Analysis Overview
Threat Level: Known bad
The file https://support.hp.com/us-en/help/hp-support-assistant was found to be: Known bad.
Malicious Activity Summary
BazarBackdoor
Bazar/Team9 Backdoor payload
Downloads MZ/PE file
Suspicious use of FindShellTrayWindow
Suspicious use of WriteProcessMemory
Suspicious use of SetWindowsHookEx
Enumerates system info in registry
Modifies registry class
Suspicious use of SendNotifyMessage
Suspicious use of AdjustPrivilegeToken
Modifies data under HKEY_USERS
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
MITRE ATT&CK Matrix V6
Analysis: static1
Detonation Overview
Reported
2023-03-16 06:51
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2023-03-16 06:51
Reported
2023-03-16 06:58
Platform
win10v2004-20230220-en
Max time kernel
422s
Max time network
423s
Command Line
Signatures
BazarBackdoor
Bazar/Team9 Backdoor payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Downloads MZ/PE file
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133234267263100065" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Set value (data) | \REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\NodeSlot = "1" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\Shell | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\FFlags = "1" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\Shell\SniffedFolderType = "Downloads" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\Mode = "4" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupByDirection = "4294967295" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0 = 14002e8005398e082303024b98265d99428e115f0000 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\Mode = "1" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupByKey:PID = "14" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4336a54d-038b-4685-ab02-99bb52d3fb8b}\Instance\ | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1 = 3a001f44471a0359723fa74489c55595fe6b30ee260001002600efbe10000000de49248a6d45d9014a0d49947645d9014ecd5f6fdc57d90114000000 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\LogicalViewMode = "3" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\GroupByKey:PID = "0" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\Instance\ | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0 = 14001f50e04fd020ea3a6910a2d808002b30309d0000 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 0100000000000000ffffffff | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\MRUListEx = ffffffff | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 02 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000_Classes\Local Settings | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = ffffffff | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\MRUListEx = ffffffff | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\IconSize = "48" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0a00000001000000 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259} | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\FFlags = "1092616257" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\IconSize = "16" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a0000001001000030f125b7ef471a10a5f102608c9eebac0e0000009000000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\MRUListEx = 00000000ffffffff | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\NodeSlot = "2" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3} | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupView = "4294967295" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\Shell\KnownFolderDerivedFolderType = "{885A186E-A440-4ADA-812B-DB871B942259}" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 0202 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a000000a000000030f125b7ef471a10a5f102608c9eebac0e0000009000000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\GroupView = "0" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\LogicalViewMode = "1" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 00000000ffffffff | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\FFlags = "1092616257" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupByKey:FMTID = "{B725F130-47EF-101A-A5F1-02608C9EEBAC}" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\FFlags = "1" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\GroupByDirection = "1" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 0000000001000000ffffffff | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0e000000ffffffff | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-4238149048-355649189-894321705-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\GroupByKey:FMTID = "{00000000-0000-0000-0000-000000000000}" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "--simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT'" https://support.hp.com/us-en/help/hp-support-assistant
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffd73b59758,0x7ffd73b59768,0x7ffd73b59778
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1792 --field-trial-handle=1736,i,14896585392587561636,7104443485668918665,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2152 --field-trial-handle=1736,i,14896585392587561636,7104443485668918665,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2236 --field-trial-handle=1736,i,14896585392587561636,7104443485668918665,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3116 --field-trial-handle=1736,i,14896585392587561636,7104443485668918665,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3132 --field-trial-handle=1736,i,14896585392587561636,7104443485668918665,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4780 --field-trial-handle=1736,i,14896585392587561636,7104443485668918665,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4620 --field-trial-handle=1736,i,14896585392587561636,7104443485668918665,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=5132 --field-trial-handle=1736,i,14896585392587561636,7104443485668918665,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5888 --field-trial-handle=1736,i,14896585392587561636,7104443485668918665,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5568 --field-trial-handle=1736,i,14896585392587561636,7104443485668918665,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=6080 --field-trial-handle=1736,i,14896585392587561636,7104443485668918665,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=960 --field-trial-handle=1736,i,14896585392587561636,7104443485668918665,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2764 --field-trial-handle=1736,i,14896585392587561636,7104443485668918665,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5488 --field-trial-handle=1736,i,14896585392587561636,7104443485668918665,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5400 --field-trial-handle=1736,i,14896585392587561636,7104443485668918665,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5832 --field-trial-handle=1736,i,14896585392587561636,7104443485668918665,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=2676 --field-trial-handle=1736,i,14896585392587561636,7104443485668918665,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4696 --field-trial-handle=1736,i,14896585392587561636,7104443485668918665,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=6232 --field-trial-handle=1736,i,14896585392587561636,7104443485668918665,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=6184 --field-trial-handle=1736,i,14896585392587561636,7104443485668918665,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6304 --field-trial-handle=1736,i,14896585392587561636,7104443485668918665,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2672 --field-trial-handle=1736,i,14896585392587561636,7104443485668918665,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=6544 --field-trial-handle=1736,i,14896585392587561636,7104443485668918665,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=6016 --field-trial-handle=1736,i,14896585392587561636,7104443485668918665,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=6064 --field-trial-handle=1736,i,14896585392587561636,7104443485668918665,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=27 --mojo-platform-channel-handle=4688 --field-trial-handle=1736,i,14896585392587561636,7104443485668918665,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6164 --field-trial-handle=1736,i,14896585392587561636,7104443485668918665,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6748 --field-trial-handle=1736,i,14896585392587561636,7104443485668918665,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6752 --field-trial-handle=1736,i,14896585392587561636,7104443485668918665,131072 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 93.184.221.240:80 | tcp | |
| US | 93.184.221.240:80 | tcp | |
| US | 8.8.8.8:53 | 76.38.195.152.in-addr.arpa | udp |
| US | 8.8.8.8:53 | support.hp.com | udp |
| GB | 2.20.37.62:443 | support.hp.com | tcp |
| US | 8.8.8.8:53 | cdn.optimizely.com | udp |
| US | 8.8.8.8:53 | nexus.ensighten.com | udp |
| US | 8.8.8.8:53 | nebula-cdn.kampyle.com | udp |
| US | 8.8.8.8:53 | www.hp.com | udp |
| US | 8.8.8.8:53 | www8.hp.com | udp |
| NL | 173.223.112.148:443 | cdn.optimizely.com | tcp |
| US | 8.8.8.8:53 | logx.optimizely.com | udp |
| US | 151.101.1.175:443 | nebula-cdn.kampyle.com | tcp |
| NL | 95.101.74.157:443 | www.hp.com | tcp |
| NL | 95.101.74.157:443 | www.hp.com | tcp |
| US | 151.101.1.175:443 | nebula-cdn.kampyle.com | tcp |
| US | 44.195.213.169:443 | logx.optimizely.com | tcp |
| NL | 23.222.67.82:443 | www8.hp.com | tcp |
| NL | 23.222.67.82:443 | www8.hp.com | tcp |
| NL | 23.222.67.82:443 | www8.hp.com | tcp |
| US | 18.65.39.119:443 | nexus.ensighten.com | tcp |
| US | 18.65.39.119:443 | nexus.ensighten.com | tcp |
| US | 8.8.8.8:53 | 195.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 62.37.20.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.219.191.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 250.255.255.239.in-addr.arpa | udp |
| US | 8.8.8.8:53 | dpm.demdex.net | udp |
| IE | 34.240.144.110:443 | dpm.demdex.net | tcp |
| US | 8.8.8.8:53 | met2.hp.com | udp |
| FR | 13.37.25.97:443 | met2.hp.com | tcp |
| US | 8.8.8.8:53 | use.typekit.net | udp |
| DE | 23.32.238.210:443 | use.typekit.net | tcp |
| US | 8.8.8.8:53 | p.typekit.net | udp |
| DE | 23.32.238.211:443 | p.typekit.net | tcp |
| US | 8.8.8.8:53 | cm.everesttech.net | udp |
| US | 8.8.8.8:53 | hpsa-redirectors.hpcloud.hp.com | udp |
| US | 8.8.8.8:53 | global-navbar-backend.id.hp.com | udp |
| IE | 18.203.152.154:443 | cm.everesttech.net | tcp |
| US | 34.211.70.99:443 | global-navbar-backend.id.hp.com | tcp |
| US | 35.85.157.55:443 | hpsa-redirectors.hpcloud.hp.com | tcp |
| US | 8.8.8.8:53 | 148.112.223.173.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 175.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 157.74.101.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 82.67.222.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 119.39.65.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 169.213.195.44.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.21.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 189.211.227.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 110.144.240.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 97.25.37.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 210.238.32.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 211.238.32.23.in-addr.arpa | udp |
| US | 34.211.70.99:443 | global-navbar-backend.id.hp.com | tcp |
| US | 8.8.8.8:53 | hp.demdex.net | udp |
| US | 8.8.8.8:53 | a2129670914.cdn.optimizely.com | udp |
| IE | 34.248.102.220:443 | hp.demdex.net | tcp |
| NL | 88.221.190.80:443 | a2129670914.cdn.optimizely.com | tcp |
| NL | 23.222.67.82:443 | www8.hp.com | tcp |
| US | 8.8.8.8:53 | 154.152.203.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 99.70.211.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 55.157.85.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 80.190.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 220.102.248.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | h20572.www2.hp.com | udp |
| US | 52.39.138.210:443 | h20572.www2.hp.com | tcp |
| US | 8.8.8.8:53 | udc-neb.kampyle.com | udp |
| US | 35.241.45.82:443 | udc-neb.kampyle.com | tcp |
| US | 35.241.45.82:443 | udc-neb.kampyle.com | tcp |
| US | 35.241.45.82:443 | udc-neb.kampyle.com | tcp |
| US | 8.8.8.8:53 | 210.138.39.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | sslcom.repository.certum.pl | udp |
| US | 35.241.45.82:443 | udc-neb.kampyle.com | tcp |
| NL | 95.101.74.146:80 | sslcom.repository.certum.pl | tcp |
| US | 35.241.45.82:443 | udc-neb.kampyle.com | tcp |
| US | 35.241.45.82:443 | udc-neb.kampyle.com | tcp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| NL | 216.58.214.10:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | aa.agkn.com | udp |
| IE | 54.155.55.194:443 | aa.agkn.com | tcp |
| US | 8.8.8.8:53 | cdn.cookielaw.org | udp |
| US | 104.19.187.97:443 | cdn.cookielaw.org | tcp |
| US | 104.19.187.97:443 | cdn.cookielaw.org | tcp |
| US | 8.8.8.8:53 | geolocation.onetrust.com | udp |
| US | 104.18.43.158:443 | geolocation.onetrust.com | tcp |
| US | 8.8.8.8:53 | 82.45.241.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 146.74.101.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.55.155.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.211.185.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.214.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 97.187.19.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 158.43.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | sync.mathtag.com | udp |
| CH | 185.29.132.245:443 | sync.mathtag.com | tcp |
| NL | 216.58.214.10:443 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | r.turn.com | udp |
| NL | 46.228.164.11:443 | r.turn.com | tcp |
| US | 8.8.8.8:53 | pm.w55c.net | udp |
| SG | 13.251.177.57:443 | pm.w55c.net | tcp |
| US | 8.8.8.8:53 | idsync.rlcdn.com | udp |
| US | 35.190.60.146:443 | idsync.rlcdn.com | tcp |
| US | 8.8.8.8:53 | d.turn.com | udp |
| NL | 46.228.164.13:443 | d.turn.com | tcp |
| US | 8.8.8.8:53 | 245.132.29.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.164.228.46.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 57.177.251.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 146.60.190.35.in-addr.arpa | udp |
| US | 35.190.60.146:443 | idsync.rlcdn.com | udp |
| US | 8.8.8.8:53 | dp2.33across.com | udp |
| US | 67.202.105.21:443 | dp2.33across.com | tcp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| NL | 142.250.179.194:443 | cm.g.doubleclick.net | tcp |
| NL | 142.250.179.194:443 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | idpix.media6degrees.com | udp |
| US | 104.18.22.234:443 | idpix.media6degrees.com | tcp |
| IE | 34.240.144.110:443 | dpm.demdex.net | tcp |
| US | 8.8.8.8:53 | analytics.twitter.com | udp |
| US | 104.244.42.67:443 | analytics.twitter.com | tcp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| US | 52.223.40.198:443 | match.adsrvr.org | tcp |
| US | 8.8.8.8:53 | c.bing.com | udp |
| US | 204.79.197.200:443 | c.bing.com | tcp |
| US | 8.8.8.8:53 | servedby.flashtalking.com | udp |
| NL | 23.206.81.43:443 | servedby.flashtalking.com | tcp |
| US | 8.8.8.8:53 | ml314.com | udp |
| US | 34.111.234.236:443 | ml314.com | tcp |
| US | 8.8.8.8:53 | 13.164.228.46.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.105.202.67.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.22.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.42.244.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.40.223.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 43.81.206.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | gum.criteo.com | udp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 8.8.8.8:53 | ps.eyeota.net | udp |
| SG | 54.251.140.206:443 | ps.eyeota.net | tcp |
| US | 8.8.8.8:53 | cms.analytics.yahoo.com | udp |
| IE | 212.82.100.182:443 | cms.analytics.yahoo.com | tcp |
| US | 8.8.8.8:53 | ads.scorecardresearch.com | udp |
| US | 18.65.39.70:443 | ads.scorecardresearch.com | tcp |
| US | 8.8.8.8:53 | abp.mxptint.net | udp |
| US | 38.67.14.224:443 | abp.mxptint.net | tcp |
| US | 8.8.8.8:53 | aorta.clickagy.com | udp |
| US | 34.202.66.243:443 | aorta.clickagy.com | tcp |
| US | 8.8.8.8:53 | sync.crwdcntrl.net | udp |
| SG | 52.221.10.142:443 | sync.crwdcntrl.net | tcp |
| US | 8.8.8.8:53 | sync-tm.everesttech.net | udp |
| US | 151.101.2.49:443 | sync-tm.everesttech.net | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 236.234.111.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 182.100.82.212.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.140.251.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 70.39.65.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 224.14.67.38.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 243.66.202.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 49.2.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 142.10.221.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | pixel.rubiconproject.com | udp |
| NL | 213.19.162.90:443 | pixel.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | dsum-sec.casalemedia.com | udp |
| CA | 185.80.39.216:443 | dsum-sec.casalemedia.com | tcp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| NL | 185.89.211.12:443 | ib.adnxs.com | tcp |
| US | 8.8.8.8:53 | us-u.openx.net | udp |
| US | 34.98.64.218:443 | us-u.openx.net | tcp |
| US | 34.98.64.218:443 | us-u.openx.net | udp |
| US | 8.8.8.8:53 | image2.pubmatic.com | udp |
| SG | 67.199.150.86:443 | image2.pubmatic.com | tcp |
| US | 8.8.8.8:53 | sync.search.spotxchange.com | udp |
| NL | 185.94.180.125:443 | sync.search.spotxchange.com | tcp |
| SG | 67.199.150.86:443 | image2.pubmatic.com | tcp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| GB | 157.240.221.35:443 | www.facebook.com | tcp |
| US | 8.8.8.8:53 | mid.rkdms.com | udp |
| US | 54.90.34.109:443 | mid.rkdms.com | tcp |
| US | 8.8.8.8:53 | 90.162.19.213.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 216.39.80.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 12.211.89.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 218.64.98.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 125.180.94.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.150.199.67.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.221.240.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | s.amazon-adsystem.com | udp |
| US | 209.54.182.161:443 | s.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | 109.34.90.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 161.182.54.209.in-addr.arpa | udp |
| US | 93.184.221.240:80 | tcp | |
| US | 8.8.8.8:53 | 154.239.44.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | privacyportal.onetrust.com | udp |
| US | 104.18.43.158:443 | privacyportal.onetrust.com | tcp |
| US | 8.8.8.8:53 | t.contentsquare.net | udp |
| NL | 52.222.139.44:443 | t.contentsquare.net | tcp |
| US | 8.8.8.8:53 | csxd.contentsquare.net | udp |
| NL | 108.156.60.107:443 | csxd.contentsquare.net | tcp |
| US | 8.8.8.8:53 | ct.contentsquare.net | udp |
| NL | 52.222.139.83:443 | ct.contentsquare.net | tcp |
| US | 8.8.8.8:53 | 44.139.222.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 107.60.156.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 83.139.222.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | c.contentsquare.net | udp |
| US | 8.8.8.8:53 | q-aus1.contentsquare.net | udp |
| US | 35.169.28.197:443 | q-aus1.contentsquare.net | tcp |
| IE | 34.247.170.58:443 | c.contentsquare.net | tcp |
| IE | 34.247.170.58:443 | c.contentsquare.net | tcp |
| IE | 34.247.170.58:443 | c.contentsquare.net | tcp |
| US | 8.8.8.8:53 | k-aus1.contentsquare.net | udp |
| US | 34.231.213.204:443 | k-aus1.contentsquare.net | tcp |
| US | 8.8.8.8:53 | 58.170.247.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 197.28.169.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 204.213.231.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.126.166.20.in-addr.arpa | udp |
| US | 20.189.173.14:443 | tcp | |
| IE | 34.247.170.58:443 | c.contentsquare.net | tcp |
| US | 8.8.8.8:53 | 62.13.109.52.in-addr.arpa | udp |
| US | 93.184.221.240:80 | tcp | |
| US | 93.184.221.240:80 | tcp | |
| US | 8.8.8.8:53 | ftp.hp.com | udp |
| FR | 13.37.25.97:443 | met2.hp.com | tcp |
| SG | 8.247.49.120:443 | ftp.hp.com | tcp |
| SG | 8.247.49.120:443 | ftp.hp.com | tcp |
| SG | 8.247.49.120:443 | ftp.hp.com | tcp |
| US | 8.8.8.8:53 | 120.49.247.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | md-scp.kampyle.com | udp |
| GB | 151.101.61.230:443 | md-scp.kampyle.com | tcp |
| GB | 151.101.61.230:443 | md-scp.kampyle.com | tcp |
| US | 8.8.8.8:53 | 230.61.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| NL | 142.251.39.106:443 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | 106.39.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 177.238.32.23.in-addr.arpa | udp |
| NL | 173.223.113.164:443 | tcp | |
| NL | 173.223.113.131:80 | tcp | |
| US | 8.8.8.8:53 | 100.39.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| NL | 172.217.168.206:443 | apis.google.com | udp |
| US | 8.8.8.8:53 | 163.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.168.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.virustotal.com | udp |
| US | 74.125.34.46:443 | www.virustotal.com | tcp |
| US | 8.8.8.8:53 | 3.214.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 46.34.125.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.recaptcha.net | udp |
| NL | 172.217.168.227:443 | www.recaptcha.net | tcp |
| US | 8.8.8.8:53 | 227.168.217.172.in-addr.arpa | udp |
| NL | 142.251.39.106:443 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | recaptcha.net | udp |
| NL | 142.251.36.3:443 | recaptcha.net | tcp |
| US | 8.8.8.8:53 | 110.39.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.36.251.142.in-addr.arpa | udp |
| NL | 142.251.36.3:443 | recaptcha.net | udp |
| US | 74.125.34.46:443 | www.virustotal.com | tcp |
| US | 8.8.8.8:53 | 55.154.139.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | c.contentsquare.net | udp |
| IE | 108.129.59.127:443 | c.contentsquare.net | tcp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| GB | 142.250.187.227:443 | beacons.gcp.gvt2.com | tcp |
| GB | 142.250.187.227:443 | beacons.gcp.gvt2.com | tcp |
| GB | 142.250.187.227:443 | beacons.gcp.gvt2.com | tcp |
| GB | 142.250.187.227:443 | beacons.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | 127.59.129.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 227.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | beacons4.gvt2.com | udp |
| US | 216.239.32.116:443 | beacons4.gvt2.com | tcp |
| US | 216.239.32.116:443 | beacons4.gvt2.com | udp |
| US | 8.8.8.8:53 | 116.32.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 84.65.42.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | beacons2.gvt2.com | udp |
| AU | 172.217.24.35:443 | beacons2.gvt2.com | tcp |
| AU | 172.217.24.35:443 | beacons2.gvt2.com | tcp |
| AU | 172.217.24.35:443 | beacons2.gvt2.com | udp |
| GB | 142.250.187.227:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | 35.24.217.172.in-addr.arpa | udp |
Files
\??\pipe\crashpad_1428_JIHFIEAOSXDCEPGX
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000019
| MD5 | 5282aa12869b95271ff2830d36e9468c |
| SHA1 | 2a7387b7d46daa71ec6fb74deb448c41bf3bf6a5 |
| SHA256 | f4daed872ac5b46c45bbc991fbb3801f5c21189c503de0afb5d08c00468f1202 |
| SHA512 | 72bf67311644cc9ca17064bb8c207ea4d2e1b9e58b7c733e23e05e948e0b0b202bbd49ea599ee4875b6b002547f4725c11537a98c09c32419a966e4fddc5a894 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001a
| MD5 | 62b594143d97ee0649fcc5a4d872819c |
| SHA1 | 2083836382a0f4db03fb0a17b51316fc5c4675db |
| SHA256 | 19cc8faf45b3f29d17b9af9c2e730a64dc38377d2e39d2ef6f87d67373f5f427 |
| SHA512 | 956604298831a4e1b330c3f5d2ff5fbcdb15a77e6f2d3f17facbc071742c2692d3097487512c1be8e27bbfb31e23262d27fa689db77d6a99caf3a26840a7a16d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 59c19bb705b5b61e9c65c9fd1e900f20 |
| SHA1 | 485f261def40c9181d0bd263aa18c4e4c97481a2 |
| SHA256 | d446d592d9c7e77faacc8fef6d9492558e2fbc4e4f4a4a8f02e9f63797c21eae |
| SHA512 | 6ae5171564c46caa04c1ed87e58bd5252cdc9962f12ffa5bb082b16c7ad2218ed2231d269652caa30fc4ae50e35d68e3206da3c33577703e04f2358b759b72e2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2e556dacb70cee3fdc97a5b706566eb0 |
| SHA1 | f6851a151dbc2a85e61a2df973682c43e25bd062 |
| SHA256 | ac177fed366e21b4a6ee588bfd1b2679590f980c5ecab8ea924b575d41316288 |
| SHA512 | 346be4f10af115f74aee6126c44282697422ec12d8ec81086f346d9ccd6f2432a7d1d87b5a43539201c6115526312540f34555706e00a55a0bcb58580643d60b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 5050634a93349a015d811e34bf7f1bff |
| SHA1 | 9402c6c191622ce40068f1171c96efbfa0c36104 |
| SHA256 | 88cf25c29caac441744df0819e5b9b9dd0e73c83c4dc726db202bf397a2428ab |
| SHA512 | 07d04ae3b1f413e9c8b37b522974e689f858865ff7412a6c79edc40b639f6a971a2010cc0e2015341a25ddf68fb30c5f34762036d90e36ca980588026404de85 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\4e6ce51c87305b508714b60ccddb9b524b5c2deb\index.txt
| MD5 | 109f0dfe9cd3e35472dcbcd25936bcd3 |
| SHA1 | b1c53f4c71a1060389505547fa8048ec1f6dbf79 |
| SHA256 | c4a0e509fa96ef0ba100c77ce04aa91b42bcbaea14724a1e8c5554ad59467384 |
| SHA512 | ce9b86266d22d634c5d1c5844282f7bc8b43f6b93d9e3a9856e33bcbb4d24d0d2fe0cd059aaa161640eb3612c341c7edbf0285a4fdc920ff75e0a0acbaac5cef |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\4e6ce51c87305b508714b60ccddb9b524b5c2deb\index.txt~RFe570484.TMP
| MD5 | 5a779bc1ff92ae0677ff0151f2419543 |
| SHA1 | 69d78fa76582f73631066c48ce31b46a06776a35 |
| SHA256 | 59585d972387a237a1abd10460abe8ce1bd9bc2a7c08f77d3170dd6f9796991d |
| SHA512 | a161b7e3e133134075178ea2cec1d0478d881241448f64f9d033ee8fb2644deaaabd75f44eddf6fac74c6b55b21aa1f74cd2ca846ac2c0424c0b2ec3d37dcae9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 30f3e737c91adcb9a6f70d359665a346 |
| SHA1 | 3f4affc6b8eabc0a99fbb7545bc07cbccc4c6313 |
| SHA256 | a55a7acb92e10f28941e069b4894eb8cf518a92ae9814668a33cf4bafde01547 |
| SHA512 | 0db209b199777925fe7c7216a5afbeff32fdd3aea43b49d140ea4c321622e57026cbf044ed496149822d5200240bcd2ebbcd88cad222eaf5b2763c9252a0f96f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\4e6ce51c87305b508714b60ccddb9b524b5c2deb\index.txt
| MD5 | e32909cf2703491e8b543aa14e1c77f3 |
| SHA1 | cb9930b37ec04360290755fe0feea81d21d47b71 |
| SHA256 | f251a8146047818644c3eec9a45c16d26a59969e2468a63a1f087d374be66f1e |
| SHA512 | f62ca0db8ca45720a1e9727abda54d068c2533c0a22a97c3cb1c2eb6431fe8e90761b03fd82a61c3a6edd429cde66bf9dbc301e894fcb6f89916032060f02993 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | df09c88a47825deb5ffa4fdbffaca9fc |
| SHA1 | b28c907acbf0dab127b031458473f8c5e4724f0f |
| SHA256 | 256f6afdad2b9156978c37c21f626a44da6dc0c09326caee81fa6be2ad51dc4f |
| SHA512 | 963ff8d2b82b07fccfd834fcb70192b58edebd19a172c4d4fa6321bcb13269b81661547e5f819f6bbb10a977bcbae967e9f542c225e6d45244fa8498d1a7350c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 20a413da9515e49881a2169dc4f107ba |
| SHA1 | dd5f66eab56255f3e0a6fb87cd7956ba8e43c594 |
| SHA256 | 33ae1464b8a4781f3d569324aa9edae0c5b6293aef63bbde11db1441d78413e7 |
| SHA512 | 930afb1f0b426fb515982f8e9138a4bf09a5026df9dd64586f1f7bf9fae9dc8de1fa4c0d6579e64b67a16b7c5333019c5a753d073825d3cb76996e0334d7df8d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | adb267761dcde7727887bccd74ee9249 |
| SHA1 | 1838255af58e7d22ad0525950d39389bd873027b |
| SHA256 | f9d928e77f2acc8861927b2524ae82a77c640cfd32b3047b02e0ec9b16a05b96 |
| SHA512 | e9bed02fe81a0fbf9067314de36936cd6993e20247546ee76ea8b67af6afe1fe7732f3981561bc250bca17600994568b0d979ce3f49232acdc5b79c6ee8bfe86 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe579819.TMP
| MD5 | 7a43941fd1357dd19065d6143d190911 |
| SHA1 | f04aa45546c2a8cd7470a02fe1fc2b554f926700 |
| SHA256 | 5cf75f2b7f81bfa1aa9a79db5bad23f0fb868dbb3834a6aaabe2f05ba23cdfa9 |
| SHA512 | b59d3d60d4d2110b24284e141b9f7e970dcb29ddafd1e4489d5e6d77b5b1a33a8b09f5770bd3905e6ed69ad4937f407a2790f24cb6ea57b7ae7f44df3ad23b81 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 46a0df0b4fc4d91b1ff51f0e2cb1ac58 |
| SHA1 | c264914f744af7777165e66b3cf91737236f24a6 |
| SHA256 | d325db308f4bb8c51748c6b2d8b155116eda9239cb6b11e1a77042edb30d203e |
| SHA512 | 4fa1052303d053889ee04e36decedb486e5ad6fde642307e28d8ee8855141be99d578b4f49f521be77a966a800e904ec3869f83fe21753a897f0655aafb9bac2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | dd711231fd1c498b2bc88238e44c5e97 |
| SHA1 | a67071f485228e3f35123b4edec067bc19bccb97 |
| SHA256 | a1ff52c84c1fc6b259c97e46545364c2ad59414d76f618f4818f2d7f3641138f |
| SHA512 | 16b09f2d5ce37d4bef14864f1a523c064a3640e8d07f5abc22095c3a8ab5b09024f44e6bbec690ccc8f6c5a00385b51fb7ee3d1b22152bc2db0090616b26d901 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 0956db956f0ea781d2cb9004782793a0 |
| SHA1 | 64cef8f0b348bac4a37f7ac8b83116d123a35e26 |
| SHA256 | 6cdc5a6c3ad237d4ae9fc1ee591b802c1174446551e92f44fd983b0b93bb5a8b |
| SHA512 | 39992a83b74e0a4497e8ae7251949d9c6438034e7732cb71a33b449e6d83eda38dc79d710b693bd32f65f747b983143d8ca2e374742e98845c19800b9abeee99 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | c1e2157d90d209cd8af1582104f20541 |
| SHA1 | 4c61e20316f95c07056d5f79550a5d311d81fdd6 |
| SHA256 | ece59ad5b3e768b2648f23a1587e1c9924c93ae312265184958ea5ca36111c78 |
| SHA512 | d4a070e9c31351a14a4c3d918eea5c5a664f7c83f4caa0f406272d1de3a01993df883a944ecd915ef8695f5db5928f1dc361fc0b88e212671467f8ee54c3e3fa |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | b7eabda806d4d61523058ca4d02e5815 |
| SHA1 | b9845a98ed51b2e3bc353550bd5d55ff563e4826 |
| SHA256 | 415374376076364834e4f64242d22b377dfad0608525f8863f98212bd34c434f |
| SHA512 | 8552b6fa32e38c6ba4e8641753a9b3fc630b07d70cd120d535d17b9b2b22011429a44d6fba8d9932549f034b952bee0aa3a8f610f179627284cb6817cda57e9a |
C:\Users\Admin\Downloads\sp144692.exe
| MD5 | ed5a2b7c5381f9004b66ee20b3636b62 |
| SHA1 | cefdb07d7991676c82748721c529418709afc155 |
| SHA256 | e05417fe2655bce2fc99e413e5897821b4153cb8426644ab463b41dd1c9e7920 |
| SHA512 | 5736c2791b555d459aeb4050ab86cd4a90d6e11a6e18205f15a5eabf386caa1c19ec1cd909a3730c9532f2bb7862433bef02b37eb154206cee51b1e051c2377e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 856b1a787842809b0e77760a33204f2d |
| SHA1 | c4e37e158aacececd7acb551bceec76a339b8677 |
| SHA256 | 2a5a08a1d4d9a33aeef1fead597fc2aa28183a85dc30aad8cbb70845ee12645f |
| SHA512 | 6a55f8957ece6f8afb95dd916847c96cfe7dc51bde2984d5b83402e8e7bda35fea5c8819558cbe3d08be9e0add5f60d2c1d2e791f169aee0a69589f7c6c037e9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 4d1cb95d7e595a44fa274d8d2f02b091 |
| SHA1 | 6fd8c697c78a0530609a9f3b54c298459b9751c2 |
| SHA256 | 6edf5f10b007be07a4682b84a21071efd44a925c7b6edce44ab8bf111ec4a3c9 |
| SHA512 | d882257b9136a0273608f5ed879d005388fc1e00322f1e2cbed077fc1924be4177a2703513c76007695f07781c9533812d493f43d78d299cfd35e0595cacef39 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 6c411c143ebe44589caef842c9f193f8 |
| SHA1 | c7f067cf57cd341667c9a1b1f9995667d7bd894b |
| SHA256 | 4702bebaedcaacbd1d34db1e08d5c8604312f6aca35b9506f9991637980b1678 |
| SHA512 | 995aed5a8e7f970c11ed62726b11f79380c12cce950a6f893a72a03637622a4a3a33fb817c6a01e21437bf3544ede9b32ba07dce158d5bd11750478e0c94c77d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000037
| MD5 | 67145d1dd8c7201ad506c8734df41708 |
| SHA1 | 9f10d87858deb8ee394d47a6268494905ee9f0c0 |
| SHA256 | e0ebeeb232953726660519b937e1cadaf1cb2461e8c044044ff2e9a481f085a0 |
| SHA512 | cbf26927e90100331eb8cb94bbf4da6ab431e7dc4919ca6068e672cb07b2d938351d502770433707e98bbc506297fa221dced4fbaf3af92d281da7d18f80c95a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Caches
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b7db0b26b5660b717b199ac35cb533e3 |
| SHA1 | 4ef973d63d70dcba0de9379acd3ccefcac697b30 |
| SHA256 | dc782a4f73637f1dc58a6f25dbde1f8b250b86001b93c188152877d9f4de5fd3 |
| SHA512 | 38d04326d907338eb5e832ff36f6a95c02f28ab1c51ab912f926cdd27827a69a6e7e8a9701ce6dae3b6e7308c97d872016d1f99b4bbf163976e0de770a123688 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 24ebe8ca0028a5d2850b27d9ee187e7a |
| SHA1 | d04bff1d4de33274cf766151b3180df56f5ec571 |
| SHA256 | 0d89fe7a1f1b98d819a712bdc30211564c96170848304c49124f244de76a6d53 |
| SHA512 | a349a1287cbdb2227ebb5b711cd32a527985e189dc77486eba005452d7d1692fc4658aa62b458e28a5b148f8011508ae4a2f68038d1a60c9116e939c53f5db65 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | b866eb9e96f16d2e888fa8947a2b8471 |
| SHA1 | b111beb24409132db3fee5fbf5b4aa8bd1964dac |
| SHA256 | 12c3aa94a16bd9fab716ce7c8d1027f13032bafe44b3ef1d267fe75044fcbedd |
| SHA512 | 62539e57872351ba1a4e5951006ee1f5840538d95b2676c47a9c7e3a4a2174fb7cd95fbc4ca84794b125d5ef1f815ccb448eb2b938a90a9d752a3a193cf5098c |
C:\Users\Admin\Downloads\sp144692.exe
| MD5 | ed5a2b7c5381f9004b66ee20b3636b62 |
| SHA1 | cefdb07d7991676c82748721c529418709afc155 |
| SHA256 | e05417fe2655bce2fc99e413e5897821b4153cb8426644ab463b41dd1c9e7920 |
| SHA512 | 5736c2791b555d459aeb4050ab86cd4a90d6e11a6e18205f15a5eabf386caa1c19ec1cd909a3730c9532f2bb7862433bef02b37eb154206cee51b1e051c2377e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 7664db8ae89d45f31e82547fcb01ed45 |
| SHA1 | 3c0e210960fecc1af61cf0b15f45d1160fd1b3c7 |
| SHA256 | 5f910efc764952b0e9f0fda16400ff309eaa86196ee25b1bec41cc2f607a1b6c |
| SHA512 | 55da2e54a4c9ed4fd9318785d653184269bb1b56fadd7c06533b8c2f0258b7cc7829b577812428e56b577ea48c2d40b32ef0aaaea7a232c71c9682c472093fd0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | ed9da3d0ded61bd636aefeb4e2a476fa |
| SHA1 | 3bbf36035864ac4e05e768e96cc051ecd67d0fcd |
| SHA256 | 4c307f01ae7f29b97acae2859647c8a0e06aee3523adc81630269ec8b4662902 |
| SHA512 | 8e0da4a40e797e29ebd3fb12176d1f13ced4357ebad96218d728e8e482a0069dda40a4204fba9fcfa6bc1bb30613b3068db6676b31e8d5ba8738bb8dd8ec0bbc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe58aa74.TMP
| MD5 | 65537c92b5c1291060d11ed6b87871b7 |
| SHA1 | 16dc3b1766161f8a564c44124986a6d3e02a86c7 |
| SHA256 | a1e52a1862db5219c79d2a57e01a3369a876210e6dac8b6276351539aef8cc4d |
| SHA512 | a4394f2904d1d33434b33d82497aa3c32e477cd5c522a4e3ab47da3407f1ae454a62cab95f248d028af322510896138b58ce2270899008c100ab73db09e24439 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2e64c1696220836b556358a7e5f8132d |
| SHA1 | 2994302b8463c8139bf8d2b0b8725a5780d76994 |
| SHA256 | e08c1f36173f19ae360abfa175d2b77036b344d0a55c06889ec21fec5a325d21 |
| SHA512 | e5eda5d34c60c62d47b9fe63146d6e35126752e0a2ed6cdd29fced8360ad74cd78d2029327004b28d82efd6881c356903df9686bdab45dd5903bd4321f6e5c42 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | afc7ad7f160f895062fb434912c7c2f5 |
| SHA1 | 775cd0a3a9de3d5827ca8aeee525a893e5192ed5 |
| SHA256 | 045cb67b907a2438df3b557a9a5c545373523dafdf8035f5c69fac8365fc3c36 |
| SHA512 | b8172674f8257bc0cd1cad9314b51c8aa3ddd3751e44edd3947b3471a828401c9c3a71bddfa492e3f519d75f3ae96f6f2e879c4b0630dc6bcb5fd650fc18e697 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 68b0c97fdeef90d880eff90792b8c5e8 |
| SHA1 | 8051b12eaf8027e4cdc1768effc2718eae1b2cd6 |
| SHA256 | b0960f3d9e6e96ba95ec54e6bc492e5bfb9755c719a0002ab3d8a132f183f4c9 |
| SHA512 | c79463d3ca63fafafa208642c9cbb736cbf1488dcc9a2811a3f6e7517ca9035a499d5a2151b5e0eb837ebc08e64c4c153c73a857331c64845b60113134bea656 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 31e705b4a7d2e55b2472d7124417d5be |
| SHA1 | f2cfe0600e9328c092af21c98b07601723c58417 |
| SHA256 | e5aca057b48262adb72b5c1faa40de546fcb446b5be46293c9f7fe6633ecec6e |
| SHA512 | 517d57556de671391278a89f36006c29d9a2f492372e2d078bb881f4e157e00fe3b9efddab7e497196204047551c10e63af055c08414b3e5471d8fc6d87a079e |