appdata\local\blisk\application\11.0.157.186\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msdmo.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll

PID
1308
CMD
"C:\Users\admin\AppData\Local\Blisk\Application\blisk.exe" --type=gpu-process --field-trial-handle=916,8984022898348343128,15355111136530239512,131072 --disable-gpu-sandbox --gpu-preferences=KAAAAAAAAACAAwBgAQAAAAAAAAAAAGAAAAAAAAAAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAKAAAAEAAAAAAAAAAAAAAACwAAABAAAAAAAAAAAQAAAAoAAAAQAAAAAAAAAAEAAAALAAAA --service-request-channel-token=18075257617062257799 --mojo-platform-channel-handle=4236 /prefetch:2
Path
C:\Users\admin\AppData\Local\Blisk\Application\blisk.exe
Indicators
No indicators
Parent process
blisk.exe
User
admin
Integrity Level
MEDIUM
Exit code
0
Version:
Company
The Blisk Authors
Description
Blisk
Version
11.0.157.186
Modules
Image
c:\users\admin\appdata\local\blisk\application\blisk.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\users\admin\appdata\local\blisk\application\11.0.157.186\chrome_elf.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\winmm.dll
c:\windows\system32\psapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\users\admin\appdata\local\blisk\application\11.0.157.186\chrome_child.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\nsi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winnsi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msdmo.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\userenv.dll
c:\windows\system32\profapi.dll
c:\windows\system32\dwrite.dll
c:\windows\system32\winspool.drv
c:\windows\system32\dbghelp.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\dwmapi.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\wininet.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sspicli.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\webio.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\cryptbase.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\devobj.dll
c:\windows\system32\mf.dll
c:\windows\system32\atl.dll
c:\windows\system32\mfplat.dll
c:\windows\system32\avrt.dll
c:\windows\system32\ksuser.dll
c:\windows\system32\msmpeg2vdec.dll
c:\windows\system32\evr.dll
c:\windows\system32\powrprof.dll
c:\windows\system32\slc.dll
c:\windows\system32\sqmapi.dll
c:\windows\system32\bcrypt.dll
c:\windows\system32\dxva2.dll
c:\users\admin\appdata\local\blisk\application\11.0.157.186\d3dcompiler_47.dll
c:\windows\system32\api-ms-win-crt-string-l1-1-0.dll
c:\windows\system32\ucrtbase.dll
c:\windows\system32\api-ms-win-core-timezone-l1-1-0.dll
c:\windows\system32\api-ms-win-core-file-l2-1-0.dll
c:\windows\system32\api-ms-win-core-localization-l1-2-0.dll
c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
c:\windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
c:\windows\system32\api-ms-win-core-file-l1-2-0.dll
c:\windows\system32\api-ms-win-crt-math-l1-1-0.dll
c:\windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
c:\windows\system32\api-ms-win-crt-private-l1-1-0.dll
c:\windows\system32\api-ms-win-crt-time-l1-1-0.dll
c:\windows\system32\ddraw.dll
c:\windows\system32\dciman32.dll
c:\users\admin\appdata\local\blisk\application\11.0.157.186\swiftshader\libglesv2.dll
c:\users\admin\appdata\local\blisk\application\11.0.157.186\swiftshader\libegl.dll

Registry activity

Total events
1730
Read events
1544
Write events
184
Delete events
2

Modification events

PID
Process
Operation
Key
Name
Value
3160
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\BrowserExitCodes
2528-13199751126981750
259
3160
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\BrowserExitCodes
2528-13199751126981750
0
2400
chrome.exe
write
HKEY_CLASSES_ROOT\Local Settings\MuiCache\62\52C64B7E
LanguageList
en-US
2528
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
failed_count
0
2528
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
state
2
2528
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
StatusCodes
2528
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\ThirdParty
StatusCodes
01000000
2528
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\BLBeacon
state
1
2528
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
dr
1
2528
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome
UsageStatsInSample
0
2528
chrome.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}
usagestats
0
2528
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
metricsid
2528
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
metricsid_installdate
0
2528
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
metricsid_enableddate
0
2528
chrome.exe
delete key
HKEY_CURRENT_USER\Software\Google\Chrome\BrowserExitCodes
2528
chrome.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\_NumAccounts
aggregate
sum()
2528
chrome.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\_NumAccounts
S-1-5-21-1302019708-1500728564-335382590-1000
1
2528
chrome.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\_NumSignedIn
aggregate
sum()
2528
chrome.exe
write
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Update\ClientStateMedium\{8A69D345-D564-463C-AFF1-A69D9E530F96}\_NumSignedIn
S-1-5-21-1302019708-1500728564-335382590-1000
0
2528
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\StabilityMetrics
user_experience_metrics.stability.exited_cleanly
0
2528
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
lastrun
13199751128044250
2528
chrome.exe
write
HKEY_CLASSES_ROOT\Local Settings\MuiCache\62\52C64B7E
LanguageList
en-US
2528
chrome.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
UNCAsIntranet
0
2528
chrome.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
AutoDetect
1
2528
chrome.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings
ProxyEnable
0
2528
chrome.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
SavedLegacySettings
4600000071000000010000000000000000000000000000000000000000000000C0E333BBEAB1D301000000000000000000000000020000001700000000000000FE800000000000007D6CB050D9C573F70B000000000000006D00330032005C004D00530049004D004700330032002E0064006C000100000004AA400014AA4000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000C0A8016400000000000000000000000000000000000000000800000000000000805D3F00983740000008000002000000000000600000002060040000B8A94000020000008802000060040000B8A9400004000000F8010000B284000088B64000B84B400043003A000000000000000000000000000000000000000000
2528
chrome.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\Component Categories\{56FFCC30-D398-11D0-B2AE-00A0C908FA49}\Enum
Implementing
1C00000001000000E307040000000E001500200017005D0200000000
2528
chrome.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\Component Categories\{56FFCC30-D398-11D0-B2AE-00A0C908FA49}\Enum
Implementing
1C00000001000000E307040000000E00150020001700620200000000
2528
chrome.exe
delete key
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
2528
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
aapocclcgogkmnckokdopfmhonfmgoek
27865C623B4A408C125AAA1A03913B8205E4E94D722864E7E71CC86FCA9A9846
2528
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
ahfgeienlihckogmohjhadlkjgocpleb
15B1C3FE35F29528448F36A72A4DFBC58A8083C7190559D25865779166D220A2
2528
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
aohghmighlieiainnegkcijnfilokake
9BFD5FD433F2D31FA5C84D3AC339D558C1F4A83F7D0ABF820A0E8EA02CD978B0
2528
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
apdfllckaahabafndbhieahigkjlhalf
D4825CDC654EEAB1EF7178D7C2C55D77A00097D5C51CB577104FEBEC211CD3E3
2528
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
blpcfgokakmgnkcojhhkbfbldkacnbeo
1C9DAA2B53B45AF7EB08D40C4A913D525AA61079DF552D2B83CF70B0537CDF0A
2528
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
felcaaldnbdncclmgdcncolpebgiejap
84E6BB4297E1F55A871356727E843204B8785E9680F3628FEFFBE6DCBD46718A
2528
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
gfdkimpbcpahaombhbimeihdjnejgicl
D6B079666F209503A09486C70AC09307652A0F7F783166A999B27C99D0DA79E2
2528
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
ghbmnnjooekpmoecnnnilnnbdlolhkhi
E4CC88A1E8EB4BC8CF20840F73ECA44B3DF4F93E39E645B0CC0BC54E6BD32F0C
2528
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
kmendfapggjehodndflmmgagdbamhnfd
00175B8120231631976CA8B862A3416996C9373BA3D289F0619DDA992973DDFA
2528
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
mfehgcgbbipciphmccgaenjidiccnmng
63355C14E8C7DF9A075F2EDDEA6F2807DC8166B83F96F4C975B9B6554C6324D7
2528
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
mhjfbmdgcfjbbpaeojofohoefgiehjai
0E265BFED6F1C7D5F0A9BD790C50BB30E78E959631D51EEBB8BB0DE73E65763C
2528
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
neajdppkdcdipfabeoofebfddakdcjhd
04A45240BDA55E8777FA04357712CA6DD942253A21323E4C7D3CCF769B34BFED
2528
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nkeimhogjdpnpccoofpliimaahmaaome
EFA63CBF982B82CF44E63E567FF3BB95FE3F51570D9A0CED8846E77B13199169
2528
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
nmmhkkegccagdldgiimedpiccmgmieda
E9C847A29C984122FAAF4CAC214048E7BB668828FB652C55F41A66FEB5B97467
2528
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
pjkljhegncpnkpknbcohdijeoejaedia
6C14AC55DD9101F61F7CEC55EF1B74ABB95EF6232175D221AA46460F5B737013
2528
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings
pkedcjkdefgpdelpbcmbmeomcjbeemfm
69E8369E7EACBE49B81ACB4B3836D317B64B7A652E4C6C0AEF6474802358C949
2528
chrome.exe
write
HKEY_CURRENT_USER\Software\Google\Chrome\StabilityMetrics
user_experience_metrics.stability.exited_cleanly
1
1032
setup.exe
write
HKEY_CURRENT_USER\Software\AppDataLow\Software\blisk
kBliskConfig
ff2c302c-61ae-4277-b9b7-d8bc1f362136
1032
setup.exe
write
HKEY_CURRENT_USER\Software\Blisk
InstallerProgress
18
1032
setup.exe
write
HKEY_CURRENT_USER\Software\Blisk
InstallerProgress
24
1032
setup.exe
write
HKEY_CURRENT_USER\Software\Blisk
InstallerProgress
37
1032
setup.exe
write
HKEY_CURRENT_USER\Software\Blisk
InstallerProgress
43
1032
setup.exe
write
HKEY_CURRENT_USER\Software\Blisk
InstallerProgress
49
1032
setup.exe
write
HKEY_CURRENT_USER\Software\Blisk
InstallerProgress
56
1032
setup.exe
write
HKEY_CURRENT_USER\Software\Blisk
UninstallString
C:\Users\admin\AppData\Local\Blisk\Application\11.0.157.186\Installer\setup.exe
1032
setup.exe
write
HKEY_CURRENT_USER\Software\Blisk
UninstallArguments
--uninstall
1032
setup.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Blisk
DisplayName
Blisk
1032
setup.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Blisk
UninstallString
"C:\Users\admin\AppData\Local\Blisk\Application\11.0.157.186\Installer\setup.exe" --uninstall
1032
setup.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Blisk
InstallLocation
C:\Users\admin\AppData\Local\Blisk\Application
1032
setup.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Blisk
DisplayIcon
C:\Users\admin\AppData\Local\Blisk\Application\blisk.exe,0
1032
setup.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Blisk
NoModify
1
1032
setup.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Blisk
NoRepair
1
1032
setup.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Blisk
Publisher
Blisk
1032
setup.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Blisk
Version
11.0.157.186
1032
setup.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Blisk
DisplayVersion
11.0.157.186
1032
setup.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Blisk
InstallDate
20190414
1032
setup.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Blisk
VersionMajor
157
1032
setup.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Blisk
VersionMinor
186
1032
setup.exe
write
HKEY_CURRENT_USER\Software\Blisk
name
Blisk
1032
setup.exe
write
HKEY_CURRENT_USER\Software\Blisk
oopcrashes
1
1032
setup.exe
write
HKEY_CURRENT_USER\Software\Blisk
lang
en
1032
setup.exe
write
HKEY_CURRENT_USER\Software\Blisk
pv
11.0.157.186
1032
setup.exe
write
HKEY_CURRENT_USER\Software\Blisk\Commands\on-os-upgrade
CommandLine
"C:\Users\admin\AppData\Local\Blisk\Application\11.0.157.186\Installer\setup.exe" --on-os-upgrade --verbose-logging
1032
setup.exe
write
HKEY_CURRENT_USER\Software\Blisk\Commands\on-os-upgrade
AutoRunOnOSUpgrade
1
1032
setup.exe
write
HKEY_CLASSES_ROOT\CLSID\{635EFA6F-08D6-4EC9-BD14-8A0FDE975159}\LocalServer32
"C:\Users\admin\AppData\Local\Blisk\Application\11.0.157.186\notification_helper.exe"
1032
setup.exe
write
HKEY_CLASSES_ROOT\CLSID\{635EFA6F-08D6-4EC9-BD14-8A0FDE975159}\LocalServer32
ServerExecutable
C:\Users\admin\AppData\Local\Blisk\Application\11.0.157.186\notification_helper.exe
1032
setup.exe
write
HKEY_CURRENT_USER\Software\Blisk
InstallerProgress
62
1032
setup.exe
write
HKEY_CURRENT_USER\Software\Blisk
InstallerProgress
68
1032
setup.exe
write
HKEY_CURRENT_USER\Software\Blisk
InstallerProgress
75
1032
setup.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Taskband
Favorites
007C01000014001F80C827341F105C1042AA032EE45287D6685200310000000000454B864A11005461736B426172003C0008000400EFBE454B864A454B864A2A000000603E00000000040000000000000000000000000000005400610073006B00420061007200000016001401320085050000454B864A2000494E5445524E7E312E4C4E4B0000A60008000400EFBE454B864A454B864A2A000000613E000000000400000000000000000056000000000049006E007400650072006E006500740020004500780070006C006F007200650072002E006C006E006B000000400043003A005C00570069006E0064006F00770073005C00530079007300740065006D00330032005C00690065003400750069006E00690074002E006500780065002C002D0037003300310000001C00520000001D00EFBE02004D006900630072006F0073006F00660074002E0049006E007400650072006E00650074004500780070006C006F007200650072002E00440065006600610075006C00740000001C000000007601000014001F80C827341F105C1042AA032EE45287D6685200310000000000454B864A11005461736B426172003C0008000400EFBE454B864A454B864A2A000000603E00000000040000000000000000000000000000005400610073006B00420061007200000016000E013200CC040000EE3AB624200057494E444F577E312E4C4E4B00007E0008000400EFBE454B864A454B864A2A000000673E0000000005000000000000000000540000000000570069006E0064006F007700730020004500780070006C006F007200650072002E006C006E006B00000040007300680065006C006C00330032002E0064006C006C002C002D003200320030003600370000001C00740000001D00EFBE02007B00460033003800420046003400300034002D0031004400340033002D0034003200460032002D0039003300300035002D003600370044004500300042003200380046004300320033007D005C006500780070006C006F007200650072002E0065007800650000001C000000007801000014001F80C827341F105C1042AA032EE45287D6685200310000000000454B864A11005461736B426172003C0008000400EFBE454B864A454B864A2A000000603E00000000040000000000000000000000000000005400610073006B004200610072000000160010013200EB050000743D33AD200057494E444F577E322E4C4E4B0000A80008000400EFBE454B864A454B864A2A0000006B3E00000000050000000000000000005C0000000000570069006E0064006F007700730020004D006500640069006100200050006C0061007900650072002E006C006E006B000000400043003A005C00570069006E0064006F00770073005C00730079007300740065006D00330032005C0075006E007200650067006D00700032002E006500780065002C002D00340000001C004C0000001D00EFBE02004D006900630072006F0073006F00660074002E00570069006E0064006F00770073002E004D00650064006900610050006C0061007900650072003300320000001C00000000EE00000014001F80C827341F105C1042AA032EE45287D66852003100000000001C4D7D5911005461736B426172003C0008000400EFBE454B864A1C4D7D592A000000603E00000000040000000000000000000000000000005400610073006B0042006100720000001600860032007A0800001C4D59592000474F4F474C457E312E4C4E4B0000500008000400EFBE1C4D7D591C4D7D592A00000097C0000000000100000000000000000000000000000047006F006F0067006C00650020004300680072006F006D0065002E006C006E006B0000001C001A0000001D00EFBE02004300680072006F006D00650000001C000000005201000014001F80C827341F105C1042AA032EE45287D66852003100000000001C4DD15D11005461736B426172003C0008000400EFBE454B864A1C4DD15D2A000000603E00000000040000000000000000000000000000005400610073006B0042006100720000001600EA003200FB0600001C4DD05D20004F50455241317E312E4C4E4B0000540008000400EFBE1C4DD15D1C4DD15D2A000000E6C600000000010000000000000000000000000000004F007000650072006100310032002E0031003500200031003700340038002E006C006E006B0000001C007A0000001D00EFBE02007B00370043003500410034003000450046002D0041003000460042002D0034004200460043002D0038003700340041002D004300300046003200450030004200390046004100380045007D005C004F0070006500720061005C006F0070006500720061002E0065007800650000001C000000000E01000014001F80C827341F105C1042AA032EE45287D66852003100000000008E4E2AAC11005461736B426172003C0008000400EFBE454B864A8E4E2AAC2A000000603E00000000040000000000000000000000000000005400610073006B0042006100720000001600A6003200A60800008E4E29AC2000426C69736B2E6C6E6B00400008000400EFBE8E4E2AAC8E4E2AAC2A0000009CDE000000000600000000000000000000000000000042006C00690073006B002E006C006E006B00000018004E0000001D00EFBE020042006C00690073006B002E005800500056003200540048005A00370053004900560055005A00560035005000340049005A0055004D004E00550036004B004D00000018000000FF
1032
setup.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Taskband
FavoritesChanges
10
1032
setup.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Taskband
FavoritesVersion
2
1032
setup.exe
write
HKEY_CURRENT_USER\Software\Blisk
InstallerProgress
81
1032
setup.exe
write
HKEY_CLASSES_ROOT\BliskHTM.XPV2THZ7SIVUZV5P4IZUMNU6KM
Blisk HTML Document
1032
setup.exe
write
HKEY_CLASSES_ROOT\BliskHTM.XPV2THZ7SIVUZV5P4IZUMNU6KM\DefaultIcon
C:\Users\admin\AppData\Local\Blisk\Application\blisk.exe,0
1032
setup.exe
write
HKEY_CLASSES_ROOT\BliskHTM.XPV2THZ7SIVUZV5P4IZUMNU6KM\shell\open\command
"C:\Users\admin\AppData\Local\Blisk\Application\blisk.exe" -- "%1"
1032
setup.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\App Paths\blisk.exe
C:\Users\admin\AppData\Local\Blisk\Application\blisk.exe
1032
setup.exe
write
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\App Paths\blisk.exe
Path
C:\Users\admin\AppData\Local\Blisk\Application
1032
setup.exe
write
HKEY_CLASSES_ROOT\.htm\OpenWithProgids
BliskHTM.XPV2THZ7SIVUZV5P4IZUMNU6KM
1032
setup.exe
write
HKEY_CLASSES_ROOT\.html\OpenWithProgids
BliskHTM.XPV2THZ7SIVUZV5P4IZUMNU6KM
1032
setup.exe
write
HKEY_CLASSES_ROOT\.pdf\OpenWithProgids
BliskHTM.XPV2THZ7SIVUZV5P4IZUMNU6KM
1032
setup.exe
write
HKEY_CLASSES_ROOT\.shtml\OpenWithProgids
BliskHTM.XPV2THZ7SIVUZV5P4IZUMNU6KM
1032
setup.exe
write
HKEY_CLASSES_ROOT\.svg\OpenWithProgids
BliskHTM.XPV2THZ7SIVUZV5P4IZUMNU6KM
1032
setup.exe
write
HKEY_CLASSES_ROOT\.xht\OpenWithProgids
BliskHTM.XPV2THZ7SIVUZV5P4IZUMNU6KM
1032
setup.exe
write
HKEY_CLASSES_ROOT\.xhtml\OpenWithProgids
BliskHTM.XPV2THZ7SIVUZV5P4IZUMNU6KM
1032
setup.exe
write
HKEY_CLASSES_ROOT\.webp\OpenWithProgids
BliskHTM.XPV2THZ7SIVUZV5P4IZUMNU6KM
1032
setup.exe
write
HKEY_CURRENT_USER\Software\Blisk
FirstNotDefault
E80E4D911AE52E00
1032
setup.exe
write
HKEY_CURRENT_USER\Software\Blisk
InstallerProgress
87
1032
setup.exe
write
HKEY_CURRENT_USER\Software\Blisk
InstallerProgress
100
1032
setup.exe
write
HKEY_CURRENT_USER\Software\Blisk
InstallerResult
0
1032
setup.exe
write
HKEY_CURRENT_USER\Software\Blisk
InstallerError
0
1032
setup.exe
write
HKEY_CURRENT_USER\Software\Blisk
InstallerSuccessLaunchCmdLine
"C:\Users\admin\AppData\Local\Blisk\Application\blisk.exe"
3836
blisk.exe
write
HKEY_CURRENT_USER\Software\Blisk
UsageStatsInSample
1
3836
blisk.exe
write
HKEY_CURRENT_USER\Software\Blisk
usagestats
0
3836
blisk.exe
write
HKEY_CURRENT_USER\Software\Blisk
metricsid
3836
blisk.exe
write
HKEY_CURRENT_USER\Software\Blisk
metricsid_installdate
0
3836
blisk.exe
write
HKEY_CURRENT_USER\Software\Blisk
metricsid_enableddate
0
3836
blisk.exe
write
HKEY_CURRENT_USER\Software\Blisk\PreferenceMACs\Default
search_provider_overrides
EF17F7FA45B8F16615D491CCE41A56A12CE6FBA36F2B98B1DD87C304570165F2
3836
blisk.exe
write
HKEY_CURRENT_USER\Software\Blisk\PreferenceMACs\Default
default_search_provider_data.template_url_data
1040E6AC1CCD569E5E53D0BF4EECA2BD136369DBE52F8C48CF4952C20A43F878
3836
blisk.exe
write
HKEY_CURRENT_USER\Software\Blisk\PreferenceMACs\Default
browser.show_home_button
9C98BD35BD4838F1C3CB92A07C887BB822E4BCADC8C60D373DE2673010D7C05A
3836
blisk.exe
write
HKEY_CURRENT_USER\Software\Blisk\PreferenceMACs\Default
media.storage_id_salt
A653CFBA0C5BCAE84A14CEA4A806AB1059E6C7873665E99758AE797249F788C1
3836
blisk.exe
write
HKEY_CURRENT_USER\Software\Blisk\PreferenceMACs\Default
homepage
3D6B86B5A4950D2791B51BA18AA27BD83059A32C6F9404819761D330721B3F1D
3836
blisk.exe
write
HKEY_CURRENT_USER\Software\Blisk\PreferenceMACs\Default
homepage_is_newtabpage
07425E3E449909263DA2E4C868ADF615195A873BDFDDAEFCE7AC9F461228B25F
3836
blisk.exe
write
HKEY_CURRENT_USER\Software\Blisk\PreferenceMACs\Default
google.services.account_id
5199D2CF1CDA0E65C26B9A3EAE3F178658582E43988654B1B05E0ED14073576F
3836
blisk.exe
write
HKEY_CURRENT_USER\Software\Blisk\PreferenceMACs\Default
google.services.last_username
631CF3BEDA3F793752799A0A284FBB49373E4B13F77E2FA37B99B36845D60BDA
3836
blisk.exe
write
HKEY_CURRENT_USER\Software\Blisk\PreferenceMACs\Default
session.startup_urls
66246E31B718959A694967AA7A91A0466BC54C2A0AF1C299F96F3FA3E35EC641
3836
blisk.exe
write
HKEY_CURRENT_USER\Software\Blisk\PreferenceMACs\Default
session.restore_on_startup
E479032727DDBD4A222A56A2A491560949D4C9EF7CF86F0EFF068363EF79BD59
3836
blisk.exe
write
HKEY_CURRENT_USER\Software\Blisk\PreferenceMACs\Default
pinned_tabs
365B64A1D61511BA9BF21C9DB62603A7A03E71612997C2C18F62B67801F9D1C2
3836
blisk.exe
write
HKEY_CURRENT_USER\Software\Blisk\PreferenceMACs\Default
prefs.preference_reset_time
3C436A58632309009A2C5C9A2AAEDDB1C5BACCFC0A1F560E350B2D0F2031BFEE
3836
blisk.exe
write
HKEY_CURRENT_USER\Software\Blisk\PreferenceMACs\Default
safebrowsing.incidents_sent
8CA7FF3554C6EC2C3206332DD56160289A020CF248B62480DD70867DCC26CE97
3836
blisk.exe
write
HKEY_CURRENT_USER\Software\Blisk\PreferenceMACs\Default
software_reporter.prompt_version
19E44F7AAF76062FEE2856DCF2293A6BF9DF07F5F7F2DA1F8982925E5DBE8449
3836
blisk.exe
write
HKEY_CURRENT_USER\Software\Blisk\PreferenceMACs\Default
google.services.username
6FDE70D6F5447D9F3EA851D3F93E560A4BB7FB3F2D8356083A0709A6A17D96EF
3836
blisk.exe
write
HKEY_CURRENT_USER\Software\Blisk\PreferenceMACs\Default
software_reporter.prompt_seed
B3EADC70AE5FB4CC8D0631DEA7DC2694FE7855B5AE55C99F8B4A4803D1523B94
3836
blisk.exe
write
HKEY_CURRENT_USER\Software\Blisk\PreferenceMACs\Default
google.services.last_account_id
D4F2D8A0D218880A7ACB0903E1381F8CC2B1B520107C0B14B902B9D517C91619
3836
blisk.exe
write
HKEY_CURRENT_USER\Software\Blisk\PreferenceMACs\Default
settings_reset_prompt.prompt_wave
AC4B2153EED687E1ECC676CAFC123B34C23939ABFC91951CC2B023AF65A0FB5E
3836
blisk.exe
write
HKEY_CURRENT_USER\Software\Blisk\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_default_search
CDB16FC7AC99890DFF401605365C42628F19BBB68F94345FA6800FB3E0EA8637
3836
blisk.exe
write
HKEY_CURRENT_USER\Software\Blisk\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_startup_urls
A18F524189641DBF066F8AE1DF1826105DE883B57AB950DD8BD3661DD5A0B92B
3836
blisk.exe
write
HKEY_CURRENT_USER\Software\Blisk\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_homepage
719F32567988C387967165E36A5D195EE191B51F9EA5B36DC016A2C513F56AD9
3836
blisk.exe
write
HKEY_CURRENT_USER\Software\Blisk\StabilityMetrics
user_experience_metrics.stability.exited_cleanly
0
3836
blisk.exe
write
HKEY_CURRENT_USER\Software\Blisk\BLBeacon
version
11.0.157.186
3836
blisk.exe
write
HKEY_CURRENT_USER\Software\Blisk\BLBeacon
state
1
3836
blisk.exe
write
HKEY_CURRENT_USER\Software\Blisk\BLBeacon
failed_count
0
3836
blisk.exe
write
HKEY_CLASSES_ROOT\Local Settings\MuiCache\64\52C64B7E
LanguageList
en-US
3836
blisk.exe
write
HKEY_CLASSES_ROOT\Local Settings\MuiCache\64\52C64B7E
@%SystemRoot%\system32\p2pcollab.dll,-8042
Peer to Peer Trust
3836
blisk.exe
write
HKEY_CLASSES_ROOT\Local Settings\MuiCache\64\52C64B7E
@%SystemRoot%\system32\qagentrt.dll,-10
System Health Authentication
3836
blisk.exe
write
HKEY_CLASSES_ROOT\Local Settings\MuiCache\64\52C64B7E
@%SystemRoot%\system32\dnsapi.dll,-103
Domain Name System (DNS) Server Trust
3836
blisk.exe
write
HKEY_CLASSES_ROOT\Local Settings\MuiCache\64\52C64B7E
@%SystemRoot%\System32\fveui.dll,-843
BitLocker Drive Encryption
3836
blisk.exe
write
HKEY_CLASSES_ROOT\Local Settings\MuiCache\64\52C64B7E
@%SystemRoot%\System32\fveui.dll,-844
BitLocker Data Recovery Agent
3836
blisk.exe
write
HKEY_CURRENT_USER\Software\Blisk\PreferenceMACs\Default\extensions.settings
abpcmibclnigoghnfbfnbkpcipdkobip
C007756693C95DD3C57D45BA84AEDD81A9D09085A481483272D6E27BC4A8ED46
3836
blisk.exe
write
HKEY_CURRENT_USER\Software\Blisk\PreferenceMACs\Default\extensions.settings
ahfgeienlihckogmohjhadlkjgocpleb
CEF0751F015ED1AC2D214401CAB67E9285BD3E84FC2B64610CEFB8DBBABB75D5
3836
blisk.exe
write
HKEY_CURRENT_USER\Software\Blisk\PreferenceMACs\Default\extensions.settings
clfdppmofhomggiinjnaecoidcgnepmi
87A8707BDC547636E8ED746EA1C2FAFE1519793BF745FD7809FD496DF595B3BC
3836
blisk.exe
write
HKEY_CURRENT_USER\Software\Blisk\PreferenceMACs\Default\extensions.settings
kaemijmifiaaedjjjfadjifbhbggglpe
308DA5CFC8A777994E81C3192E4856265682F4FB3752572577F1FCCB38538C6F
3836
blisk.exe
write
HKEY_CURRENT_USER\Software\Blisk\PreferenceMACs\Default\extensions.settings
kmendfapggjehodndflmmgagdbamhnfd
9DC6F09288C7806FDA2D48A468653BCDFBD39F433584E6C2AA019A3D7563F123
3836
blisk.exe
write
HKEY_CURRENT_USER\Software\Blisk\PreferenceMACs\Default\extensions.settings
mfehgcgbbipciphmccgaenjidiccnmng
41B4465FB9425303F82AA55836BDFBB5A936EA35D7CE7FE58726531077F51A44
3836
blisk.exe
write
HKEY_CURRENT_USER\Software\Blisk\PreferenceMACs\Default\extensions.settings
mhjfbmdgcfjbbpaeojofohoefgiehjai
45B0DFD73F08D64618A22A203B611265AA31F41714F6BD06CFA779AADEC8D731
3836
blisk.exe
write
HKEY_CURRENT_USER\Software\Blisk\PreferenceMACs\Default
settings_reset_prompt.prompt_wave
70EC1EFB6854A4301A7D8DAC7CAB9BF68E981216E639D9175E991DCB6E1E88B1

Files activity

Executable files
8
Suspicious files
70
Text files
167
Unknown types
31

Dropped files

PID
Process
Filename
Type
1032
setup.exe
C:\Users\admin\AppData\Local\Blisk\Application\11.0.157.186\Installer\setup.exe
executable
MD5: 847fa45e7880af047eaa973a425b4ee2
SHA256: 1ce8012c8ff7146b1e893e18ca4f6cd5630b3c91314c9e8fef5cd76ab5e32c1a
1032
setup.exe
C:\Users\admin\AppData\Local\Blisk\Temp\source1032_12509\Chrome-bin\blisk.exe
executable
MD5: f69394ce706808534c523a3d89d65826
SHA256: ca166273a759643af61983b8c1505243dc1c8ad17f84acd703eac7761fbd1857
2920
blisk_inst.exe
C:\Users\admin\AppData\Local\Temp\CR_2A4F6.tmp\setup.exe
executable
MD5: 847fa45e7880af047eaa973a425b4ee2
SHA256: 1ce8012c8ff7146b1e893e18ca4f6cd5630b3c91314c9e8fef5cd76ab5e32c1a
2552
Blisk_installer.exe
C:\Users\admin\AppData\Local\Temp\nszC2B6.tmp\NSISdl.dll
executable
MD5: a5f8399a743ab7f9c88c645c35b1ebb5
SHA256: dacc88a12d3ba438fdae3535dc7a5a1d389bce13adc993706424874a782e51c9
2528
chrome.exe
C:\Users\admin\Downloads\Blisk_installer.exe
executable
MD5: 1e136efb693fbdcfcf9436e097841963
SHA256: 0100c90c5f85171653da973a034c08460c2e057d95ebf39fd35c8cfb97fedae0
2528
chrome.exe
C:\Users\admin\Downloads\Unconfirmed 356127.crdownload
executable
MD5: 1e136efb693fbdcfcf9436e097841963
SHA256: 0100c90c5f85171653da973a034c08460c2e057d95ebf39fd35c8cfb97fedae0
2528
chrome.exe
C:\Users\admin\Downloads\Unconfirmed 356127.crdownload
executable
MD5: bf4fa120d19e9cf3a59341465c646503
SHA256: d851bfd3c69a399ee90647111715faed66d6cec0028af92d5275d0b01a74277b
1032
setup.exe
C:\Users\admin\AppData\Local\Blisk\Application\blisk.exe
executable
MD5: f69394ce706808534c523a3d89d65826
SHA256: ca166273a759643af61983b8c1505243dc1c8ad17f84acd703eac7761fbd1857
2528
chrome.exe
C:\Users\admin\AppData\Local\Temp\TarB33E.tmp
––
MD5:  ––
SHA256:  ––
3836
blisk.exe
C:\Users\admin\AppData\Local\Blisk\User Data\Default\Session Storage\MANIFEST-000001
binary
MD5: 5af87dfd673ba2115e2fcf5cfdb727ab
SHA256: f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
3836
blisk.exe
C:\Users\admin\AppData\Local\Blisk\User Data\Default\TransportSecurity
text
MD5: bf1399bf916c25a41b50ef35a23173ae
SHA256: 1d95ac964a775f165736274c306c3e7562bc5d275f46aab8e03349b40748644c
3836
blisk.exe
C:\Users\admin\AppData\Local\Blisk\User Data\Default\33a5ca7e-2c78-4aa7-9b89-d856a64a6968.tmp
––
MD5:  ––
SHA256:  ––
3836
blisk.exe
C:\Users\admin\AppData\Local\Blisk\User Data\Default\Cache\f_000006
compressed
MD5: add5bb80416c26f7c28719e958358b3f
SHA256: a306c0648ad5677440b32ea320034994f934eb02df8bdd75c27f6bf785fefc20
3836
blisk.exe
C:\Users\admin\AppData\Local\Blisk\User Data\Default\Cache\f_000005
compressed
MD5: 9bd46b517fe0f6d76ffa04e8275c2c8d
SHA256: 9b1b5526502dfdadc615159ff98a7a91b9dc932c50245f780b701589f1128015
3836
blisk.exe
C:\Users\admin\AppData\Local\Blisk\User Data\Default\Cache\f_000004
compressed
MD5: 8d0def458b0223c30eac8f1b6a5eb8be
SHA256: c5d00c78a5db20378a1f5517b1fb24222c546549c3888dfb66f3605aff79906b
3836
blisk.exe
C:\Users\admin\AppData\Local\Blisk\User Data\Default\Cache\f_000003
compressed
MD5: ef8b5485969e807512cf6b8bd07e0a9e
SHA256: 62fc94d3680f4c78c7d1069a6c1d7d13712d90db2d15f177980ccf361d72e78b
3836
blisk.exe
C:\Users\admin\AppData\Local\Blisk\User Data\Default\Cache\f_000002
flc
MD5: 09c27f45f5e859a1e07eb4ca48d54de8
SHA256: e0ef5fbc03c688cc1e954e3e75c0a6851e5bb2a4696d3af2cbb0f41b1b3c736c
3836
blisk.exe
C:\Users\admin\AppData\Local\Blisk\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log
binary
MD5: 187252f738391fdc7f521c83c4aa58fa
SHA256: d9f46d0c5ac1bc56d4db4db0a76575d79e32452eeac5eeb64cfd29a2f5ef3930
3836
blisk.exe
C:\Users\admin\AppData\Local\Blisk\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG
text
MD5: 27ee0a51b8c319a61deba012a9f6a1ad
SHA256: 50b25773fc93e02341667eed621b3be865b5e9d29a22bff23ecf5d31349ebd6a
3836
blisk.exe
C:\Users\admin\AppData\Local\Blisk\User Data\Default\Feature Engagement Tracker\AvailabilityDB\CURRENT
text
MD5: 46295cac801e5d4857d09837238a6394
SHA256: 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
3836
blisk.exe
C:\Users\admin\AppData\Local\Blisk\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000001.dbtmp
––
MD5:  ––
SHA256:  ––
3836
blisk.exe
C:\Users\admin\AppData\Local\Blisk\User Data\Default\Feature Engagement Tracker\AvailabilityDB\MANIFEST-000001
binary
MD5: 5af87dfd673ba2115e2fcf5cfdb727ab
SHA256: f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
3836
blisk.exe
C:\Users\admin\AppData\Local\Blisk\User Data\Default\Feature Engagement Tracker\EventDB\CURRENT
text
MD5: 46295cac801e5d4857d09837238a6394
SHA256: 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
3836
blisk.exe
C:\Users\admin\AppData\Local\Blisk\User Data\Default\Feature Engagement Tracker\EventDB\MANIFEST-000001
binary
MD5: 5af87dfd673ba2115e2fcf5cfdb727ab
SHA256: f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
3836
blisk.exe
C:\Users\admin\AppData\Local\Blisk\User Data\Default\Feature Engagement Tracker\EventDB\000001.dbtmp
––
MD5:  ––
SHA256:  ––
3836
blisk.exe
C:\Users\admin\AppData\Local\Blisk\User Data\Default\Preferences
text
MD5: 09050f929793a37dd294735bac613f12
SHA256: eb3ae5b92febba461539b74971ae230975c4e7f38bbee1db81f67134f17454f1
3836
blisk.exe
C:\Users\admin\AppData\Local\Blisk\User Data\Default\feec01ac-b023-4f93-970a-6c7ce7f76476.tmp
––
MD5:  ––
SHA256:  ––
3836
blisk.exe
C:\Users\admin\AppData\Local\Blisk\User Data\Default\Secure Preferences
text
MD5: 3a319a62812ec5d41fbc0183ba82ebc6
SHA256: 6cc9561b06cbb875744947ef16e5a3ed42f2293114180a53b08195e9c67cba4d
3836
blisk.exe
C:\Users\admin\AppData\Local\Blisk\User Data\Default\cb222f02-7abf-4073-a98b-8de70856c10b.tmp
––
MD5:  ––
SHA256:  ––
3836
blisk.exe
C:\Users\admin\AppData\Local\Blisk\User Data\Local State
text
MD5: 79059cbac1c4aff0dd6d89cb5a80cccf
SHA256: 245b810707aac5c7ab6ecfc0eca64d4584e67bda636a8460ff496c96355340c9
3836
blisk.exe
C:\Users\admin\AppData\Local\Blisk\User Data\078ef59d-77c9-435a-a9bf-9c247a325ad5.tmp
––
MD5:  ––
SHA256:  ––
3836
blisk.exe
C:\Users\admin\AppData\Local\Blisk\User Data\Default\Extension State\CURRENT
text
MD5: 46295cac801e5d4857d09837238a6394
SHA256: 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
3836
blisk.exe
C:\Users\admin\AppData\Local\Blisk\User Data\Default\Extension State\000001.dbtmp
––
MD5:  ––
SHA256:  ––
3836
blisk.exe
C:\Users\admin\AppData\Local\Blisk\User Data\Default\Extension State\MANIFEST-000001
binary
MD5: 5af87dfd673ba2115e2fcf5cfdb727ab
SHA256: f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
3836
blisk.exe
C:\Users\admin\AppData\Local\Blisk\User Data\Default\Cache\f_000001
compressed
MD5: a6ce90b9145f18e7a721eb3819daaaab
SHA256: 94fe45c14a2ce4fd5f1401c835e5d63111ebf89ff58e03d6b780592f02abf778
3836
blisk.exe
C:\Users\admin\AppData\Local\Blisk\User Data\Default\Local Storage\leveldb\CURRENT
text
MD5: 46295cac801e5d4857d09837238a6394
SHA256: 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
3836
blisk.exe
C:\Users\admin\AppData\Local\Blisk\User Data\Default\Local Storage\leveldb\000001.dbtmp
––
MD5:  ––
SHA256:  ––
3836
blisk.exe
C:\Users\admin\AppData\Local\Blisk\User Data\Default\Local Storage\leveldb\MANIFEST-000001
binary
MD5: 5af87dfd673ba2115e2fcf5cfdb727ab
SHA256: f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
3836
blisk.exe
C:\Users\admin\AppData\Local\Blisk\User Data\Default\Local Extension Settings\kaemijmifiaaedjjjfadjifbhbggglpe\CURRENT
text
MD5: 46295cac801e5d4857d09837238a6394
SHA256: 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
3836
blisk.exe
C:\Users\admin\AppData\Local\Blisk\User Data\Default\Local Extension Settings\kaemijmifiaaedjjjfadjifbhbggglpe\000001.dbtmp
––
MD5:  ––
SHA256:  ––
3836
blisk.exe
C:\Users\admin\AppData\Local\Blisk\User Data\Default\Local Extension Settings\kaemijmifiaaedjjjfadjifbhbggglpe\MANIFEST-000001
binary
MD5: 5af87dfd673ba2115e2fcf5cfdb727ab
SHA256: f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
3836
blisk.exe
C:\Users\admin\AppData\Local\Blisk\User Data\Default\Translate Ranker Model
binary
MD5: 19313f1d60a893a5cce49a4c69d007ad
SHA256: cfe8d933509022b7f48dbee725f220b899ec3dde55a1365124d88259b4590555
3836
blisk.exe
C:\Users\admin\AppData\Local\Blisk\User Data\Default\5a5babae-ebd6-469c-a470-3213d19b0d24.tmp
––
MD5:  ––
SHA256:  ––
3836
blisk.exe
C:\Users\admin\AppData\Local\Blisk\User Data\Default\Cache\data_3
––
MD5:  ––
SHA256:  ––
3836
blisk.exe
C:\Users\admin\AppData\Local\Blisk\User Data\Default\Cache\data_2
––
MD5:  ––
SHA256:  ––
3836
blisk.exe
C:\Users\admin\AppData\Local\Blisk\User Data\Default\Cache\data_1
––
MD5:  ––
SHA256:  ––
3836
blisk.exe
C:\Users\admin\AppData\Local\Blisk\User Data\Default\Cache\data_0
––
MD5:  ––
SHA256:  ––
3836
blisk.exe
C:\Users\admin\AppData\Local\Blisk\User Data\Default\Cache\index
––
MD5:  ––
SHA256:  ––
3836
blisk.exe
C:\Users\admin\AppData\Local\Blisk\User Data\Default\Google Profile.ico
image
MD5: 3b1d37d0e87d3f9e3739f821c3652f55
SHA256: b20bead6e98cc8b6d96ea2d0edb7b85e21b4c2c01002a4b44485e9f89e3696fe
3836
blisk.exe
C:\Users\admin\AppData\Local\Blisk\User Data\Default\64f007a9-76fa-4265-aa51-1cc2aa872e76.tmp
––
MD5:  ––
SHA256:  ––
3836
blisk.exe
C:\Users\admin\AppData\Local\Blisk\User Data\Default\BudgetDatabase\CURRENT
text
MD5: 46295cac801e5d4857d09837238a6394
SHA256: 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
3836
blisk.exe
C:\Users\admin\AppData\Local\Blisk\User Data\Default\BudgetDatabase\000001.dbtmp
––
MD5:  ––
SHA256:  ––
3836
blisk.exe
C:\Users\admin\AppData\Local\Blisk\User Data\Default\BudgetDatabase\MANIFEST-000001
binary
MD5: 5af87dfd673ba2115e2fcf5cfdb727ab
SHA256: f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
3836
blisk.exe
C:\Users\admin\AppData\Local\Blisk\User Data\Default\data_reduction_proxy_leveldb\CURRENT
text
MD5: 206702161f94c5cd39fadd03f4014d98
SHA256: 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167
3836
blisk.exe
C:\Users\admin\AppData\Local\Blisk\User Data\Default\GPUCache\data_3
––
MD5:  ––
SHA256:  ––
3836
blisk.exe
C:\Users\admin\AppData\Local\Blisk\User Data\Default\data_reduction_proxy_leveldb\CURRENT~RF11a092.TMP
text
MD5: 206702161f94c5cd39fadd03f4014d98
SHA256: 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167
3836
blisk.exe
C:\Users\admin\AppData\Local\Blisk\User Data\Default\GPUCache\data_2
––
MD5:  ––
SHA256:  ––
3836
blisk.exe
C:\Users\admin\AppData\Local\Blisk\User Data\Default\GPUCache\data_1
––
MD5:  ––
SHA256:  ––
3836
blisk.exe
C:\Users\admin\AppData\Local\Blisk\User Data\Default\GPUCache\data_0
––
MD5:  ––
SHA256:  ––
3836
blisk.exe
C:\Users\admin\AppData\Local\Blisk\User Data\Default\data_reduction_proxy_leveldb\000002.dbtmp
––
MD5:  ––
SHA256:  ––
3836
blisk.exe
C:\Users\admin\AppData\Local\Blisk\User Data\Default\GPUCache\index
––
MD5:  ––
SHA256:  ––
3836
blisk.exe
C:\Users\admin\AppData\Local\Blisk\User Data\Default\Sync Data\LevelDB\CURRENT
text
MD5: 46295cac801e5d4857d09837238a6394
SHA256: 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
3836
blisk.exe
C:\Users\admin\AppData\Local\Blisk\User Data\Default\ced98a1c-0d83-46d8-aaf4-b1ac4b96f108.tmp
––
MD5:  ––
SHA256:  ––
3836
blisk.exe
C:\Users\admin\AppData\Local\Blisk\User Data\Default\Sync Data\LevelDB\000001.dbtmp
––
MD5:  ––
SHA256:  ––
3836
blisk.exe
C:\Users\admin\AppData\Local\Blisk\User Data\Default\Sync Data\LevelDB\MANIFEST-000001
binary
MD5: 5af87dfd673ba2115e2fcf5cfdb727ab
SHA256: f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
3836
blisk.exe
C:\Users\admin\AppData\Local\Blisk\User Data\Default\data_reduction_proxy_leveldb\000001.dbtmp
––
MD5:  ––
SHA256:  ––
3836
blisk.exe
C:\Users\admin\AppData\Local\Blisk\User Data\Default\Site Characteristics Database\CURRENT
text
MD5: 46295cac801e5d4857d09837238a6394
SHA256: 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
3836
blisk.exe
C:\Users\admin\AppData\Local\Blisk\User Data\Default\data_reduction_proxy_leveldb\MANIFEST-000001
––
MD5:  ––
SHA256:  ––
3836
blisk.exe
C:\Users\admin\AppData\Local\Blisk\User Data\Default\Site Characteristics Database\000001.dbtmp
––
MD5:  ––
SHA256:  ––
3836
blisk.exe
C:\Users\admin\AppData\Local\Blisk\User Data\Default\Site Characteristics Database\MANIFEST-000001
binary
MD5: 5af87dfd673ba2115e2fcf5cfdb727ab
SHA256: f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
3836
blisk.exe
C:\Users\admin\AppData\Local\Blisk\User Data\First Run
––
MD5:  ––
SHA256:  ––
3836
blisk.exe
C:\Users\admin\AppData\Local\Blisk\User Data\Default\README
text
MD5: 6e78c33f949145b77538df8790ebfc6c
SHA256: 08adf5fa1d9128ad78ee101bd95bf42e1cc4cc0105505d85fdc3de68e9be30b9
3836
blisk.exe
C:\Users\admin\AppData\Local\Blisk\User Data\ShaderCache\GPUCache\index
––
MD5:  ––
SHA256:  ––
3836
blisk.exe
C:\Users\admin\AppData\Local\Blisk\User Data\ShaderCache\GPUCache\data_0
––
MD5:  ––
SHA256:  ––
3836
blisk.exe
C:\Users\admin\AppData\Local\Blisk\User Data\ShaderCache\GPUCache\data_1
––
MD5:  ––
SHA256:  ––
3836
blisk.exe
C:\Users\admin\AppData\Local\Blisk\User Data\ShaderCache\GPUCache\data_2
––
MD5:  ––
SHA256:  ––
3836
blisk.exe
C:\Users\admin\AppData\Local\Blisk\User Data\ShaderCache\GPUCache\data_3
––
MD5:  ––
SHA256:  ––
3836
blisk.exe
C:\Users\admin\AppData\Local\Blisk\User Data\Crashpad\settings.dat
binary
MD5: eb2a09fd2ac2c2e52ba4b8245486ecad
SHA256: 92f6baf2530fae78b1379b2b67a5d4948884d4dfeba236fd8e25070b92fa6c3c
1032
setup.exe
C:\Users\admin\AppData\Local\Temp\chromium_installer.log
text
MD5: 697c3b8d02ae70aa996a1866c8321365
SHA256: 1aec51af7584c7629f80f8ec4237ac998deb6386042b1d4c8554dbe1882139a1
1032
setup.exe
C:\Users\admin\AppData\Local\Blisk\Application\SetupMetrics\20190414223318.pma
binary
MD5: 2e6d923c4bf45cddcfa7776cbcca116f
SHA256: 1b68c02c279cf07f97483354c70cbc3457518435420cf0328eabafef4f968686
1032
setup.exe
C:\Users\admin\AppData\Local\Blisk\Application\SetupMetrics\24d10d0a-7ef1-4894-8a16-e0942b0febbb.tmp
––
MD5:  ––
SHA256:  ––
1032
setup.exe
C:\Users\admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Blisk.lnk
lnk
MD5: 0943ad6865216dde7ccbc0f1b7006111
SHA256: e8649581d343267b8fdec46d5b7359459b8f1a84255410e29c5e8526eedb1f88
1032
setup.exe
C:\Users\admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Blisk.lnk
lnk
MD5: 40ccbfd9d12c959778a62d758b0fee34
SHA256: 2be3b1ec4c1a1e80cf3527192af5124a203c86f953ceeb323e7210d4a526fb97
1032
setup.exe
C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blisk.lnk
lnk
MD5: 0943ad6865216dde7ccbc0f1b7006111
SHA256: e8649581d343267b8fdec46d5b7359459b8f1a84255410e29c5e8526eedb1f88
1032
setup.exe
C:\Users\admin\Desktop\Blisk.lnk
lnk
MD5: 13c93ce36b7602b1d24460030dacd7bf
SHA256: 4d50a7e8d73a4a3328efb199b5d807009e580e5dae99e32177b13af3430d5dd4
3836
blisk.exe
C:\Users\admin\AppData\Local\Blisk\User Data\Default\Preferences
text
MD5: 7abab80f89d73c68cceba439398c603c
SHA256: 0a9a92f400f530ab02f2afcf052504a8d32bdcc0be91b0ad10691de0b59499c5
1032
setup.exe
C:\Users\admin\AppData\Local\Blisk\Application\11.0.157.186\Installer\chrome.7z
––
MD5:  ––
SHA256:  ––
3836
blisk.exe
C:\Users\admin\AppData\Local\Blisk\User Data\Default\9eab3b21-3571-44f2-a9b9-efb564b67006.tmp
––
MD5:  ––
SHA256:  ––
1032
setup.exe
C:\Users\admin\AppData\Local\Blisk\Application\chrome.VisualElementsManifest.xml
text
MD5: 0e1ad81306da9b88b068f436b8307bd2
SHA256: 588c15c3dc597334a3a31b4a0a25ba0d51ac6d7a484393b2072ee1192a281b02
1032
setup.exe
C:\Users\admin\AppData\Local\Blisk\Application\11.0.157.186
––
MD5:  ––
SHA256:  ––
3836
blisk.exe
C:\Users\admin\AppData\Local\Blisk\User Data\Local State
text
MD5: e6ce182e847f403c3a89c24b806d4928
SHA256: 552c3421620226aff3a6fb20ec918ea3bbecbfc9034ae482e9e51a0989f87c80
1032
setup.exe
C:\Users\admin\AppData\Local\Blisk\Temp\source1032_12509\Chrome-bin\11.0.157.186\VisualElements\smalllogo.png
––
MD5:  ––
SHA256:  ––
1032
setup.exe
C:\Users\admin\AppData\Local\Blisk\Temp\source1032_12509\Chrome-bin\chrome.VisualElementsManifest.xml
––
MD5:  ––
SHA256:  ––
1032
setup.exe
C:\Users\admin\AppData\Local\Blisk\Temp\source1032_12509\e21b267b-af89-4f34-bfe3-8376dfa6f7e1.tmp
––
MD5:  ––
SHA256:  ––
1032
setup.exe
C:\Users\admin\AppData\Local\Blisk\Temp\source1032_12509\Chrome-bin\11.0.157.186\v8_context_snapshot.bin
––
MD5:  ––
SHA256:  ––
1032
setup.exe
C:\Users\admin\AppData\Local\Blisk\Temp\source1032_12509\Chrome-bin\11.0.157.186\VisualElements\logo.png
––
MD5:  ––
SHA256:  ––
1032
setup.exe
C:\Users\admin\AppData\Local\Blisk\Temp\source1032_12509\Chrome-bin\11.0.157.186\swiftshader\libegl.dll
––
MD5:  ––
SHA256:  ––
1032
setup.exe
C:\Users\admin\AppData\Local\Blisk\Temp\source1032_12509\Chrome-bin\11.0.157.186\swiftshader\libglesv2.dll
––
MD5:  ––
SHA256:  ––
1032
setup.exe
C:\Users\admin\AppData\Local\Blisk\Temp\source1032_12509\Chrome-bin\11.0.157.186\resources.pak
––
MD5:  ––
SHA256:  ––
1032
setup.exe
C:\Users\admin\AppData\Local\Blisk\Temp\source1032_12509\Chrome-bin\11.0.157.186\natives_blob.bin
––
MD5:  ––
SHA256:  ––
1032
setup.exe
C:\Users\admin\AppData\Local\Blisk\Temp\source1032_12509\Chrome-bin\11.0.157.186\nacl_irt_x86_64.nexe
––
MD5:  ––
SHA256:  ––
1032
setup.exe
C:\Users\admin\AppData\Local\Blisk\Temp\source1032_12509\Chrome-bin\11.0.157.186\notification_helper.exe
––
MD5:  ––
SHA256:  ––
1032
setup.exe
C:\Users\admin\AppData\Local\Blisk\Temp\source1032_12509\Chrome-bin\11.0.157.186\nacl64.exe
––
MD5:  ––
SHA256:  ––
1032
setup.exe
C:\Users\admin\AppData\Local\Blisk\Temp\source1032_12509\Chrome-bin\11.0.157.186\nacl_irt_x86_32.nexe
––
MD5:  ––
SHA256:  ––
1032
setup.exe
C:\Users\admin\AppData\Local\Blisk\Temp\source1032_12509\Chrome-bin\11.0.157.186\Locales\ru.pak
––
MD5:  ––
SHA256:  ––
1032
setup.exe
C:\Users\admin\AppData\Local\Blisk\Temp\source1032_12509\Chrome-bin\11.0.157.186\Locales\sv.pak
––
MD5:  ––
SHA256:  ––
1032
setup.exe
C:\Users\admin\AppData\Local\Blisk\Temp\source1032_12509\Chrome-bin\11.0.157.186\Locales\zh-TW.pak
––
MD5:  ––
SHA256:  ––
1032
setup.exe
C:\Users\admin\AppData\Local\Blisk\Temp\source1032_12509\Chrome-bin\11.0.157.186\Locales\uk.pak
––
MD5:  ––
SHA256:  ––
1032
setup.exe
C:\Users\admin\AppData\Local\Blisk\Temp\source1032_12509\Chrome-bin\11.0.157.186\Locales\pt-PT.pak
––
MD5:  ––
SHA256:  ––
1032
setup.exe
C:\Users\admin\AppData\Local\Blisk\Temp\source1032_12509\Chrome-bin\11.0.157.186\Locales\zh-CN.pak
––
MD5:  ––
SHA256:  ––
1032
setup.exe
C:\Users\admin\AppData\Local\Blisk\Temp\source1032_12509\Chrome-bin\11.0.157.186\Locales\th.pak
––
MD5:  ––
SHA256:  ––
1032
setup.exe
C:\Users\admin\AppData\Local\Blisk\Temp\source1032_12509\Chrome-bin\11.0.157.186\Locales\ro.pak
––
MD5:  ––
SHA256:  ––
1032
setup.exe
C:\Users\admin\AppData\Local\Blisk\Temp\source1032_12509\Chrome-bin\11.0.157.186\Locales\tr.pak
––
MD5:  ––
SHA256:  ––
1032
setup.exe
C:\Users\admin\AppData\Local\Blisk\Temp\source1032_12509\Chrome-bin\11.0.157.186\Locales\sl.pak
––
MD5:  ––
SHA256:  ––
1032
setup.exe
C:\Users\admin\AppData\Local\Blisk\Temp\source1032_12509\Chrome-bin\11.0.157.186\MEIPreload\manifest.json
––
MD5:  ––
SHA256:  ––
1032
setup.exe
C:\Users\admin\AppData\Local\Blisk\Temp\source1032_12509\Chrome-bin\11.0.157.186\Locales\sr.pak
––
MD5:  ––
SHA256:  ––
1032
setup.exe
C:\Users\admin\AppData\Local\Blisk\Temp\source1032_12509\Chrome-bin\11.0.157.186\Locales\te.pak
––
MD5:  ––
SHA256:  ––
1032
setup.exe
C:\Users\admin\AppData\Local\Blisk\Temp\source1032_12509\Chrome-bin\11.0.157.186\Locales\sw.pak
––
MD5:  ––
SHA256:  ––
1032
setup.exe
C:\Users\admin\AppData\Local\Blisk\Temp\source1032_12509\Chrome-bin\11.0.157.186\Locales\ta.pak
––
MD5:  ––
SHA256:  ––
1032
setup.exe
C:\Users\admin\AppData\Local\Blisk\Temp\source1032_12509\Chrome-bin\11.0.157.186\MEIPreload\preloaded_data.pb
––
MD5:  ––
SHA256:  ––
1032
setup.exe
C:\Users\admin\AppData\Local\Blisk\Temp\source1032_12509\Chrome-bin\11.0.157.186\Locales\vi.pak
––
MD5:  ––
SHA256:  ––
1032
setup.exe
C:\Users\admin\AppData\Local\Blisk\Temp\source1032_12509\Chrome-bin\11.0.157.186\Locales\sk.pak
––
MD5:  ––
SHA256:  ––
1032
setup.exe
C:\Users\admin\AppData\Local\Blisk\Temp\source1032_12509\Chrome-bin\11.0.157.186\Locales\mr.pak
––
MD5:  ––
SHA256:  ––
1032
setup.exe
C:\Users\admin\AppData\Local\Blisk\Temp\source1032_12509\Chrome-bin\11.0.157.186\Locales\kn.pak
––
MD5:  ––
SHA256:  ––
1032
setup.exe
C:\Users\admin\AppData\Local\Blisk\Temp\source1032_12509\Chrome-bin\11.0.157.186\Locales\pt-BR.pak
––
MD5:  ––
SHA256:  ––
1032
setup.exe
C:\Users\admin\AppData\Local\Blisk\Temp\source1032_12509\Chrome-bin\11.0.157.186\Locales\ms.pak
––
MD5:  ––
SHA256:  ––
1032
setup.exe
C:\Users\admin\AppData\Local\Blisk\Temp\source1032_12509\Chrome-bin\11.0.157.186\Locales\lv.pak
––
MD5:  ––
SHA256:  ––
1032
setup.exe
C:\Users\admin\AppData\Local\Blisk\Temp\source1032_12509\Chrome-bin\11.0.157.186\Locales\nb.pak
––
MD5:  ––
SHA256:  ––
1032
setup.exe
C:\Users\admin\AppData\Local\Blisk\Temp\source1032_12509\Chrome-bin\11.0.157.186\Locales\hi.pak
––
MD5:  ––
SHA256:  ––
1032
setup.exe
C:\Users\admin\AppData\Local\Blisk\Temp\source1032_12509\Chrome-bin\11.0.157.186\Locales\hu.pak
––
MD5:  ––
SHA256:  ––
1032
setup.exe
C:\Users\admin\AppData\Local\Blisk\Temp\source1032_12509\Chrome-bin\11.0.157.186\Locales\pl.pak
––
MD5:  ––
SHA256:  ––
1032
setup.exe
C:\Users\admin\AppData\Local\Blisk\Temp\source1032_12509\Chrome-bin\11.0.157.186\Locales\ml.pak
––
MD5:  ––
SHA256:  ––
1032
setup.exe
C:\Users\admin\AppData\Local\Blisk\Temp\source1032_12509\Chrome-bin\11.0.157.186\Locales\nl.pak
––
MD5:  ––
SHA256:  ––
1032
setup.exe
C:\Users\admin\AppData\Local\Blisk\Temp\source1032_12509\Chrome-bin\11.0.157.186\Locales\id.pak
––
MD5:  ––
SHA256:  ––
1032
setup.exe
C:\Users\admin\AppData\Local\Blisk\Temp\source1032_12509\Chrome-bin\11.0.157.186\Locales\lt.pak
––
MD5:  ––
SHA256:  ––
1032
setup.exe
C:\Users\admin\AppData\Local\Blisk\Temp\source1032_12509\Chrome-bin\11.0.157.186\Locales\ko.pak
––
MD5:  ––
SHA256:  ––
1032
setup.exe
C:\Users\admin\AppData\Local\Blisk\Temp\source1032_12509\Chrome-bin\11.0.157.186\Locales\hr.pak
––
MD5:  ––
SHA256:  ––
1032
setup.exe
C:\Users\admin\AppData\Local\Blisk\Temp\source1032_12509\Chrome-bin\11.0.157.186\Locales\ja.pak
––
MD5:  ––
SHA256:  ––
1032
setup.exe
C:\Users\admin\AppData\Local\Blisk\Temp\source1032_12509\Chrome-bin\11.0.157.186\Locales\it.pak
––
MD5:  ––
SHA256:  ––
1032
setup.exe
C:\Users\admin\AppData\Local\Blisk\Temp\source1032_12509\Chrome-bin\11.0.157.186\Locales\fi.pak
––
MD5:  ––
SHA256:  ––
1032
setup.exe
C:\Users\admin\AppData\Local\Blisk\Temp\source1032_12509\Chrome-bin\11.0.157.186\Locales\fil.pak
––
MD5:  ––
SHA256:  ––
1032
setup.exe
C:\Users\admin\AppData\Local\Blisk\Temp\source1032_12509\Chrome-bin\11.0.157.186\Locales\he.pak
––
MD5:  ––
SHA256:  ––
1032
setup.exe
C:\Users\admin\AppData\Local\Blisk\Temp\source1032_12509\Chrome-bin\11.0.157.186\Locales\fr.pak
––
MD5:  ––
SHA256:  ––
1032
setup.exe
C:\Users\admin\AppData\Local\Blisk\Temp\source1032_12509\Chrome-bin\11.0.157.186\Locales\fa.pak
––
MD5:  ––
SHA256:  ––
1032
setup.exe
C:\Users\admin\AppData\Local\Blisk\Temp\source1032_12509\Chrome-bin\11.0.157.186\Locales\de.pak
––
MD5:  ––
SHA256:  ––
1032
setup.exe
C:\Users\admin\AppData\Local\Blisk\Temp\source1032_12509\Chrome-bin\11.0.157.186\Locales\es-419.pak
––
MD5:  ––
SHA256:  ––
1032
setup.exe
C:\Users\admin\AppData\Local\Blisk\Temp\source1032_12509\Chrome-bin\11.0.157.186\Locales\et.pak
––
MD5:  ––
SHA256:  ––
1032
setup.exe
C:\Users\admin\AppData\Local\Blisk\Temp\source1032_12509\Chrome-bin\11.0.157.186\Locales\en-US.pak
––
MD5:  ––
SHA256:  ––
1032
setup.exe
C:\Users\admin\AppData\Local\Blisk\Temp\source1032_12509\Chrome-bin\11.0.157.186\Locales\da.pak
––
MD5:  ––
SHA256:  ––
1032
setup.exe
C:\Users\admin\AppData\Local\Blisk\Temp\source1032_12509\Chrome-bin\11.0.157.186\Locales\en-GB.pak
––
MD5:  ––
SHA256:  ––
1032
setup.exe
C:\Users\admin\AppData\Local\Blisk\Temp\source1032_12509\Chrome-bin\11.0.157.186\Locales\gu.pak
––
MD5:  ––
SHA256:  ––
1032
setup.exe
C:\Users\admin\AppData\Local\Blisk\Temp\source1032_12509\Chrome-bin\11.0.157.186\Locales\es.pak
––
MD5:  ––
SHA256:  ––
1032
setup.exe
C:\Users\admin\AppData\Local\Blisk\Temp\source1032_12509\Chrome-bin\11.0.157.186\Locales\el.pak
––
MD5:  ––
SHA256:  ––
1032
setup.exe
C:\Users\admin\AppData\Local\Blisk\Temp\source1032_12509\Chrome-bin\11.0.157.186\Locales\cs.pak
––
MD5:  ––
SHA256:  ––
1032
setup.exe
C:\Users\admin\AppData\Local\Blisk\Temp\source1032_12509\Chrome-bin\11.0.157.186\Locales\bn.pak
––
MD5:  ––
SHA256:  ––
1032
setup.exe
C:\Users\admin\AppData\Local\Blisk\Temp\source1032_12509\Chrome-bin\11.0.157.186\Locales\ca.pak
––
MD5:  ––
SHA256:  ––
1032
setup.exe
C:\Users\admin\AppData\Local\Blisk\Temp\source1032_12509\Chrome-bin\11.0.157.186\Locales\ar.pak
––
MD5:  ––
SHA256:  ––
1032
setup.exe
C:\Users\admin\AppData\Local\Blisk\Temp\source1032_12509\Chrome-bin\11.0.157.186\Locales\bg.pak
––
MD5:  ––
SHA256:  ––
1032
setup.exe
C:\Users\admin\AppData\Local\Blisk\Temp\source1032_12509\Chrome-bin\11.0.157.186\libegl.dll
––
MD5:  ––
SHA256:  ––
1032
setup.exe
C:\Users\admin\AppData\Local\Blisk\Temp\source1032_12509\Chrome-bin\11.0.157.186\Locales\am.pak
––
MD5:  ––
SHA256:  ––
1032
setup.exe
C:\Users\admin\AppData\Local\Blisk\Temp\source1032_12509\Chrome-bin\11.0.157.186\libglesv2.dll
––
MD5:  ––
SHA256:  ––
1032
setup.exe
C:\Users\admin\AppData\Local\Blisk\Temp\source1032_12509\Chrome-bin\11.0.157.186\icudtl.dat
––
MD5:  ––
SHA256:  ––
1032
setup.exe
C:\Users\admin\AppData\Local\Blisk\Temp\source1032_12509\Chrome-bin\11.0.157.186\d3dcompiler_47.dll
––
MD5:  ––
SHA256:  ––
1032
setup.exe
C:\Users\admin\AppData\Local\Blisk\Temp\source1032_12509\Chrome-bin\11.0.157.186\Extensions\external_extensions.json
––
MD5:  ––
SHA256:  ––
1032
setup.exe
C:\Users\admin\AppData\Local\Blisk\Temp\source1032_12509\Chrome-bin\11.0.157.186\chrome_watcher.dll
––
MD5:  ––
SHA256:  ––
1032
setup.exe
C:\Users\admin\AppData\Local\Blisk\Temp\source1032_12509\Chrome-bin\11.0.157.186\chrome_elf.dll
––
MD5:  ––
SHA256:  ––
1032
setup.exe
C:\Users\admin\AppData\Local\Blisk\Temp\source1032_12509\Chrome-bin\11.0.157.186\chrome_child.dll
––
MD5:  ––
SHA256:  ––
1032
setup.exe
C:\Users\admin\AppData\Local\Blisk\Temp\source1032_12509\Chrome-bin\11.0.157.186\chrome_200_percent.pak
pgc
MD5: 68f463fb4b2ee53b633121a1660ac3a6
SHA256: 34fb1f51dd509a7e3033a1c340b0465e79adb5122f9522af13e2958c8f5c39dd
1032
setup.exe
C:\Users\admin\AppData\Local\Blisk\Temp\source1032_12509\Chrome-bin\11.0.157.186\chrome_100_percent.pak
pgc
MD5: 7c18fb422b398eaca3ab92bd51df6a46
SHA256: 321f637b1a72fd882dd1d061d4b13cde00776c306545405ea81062635f62c3b2
1032
setup.exe
C:\Users\admin\AppData\Local\Blisk\Temp\source1032_12509\Chrome-bin\11.0.157.186\chrome.dll
––
MD5:  ––
SHA256:  ––
1032
setup.exe
C:\Users\admin\AppData\Local\Blisk\Temp\source1032_12509\Chrome-bin\11.0.157.186\11.0.157.186.manifest
text
MD5: e3d5c0c146677ba90bc3373d5cd5bb3a
SHA256: aa27b1c3e6af1c4bb36c5847d165664f9fa790174c1cacfda0e3634f0a7e1b2d
1032
setup.exe
C:\Users\admin\AppData\Local\Blisk\Temp\source1032_12509\Chrome-bin\11.0.157.186\11.0.157.185.manifest
text
MD5: 25f37cb796d0d4f4ae0b6acd3c55123a
SHA256: 1e0a6823a5d221de553e1c128ea9019c90f29453da53cc58385b9557569e345a
1032
setup.exe
C:\Users\admin\AppData\Local\Blisk\Temp\source1032_12509\9ba53d4e-c6e9-492e-a3e1-e63e6551d9a1.tmp
––
MD5:  ––
SHA256:  ––
1032
setup.exe
C:\Users\admin\AppData\Local\Blisk\Temp\source1032_12509\chrome.7z
––
MD5:  ––
SHA256:  ––
3492
setup.exe
C:\Users\admin\AppData\Local\Blisk\User Data\Crashpad\settings.dat
binary
MD5: eb2a09fd2ac2c2e52ba4b8245486ecad
SHA256: 92f6baf2530fae78b1379b2b67a5d4948884d4dfeba236fd8e25070b92fa6c3c
1032
setup.exe
C:\Users\admin\AppData\Local\Blisk\User Data\Crashpad\settings.dat
binary
MD5: eb2a09fd2ac2c2e52ba4b8245486ecad
SHA256: 92f6baf2530fae78b1379b2b67a5d4948884d4dfeba236fd8e25070b92fa6c3c
3836
blisk.exe
C:\Users\admin\AppData\Local\Blisk\User Data\Local State~RF11e3f4.TMP
text
MD5: e6ce182e847f403c3a89c24b806d4928
SHA256: 552c3421620226aff3a6fb20ec918ea3bbecbfc9034ae482e9e51a0989f87c80
2920
blisk_inst.exe
C:\Users\admin\AppData\Local\Temp\CR_2A4F6.tmp\SETUP.EX_
––
MD5:  ––
SHA256:  ––
2920
blisk_inst.exe
C:\Users\admin\AppData\Local\Temp\CR_2A4F6.tmp\CHROME.PACKED.7Z
––
MD5:  ––
SHA256:  ––
2552
Blisk_installer.exe
C:\Users\admin\AppData\Local\Temp\blisk_inst.exe
––
MD5:  ––
SHA256:  ––
3836
blisk.exe
C:\Users\admin\AppData\Local\Blisk\User Data\de6f8fb3-6e64-487e-8036-675ff36bb61c.tmp
––
MD5:  ––
SHA256:  ––
2528
chrome.exe
C:\Users\admin\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
dat
MD5: d7a950fefd60dbaa01df2d85fefb3862
SHA256: 75d0b1743f61b76a35b1fedd32378837805de58d79fa950cb6e8164bfa72073a
2528
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\chrome_shutdown_ms.txt
text
MD5: fa0a9fbbb79149d07590f399b77b101b
SHA256: 79c3587b48885ce2594864cb04b3fb78e25106ad641571884145067c83ed6720
2528
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\ShaderCache\GPUCache\data_1
binary
MD5: f50f89a0a91564d0b8a211f8921aa7de
SHA256: b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec
2400
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cookies
sqlite
MD5: 7f7078e6a8c8020b59f224f882684a9d
SHA256: 9e07e432ba2976cd3409626a0589e9b8c07586683e1ea4757bd7d8ad408039dc
2400
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State
text
MD5: 6b858a695c1285be5388874d262b5ef5
SHA256: fc535648f2dcca5a3978f9bac891a359ea9a927ae3c33198561a0f72d45b1e47
2400
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State~RF10bae5.TMP
text
MD5: 6b858a695c1285be5388874d262b5ef5
SHA256: fc535648f2dcca5a3978f9bac891a359ea9a927ae3c33198561a0f72d45b1e47
2528
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Local State~RF10bae5.TMP
text
MD5: 90701d34c0edc43e8746015e1fe79969
SHA256: 3ca5bb55bb3e6d2494a4ac3f33ab56900aebf20a33925c94732a24354c0907a1
2528
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Preferences~RF10bad6.TMP
text
MD5: 650af0ec9cfc70dc0641780532d0dd75
SHA256: ea967901b7c52e182791191817e69bd364a0b6585fca2c6d59a4b54c330cafa3
2528
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
text
MD5: 650af0ec9cfc70dc0641780532d0dd75
SHA256: ea967901b7c52e182791191817e69bd364a0b6585fca2c6d59a4b54c330cafa3
2400
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cookies-journal
––
MD5:  ––
SHA256:  ––
2400
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\4ce9ce97-5ab8-4d8c-963e-3ef8d1ddf572.tmp
––
MD5:  ––
SHA256:  ––
2528
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index~RF10bad6.TMP
binary
MD5: be458333a676f8de653366d241c24c8b
SHA256: bdccf5d82e4916e63a4362c31856a58f705198156bfa9cb64227898b6c3e4816
2528
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\304b4879-c787-4a4e-9507-710eba1e47e9.tmp
––
MD5:  ––
SHA256:  ––
2528
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\f85a8950-5372-44f0-ac8c-e06cc7a83077.tmp
––
MD5:  ––
SHA256:  ––
2400
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0
binary
MD5: aaf7c73521e4375af1e0c17d920b7775
SHA256: b81bf24e12691888806505d6f643ab7c61e6d318e8e398cd14ab3c6640e97772
2400
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Safe Browsing Cookies
sqlite
MD5: 64d32f6fa2c3f01668cbdb7269e27899
SHA256: ee85a6bd0652f08f42d34a3f5beede28079151e84ec262344476e07732d18310
2400
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2
binary
MD5: 9d6f2e04a83cce1ea003b17966eb020b
SHA256: f4aed16aacc94ca715171809c13c942d1efa3c409283afde033a32e62987ecf2
2400
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1
binary
MD5: e1aade8b748656c73d13b115f27c28f7
SHA256: 385ef2f461ea6b61ada90d67bc57a5d739cbadb47424e2758e93d46172f3dd54
2528
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
binary
MD5: be458333a676f8de653366d241c24c8b
SHA256: bdccf5d82e4916e63a4362c31856a58f705198156bfa9cb64227898b6c3e4816
2528
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG
text
MD5: 441c11452ea3cafa86a716deb992278f
SHA256: fc4f37f77e8e98d6fd2abd81d73288d0231333437a1ca63c508f5a8176405265
2528
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Visited Links
binary
MD5: 9c8f5dd57336b46829b682402cad1e69
SHA256: 8f90b936e42436d9478ee3d2f5f643ddf380b0d07d005434a1c7fd0a0bc6ede1
2528
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Web Data
sqlite
MD5: 7e3c1d082ac38e9acb3ee1f77a1b0175
SHA256: 33e0bc91aa5158664287cad7adff0f546291ce2917235c061dea11297d43f38e
2528
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\000003.log
binary
MD5: b8b074c81257d97dace58e056eb30daa
SHA256: 776cd1df6e4072b17a133e31661e80fb71e6565f997d88e99183e9042b0aa5f6
2528
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG
text
MD5: fd573daf5e15d2c14e26ebb50a049fd9
SHA256: 8e88dc4a4a0ade4be8b08f7782b5d4a2415da6afebed290f61f4349b2a6e68d7
2528
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\000003.log
binary
MD5: da7942e14d9be7bc83cd036864590589
SHA256: f24eca2d2e739d653bb9147b9cb2b8dff3160a0e5bc4a265fcb3863752144db6
2528
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG
text
MD5: 4756195ab434b61fd900fc074f40cf81
SHA256: cc4341e02b38153da7ad750837993f6b53de2b9e62ab40e18d2c7a19dfef9801
2528
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\LOG
text
MD5: 66c0d23b5d077d2f9a7806a489db826a
SHA256: 8d737ffd43e56086b699ee8750e0ebe69d1fb0c8d2edd3aa8384d64d72a095b0
2528
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\VideoDecodeStats\000003.log
binary
MD5: ac5749fae9dd0830fa99c664fa218057
SHA256: 237a9dc08f913f1239aa4cd08a71eff1b9d26b88aecd600afcfb99c1478fe85a
2528
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG
text
MD5: 56530082dd4d7c7cdc081688a5863f4b
SHA256: 3032e79e8d1b51d287014e3123342c98dc7f60c762cc8813de00afb3f045acd8
2528
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\History
sqlite
MD5: 06d89180d6428100ecff4ec2b2cd1ff1
SHA256: f726648131d6ca31aeabff82c1ba074f9c85857a18e09e45e35cce93d408df20
2528
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOG
text
MD5: 9de78527019168c8784ed2d722a560a5
SHA256: 1d357b688dd288dfd61cb75ccdc1cacd0d3b64bed7c6a1e43ede1fdf4b8570cb
2528
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\pkedcjkdefgpdelpbcmbmeomcjbeemfm\LOG
text
MD5: 2de9dd2cfa48fbe6ccbab28430d3354b
SHA256: 4722825681939af48701bda62581709f12d6dee045890f4d89e98eb06d67ceeb
2528
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\MANIFEST-000018
binary
MD5: dc50999a09b1e2f6e9350855136b865e
SHA256: f759b718dac41a2b27aca56179793c7063060dd8dc1bc051948866503c275b6f
2528
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor
sqlite
MD5: d5a38ff34170edfcd7b25fb782d54861
SHA256: 405ac0ee04ba36a174f79e9005e16b46d1691ad9cf05a5d951c8c18d5ce66db5
2528
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\VideoDecodeStats\LOG
text
MD5: 310abed21754346bd29d5fc6d5e28e86
SHA256: e2a19ae464a9c51c3105213c3701557a02103140486fa43e05a9d56ada0502de
2528
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Current Tabs
binary
MD5: 4a7127b196a6fc3501df69a9dd170639
SHA256: 071452135ed51a0bb80c8913b88b69582302707f896a8527832ec1fff9c0ced8
2528
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\000003.log
binary
MD5: 589af721eb9457ce977b4f347a2d63b0
SHA256: 65dd92e1146068a5f2688de6f10e3d07a960cee9e167d2c38312a75a33099afe
2528
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\MANIFEST-000002
binary
MD5: 22bf0e81636b1b45051b138f48b3d148
SHA256: e292f241daafc3df90f3e2d339c61c6e2787a0d0739aac764e1ea9bb8544ee97
2528
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\BudgetDatabase\LOG
text
MD5: fb2b2ec5c4daf4fc1dc876914edb63c4
SHA256: 7b4d94632dc7913931a74480e5e80a74502d59b9613931501368ebc1ae99dce7
2528
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Favicons
sqlite
MD5: cf2f77c619f97e88d81c5771d450aae3
SHA256: 820d79b9f0e6e010ba963e2bb2be3e7e2c514ffa7c70fdc545de8e0b0280fe9f
2400
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3
––
MD5:  ––
SHA256:  ––
2400
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Safe Browsing Cookies-journal
––
MD5:  ––
SHA256:  ––
2528
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor-journal
––
MD5:  ––
SHA256:  ––
2528
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index
––
MD5:  ––
SHA256:  ––
2528
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Favicons-journal
––
MD5:  ––
SHA256:  ––
2528
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\History-journal
––
MD5:  ––
SHA256:  ––
2528
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal
––
MD5:  ––
SHA256:  ––
2528
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache
binary
MD5: b56edf308793ead3d460a10e96e204f2
SHA256: 6b23313d848fc39185a2d9e5a57e305b4367a88b5881a3cd62aba41a92600ab6
2528
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Login Data
sqlite
MD5: 89c00a8e4f5230432acea5e752ed1170
SHA256: 23550ad3798aff7c3fa2b3b06f807ff63af264f257945a8525ccaa6c07ac4bfe
2528
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Local State
text
MD5: 90701d34c0edc43e8746015e1fe79969
SHA256: 3ca5bb55bb3e6d2494a4ac3f33ab56900aebf20a33925c94732a24354c0907a1
2528
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Local State~RF10bab7.TMP
text
MD5: 90701d34c0edc43e8746015e1fe79969
SHA256: 3ca5bb55bb3e6d2494a4ac3f33ab56900aebf20a33925c94732a24354c0907a1
2528
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Top Sites
sqlite
MD5: ce3615469d3c267d58692854cdfd2fe1
SHA256: 5d1274b58203d224625ef41c7d560835a9bd45415c60a87b0b2d1b3ca06ca794
2528
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Login Data-journal
––
MD5:  ––
SHA256:  ––
2528
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Top Sites-journal
––
MD5:  ––
SHA256:  ––
2528
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\462fc06f-9c7c-498b-8d20-7d0d082a8095.tmp
––
MD5:  ––
SHA256:  ––
2528
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Current Session
binary
MD5: d792551c389340df81b0eac229752f96
SHA256: 06bed8bee27c3245a5766bd3dcf61b37286d9805a3aa11b2fd3a90a78cc002f6
2528
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
text
MD5: 53043bb61689cd200f65035646146022
SHA256: 402fe69b94085ac171ab466db4f449ae767e841972c81804b745f48846ba8f4f
2528
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences~RF10b44e.TMP
text
MD5: 53043bb61689cd200f65035646146022
SHA256: 402fe69b94085ac171ab466db4f449ae767e841972c81804b745f48846ba8f4f
2528
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\b4d74125-a10b-4680-9341-0027a6ccf2f6.tmp
––
MD5:  ––
SHA256:  ––
2528
chrome.exe
C:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
binary
MD5: c039ae43148bdcb37f8ad53f770806b0
SHA256: 7326a30f8de8f8dde0bee6e30c9c5404f29d416943f1251d6fee65c925271f70
1480
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\CrashpadMetrics.pma
binary
MD5: b59113c2dcd2d346f31a64f231162ada
SHA256: 1d97c69aea85d3b06787458ea47576b192ce5c5db9940e5eaa514ff977ce2dc2
2528
chrome.exe
C:\Users\admin\AppData\Local\Temp\CabB33D.tmp
––
MD5:  ––
SHA256:  ––
2528
chrome.exe
C:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
compressed
MD5: 04d79a0dc77a8f449cbff6252862d398
SHA256: 4c9c4d831d61c8c38b2513f9b431ef4f4cf6af9fb18a2317cd2178d6e0997822
2528
chrome.exe
C:\Users\admin\AppData\Local\Temp\TarB242.tmp
––
MD5:  ––
SHA256:  ––
2528
chrome.exe
C:\Users\admin\AppData\Local\Temp\CabB241.tmp
––
MD5:  ––
SHA256:  ––
2528
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\DownloadMetadata
binary
MD5: 08809328540f67c8465680ce2a29838f
SHA256: 536a92a09e1e6458a81f2f2ea189172c0f7ad6dbfd4700dae4f334467b0d58fd
2528
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\DownloadMetadata~RF10b131.TMP
binary
MD5: 08809328540f67c8465680ce2a29838f
SHA256: 536a92a09e1e6458a81f2f2ea189172c0f7ad6dbfd4700dae4f334467b0d58fd
2528
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\5d8cd9ac-e3f3-4264-8a4e-7163182462c1.tmp
––
MD5:  ––
SHA256:  ––
2528
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\DownloadMetadata
binary
MD5: 079e07014e05300aa938e2b5bce80317
SHA256: 5f0385ac467a1390dbedf466b004b2d35d22b706e7b81a8868d6027858079e5f
2528
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\70dd9616-6f38-45de-87d9-1f1e55768393.tmp
––
MD5:  ––
SHA256:  ––
2528
chrome.exe
C:\Users\admin\Downloads\Blisk_installer.exe:Zone.Identifier
text
MD5: fbccf14d504b7b2dbcb5a5bda75bd93b
SHA256: eacd09517ce90d34ba562171d15ac40d302f0e691b439f91be1b6406e25f5913
3836
blisk.exe
C:\Users\admin\AppData\Local\Blisk\User Data\Default\Cache\f_000007
compressed
MD5: 75f01813601b35cac29c7f69fe0b4338
SHA256: aab6d87ecaeb964a56a5cd05f9c43cc1c2a65a309a1a8c3c64286bf8ec3607e2
2528
chrome.exe
C:\Users\admin\AppData\Local\Temp\Tar9C27.tmp
––
MD5:  ––
SHA256:  ––
2528
chrome.exe
C:\Users\admin\AppData\Local\Temp\Cab9C26.tmp
––
MD5:  ––
SHA256:  ––
2528
chrome.exe
C:\Users\admin\AppData\Local\Temp\Tar9C25.tmp
––
MD5:  ––
SHA256:  ––
2528
chrome.exe
C:\Users\admin\AppData\Local\Temp\Cab9C24.tmp
––
MD5:  ––
SHA256:  ––
2528
chrome.exe
C:\Users\admin\AppData\Local\Temp\Tar9C04.tmp
––
MD5:  ––
SHA256:  ––
2528
chrome.exe
C:\Users\admin\AppData\Local\Temp\Cab9C03.tmp
––
MD5:  ––
SHA256:  ––
3836
blisk.exe
C:\Users\admin\AppData\Local\Blisk\User Data\Default\Session Storage\CURRENT
text
MD5: 46295cac801e5d4857d09837238a6394
SHA256: 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
3836
blisk.exe
C:\Users\admin\AppData\Local\Blisk\User Data\Default\Session Storage\000001.dbtmp
––
MD5:  ––
SHA256:  ––
2528
chrome.exe
C:\Users\admin\Downloads\cdf03409-9136-4860-b77d-9a7bdebfee70.tmp
––
MD5:  ––
SHA256:  ––
2528
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\CURRENT
text
MD5: 206702161f94c5cd39fadd03f4014d98
SHA256: 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167
2528
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\CURRENT~RF109b09.TMP
text
MD5: 206702161f94c5cd39fadd03f4014d98
SHA256: 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167
2528
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\000002.dbtmp
––
MD5:  ––
SHA256:  ––
2528
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\000001.dbtmp
––
MD5:  ––
SHA256:  ––
2528
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\MANIFEST-000001
––
MD5:  ––
SHA256:  ––
2528
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\aa37237b856df4b2_0
binary
MD5: e4fc8d205e9c786f5cab3171f2149745
SHA256: bb6af6ee10479825f7ab887ad5295c9cdad5d5b14e5c50bff9aaed962671eccb
2528
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\55cd292538047565_0
binary
MD5: 0679f6c3d30b192a6291871157556ab7
SHA256: 22a36738aa5eb1c133a38a47c9540ce53fafcba249ba0359a0053e11499756eb
2528
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\08bb4a30ee2e97cb_0
binary
MD5: 050ce327396986fb66cc42882523982f
SHA256: bfcd793655bc1dca5e7911bf5b8f518521a6a19cba4b07f6c4362b4d2da66c56
2528
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\a6104f8657d8dc20_0
binary
MD5: f49a436871090e95be00be05480b0da2
SHA256: c848bd1ee15e4a2c101f2157054a83b111f1d70a7642bf37ec9c8c3e818be42a
2528
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\c38460049de94044_0
binary
MD5: 2ded87fd190698f2ee3a84a4612fcead
SHA256: b38469c9bbd80381d18a6d712b79d31e147bbb6826035ec0c3802235384aba80
2528
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\VideoDecodeStats\CURRENT
text
MD5: 46295cac801e5d4857d09837238a6394
SHA256: 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
2528
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\VideoDecodeStats\000001.dbtmp
––
MD5:  ––
SHA256:  ––
2528
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\VideoDecodeStats\MANIFEST-000001
binary
MD5: 5af87dfd673ba2115e2fcf5cfdb727ab
SHA256: f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
2528
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7319.128.0.1_0
––
MD5:  ––
SHA256:  ––
2528
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir2528_25738\CRX_INSTALL
––
MD5:  ––
SHA256:  ––
2528
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\zh\messages.json
––
MD5:  ––
SHA256:  ––
2528
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\zh_TW\messages.json
––
MD5:  ––
SHA256:  ––
2528
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\tr\messages.json
––
MD5:  ––
SHA256:  ––
2528
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\uk\messages.json
––
MD5:  ––
SHA256:  ––
2528
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\vi\messages.json
––
MD5:  ––
SHA256:  ––
2528
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\th\messages.json
––
MD5:  ––
SHA256:  ––
2528
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\te\messages.json
––
MD5:  ––
SHA256:  ––
2528
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\sw\messages.json
––
MD5:  ––
SHA256:  ––
2528
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\sv\messages.json
––
MD5:  ––
SHA256:  ––
2528
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\sr\messages.json
––
MD5:  ––
SHA256:  ––
2528
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\ta\messages.json
––
MD5:  ––
SHA256:  ––
2528
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\sl\messages.json
––
MD5:  ––
SHA256:  ––
2528
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\sk\messages.json
––
MD5:  ––
SHA256:  ––
2528
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\ru\messages.json
––
MD5:  ––
SHA256:  ––
2528
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\pl\messages.json
––
MD5:  ––
SHA256:  ––
2528
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\ro\messages.json
––
MD5:  ––
SHA256:  ––
2528
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\pt\messages.json
––
MD5:  ––
SHA256:  ––
2528
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\nl\messages.json
––
MD5:  ––
SHA256:  ––
2528
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\ml\messages.json
––
MD5:  ––
SHA256:  ––
2528
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\nb\messages.json
––
MD5:  ––
SHA256:  ––
2528
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\mr\messages.json
––
MD5:  ––
SHA256:  ––
2528
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\ms\messages.json
––
MD5:  ––
SHA256:  ––
2528
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\ko\messages.json
––
MD5:  ––
SHA256:  ––
2528
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\lv\messages.json
––
MD5:  ––
SHA256:  ––
2528
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\kn\messages.json
––
MD5:  ––
SHA256:  ––
2528
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\lt\messages.json
––
MD5:  ––
SHA256:  ––
2528
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\ja\messages.json
––
MD5:  ––
SHA256:  ––
2528
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\hu\messages.json
––
MD5:  ––
SHA256:  ––
2528
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\id\messages.json
––
MD5:  ––
SHA256:  ––
2528
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\hi\messages.json
––
MD5:  ––
SHA256:  ––
2528
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\it\messages.json
––
MD5:  ––
SHA256:  ––
2528
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\hr\messages.json
––
MD5:  ––
SHA256:  ––
2528
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\fr\messages.json
––
MD5:  ––
SHA256:  ––
2528
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\gu\messages.json
––
MD5:  ––
SHA256:  ––
2528
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\fi\messages.json
––
MD5:  ––
SHA256:  ––
2528
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\fa\messages.json
––
MD5:  ––
SHA256:  ––
2528
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\fil\messages.json
––
MD5:  ––
SHA256:  ––
2528
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\et\messages.json
––
MD5:  ––
SHA256:  ––
2528
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\es\messages.json
––
MD5:  ––
SHA256:  ––
2528
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\cs\messages.json
––
MD5:  ––
SHA256:  ––
2528
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\de\messages.json
––
MD5:  ––
SHA256:  ––
2528
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\el\messages.json
––
MD5:  ––
SHA256:  ––
2528
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\da\messages.json
––
MD5:  ––
SHA256:  ––
2528
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\en\messages.json
––
MD5:  ––
SHA256:  ––
2528
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\ca\messages.json
––
MD5:  ––
SHA256:  ––
2528
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\bg\messages.json
––
MD5:  ––
SHA256:  ––
2528
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\bn\messages.json
––
MD5:  ––
SHA256:  ––
2528
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\ar\messages.json
––
MD5:  ––
SHA256:  ––
2528
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\am\messages.json
––
MD5:  ––
SHA256:  ––
2528
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\manifest.json
––
MD5:  ––
SHA256:  ––
2692
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_metadata\verified_contents.json
text
MD5: 22e79719df0f623df7392be3060a23d7
SHA256: 69eec99c7e6aa1826baa0583c8b566e79163c27291ac91798970bf45c0910749
2692
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\mirroring_webrtc.js
text
MD5: 05b6b803898b50ba46ef100bb9138371
SHA256: eec784d4a6209d32f263f4873ea9a9a79a226dbf8f6e9c487ed75bef4af8d1af
2692
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\mirroring_hangouts.js
text
MD5: 3878dc32ddab95c95655212b22995d89
SHA256: 337298f720e5eda9946adc0cfdf5a95fe99f27505a2e00f7cc4801e71c563e19
2692
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\mirroring_common.js
text
MD5: 601e598f3fbbc2d67c0e2e9e3397a5ac
SHA256: 299341580def7206225a92624bcbecadaeb7676747d87d94dad3783e7c262390
2692
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\mirroring_cast_streaming.js
text
MD5: 6943caa86048b3b27cf034306017866b
SHA256: 503cad31f78ed39b56fe99d0b0f46854cc0e436bf6b16a8bdb2ad71cee78b415
2692
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\material_css_min.css
text
MD5: 3358ffd27f0e24441652d11d0a923386
SHA256: f64ef9e918ec588cf8fdf6f3c2adadda4d08123bde180527277dd9832ef84ab5
2692
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\feedback_script.js
text
MD5: a351ee4448c90d82b5b16b93203c32d8
SHA256: bf5f5a4d40f0701083c29f0e0c2415f0afd77b859a321bfbf2003c699101e7d0
2692
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\feedback.html
html
MD5: d8999d70edf2140409a700ba5590c7e6
SHA256: 36e036646c0550b5bc3aa5e2c961851e9fb84f6afa126edf0f91f93d18a6f12f
2692
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\feedback.css
text
MD5: d8ee20737329319bfa1acbb0e6c219a6
SHA256: a582fc20dbcad1918000b690eb8f237ec14e5b836fd7f799c35702d88dbe6862
2692
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\common.js
text
MD5: 6da98ef1c025dc449057575d55549186
SHA256: 92c09d1a78ef6ff9fdfaa9ae5b4c610876bc0799f7311b9c8194780581e7ca5e
2692
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\cast_setup\setup.html
html
MD5: 8388cc359430657e940186a45deddc5c
SHA256: 25e58675bc9d45f7c860e01637326a661f68a1d360e2508706eccfa408edd23f
2692
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\cast_setup\offers.html
html
MD5: 8388cc359430657e940186a45deddc5c
SHA256: 25e58675bc9d45f7c860e01637326a661f68a1d360e2508706eccfa408edd23f
2692
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\cast_setup\index.html
html
MD5: d6129176a40c5f18d1e4b692d37f9bc2
SHA256: d2792c70ef575d9d822ad6e2b804bec13a274aec969b0f8d7b0db8b35dbfa834
2692
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\cast_setup\devices.html
html
MD5: 8388cc359430657e940186a45deddc5c
SHA256: 25e58675bc9d45f7c860e01637326a661f68a1d360e2508706eccfa408edd23f
2692
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\cast_setup\chromecast_logo_grey.png
image
MD5: a7099e08e14f10d8f47a0cd7b8bc003b
SHA256: 59fe744de6c2636df554075ffb1c28aa3f8fd75830434e28c1f85b19eb9d566b
2692
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\cast_setup\cast_app_redirect.js
text
MD5: a2a7a6c00091ead24b4476bc6131c8f9
SHA256: 753c002de0970d0732be1cacba9ac3e38e75b28d2e8221f9fa7fbb477011b71a
2692
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\cast_setup\cast_app_min.css
text
MD5: acf54711f0b70a104e4e3afad9142856
SHA256: deb1d6a67165e2225d1d4b8b3cf50299078b20b733516622600e4cd032dd6d2b
2692
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\cast_setup\cast_app.js
text
MD5: 3c9d2a76ce88f23b2ce051444667862c
SHA256: 17942f2e603c99fd2c571f42229fc7a6242095dcf74d3e4d219f7fd2ec290db1
2692
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\cast_sender.js
text
MD5: 4811c1bad63fad553090315710df4522
SHA256: 0ed8e460ad47eb6b3bb6151cc1eaa0d67554266ae0b543addc8c4b200accbb4b
2692
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\cast_game_sender.js
text
MD5: 0b363a38dfb5f71870c6cce3314a81f0
SHA256: 09583d0b906e1be8707d53ce5ad33ef35de2ae33887767bbf206068f67508383
2692
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\background_script.js
text
MD5: 36db5de50640307501492aa794718ef0
SHA256: 346468148d51c889c0662f5229df9890dea98ac5353ae5759a4c7e1f75a2d59d
2692
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\angular.js
text
MD5: cc86f1d45febd80dd24791d59b2aa616
SHA256: f321dc8d9a4d8a779add44180974e59a43d5bd10744542a768c1b15d7e63a832
2692
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\zh_TW\messages.json
html
MD5: c6f48c269246a6fa0e2f0b396b7604df
SHA256: 81bc1bc507238ab26ffaf68003d811fd603e5f4bdc1b0b94d0f4506cbbe97241
2692
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\zh\messages.json
html
MD5: 0a57b005bd27db7a0070f914c354a072
SHA256: 91a4c7d3fbd1e41d0801029bda6f14e52c8653a648fc5f39fe1f046564d0f60b
2692
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\vi\messages.json
html
MD5: 47bbd75f76e25d79ea10f2014f7d9bc7
SHA256: 53b2b2454bb45be824119b15dda1ea2226958794fc259d80f0347d1bc706eb7b
2692
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\uk\messages.json
text
MD5: ae50bf36f89d4706da22d21959863425
SHA256: 6b7f56819e94b99b792fe0c11273e259ce18c7fb57392bb47be8b0fd29b24e7d
2692
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\tr\messages.json
html
MD5: 2b0dfabc643cff3ec13e96e3ec842258
SHA256: 816add33835ba6028915b4532d5b45a71a280de6788398b008bd60733326ceb7
2692
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\th\messages.json
html
MD5: 84140112d747bd5176c96a374a18ad1a
SHA256: b60a1cbb9ac067f4e903170c8564e4bc2c3572f76a5b09bbeedbd6e1b88df1e1
2692
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\te\messages.json
text
MD5: cebd49bb6f838e23140cee4118c76dfb
SHA256: 0b71586dee26943b55899583ad4355b8f4007a4853510364faa76a99ba9a0566
2692
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\ta\messages.json
text
MD5: 5f7b6880dbea25f769f97d2c99e7b7f6
SHA256: 5a22269c0eda694e0131b0ac52ebfdf828aad3c735b592a54d210f6b8db0ab82
2692
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\sw\messages.json
html
MD5: 1712a3588bafaee411bc46ec5dcb8ca2
SHA256: 8485722d70475c9d98a8a7d6d2613117149bfaea487ad7f92d9a6e094de949f0
2692
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\sv\messages.json
html
MD5: cf637a380c4aecd9778a46a19108c406
SHA256: 4010ebf76c0af564b9c3026b98ff2885af77955be12d77a05a508ff7d5f8366d
2692
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\sr\messages.json
text
MD5: 59cdbb02241ab4e8a3e4421ee7800474
SHA256: 4d71ed4a97228755c0861b04da1a4c97eef7562406afc29e4213faba36fa3511
2692
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\sl\messages.json
html
MD5: 22a021701f9572cb94606ad35a9be88a
SHA256: 6adf87ecfc785e46593f8a8975989d344dfec3ac0e5672c394d999b7eef70a2c
2692
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\sk\messages.json
html
MD5: 7c3596001e0e44f016816e422f664763
SHA256: d4f5ccd81ed83b460fe2dc51a8415076716c0aa593edb28bbbbaf76a2a49ca47
2692
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\ru\messages.json
text
MD5: e61ccfd8f13aa36fef4fd8d651aca7aa
SHA256: 04c6ac4f77a59052f5ceb07c06e6e1cf311b5d5231e8732d837c7f936c3ae219
2692
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\ro\messages.json
html
MD5: 2228b9adecbfb55d24890c9510f20b5b
SHA256: d2ce829cc617a8d01c366ec60d1718f52c63f1a9515fb0b1611e55b22f909c69
2692
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\pt\messages.json
html
MD5: 816dc05089e3ec573f5d4341a748fefb
SHA256: d610e5f9fae2d429ca1ba5c41bb52b93d2551222ceb751f335b0d43695544351
2692
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\pl\messages.json
html
MD5: 0bd6d31a53f196364e23f00f1f5b0768
SHA256: 4ea7d131167712c8756062d7b6e8f8ae6de7eb2be91c440d3b8b260b7c7d494e
2692
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\nl\messages.json
html
MD5: 8e38c515a274c55a4b003c47a23ddb4e
SHA256: ed0c2304a02cc8c49d5f4b055b73412b31505ce290a5af73858761c50f2000ef
2692
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\nb\messages.json
html
MD5: 3f56c75fcbcc66ba27df14b9ca5a1119
SHA256: d09c1ed9753d6ba323012a4b4ea4f186321bc3ae9bbaa7990b5773d95cc9a242
2692
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\ms\messages.json
html
MD5: 9c3779e6e9f6f10e232ee7ad03d75921
SHA256: 6d7e1a3b52ea61d53cf44e770c89b4a370075b786dfa64174fa8b4565d0fadf3
2692
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\mr\messages.json
text
MD5: df8ae4588605c10278c88d94e9c1dbbc
SHA256: b783440d2b13c18b97b02f24e953aa7a0c778817162ac91c9afbfead2d0bc8ff
2692
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\ml\messages.json
text
MD5: 90f5f8ccfc9001b7845e2437d5b83740
SHA256: a0d6831c4dcb9492ceb7d8b1ff0426bf6bc7f6a9ceec7b26dafacde8ae06a3c3
2692
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\lv\messages.json
html
MD5: 0cfd87cf25cd27b7928925f136978097
SHA256: a6dbd930c083e2e5dfb665131d9f1e6e6bd8896753cdb79cf059e21488a920da
2692
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\lt\messages.json
html
MD5: a4e08cf83276578f0444c5c0a5b5196d
SHA256: c8a5d07ff98a92409aadcacd7ae99809e5f6e3be634ded7626dad8c00ec663e1
2692
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\ko\messages.json
html
MD5: 46060399fc358c0c0620463fbfd3f325
SHA256: 139c7f78ca0f385cfaf9f08066d3347eeeba8705f746bee8eae4e15c82ba40cc
2692
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\kn\messages.json
text
MD5: b79cb28daffc5af94b6ecd39a3aa4032
SHA256: 27e2c6d453cd3398f8cb64fb9d4a8776be0d80eb608088804bb23ac985a3aae7
2692
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\ja\messages.json
html
MD5: d38392c4246c105fe2f394c7ef41d0a8
SHA256: d61644907520d8a808aed9fb1532ec0f5ef12461e66a5acc7327c9ed6c2a2681
2692
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\iw\messages.json
html
MD5: 4b3a7915595b1f5a74027909bce968dd
SHA256: f95692a9717639fb9d3886efa9de71808cb5c6b0f4354e9b99816a996298fa8f
2692
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\it\messages.json
html
MD5: c248ee6105ae77036fbb4c4e3e9d66e7
SHA256: c7451e207005197a225a3e43b479643c4dbe03865c2fff052acb9facc1025980
2692
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\id\messages.json
html
MD5: 7b9a0847c6faa8402eab61c096024d33
SHA256: 5e50b077a10a977de39a8a99dbe25ee4c022e88f34d009a665ebf4b7cff688dc
2692
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\hu\messages.json
html
MD5: 2d794e2754e5c80f54bff8ed635184d0
SHA256: c83ec71e1b3b7f14910d05e962ecfc61dad91b034a6fa8abe6afaa5b968689e9
2692
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\hr\messages.json
html
MD5: 444cd89a9aab432251330292216f8dae
SHA256: 2defd1bcbd8d822f07a9c79e13e10bba7e61f49aa4d395b1315321dee6df6503
2692
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\hi\messages.json
html
MD5: 46fca60f4c16afd5b68738750a16057e
SHA256: 61c146d44f9c4c054c9dbe79d565463496aae7fa95f784164649026eb852dee6
2692
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\gu\messages.json
html
MD5: 18bd0fa4585a840991bbe01ea1d6bff9
SHA256: 5537157a0078c9485699fc8b103ffbbd069532e29245430c60cac08d6fc50e6e
2692
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\fr\messages.json
html
MD5: 4d3875bef5c65792c16abe203fde1f16
SHA256: a34353385db3b07a96bb1c2da7a8e623ee296618845858a239834f7371685144
2692
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\fil\messages.json
html
MD5: ec51f209a7be042e832b851430ff75c6
SHA256: c137bd71c5266addf08cac46a606285e1be10e555eef8f0dbe804effe1d94d57
2692
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\fi\messages.json
html
MD5: 9ad4a516864a35f4225410d0f353fb58
SHA256: 0ee5e9fd9615920fa51e50667f19e8ae4399f591de1d702516779f20d62e75f4
2692
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\fa\messages.json
html
MD5: edb2ec2c7f482909a814b903024ac672
SHA256: 60ce4f04acfba61db4c54f7e5e990a06535b205a12d53b62d36075b84bb5cbd8
2692
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\et\messages.json
html
MD5: 2e75cee7712c279bf151d93c40757e81
SHA256: 953cad518d95ade3150c43eb753ae24057164d3c2a2bd31109e45b9e0b42bf1b
2692
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\es\messages.json
html
MD5: f76e1dec23c5b058be8d85ecf814ab45
SHA256: 1eda00d6c22c88a6bdec3fd9926f842ab845555096be68a492b92a983beab199
2692
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\en\messages.json
html
MD5: 54536c1afc37045fc1e67404d3247775
SHA256: 525f6693856ec39183a2713b1f79decd65c82c7bde0ce426200fb288f791e5ad
2692
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\el\messages.json
text
MD5: 9463fd9c6e74bc71fd662b25719d2429
SHA256: 59a2e6a9682f367c81f381cdf0633b3217cc538604faa53f04116407f5d15608
2692
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\de\messages.json
html
MD5: fc9bd60c101f41758269170812356cea
SHA256: 0bc5972106aa310219404ba5b9518b4d2f0f5780624ca7dd40321c4adce804ba
2692
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\da\messages.json
html
MD5: d7a7b55a20e71db0c5924ba061362bdf
SHA256: 270ad3210aa587ee077b0762e0f38aa694f06f298a2f0a8531dda812843421d1
2692
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\cs\messages.json
html
MD5: 6c2f7dd3e5d63d41d463fb53d890f17d
SHA256: 7891476c3333a760037df7f9f319b1e47cc19058b66a208fa0127c9d7eb962ba
2692
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\ca\messages.json
html
MD5: e3cbb47ad514c8679a9681fcd22a19b7
SHA256: c0e35c1d23b8c5cf553772434d96a10e5ecf1f70170a81deca882b3f705d65d8
2692
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\bn\messages.json
text
MD5: 98c0e976877ae91edc3dabdcea30b227
SHA256: e74817f1f5868faece3bbe1aefb3f7967969f0ad26b7c507b04787106d22ef0e
2692
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\bg\messages.json
text
MD5: c7d7597209588826f1612285261af898
SHA256: 31aac8506daa5f302f6c4167b923788df4aab7cdf4f0673e712ad823b63536c0
2692
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\ar\messages.json
html
MD5: cdfef1cc3d9b1a7f8295f469e5d7cce1
SHA256: 1fd3e52e3082ada8fad1f2f2ce654edaf7e99177b43f468016e8e09f11d061a9
2692
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\_locales\am\messages.json
html
MD5: 544acece47a9653d8908af804aa24c4f
SHA256: 4b1bdceed72e74dc5a64ef305c8dc476f5e2a56e00eb6884d09b0e82e59a69f5
3052
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\CRX_INSTALL\manifest.json
text
MD5: aa820edca2a1d86c3b0a259f28cd4b6c
SHA256: 0cb121b2c53dee18adedc1fa004ca640c88644fd75c5f062ce749401f96ebf49
2528
chrome.exe
C:\Users\admin\AppData\Local\Temp\scoped_dir2528_18136\9d1d931d-1620-4c40-9a51-aa313bb1ebe2.tmp
crx
MD5: c9f1737667f13e06aa8cfb26416cd7f9
SHA256: d9a59c97ed4b1dc1c15ce3136afc93fc45d7a2253f7e9e26100f35499f3e94bf
2528
chrome.exe
C:\Users\admin\AppData\Local\Temp\fc0e5f9c-6590-456d-b66a-67990c9c1c62.tmp
––
MD5:  ––
SHA256:  ––
2528
chrome.exe
C:\Users\admin\AppData\Local\Temp\9d1d931d-1620-4c40-9a51-aa313bb1ebe2.tmp
crx
MD5: c9f1737667f13e06aa8cfb26416cd7f9
SHA256: d9a59c97ed4b1dc1c15ce3136afc93fc45d7a2253f7e9e26100f35499f3e94bf
2400
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity~RF108e09.TMP
text
MD5: c1983e68d53a6c697c70648f915a246f
SHA256: 0e663ee17e5fe3782dd23cda1e87d052899b633ea7bd1dc4484c5e38283575b6
2400
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity
text
MD5: c1983e68d53a6c697c70648f915a246f
SHA256: 0e663ee17e5fe3782dd23cda1e87d052899b633ea7bd1dc4484c5e38283575b6
2400
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\134fc858-afd7-4d0e-b557-cbbacd79b904.tmp
––
MD5:  ––
SHA256:  ––
2528
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
text
MD5: b561ee0a5a3327303cda526201cd630d
SHA256: ec6a42e39ebfdac67b4f12d1fc885f8d27aabefa8dbf76d27ca556cc41601ca6
2528
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Preferences~RF108966.TMP
text
MD5: b561ee0a5a3327303cda526201cd630d
SHA256: ec6a42e39ebfdac67b4f12d1fc885f8d27aabefa8dbf76d27ca556cc41601ca6
2528
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\91e8c428-9da9-4bc7-8664-982afe04d6f7.tmp
––
MD5:  ––
SHA256:  ––
2528
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Local State
text
MD5: 558e9480324d7bb600f82ba359ff76d2
SHA256: edea67ba626168484e5d96ae6ad226d1ce7cd4201ded807c28513011d129a6d7
2528
chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Local State~RF1088d9.TMP
text
MD5: 558e9480324d7bb600f82ba359ff76d2
SHA256: edea67ba626168484e5d96ae6ad226d1ce7cd4201ded807c