Analysis Overview
Threat Level: Known bad
The file https://www.mediafire.com/file/ck3d9li0pnuh0td/LeagVMT.zip/file was found to be: Known bad.
Malicious Activity Summary
Lumma Stealer
Drops startup file
Checks computer location settings
Reads user/profile data of web browsers
Loads dropped DLL
Executes dropped EXE
Suspicious use of SendNotifyMessage
Suspicious behavior: LoadsDriver
Suspicious use of SetWindowsHookEx
Modifies data under HKEY_USERS
Enumerates processes with tasklist
Kills process with taskkill
Modifies registry class
Suspicious use of AdjustPrivilegeToken
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Enumerates system info in registry
Checks SCSI registry key(s)
Suspicious behavior: EnumeratesProcesses
Suspicious use of FindShellTrayWindow
Suspicious use of WriteProcessMemory
MITRE ATT&CK
Enterprise Matrix V6
Analysis: static1
Detonation Overview
Reported
2023-04-23 22:07
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2023-04-23 22:07
Reported
2023-04-23 22:11
Platform
win10v2004-20230220-es
Max time kernel
186s
Max time network
216s
Command Line
Signatures
Lumma Stealer
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\2Ol4e8rQz0h0wOoUdsfPrEXFdWg\zzzzz.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\2Ol4e8rQz0h0wOoUdsfPrEXFdWg\zzzzz.exe | N/A |
Drops startup file
| Description | Indicator | Process | Target |
| File created | C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Updater.exe | C:\Users\Admin\AppData\Local\Temp\2Ol4e8rQz0h0wOoUdsfPrEXFdWg\zzzzz.exe | N/A |
| File opened for modification | \??\c:\users\admin\appdata\roaming\microsoft\windows\start menu\programs\startup\updater.exe | C:\Windows\system32\taskmgr.exe | N/A |
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\2Ol4e8rQz0h0wOoUdsfPrEXFdWg\zzzzz.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\2Ol4e8rQz0h0wOoUdsfPrEXFdWg\zzzzz.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\2Ol4e8rQz0h0wOoUdsfPrEXFdWg\zzzzz.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\2Ol4e8rQz0h0wOoUdsfPrEXFdWg\zzzzz.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\2Ol4e8rQz0h0wOoUdsfPrEXFdWg\zzzzz.exe | N/A |
Loads dropped DLL
Reads user/profile data of web browsers
Checks SCSI registry key(s)
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000 | C:\Windows\system32\taskmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A | C:\Windows\system32\taskmgr.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\FriendlyName | C:\Windows\system32\taskmgr.exe | N/A |
Enumerates processes with tasklist
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\tasklist.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\tasklist.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\tasklist.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\tasklist.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Kills process with taskkill
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\taskkill.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\taskkill.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133267684789995536" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\0\0 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\Mode = "1" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\FFlags = "1" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259} | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupView = "4294967295" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\FFlags = "1" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4336a54d-038b-4685-ab02-99bb52d3fb8b}\Instance\ | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\MRUListEx = ffffffff | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0a00000001000000 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 0000000001000000ffffffff | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000_Classes\Local Settings | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\0 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\LogicalViewMode = "3" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\NodeSlot = "5" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\GroupByDirection = "1" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\MRUListEx = 0100000000000000ffffffff | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\Shell\KnownFolderDerivedFolderType = "{885A186E-A440-4ADA-812B-DB871B942259}" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\GroupByKey:FMTID = "{00000000-0000-0000-0000-000000000000}" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\Shell\SniffedFolderType = "Downloads" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 0100000000000000ffffffff | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\FFlags = "1092616257" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\Mode = "4" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\0\0\0 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1 = 3a001f44471a0359723fa74489c55595fe6b30ee260001002600efbe10000000b0012c226c45d901cdd146727c45d901601a01334176d90114000000 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\IconSize = "48" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupByKey:PID = "14" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 02020202 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3} | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\GroupByKey:PID = "0" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\LogicalViewMode = "1" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\IconSize = "16" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a0000001001000030f125b7ef471a10a5f102608c9eebac0e0000009000000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupByDirection = "4294967295" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a000000a000000030f125b7ef471a10a5f102608c9eebac0e0000009000000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000_Classes\Local Settings | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\Instance\ | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\MRUListEx = 0000000001000000ffffffff | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\1\NodeSlot = "4" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\FFlags = "1092616257" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 020202 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\1 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0e000000ffffffff | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 00000000ffffffff | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\Shell | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 0202020202 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\GroupView = "0" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2275444769-3691835758-4097679484-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupByKey:FMTID = "{B725F130-47EF-101A-A5F1-02608C9EEBAC}" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: LoadsDriver
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "--simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT'" https://www.mediafire.com/file/ck3d9li0pnuh0td/LeagVMT.zip/file
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9d3549758,0x7ff9d3549768,0x7ff9d3549778
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1796 --field-trial-handle=1812,i,2155446500317957721,13966020005770145087,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2172 --field-trial-handle=1812,i,2155446500317957721,13966020005770145087,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2244 --field-trial-handle=1812,i,2155446500317957721,13966020005770145087,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3136 --field-trial-handle=1812,i,2155446500317957721,13966020005770145087,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3156 --field-trial-handle=1812,i,2155446500317957721,13966020005770145087,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4612 --field-trial-handle=1812,i,2155446500317957721,13966020005770145087,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=5000 --field-trial-handle=1812,i,2155446500317957721,13966020005770145087,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=5156 --field-trial-handle=1812,i,2155446500317957721,13966020005770145087,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=5680 --field-trial-handle=1812,i,2155446500317957721,13966020005770145087,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=5640 --field-trial-handle=1812,i,2155446500317957721,13966020005770145087,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=6256 --field-trial-handle=1812,i,2155446500317957721,13966020005770145087,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=5912 --field-trial-handle=1812,i,2155446500317957721,13966020005770145087,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=5796 --field-trial-handle=1812,i,2155446500317957721,13966020005770145087,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=6392 --field-trial-handle=1812,i,2155446500317957721,13966020005770145087,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=6756 --field-trial-handle=1812,i,2155446500317957721,13966020005770145087,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=6748 --field-trial-handle=1812,i,2155446500317957721,13966020005770145087,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6228 --field-trial-handle=1812,i,2155446500317957721,13966020005770145087,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5912 --field-trial-handle=1812,i,2155446500317957721,13966020005770145087,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6480 --field-trial-handle=1812,i,2155446500317957721,13966020005770145087,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=5632 --field-trial-handle=1812,i,2155446500317957721,13966020005770145087,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=5516 --field-trial-handle=1812,i,2155446500317957721,13966020005770145087,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6328 --field-trial-handle=1812,i,2155446500317957721,13966020005770145087,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5312 --field-trial-handle=1812,i,2155446500317957721,13966020005770145087,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5112 --field-trial-handle=1812,i,2155446500317957721,13966020005770145087,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=6660 --field-trial-handle=1812,i,2155446500317957721,13966020005770145087,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=27 --mojo-platform-channel-handle=7164 --field-trial-handle=1812,i,2155446500317957721,13966020005770145087,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=6920 --field-trial-handle=1812,i,2155446500317957721,13966020005770145087,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=28 --mojo-platform-channel-handle=5888 --field-trial-handle=1812,i,2155446500317957721,13966020005770145087,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=30 --mojo-platform-channel-handle=6748 --field-trial-handle=1812,i,2155446500317957721,13966020005770145087,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=31 --mojo-platform-channel-handle=7352 --field-trial-handle=1812,i,2155446500317957721,13966020005770145087,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=32 --mojo-platform-channel-handle=7364 --field-trial-handle=1812,i,2155446500317957721,13966020005770145087,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6980 --field-trial-handle=1812,i,2155446500317957721,13966020005770145087,131072 /prefetch:8
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=34 --mojo-platform-channel-handle=4624 --field-trial-handle=1812,i,2155446500317957721,13966020005770145087,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=35 --mojo-platform-channel-handle=6524 --field-trial-handle=1812,i,2155446500317957721,13966020005770145087,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=36 --mojo-platform-channel-handle=5484 --field-trial-handle=1812,i,2155446500317957721,13966020005770145087,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=37 --mojo-platform-channel-handle=4692 --field-trial-handle=1812,i,2155446500317957721,13966020005770145087,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=38 --mojo-platform-channel-handle=7804 --field-trial-handle=1812,i,2155446500317957721,13966020005770145087,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=39 --mojo-platform-channel-handle=7812 --field-trial-handle=1812,i,2155446500317957721,13966020005770145087,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=40 --mojo-platform-channel-handle=7788 --field-trial-handle=1812,i,2155446500317957721,13966020005770145087,131072 /prefetch:1
C:\Users\Admin\Downloads\LeagVMT\LeagVMT.exe
"C:\Users\Admin\Downloads\LeagVMT\LeagVMT.exe"
C:\Users\Admin\AppData\Local\Temp\2Ol4e8rQz0h0wOoUdsfPrEXFdWg\zzzzz.exe
C:\Users\Admin\AppData\Local\Temp\2Ol4e8rQz0h0wOoUdsfPrEXFdWg\zzzzz.exe
C:\Windows\system32\taskmgr.exe
"C:\Windows\system32\taskmgr.exe" /4
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=41 --mojo-platform-channel-handle=6440 --field-trial-handle=1812,i,2155446500317957721,13966020005770145087,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=42 --mojo-platform-channel-handle=8064 --field-trial-handle=1812,i,2155446500317957721,13966020005770145087,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=43 --mojo-platform-channel-handle=6340 --field-trial-handle=1812,i,2155446500317957721,13966020005770145087,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=44 --mojo-platform-channel-handle=7632 --field-trial-handle=1812,i,2155446500317957721,13966020005770145087,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=45 --mojo-platform-channel-handle=8652 --field-trial-handle=1812,i,2155446500317957721,13966020005770145087,131072 /prefetch:1
C:\Users\Admin\AppData\Local\Temp\2Ol4e8rQz0h0wOoUdsfPrEXFdWg\zzzzz.exe
"C:\Users\Admin\AppData\Local\Temp\2Ol4e8rQz0h0wOoUdsfPrEXFdWg\zzzzz.exe" --type=gpu-process --user-data-dir="C:\Users\Admin\AppData\Roaming\index" --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAABgAAAAAAAAAGAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1688 --field-trial-handle=1692,i,4732502768568810646,7134789529037838878,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6624 --field-trial-handle=1812,i,2155446500317957721,13966020005770145087,131072 /prefetch:2
C:\Users\Admin\AppData\Local\Temp\2Ol4e8rQz0h0wOoUdsfPrEXFdWg\zzzzz.exe
"C:\Users\Admin\AppData\Local\Temp\2Ol4e8rQz0h0wOoUdsfPrEXFdWg\zzzzz.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=es --service-sandbox-type=none --user-data-dir="C:\Users\Admin\AppData\Roaming\index" --mojo-platform-channel-handle=2156 --field-trial-handle=1692,i,4732502768568810646,7134789529037838878,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:8
C:\Users\Admin\AppData\Local\Temp\2Ol4e8rQz0h0wOoUdsfPrEXFdWg\zzzzz.exe
"C:\Users\Admin\AppData\Local\Temp\2Ol4e8rQz0h0wOoUdsfPrEXFdWg\zzzzz.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\index" --app-path="C:\Users\Admin\AppData\Local\Temp\2Ol4e8rQz0h0wOoUdsfPrEXFdWg\resources\app.asar" --no-sandbox --no-zygote --first-renderer-process --lang=es --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=4 --mojo-platform-channel-handle=2340 --field-trial-handle=1692,i,4732502768568810646,7134789529037838878,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=47 --mojo-platform-channel-handle=8036 --field-trial-handle=1812,i,2155446500317957721,13966020005770145087,131072 /prefetch:1
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist"
C:\Windows\SysWOW64\tasklist.exe
tasklist
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "taskkill /IM chrome.exe /F"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=48 --mojo-platform-channel-handle=8524 --field-trial-handle=1812,i,2155446500317957721,13966020005770145087,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5364 --field-trial-handle=1812,i,2155446500317957721,13966020005770145087,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6556 --field-trial-handle=1812,i,2155446500317957721,13966020005770145087,131072 /prefetch:8
C:\Windows\SysWOW64\taskkill.exe
taskkill /IM chrome.exe /F
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist"
C:\Windows\SysWOW64\tasklist.exe
tasklist
C:\Users\Admin\Downloads\LeagVMT\LeagVMT.exe
"C:\Users\Admin\Downloads\LeagVMT\LeagVMT.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x124,0x128,0x12c,0x100,0x130,0x7ff9d3569758,0x7ff9d3569768,0x7ff9d3569778
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2032 --field-trial-handle=1840,i,2403372452301438382,15248813545010540416,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2284 --field-trial-handle=1840,i,2403372452301438382,15248813545010540416,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3012 --field-trial-handle=1840,i,2403372452301438382,15248813545010540416,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3000 --field-trial-handle=1840,i,2403372452301438382,15248813545010540416,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1764 --field-trial-handle=1840,i,2403372452301438382,15248813545010540416,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4548 --field-trial-handle=1840,i,2403372452301438382,15248813545010540416,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4780 --field-trial-handle=1840,i,2403372452301438382,15248813545010540416,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4696 --field-trial-handle=1840,i,2403372452301438382,15248813545010540416,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5060 --field-trial-handle=1840,i,2403372452301438382,15248813545010540416,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5228 --field-trial-handle=1840,i,2403372452301438382,15248813545010540416,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5324 --field-trial-handle=1840,i,2403372452301438382,15248813545010540416,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=5352 --field-trial-handle=1840,i,2403372452301438382,15248813545010540416,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=3300 --field-trial-handle=1840,i,2403372452301438382,15248813545010540416,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3352 --field-trial-handle=1840,i,2403372452301438382,15248813545010540416,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3948 --field-trial-handle=1840,i,2403372452301438382,15248813545010540416,131072 /prefetch:8
C:\Users\Admin\AppData\Local\Temp\2Ol4e8rQz0h0wOoUdsfPrEXFdWg\zzzzz.exe
C:\Users\Admin\AppData\Local\Temp\2Ol4e8rQz0h0wOoUdsfPrEXFdWg\zzzzz.exe
C:\Users\Admin\AppData\Local\Temp\2Ol4e8rQz0h0wOoUdsfPrEXFdWg\zzzzz.exe
"C:\Users\Admin\AppData\Local\Temp\2Ol4e8rQz0h0wOoUdsfPrEXFdWg\zzzzz.exe" --type=gpu-process --user-data-dir="C:\Users\Admin\AppData\Roaming\index" --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAABgAAAAAAAAAGAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1748 --field-trial-handle=1752,i,3162908810422308612,713171660751473837,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:2
C:\Users\Admin\AppData\Local\Temp\2Ol4e8rQz0h0wOoUdsfPrEXFdWg\zzzzz.exe
"C:\Users\Admin\AppData\Local\Temp\2Ol4e8rQz0h0wOoUdsfPrEXFdWg\zzzzz.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=es --service-sandbox-type=none --user-data-dir="C:\Users\Admin\AppData\Roaming\index" --mojo-platform-channel-handle=2044 --field-trial-handle=1752,i,3162908810422308612,713171660751473837,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:8
C:\Users\Admin\AppData\Local\Temp\2Ol4e8rQz0h0wOoUdsfPrEXFdWg\zzzzz.exe
"C:\Users\Admin\AppData\Local\Temp\2Ol4e8rQz0h0wOoUdsfPrEXFdWg\zzzzz.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\index" --app-path="C:\Users\Admin\AppData\Local\Temp\2Ol4e8rQz0h0wOoUdsfPrEXFdWg\resources\app.asar" --no-sandbox --no-zygote --first-renderer-process --lang=es --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=4 --mojo-platform-channel-handle=2252 --field-trial-handle=1752,i,3162908810422308612,713171660751473837,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist"
C:\Windows\SysWOW64\tasklist.exe
tasklist
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "taskkill /IM chrome.exe /F"
C:\Windows\SysWOW64\taskkill.exe
taskkill /IM chrome.exe /F
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /d /s /c "tasklist"
C:\Windows\SysWOW64\tasklist.exe
tasklist
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 209.205.72.20.in-addr.arpa | udp |
| US | 117.18.237.29:80 | tcp | |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 104.16.54.48:443 | www.mediafire.com | tcp |
| US | 8.8.8.8:53 | 2.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 250.255.255.239.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 202.23.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | btloader.com | udp |
| US | 104.26.6.139:443 | btloader.com | tcp |
| US | 8.8.8.8:53 | translate.google.com | udp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 8.8.8.8:53 | fundingchoicesmessages.google.com | udp |
| US | 8.8.8.8:53 | cdn.amplitude.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| NL | 142.250.179.206:443 | fundingchoicesmessages.google.com | tcp |
| NL | 142.250.179.206:443 | fundingchoicesmessages.google.com | tcp |
| US | 8.8.8.8:53 | static.mediafire.com | udp |
| DE | 52.222.206.6:443 | cdn.amplitude.com | tcp |
| US | 104.16.57.101:443 | static.cloudflareinsights.com | tcp |
| DE | 172.217.23.194:443 | securepubads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | cdn.otnolatrnup.com | udp |
| US | 104.19.215.37:443 | cdn.otnolatrnup.com | tcp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| NL | 142.250.179.170:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | hbopenbid.pubmatic.com | udp |
| US | 8.8.8.8:53 | prebid.media.net | udp |
| US | 8.8.8.8:53 | btlr.sharethrough.com | udp |
| US | 34.107.148.139:443 | prebid.media.net | tcp |
| SG | 103.231.98.193:443 | hbopenbid.pubmatic.com | tcp |
| SG | 54.169.225.222:443 | btlr.sharethrough.com | tcp |
| SG | 54.169.225.222:443 | btlr.sharethrough.com | tcp |
| SG | 54.169.225.222:443 | btlr.sharethrough.com | tcp |
| SG | 54.169.225.222:443 | btlr.sharethrough.com | tcp |
| SG | 54.169.225.222:443 | btlr.sharethrough.com | tcp |
| US | 8.8.8.8:53 | ad-delivery.net | udp |
| US | 8.8.8.8:53 | 48.54.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 139.6.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 101.57.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.23.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | translate.googleapis.com | udp |
| US | 8.8.8.8:53 | 6.206.222.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 29.214.204.143.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 37.215.19.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 170.179.250.142.in-addr.arpa | udp |
| US | 172.67.69.19:443 | ad-delivery.net | tcp |
| US | 172.67.69.19:443 | ad-delivery.net | tcp |
| NL | 142.250.179.206:443 | fundingchoicesmessages.google.com | udp |
| NL | 142.250.179.206:443 | fundingchoicesmessages.google.com | tcp |
| NL | 172.217.168.202:443 | translate.googleapis.com | tcp |
| SG | 103.231.98.193:443 | hbopenbid.pubmatic.com | tcp |
| SG | 54.169.225.222:443 | btlr.sharethrough.com | tcp |
| NL | 142.250.179.206:443 | fundingchoicesmessages.google.com | udp |
| DE | 172.217.23.194:443 | securepubads.g.doubleclick.net | udp |
| DE | 172.217.23.194:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | api.btloader.com | udp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| US | 8.8.8.8:53 | api.amplitude.com | udp |
| US | 34.209.118.186:443 | api.amplitude.com | tcp |
| US | 8.8.8.8:53 | otnolatrnup.com | udp |
| US | 8.8.8.8:53 | lh3.googleusercontent.com | udp |
| NL | 142.251.36.1:443 | lh3.googleusercontent.com | tcp |
| US | 8.8.8.8:53 | 139.148.107.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.69.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 202.168.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 222.225.169.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 193.98.231.103.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.23.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.23.211.130.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.23.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 186.118.209.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.208.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.36.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | translate-pa.googleapis.com | udp |
| NL | 142.250.179.170:443 | translate-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| NL | 142.250.102.154:443 | stats.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | 2458372bf3769cfe1612513d5c75653d.safeframe.googlesyndication.com | udp |
| NL | 142.250.179.161:443 | 2458372bf3769cfe1612513d5c75653d.safeframe.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | 131.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 154.102.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.168.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 161.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.168.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | www.googletagservices.com | udp |
| NL | 142.250.179.162:443 | www.googletagservices.com | tcp |
| NL | 142.251.36.2:443 | googleads.g.doubleclick.net | tcp |
| NL | 142.251.36.2:443 | googleads.g.doubleclick.net | tcp |
| NL | 142.251.36.2:443 | googleads.g.doubleclick.net | tcp |
| NL | 142.250.179.162:443 | www.googletagservices.com | udp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | dsum-sec.casalemedia.com | udp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| NL | 185.89.210.212:443 | ib.adnxs.com | tcp |
| NL | 142.250.179.130:443 | cm.g.doubleclick.net | tcp |
| NL | 142.250.179.130:443 | cm.g.doubleclick.net | tcp |
| CA | 185.80.39.216:443 | dsum-sec.casalemedia.com | tcp |
| NL | 142.251.36.2:443 | googleads.g.doubleclick.net | udp |
| NL | 142.250.179.130:443 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | s0.2mdn.net | udp |
| CA | 185.80.39.216:443 | dsum-sec.casalemedia.com | tcp |
| NL | 142.250.179.134:443 | s0.2mdn.net | tcp |
| NL | 142.251.36.1:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 98.39.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 162.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.36.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 212.210.89.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 130.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 216.39.80.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 134.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | download2279.mediafire.com | udp |
| US | 199.91.155.20:443 | download2279.mediafire.com | tcp |
| US | 199.91.155.20:443 | download2279.mediafire.com | tcp |
| US | 8.8.8.8:53 | googleads4.g.doubleclick.net | udp |
| NL | 142.250.179.134:443 | s0.2mdn.net | udp |
| NL | 142.251.36.2:443 | googleads4.g.doubleclick.net | tcp |
| NL | 142.251.36.2:443 | googleads4.g.doubleclick.net | tcp |
| NL | 142.251.36.2:443 | googleads4.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | 20.155.91.199.in-addr.arpa | udp |
| NL | 142.251.36.2:443 | googleads4.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | ads.pubmatic.com | udp |
| US | 8.8.8.8:53 | contextual.media.net | udp |
| NL | 173.223.112.20:443 | contextual.media.net | tcp |
| US | 8.8.8.8:53 | idsync.rlcdn.com | udp |
| US | 8.8.8.8:53 | x.bidswitch.net | udp |
| US | 8.8.8.8:53 | sync-tm.everesttech.net | udp |
| US | 8.8.8.8:53 | b1sync.zemanta.com | udp |
| US | 8.8.8.8:53 | sync.adkernel.com | udp |
| US | 8.8.8.8:53 | b1sync.zemanta.com | tcp |
| US | 35.190.60.146:443 | idsync.rlcdn.com | tcp |
| US | 151.101.2.49:443 | sync-tm.everesttech.net | tcp |
| DE | 184.30.16.195:443 | ads.pubmatic.com | tcp |
| JP | 35.213.12.39:443 | x.bidswitch.net | tcp |
| NL | 77.245.57.72:443 | sync.adkernel.com | tcp |
| JP | 35.213.12.39:443 | x.bidswitch.net | tcp |
| US | 8.8.8.8:53 | gum.criteo.com | udp |
| US | 8.8.8.8:53 | p.rfihub.com | udp |
| JP | 35.213.12.39:443 | x.bidswitch.net | tcp |
| US | 8.8.8.8:53 | c21lg-d.media.net | udp |
| FR | 178.250.7.13:443 | gum.criteo.com | tcp |
| US | 8.8.8.8:53 | sync.go.sonobi.com | udp |
| US | 8.8.8.8:53 | dis.criteo.com | udp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| US | 8.8.8.8:53 | creativecdn.com | udp |
| US | 64.202.112.191:443 | b1sync.zemanta.com | tcp |
| US | 8.8.8.8:53 | rtb.mfadsrvr.com | udp |
| US | 64.202.112.191:443 | b1sync.zemanta.com | tcp |
| US | 52.223.40.198:443 | match.adsrvr.org | tcp |
| US | 74.119.119.150:443 | dis.criteo.com | tcp |
| US | 64.202.112.191:443 | b1sync.zemanta.com | tcp |
| NL | 185.184.8.90:443 | creativecdn.com | tcp |
| US | 8.8.8.8:53 | cs.media.net | udp |
| US | 35.190.60.146:443 | idsync.rlcdn.com | udp |
| GB | 23.44.232.24:443 | cs.media.net | tcp |
| NL | 193.0.160.131:443 | p.rfihub.com | tcp |
| US | 69.166.1.10:443 | sync.go.sonobi.com | tcp |
| GB | 23.44.232.24:443 | cs.media.net | tcp |
| DE | 3.124.231.178:443 | rtb.mfadsrvr.com | tcp |
| US | 8.8.8.8:53 | pippio.com | udp |
| US | 8.8.8.8:53 | 20.112.223.173.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 49.2.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 146.60.190.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.16.30.184.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 72.57.245.77.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.7.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 39.12.213.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.40.223.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 191.112.202.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.8.184.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.160.0.193.in-addr.arpa | udp |
| US | 107.178.254.65:443 | pippio.com | tcp |
| US | 8.8.8.8:53 | stags.bluekai.com | udp |
| NL | 173.223.113.181:443 | stags.bluekai.com | tcp |
| NL | 185.89.210.212:443 | ib.adnxs.com | tcp |
| CA | 185.80.39.216:443 | dsum-sec.casalemedia.com | tcp |
| CA | 185.80.39.216:443 | dsum-sec.casalemedia.com | tcp |
| US | 107.178.254.65:443 | pippio.com | udp |
| US | 8.8.8.8:53 | widget.as.criteo.com | udp |
| SG | 182.161.73.146:443 | widget.as.criteo.com | tcp |
| US | 8.8.8.8:53 | match.sharethrough.com | udp |
| SG | 18.136.177.86:443 | match.sharethrough.com | tcp |
| SG | 18.136.177.86:443 | match.sharethrough.com | tcp |
| US | 8.8.8.8:53 | tags.rd.linksynergy.com | udp |
| US | 34.98.67.3:443 | tags.rd.linksynergy.com | tcp |
| US | 8.8.8.8:53 | image6.pubmatic.com | udp |
| SG | 182.161.73.146:443 | widget.as.criteo.com | tcp |
| GB | 185.64.190.78:443 | image6.pubmatic.com | tcp |
| US | 8.8.8.8:53 | 24.232.44.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 150.119.119.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 178.231.124.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.1.166.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 181.113.223.173.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 65.254.178.107.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.21.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.67.98.34.in-addr.arpa | udp |
| SG | 18.136.177.86:443 | match.sharethrough.com | tcp |
| US | 8.8.8.8:53 | sync.mathtag.com | udp |
| US | 8.8.8.8:53 | d5p.de17a.com | udp |
| HK | 103.229.206.241:443 | sync.mathtag.com | tcp |
| SE | 213.155.156.180:443 | d5p.de17a.com | tcp |
| HK | 103.229.206.241:443 | sync.mathtag.com | tcp |
| US | 8.8.8.8:53 | image2.pubmatic.com | udp |
| SG | 67.199.150.86:443 | image2.pubmatic.com | tcp |
| US | 8.8.8.8:53 | cms.quantserve.com | udp |
| US | 8.8.8.8:53 | 78.190.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 146.73.161.182.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.177.136.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 180.156.155.213.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 241.206.229.103.in-addr.arpa | udp |
| US | 8.8.8.8:53 | simage2.pubmatic.com | udp |
| SG | 103.229.10.192:443 | cms.quantserve.com | tcp |
| SG | 67.199.150.86:443 | simage2.pubmatic.com | tcp |
| SG | 67.199.150.86:443 | simage2.pubmatic.com | tcp |
| US | 8.8.8.8:53 | sync.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | a.audrte.com | udp |
| US | 8.8.8.8:53 | cr.frontend.weborama.fr | udp |
| US | 8.8.8.8:53 | um.simpli.fi | udp |
| US | 8.8.8.8:53 | c1.adform.net | udp |
| US | 34.192.88.152:443 | a.audrte.com | tcp |
| SG | 54.179.141.118:443 | sync.crwdcntrl.net | tcp |
| US | 34.111.129.221:443 | cr.frontend.weborama.fr | tcp |
| DK | 37.157.2.237:443 | c1.adform.net | tcp |
| NL | 34.91.62.186:443 | um.simpli.fi | tcp |
| SG | 103.229.10.192:443 | cms.quantserve.com | tcp |
| SG | 67.199.150.86:443 | simage2.pubmatic.com | tcp |
| SG | 67.199.150.86:443 | simage2.pubmatic.com | tcp |
| SG | 67.199.150.86:443 | simage2.pubmatic.com | tcp |
| SG | 67.199.150.86:443 | simage2.pubmatic.com | tcp |
| US | 34.111.129.221:443 | cr.frontend.weborama.fr | udp |
| SG | 67.199.150.86:443 | simage2.pubmatic.com | tcp |
| SG | 54.179.141.118:443 | sync.crwdcntrl.net | tcp |
| SG | 67.199.150.86:443 | simage2.pubmatic.com | tcp |
| US | 8.8.8.8:53 | dmp.adform.net | udp |
| DK | 37.157.3.28:443 | dmp.adform.net | tcp |
| US | 8.8.8.8:53 | 86.150.199.67.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 221.129.111.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 237.2.157.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 152.88.192.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 118.141.179.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 186.62.91.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 192.10.229.103.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 28.3.157.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | simage4.pubmatic.com | udp |
| SG | 207.65.33.76:443 | simage4.pubmatic.com | tcp |
| SG | 207.65.33.76:443 | simage4.pubmatic.com | tcp |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| NL | 142.251.36.46:443 | clients2.google.com | tcp |
| US | 8.8.8.8:53 | 46.36.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 76.33.65.207.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| NL | 172.217.168.202:443 | translate-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | 104.219.191.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| US | 8.8.8.8:53 | ade.googlesyndication.com | udp |
| US | 52.152.108.96:443 | tcp | |
| FR | 40.79.141.153:443 | tcp | |
| US | 209.197.3.8:80 | tcp | |
| US | 209.197.3.8:80 | tcp | |
| FR | 178.250.7.13:443 | gum.criteo.com | tcp |
| US | 8.8.8.8:53 | match.deepintent.com | udp |
| US | 8.8.8.8:53 | onetag-sys.com | udp |
| DE | 51.38.120.206:443 | onetag-sys.com | tcp |
| US | 38.91.45.7:443 | match.deepintent.com | tcp |
| US | 8.8.8.8:53 | pixel-eu.rubiconproject.com | udp |
| NL | 185.89.210.212:443 | ib.adnxs.com | tcp |
| US | 8.8.8.8:53 | pixel.rubiconproject.com | udp |
| US | 8.8.8.8:53 | ssbsync-global.smartadserver.com | udp |
| US | 8.8.8.8:53 | id.rlcdn.com | udp |
| US | 8.8.8.8:53 | image8.pubmatic.com | udp |
| US | 8.8.8.8:53 | ups.analytics.yahoo.com | udp |
| US | 8.8.8.8:53 | hbx.media.net | udp |
| NL | 213.19.162.80:443 | pixel.rubiconproject.com | tcp |
| NL | 213.19.162.90:443 | pixel.rubiconproject.com | tcp |
| DE | 3.71.149.231:443 | ups.analytics.yahoo.com | tcp |
| FR | 185.86.139.103:443 | ssbsync-global.smartadserver.com | tcp |
| SG | 67.199.150.82:443 | image8.pubmatic.com | tcp |
| GB | 23.44.232.24:443 | hbx.media.net | tcp |
| US | 8.8.8.8:53 | s.amazon-adsystem.com | udp |
| US | 209.54.182.161:443 | s.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | 206.120.38.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 7.45.91.38.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 80.162.19.213.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 103.139.86.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 231.149.71.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.162.19.213.in-addr.arpa | udp |
| SG | 67.199.150.82:443 | image8.pubmatic.com | tcp |
| US | 8.8.8.8:53 | 161.182.54.209.in-addr.arpa | udp |
| US | 8.8.8.8:53 | aax-eu.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | dsp.adfarm1.adition.com | udp |
| US | 8.8.8.8:53 | 82.150.199.67.in-addr.arpa | udp |
| IE | 52.95.126.160:443 | aax-eu.amazon-adsystem.com | tcp |
| DE | 85.114.159.93:443 | dsp.adfarm1.adition.com | tcp |
| US | 8.8.8.8:53 | sync.srv.stackadapt.com | udp |
| US | 8.8.8.8:53 | match.prod.bidr.io | udp |
| US | 54.80.169.87:443 | sync.srv.stackadapt.com | tcp |
| JP | 52.196.122.2:443 | match.prod.bidr.io | tcp |
| US | 8.8.8.8:53 | mwzeom.zeotap.com | udp |
| US | 8.8.8.8:53 | pr-bh.ybp.yahoo.com | udp |
| US | 8.8.8.8:53 | uipglob.semasio.net | udp |
| US | 8.8.8.8:53 | pixel-sync.sitescout.com | udp |
| US | 8.8.8.8:53 | pixel.onaudience.com | udp |
| US | 8.8.8.8:53 | pubmatic-match.dotomi.com | udp |
| US | 104.22.24.87:443 | mwzeom.zeotap.com | tcp |
| IE | 54.78.120.75:443 | pr-bh.ybp.yahoo.com | tcp |
| FR | 141.94.171.216:443 | pixel.onaudience.com | tcp |
| NL | 98.98.134.243:443 | pixel-sync.sitescout.com | tcp |
| NL | 89.207.16.201:443 | pubmatic-match.dotomi.com | tcp |
| HK | 119.9.108.211:443 | uipglob.semasio.net | tcp |
| US | 8.8.8.8:53 | image4.pubmatic.com | udp |
| JP | 52.196.122.2:443 | match.prod.bidr.io | tcp |
| HK | 119.9.108.211:443 | uipglob.semasio.net | tcp |
| US | 8.8.8.8:53 | tags.bluekai.com | udp |
| US | 8.8.8.8:53 | odr.mookie1.com | udp |
| US | 34.111.79.67:443 | odr.mookie1.com | tcp |
| US | 8.8.8.8:53 | 160.126.95.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 87.169.80.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 87.24.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 216.171.94.141.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 201.16.207.89.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 243.134.98.98.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.122.196.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 75.120.78.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 211.108.9.119.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 93.159.114.85.in-addr.arpa | udp |
| US | 8.8.8.8:53 | uipus.semasio.net | udp |
| US | 50.57.31.206:443 | uipus.semasio.net | tcp |
| US | 8.8.8.8:53 | 67.79.111.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.31.57.50.in-addr.arpa | udp |
| US | 8.8.8.8:53 | bh.contextweb.com | udp |
| US | 74.214.196.131:443 | bh.contextweb.com | tcp |
| US | 8.8.8.8:53 | rtb-csync.smartadserver.com | udp |
| FR | 185.86.138.155:443 | rtb-csync.smartadserver.com | tcp |
| US | 8.8.8.8:53 | 131.196.214.74.in-addr.arpa | udp |
| NL | 173.223.113.164:443 | tcp | |
| NL | 173.223.113.131:80 | tcp | |
| US | 204.79.197.203:80 | api.msn.com | tcp |
| US | 8.8.8.8:53 | 155.138.86.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.39.242.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.36.159.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.23.85.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ade.googlesyndication.com | udp |
| NL | 142.251.36.2:443 | ade.googlesyndication.com | udp |
| US | 209.197.3.8:80 | tcp | |
| US | 8.8.8.8:53 | gum.criteo.com | udp |
| US | 8.8.8.8:53 | bttrack.com | udp |
| US | 8.8.8.8:53 | aid.send.microad.jp | udp |
| FR | 178.250.7.13:443 | gum.criteo.com | tcp |
| US | 192.132.33.46:443 | bttrack.com | tcp |
| JP | 202.233.84.1:443 | aid.send.microad.jp | tcp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| NL | 216.58.214.3:443 | beacons.gcp.gvt2.com | tcp |
| NL | 216.58.214.3:443 | beacons.gcp.gvt2.com | tcp |
| NL | 216.58.214.3:443 | beacons.gcp.gvt2.com | tcp |
| NL | 216.58.214.3:443 | beacons.gcp.gvt2.com | tcp |
| JP | 202.233.84.1:443 | aid.send.microad.jp | tcp |
| US | 8.8.8.8:53 | 46.33.132.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.214.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.84.233.202.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ipac.ctnsnet.com | udp |
| US | 35.186.193.173:443 | ipac.ctnsnet.com | tcp |
| US | 8.8.8.8:53 | core.iprom.net | udp |
| SI | 195.5.165.20:443 | core.iprom.net | tcp |
| US | 8.8.8.8:53 | a.tribalfusion.com | udp |
| US | 8.8.8.8:53 | apps.identrust.com | udp |
| US | 104.18.25.173:443 | a.tribalfusion.com | tcp |
| US | 8.8.8.8:53 | csync.loopme.me | udp |
| NL | 35.214.153.92:443 | csync.loopme.me | tcp |
| NL | 88.221.25.169:80 | apps.identrust.com | tcp |
| US | 8.8.8.8:53 | cm.adgrx.com | udp |
| NL | 88.221.25.169:80 | apps.identrust.com | tcp |
| NL | 173.231.181.122:443 | cm.adgrx.com | tcp |
| US | 8.8.8.8:53 | ad.mrtnsvr.com | udp |
| US | 34.102.163.6:443 | ad.mrtnsvr.com | tcp |
| US | 8.8.8.8:53 | s.tribalfusion.com | udp |
| US | 8.8.8.8:53 | ad.turn.com | udp |
| US | 8.8.8.8:53 | ads.playground.xyz | udp |
| US | 8.8.8.8:53 | match.adsby.bidtheatre.com | udp |
| US | 34.102.253.54:443 | ads.playground.xyz | tcp |
| NL | 46.228.164.11:443 | ad.turn.com | tcp |
| NL | 64.227.64.62:443 | match.adsby.bidtheatre.com | tcp |
| US | 8.8.8.8:53 | 173.193.186.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 173.25.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 92.153.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 169.25.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 122.181.231.173.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 20.165.5.195.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 6.163.102.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | secure.adnxs.com | udp |
| NL | 185.89.210.141:443 | secure.adnxs.com | tcp |
| US | 8.8.8.8:53 | 54.253.102.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.164.228.46.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 141.210.89.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 62.64.227.64.in-addr.arpa | udp |
| NL | 142.251.36.2:443 | ade.googlesyndication.com | udp |
| FR | 178.250.7.13:443 | gum.criteo.com | tcp |
| US | 8.8.8.8:53 | trace.mediago.io | udp |
| US | 35.208.249.213:443 | trace.mediago.io | tcp |
| NL | 35.214.153.92:443 | csync.loopme.me | tcp |
| US | 8.8.8.8:53 | 213.249.208.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cm-supply-web.gammaplatform.com | udp |
| SG | 52.220.229.2:443 | cm-supply-web.gammaplatform.com | tcp |
| US | 8.8.8.8:53 | sync.1rx.io | udp |
| SG | 74.118.186.107:443 | sync.1rx.io | tcp |
| US | 8.8.8.8:53 | green.erne.co | udp |
| FR | 141.95.171.142:443 | green.erne.co | tcp |
| SG | 74.118.186.107:443 | sync.1rx.io | tcp |
| US | 8.8.8.8:53 | matching.truffle.bid | udp |
| US | 8.8.8.8:53 | pixel-eu.onaudience.com | udp |
| DE | 162.55.120.196:443 | matching.truffle.bid | tcp |
| FR | 141.94.171.216:443 | pixel-eu.onaudience.com | tcp |
| US | 8.8.8.8:53 | sync.crwdcntrl.net | udp |
| SG | 52.76.51.98:443 | sync.crwdcntrl.net | tcp |
| US | 8.8.8.8:53 | 2.229.220.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 142.171.95.141.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 107.186.118.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.120.55.162.in-addr.arpa | udp |
| SG | 52.76.51.98:443 | sync.crwdcntrl.net | tcp |
| NL | 46.228.164.11:443 | ad.turn.com | tcp |
| US | 8.8.8.8:53 | sync.targeting.unrulymedia.com | udp |
| US | 8.8.8.8:53 | 98.51.76.52.in-addr.arpa | udp |
| SG | 74.118.186.107:443 | sync.targeting.unrulymedia.com | tcp |
| SG | 74.118.186.107:443 | sync.targeting.unrulymedia.com | tcp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| GB | 216.58.208.110:443 | redirector.gvt1.com | tcp |
| US | 8.8.8.8:53 | r1---sn-5hnekn7l.gvt1.com | udp |
| NL | 74.125.100.6:443 | r1---sn-5hnekn7l.gvt1.com | udp |
| NL | 74.125.100.6:443 | r1---sn-5hnekn7l.gvt1.com | tcp |
| US | 8.8.8.8:53 | 110.208.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 6.100.125.74.in-addr.arpa | udp |
| FR | 178.250.7.13:443 | gum.criteo.com | tcp |
| US | 8.8.8.8:53 | cs.admanmedia.com | udp |
| US | 8.8.8.8:53 | bidder.doceree.com | udp |
| US | 80.77.87.162:443 | cs.admanmedia.com | tcp |
| IN | 3.111.204.132:443 | bidder.doceree.com | tcp |
| NL | 142.251.36.2:443 | ade.googlesyndication.com | udp |
| NL | 216.58.214.3:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | 162.87.77.80.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 132.204.111.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | bbynetwork.nl | udp |
| US | 172.67.197.199:443 | bbynetwork.nl | tcp |
| US | 172.67.197.199:443 | bbynetwork.nl | tcp |
| US | 172.67.197.199:443 | bbynetwork.nl | tcp |
| US | 172.67.197.199:443 | bbynetwork.nl | tcp |
| US | 172.67.197.199:443 | bbynetwork.nl | tcp |
| US | 172.67.197.199:443 | bbynetwork.nl | tcp |
| US | 172.67.197.199:443 | bbynetwork.nl | tcp |
| US | 8.8.8.8:53 | 199.197.67.172.in-addr.arpa | udp |
| US | 172.67.197.199:443 | bbynetwork.nl | tcp |
| US | 8.8.8.8:53 | stun.l.google.com | udp |
| US | 74.125.128.127:19302 | stun.l.google.com | udp |
| US | 8.8.8.8:53 | 127.128.125.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | viewer.bby.gg | udp |
| GB | 51.77.122.237:443 | viewer.bby.gg | tcp |
| GB | 51.77.122.237:443 | viewer.bby.gg | tcp |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| NL | 142.251.36.46:443 | clients2.google.com | udp |
| US | 8.8.8.8:53 | virustotal.com | udp |
| US | 216.239.34.21:443 | virustotal.com | tcp |
| US | 216.239.34.21:443 | virustotal.com | tcp |
| US | 8.8.8.8:53 | www.virustotal.com | udp |
| US | 74.125.34.46:443 | www.virustotal.com | tcp |
| US | 8.8.8.8:53 | www.recaptcha.net | udp |
| NL | 172.217.168.227:443 | www.recaptcha.net | tcp |
| US | 8.8.8.8:53 | 21.34.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 46.34.125.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 227.168.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | recaptcha.net | udp |
| NL | 142.251.39.99:443 | recaptcha.net | tcp |
| NL | 142.251.39.99:443 | recaptcha.net | udp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | 99.39.251.142.in-addr.arpa | udp |
| NL | 142.251.36.10:443 | content-autofill.googleapis.com | udp |
| NL | 142.251.36.10:443 | content-autofill.googleapis.com | tcp |
| US | 74.125.34.46:443 | www.virustotal.com | tcp |
| US | 8.8.8.8:53 | 10.36.251.142.in-addr.arpa | udp |
| US | 172.67.197.199:443 | bbynetwork.nl | tcp |
| US | 172.67.197.199:443 | bbynetwork.nl | tcp |
| US | 172.67.197.199:443 | bbynetwork.nl | tcp |
| US | 172.67.197.199:443 | bbynetwork.nl | tcp |
| US | 172.67.197.199:443 | bbynetwork.nl | tcp |
| US | 172.67.197.199:443 | bbynetwork.nl | tcp |
| US | 172.67.197.199:443 | bbynetwork.nl | tcp |
| US | 172.67.197.199:443 | bbynetwork.nl | tcp |
| US | 74.125.128.127:19302 | stun.l.google.com | udp |
| GB | 51.77.122.237:443 | viewer.bby.gg | tcp |
| GB | 51.77.122.237:443 | viewer.bby.gg | tcp |
Files
\??\pipe\crashpad_2924_HOGJCRWYMATFWCHB
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | d684a4d908153bc48ed419c5ce2dfd0d |
| SHA1 | 025e49defe80f65dc71a1ff8f6ac1f2d67d2350b |
| SHA256 | 68acc703246568a8582be80323ba84b175db5141fab44e8e994d14571b3b32fd |
| SHA512 | 5bf2f6dc982a9200b2b40fae2e301516943223f6f1fae8bb9a9a5a3c8f92f40d23b9c0b6d8d02ba51f8a5419cb8916c6b3f6c48881f279adcb16b123a8f2ff6e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 5bdba25c171a010ff57094647ea60566 |
| SHA1 | aa2c702cf3989d9e8a0112ab0e9912dd5fe2ba0a |
| SHA256 | 89c71c4108687bcf60a261ebcc8a289f042e02ecd81f7cc37af58569827775b6 |
| SHA512 | 8dbac37725b1611437e5b19346ccb64d245880cf4db7c81e7a08af02f87ae7bd7683f6797e5fe2c8abb1a4572bc4764ef634ca3f3a69813e9b7271eaba731edd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
| MD5 | b8572be53b8533e086a3718de020c553 |
| SHA1 | 48a2aadaf170d9cf1fe480632d8d8171f84350f0 |
| SHA256 | e56122a5ede0f8e9e6c03d520a4385c210708fac83f9064b56effa511771c319 |
| SHA512 | a975b2619a1f8b243f284baedb1106ca94c32b643587f0419059ce19366b5ba0290330602b80fe5f313d13a32a5a37ca7eb081b10d21ba9373fdcaa44b5b03d0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 5ca4b21d5ee33776db2b6fb1f63acb54 |
| SHA1 | 13cdf6755f1c0714a6270c1ffacd8b1857e0326d |
| SHA256 | f93c8e2a1deb67380ef17b4fb8d41c3fe1a92811dd8ceef6c9c49b51f01639f4 |
| SHA512 | 124f17383b2358fdbb1729a94d097fede97527c0e6f4a2d07a928c0dd5bea837e9f9ffb5b142ff678d77037001dd626c57681a1d8abb689911f9752aa7803d53 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
| MD5 | 1900c64b8036543b3d61a1d4459d38e7 |
| SHA1 | c9bedca7bda827585c17bfdaa040b8bed6b0c3ee |
| SHA256 | 1a3585716d22cb7492ea777ec0ea20f726fad247a63719788ae65e44eee7e554 |
| SHA512 | 4cf15463643e0c38d159c182032849661dda923ec4779f5e1e52f429b0afac635a9c126dfeea2c806f2307314956a17297f521b092639aa9c8c8c235aa6b4f88 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 02816a46c45e93b137a48e32418a129d |
| SHA1 | e8ed8a922c0129705a1385dafa42813e3889e936 |
| SHA256 | 00cb89f189a9455839890a3722affe68b14bf26dacf05ccdcd884221c2b36c19 |
| SHA512 | 552c791beabdb3635bce2fea9c9fb51eca413dfd07611b1c0483446266ad0bcbea0e1a8ebf25abbc69462f5334ed32e857f71ed05280bfd1a085c2d230e7bf0f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 150ed5190ff1e9b02f282ab8614aa702 |
| SHA1 | 32ae54447d78d18299619b130b1ce7853840e6cf |
| SHA256 | b79667064e01fffd0cd885f2e3cd97b2e585b63669b1cb80cc667cd4eef2f239 |
| SHA512 | bafb1b1712491d7d6e230805172f078ddada5a4a6fcd265e573cc9e0cb35a923f9459d8762a79b4965fad6d31b6f96d296a8ee1c611429f2d2716e79a605a49e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 096aa116d85028b362d51e8cfafb7fd5 |
| SHA1 | cde2ab3f51a252d7f81d31c1f9e62e475852f093 |
| SHA256 | f1635f1b192accd2b70594c4acb79ee061c431de7bd9a166a45c62a70a3ea0d5 |
| SHA512 | 0ceaa045bc32a8e36f38fe5e0d4d93762f169dfea3847e8e0ec711c49f7367ad0a9d9a48f927648cb66eb38d893a8f737e65cf4b6bd82eaed5f62c5cccd23b44 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 2f88105e2421e6ef10ae2821cc6e0309 |
| SHA1 | aa2ba07f6f93096b0e80a7cb6810d90d9c5892d3 |
| SHA256 | 0c8b257c0a0a20ae04e0e9846ec57324adf3e7a36c50e35b665eea04e82a123c |
| SHA512 | 7555c71b91f0cd132e85b4fa02a9ce31f7df23de169e8583951a42a32fc43d41b1aeeaa933e87bfe03f9065069a1fc6ad43301c10aec23b1c00e9c485431087e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ff5c001691b46234a35f04cd1de691ce |
| SHA1 | 69023412771db706830feaf5c26376ae8698467a |
| SHA256 | 6bd1970121337711b039bef02a80c613d0e5b83aa9c099398e48d0bcb71a0abe |
| SHA512 | 59582452c39fcd1603e7b40def7553e27adc91a7d4114c3e64612f1ab22603432615d7c1ceab7a042809a47a88b2d638b49355351f7dc27a49238bc55b28def0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\d9286ae9-835d-44d6-a6eb-7547847288bf.tmp
| MD5 | 4dce08aebac2d33323efeb1c3aa22c84 |
| SHA1 | df7c4555be8b91b6f83f3d935406663071331ca9 |
| SHA256 | 9f19b0d4b59a1754f0c5dc51ff539108d831ef8ed45b2c47f7c07c7cf03b3e89 |
| SHA512 | ee810e017def90e2efc0ad0203341381c4b5d35942a0d6d99651e705ded4cea5337d1c3b10462e021e4fd8c906be54b3c65a1ca2239ec6d3958cffbcac14c29e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 55616797e8688488e7e145de610aefb7 |
| SHA1 | 6a51bc6c51dcc051058f5a464863e00a68d74f44 |
| SHA256 | a57b4012c1d0baae703bbdb72558264ae86296671b9b751740861c3c542c1dbf |
| SHA512 | 450b59263460a9e1d385edc87fb869746963af177b314be49125bea5d09aeff095b6db3286b38dad0d1cb1cc13eed7cdabe67c4efa211c7db649ec862bb1153e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | 644c3e66544f416fbd826d373207769f |
| SHA1 | e37ff69928cb4164328174c922c0667f61d523a5 |
| SHA256 | 00d3508cff6c88d25664222e43f35e32f1c5d7c3cd92f103c49584a34219ae54 |
| SHA512 | b217caa33062572ba8cefb19ccdcc37abdd9e0053b7c02c6acd5ab46093b16a775870cc57bfeede970e2bd63b85f42e28ca7e472cb42bb23f8c8c343ab69bc81 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe579ea1.TMP
| MD5 | 6701d420675882ab63858040ce49d3e1 |
| SHA1 | 06285dc1cc58cd04b2e89550cdc2e9149219f483 |
| SHA256 | 7f0ed7ab69ed6c6dc7c5dfc38c0a2008351af1aea9417d871a8c480813d16014 |
| SHA512 | 3b9aa27438e87ddec3a39d22b6925a09732dd512c08bf4b7fd9eaacb196e0b4810b27594e3fb19c85f3ef4c4173118132139328581b54536bcbbebd083f414bd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | c52d25d724a97b63c4521fc57bbd1aad |
| SHA1 | eaaba0fd820f8232c613f8de5023e6e60a4d66ee |
| SHA256 | 5c6c09f0673c6995c0018c842a7b54e9bab4f091ca1fc96316b3eb166c8e283f |
| SHA512 | fd0a9a0bfdcdbecf862d4b0556c0de9130cfa8f7250e017cf9dd12385c1e1b2592431a4a6f9f321b131cc509688120ff8bb066eacaa7bfb15534bef39462d868 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | e57e3930abb2225777ca20d8a28507a4 |
| SHA1 | 0b9c1df8b9abaf83f8d7b4361e81bc6049cfb43f |
| SHA256 | f1dc2d9e8e1447a32fae1eb32d1651145c014a1d109ca330121313c20741b595 |
| SHA512 | 7348d802090ceae5ee1dc2e30ab99e54d2d4528bfb0e0e011e12eed56e2dad6cf7aa1cfd1daf88c346dc8d79a7bd089e7573dd7a115ed243b4418fd722289a8c |
C:\Users\Admin\AppData\Local\Temp\nsgC9B9.tmp\System.dll
| MD5 | 0d7ad4f45dc6f5aa87f606d0331c6901 |
| SHA1 | 48df0911f0484cbe2a8cdd5362140b63c41ee457 |
| SHA256 | 3eb38ae99653a7dbc724132ee240f6e5c4af4bfe7c01d31d23faf373f9f2eaca |
| SHA512 | c07de7308cb54205e8bd703001a7fe4fd7796c9ac1b4bb330c77c872bf712b093645f40b80ce7127531fe6746a5b66e18ea073ab6a644934abed9bb64126fea9 |
C:\Users\Admin\AppData\Local\Temp\nsgC9B9.tmp\nsis7z.dll
| MD5 | 80e44ce4895304c6a3a831310fbf8cd0 |
| SHA1 | 36bd49ae21c460be5753a904b4501f1abca53508 |
| SHA256 | b393f05e8ff919ef071181050e1873c9a776e1a0ae8329aefff7007d0cadf592 |
| SHA512 | c8ba7b1f9113ead23e993e74a48c4427ae3562c1f6d9910b2bbe6806c9107cf7d94bc7d204613e4743d0cd869e00dafd4fb54aad1e8adb69c553f3b9e5bc64df |
C:\Users\Admin\AppData\Local\Temp\nsgC9B9.tmp\7z-out\chrome_200_percent.pak
| MD5 | 4610337e3332b7e65b73a6ea738b47df |
| SHA1 | 8d824c9cf0a84ab902e8069a4de9bf6c1a9aaf3b |
| SHA256 | c91abf556e55c29d1ea9f560bb17cc3489cb67a5d0c7a22b58485f5f2fbcf25c |
| SHA512 | 039b50284d28dcd447e0a486a099fa99914d29b543093cccda77bbefdd61f7b7f05bb84b2708ae128c5f2d0c0ab19046d08796d1b5a1cff395a0689ab25ccb51 |
C:\Users\Admin\AppData\Local\Temp\2Ol4e8rQz0h0wOoUdsfPrEXFdWg\chrome_100_percent.pak
| MD5 | acd0fa0a90b43cd1c87a55a991b4fac3 |
| SHA1 | 17b84e8d24da12501105b87452f86bfa5f9b1b3c |
| SHA256 | ccbca246b9a93fa8d4f01a01345e7537511c590e4a8efd5777b1596d10923b4b |
| SHA512 | 3e4c4f31c6c7950d5b886f6a8768077331a8f880d70b905cf7f35f74be204c63200ff4a88fa236abccc72ec0fc102c14f50dd277a30f814f35adfe5a7ae3b774 |
C:\Users\Admin\AppData\Local\Temp\nsgC9B9.tmp\7z-out\d3dcompiler_47.dll
| MD5 | 3b4647bcb9feb591c2c05d1a606ed988 |
| SHA1 | b42c59f96fb069fd49009dfd94550a7764e6c97c |
| SHA256 | 35773c397036b368c1e75d4e0d62c36d98139ebe74e42c1ff7be71c6b5a19fd7 |
| SHA512 | 00cd443b36f53985212ac43b44f56c18bf70e25119bbf9c59d05e2358ff45254b957f1ec63fc70fb57b1726fd8f76ccfad8103c67454b817a4f183f9122e3f50 |
C:\Users\Admin\AppData\Local\Temp\nsgC9B9.tmp\7z-out\libEGL.dll
| MD5 | fde9a02f00bc7b70d93b9e928945087a |
| SHA1 | 5136e3d0b681af624086c77cd67edcf537dd27e4 |
| SHA256 | d1f504b9136ee6a8955b045e8a94dcb75c5013e9e6896d889edba1491649bc9f |
| SHA512 | 7e65a884df7bd7fc74c717528bbd61e5c0671d208cf02849e357b6690f02477659b7c3de43193bb487a2624638fafbfdece88557c9ef1ad28c03f0a6253c57ed |
C:\Users\Admin\AppData\Local\Temp\nsgC9B9.tmp\7z-out\LICENSES.chromium.html
| MD5 | 312446edf757f7e92aad311f625cef2a |
| SHA1 | 91102d30d5abcfa7b6ec732e3682fb9c77279ba3 |
| SHA256 | c2656201ac86438d062673771e33e44d6d5e97670c3160e0de1cb0bd5fbbae9b |
| SHA512 | dce01f2448a49a0e6f08bbde6570f76a87dcc81179bb51d5e2642ad033ee81ae3996800363826a65485ab79085572bbace51409ae7102ed1a12df65018676333 |
C:\Users\Admin\AppData\Local\Temp\nsgC9B9.tmp\7z-out\LICENSE.electron.txt
| MD5 | 4d42118d35941e0f664dddbd83f633c5 |
| SHA1 | 2b21ec5f20fe961d15f2b58efb1368e66d202e5c |
| SHA256 | 5154e165bd6c2cc0cfbcd8916498c7abab0497923bafcd5cb07673fe8480087d |
| SHA512 | 3ffbba2e4cd689f362378f6b0f6060571f57e228d3755bdd308283be6cbbef8c2e84beb5fcf73e0c3c81cd944d01ee3fcf141733c4d8b3b0162e543e0b9f3e63 |
C:\Users\Admin\AppData\Local\Temp\nsgC9B9.tmp\7z-out\libGLESv2.dll
| MD5 | ed58bd0690a86ac78764654edda50194 |
| SHA1 | f7973bdf9ad1c9e51350794c3d51459ba7a37f4e |
| SHA256 | ff813885abdac4bc106bbf7d106325718f568756209b920ac2d83c3c9f9a2ce6 |
| SHA512 | 955d442f1faf8e22c313c5feec1101444027b920d7fc8c171454c70edd3385f502ccc0a1f80d53bbaacf87517eabe51d74469a995ff7506917d3d2b205865040 |
C:\Users\Admin\AppData\Local\Temp\nsgC9B9.tmp\7z-out\icudtl.dat
| MD5 | d89ce8c00659d8e5d408c696ee087ce3 |
| SHA1 | 49fc8109960be3bb32c06c3d1256cb66dded19a8 |
| SHA256 | 9dfbe0dad5c7021cfe8df7f52458c422cbc5be9e16ff33ec90665bb1e3f182de |
| SHA512 | db097ce3eb9e132d0444df79b167a7dcb2df31effbbd3df72da3d24ae2230cc5213c6df5e575985a9918fbd0a6576e335b6ebc12b6258bc93fa205399de64c37 |
C:\Users\Admin\AppData\Local\Temp\nsgC9B9.tmp\7z-out\ffmpeg.dll
| MD5 | 94f687603aba179474517da648f436a5 |
| SHA1 | 4de598064481401366fbfc81f0a365c13879035c |
| SHA256 | 96e7ed9463802023c86ba42f8045d5249baaca7f679ac76087d29ae33be1ede0 |
| SHA512 | f94694bed9b6f2c5365b12acad28dc49579c9fbbd7db46569d1fd919cc6973236cba8aa4dd0d8d1a3a9ddef81c285c5dbce47294259462272f84e41a23d9d1e0 |
C:\Users\Admin\AppData\Local\Temp\nsgC9B9.tmp\7z-out\snapshot_blob.bin
| MD5 | 916127734bc7c5b0db478191a37fc19a |
| SHA1 | f9d868c2578f14513fcb95e109aec795c98dbba3 |
| SHA256 | e19ed7fb96e19bb5bfe791df03561d654ea5d52021c3403a2652f439a8d77801 |
| SHA512 | d291b26568572d5777b036577ddf30c1b6c6c41e9d53ef2d8af735db001ea5c568371f3907fbffc02feee628f0f29afb718ae5deb32ff245a37947a7b1b9c297 |
C:\Users\Admin\AppData\Local\Temp\nsgC9B9.tmp\7z-out\resources.pak
| MD5 | c2b9f8256a070f23a2bac3457198657b |
| SHA1 | 8a6c14bfe8149476baf407e3695a78863aa35fd9 |
| SHA256 | b5ab9cbb8b4f5fb9a3b2f15989a8522d3985c2b4260b1ace9b4edb5173f10deb |
| SHA512 | 37bf0e2f1b2bc700519ac7b4fa023611f88a8338d9b303988e1ba37345c1f2199750e60a9cc1e8b3f34c37b78ca5a9ca1f02086755d6fe3d6c5aafeae449c66e |
C:\Users\Admin\AppData\Local\Temp\nsgC9B9.tmp\7z-out\vulkan-1.dll
| MD5 | 6704b30acda01af69502e04b57ad4195 |
| SHA1 | 4d9f921bc4a3708dbe00df54f0706c05c744c58d |
| SHA256 | a1b8bde50262cfcb258068f32832309521cdb4cbeb3694514168ef404252f840 |
| SHA512 | fcfcce5589da1114f9ea1b9062caca2afd86b9c8cd3d88542ef36d66c82d8628f9064482c17aa55dcabd9f6ba8b018eb4f0b0e23a68ba06e48cc2c3d12cc5155 |
C:\Users\Admin\AppData\Local\Temp\nsgC9B9.tmp\7z-out\vk_swiftshader_icd.json
| MD5 | 8642dd3a87e2de6e991fae08458e302b |
| SHA1 | 9c06735c31cec00600fd763a92f8112d085bd12a |
| SHA256 | 32d83ff113fef532a9f97e0d2831f8656628ab1c99e9060f0332b1532839afd9 |
| SHA512 | f5d37d1b45b006161e4cefeebba1e33af879a3a51d16ee3ff8c3968c0c36bbafae379bf9124c13310b77774c9cbb4fa53114e83f5b48b5314132736e5bb4496f |
C:\Users\Admin\AppData\Local\Temp\nsgC9B9.tmp\7z-out\vk_swiftshader.dll
| MD5 | 824a833b74439461820a2e22f6bfcfe5 |
| SHA1 | a05d360fdb4688bc5cb462c6ec6fad40f64744e3 |
| SHA256 | b6816edfd0af362a1023c2616ab4d4bb0a1486f4d8ee665d5924f403da8a616a |
| SHA512 | ea9d21f63858c326029b1ff50123ccc58b715f240bf3264f412541384573e0a6be3c2b47f1f187857f919328c915e9d1f09937dd8fb84b06ffc79e5289b1d29d |
C:\Users\Admin\AppData\Local\Temp\nsgC9B9.tmp\7z-out\v8_context_snapshot.bin
| MD5 | 4f4d00247758c684c295243ddedd2948 |
| SHA1 | f8e8fc6c22fde9df1d60c329e38b38a85f96bb69 |
| SHA256 | 4ea84c4465eea20b46e6ded30f711f1e0d61e15574d861b0210819abd5e895e5 |
| SHA512 | 2c335672979114bd68ff6f1b1b94235fbf072fe8642cad1f7d61855b92741f0633fa0ccb77cd520be560db2d3ac75f9be08e22806487bf5d3045781e3903ad45 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | fe56a347f65e298b5f374f6363cd913e |
| SHA1 | f57402495d812ec753e3d6f93f3c047c5960ede1 |
| SHA256 | 44e5d32d1e11b90904f2f21067e197efcb01f2e094222432ae43b426be150b74 |
| SHA512 | 2bcbc2c41dd4fccc42cbf23ad4df0cce4211d1673ec18236dcff6087677a98f0ca4f2f9f970f29bb0c244e6dd29124e20a83b302a014326e33dfc1391f6cab2a |
C:\Users\Admin\AppData\Local\Temp\nsgC9B9.tmp\7z-out\zzzzz.exe
| MD5 | a61f2d769a619abae02f4f4867df8de0 |
| SHA1 | 52fea8a06d5085f7427e5b141728bc2117335cb3 |
| SHA256 | 4910505ce5d346ef61bb240f9a303308f969103abd4de935206777a0e8aaa792 |
| SHA512 | 0d9a9931720f7cef9421b2cf9506401acaa0660db6d44a68e0cecda829d5055ea337a05cf60d06dad72debe85931ef43a8675444b5a155e179f86ebd2caea122 |
C:\Users\Admin\AppData\Local\Temp\nsgC9B9.tmp\7z-out\locales\cs.pak
| MD5 | 04a680847c4a66ad9f0a88fb9fb1fc7b |
| SHA1 | 2afcdf4234a9644fb128b70182f5a3df1ee05be1 |
| SHA256 | 1cc44c5fbe1c0525df37c5b6267a677f79c9671f86eda75b6fc13abf5d5356eb |
| SHA512 | 3a8a409a3c34149a977dea8a4cb0e0822281aed2b0a75b02479c95109d7d51f6fb2c2772ccf1486ca4296a0ac2212094098f5ce6a1265fa6a7eb941c0cfef83e |
C:\Users\Admin\AppData\Local\Temp\nsgC9B9.tmp\7z-out\locales\ca.pak
| MD5 | d259469e94f2adf54380195555154518 |
| SHA1 | d69060bbe8e765ca4dc1f7d7c04c3c53c44b8ab5 |
| SHA256 | f98b7442befc285398a5dd6a96740cba31d2f5aadadd4d5551a05712d693029b |
| SHA512 | d0bd0201acf4f7daa84e89aa484a3dec7b6a942c3115486716593213be548657ad702ef2bc1d3d95a4a56b0f6e7c33d5375f41d6a863e4ce528f2bd6a318240e |
C:\Users\Admin\AppData\Local\Temp\nsgC9B9.tmp\7z-out\locales\bn.pak
| MD5 | 5cdd07fa357c846771058c2db67eb13b |
| SHA1 | deb87fc5c13da03be86f67526c44f144cc65f6f6 |
| SHA256 | 01c830b0007b8ce6aca46e26d812947c3df818927b826f7d8c5ffd0008a32384 |
| SHA512 | 2ac29a3aa3278bd9a8fe1ba28e87941f719b14fbf8b52e0b7dc9d66603c9c147b9496bf7be4d9e3aa0231c024694ef102dcc094c80c42be5d68d3894c488098c |
C:\Users\Admin\AppData\Local\Temp\nsgC9B9.tmp\7z-out\locales\bg.pak
| MD5 | a19269683a6347e07c55325b9ecc03a4 |
| SHA1 | d42989daf1c11fcfff0978a4fb18f55ec71630ec |
| SHA256 | ad65351a240205e881ef5c4cf30ad1bc6b6e04414343583597086b62d48d8a24 |
| SHA512 | 1660e487df3f3f4ec1cea81c73dca0ab86aaf121252fbd54c7ac091a43d60e1afd08535b082efd7387c12616672e78aa52dddfca01f833abef244284482f2c76 |
C:\Users\Admin\AppData\Local\Temp\nsgC9B9.tmp\7z-out\locales\ar.pak
| MD5 | 47a6d10b4112509852d4794229c0a03b |
| SHA1 | 2fb49a0b07fbdf8d4ce51a7b5a7f711f47a34951 |
| SHA256 | 857fe3ab766b60a8d82b7b6043137e3a7d9f5cfb8ddd942316452838c67d0495 |
| SHA512 | 5f5b280261195b8894efae9df2bece41c6c6a72199d65ba633c30d50a579f95fa04916a30db77831f517b22449196d364d6f70d10d6c5b435814184b3bcf1667 |
C:\Users\Admin\AppData\Local\Temp\nsgC9B9.tmp\7z-out\locales\am.pak
| MD5 | 2009647c3e7aed2c4c6577ee4c546e19 |
| SHA1 | e2bbacf95ec3695daae34835a8095f19a782cbcf |
| SHA256 | 6d61e5189438f3728f082ad6f694060d7ee8e571df71240dfd5b77045a62954e |
| SHA512 | 996474d73191f2d550c516ed7526c9e2828e2853fcfbe87ca69d8b1242eb0dedf04030bbca3e93236bbd967d39de7f9477c73753af263816faf7d4371f363ba3 |
C:\Users\Admin\AppData\Local\Temp\nsgC9B9.tmp\7z-out\locales\af.pak
| MD5 | 7e51349edc7e6aed122bfa00970fab80 |
| SHA1 | eb6df68501ecce2090e1af5837b5f15ac3a775eb |
| SHA256 | f528e698b164283872f76df2233a47d7d41e1aba980ce39f6b078e577fd14c97 |
| SHA512 | 69da19053eb95eef7ab2a2d3f52ca765777bdf976e5862e8cebbaa1d1ce84a7743f50695a3e82a296b2f610475abb256844b6b9eb7a23a60b4a9fc4eae40346d |
C:\Users\Admin\AppData\Local\Temp\nsgC9B9.tmp\7z-out\locales\el.pak
| MD5 | 9528d21e8a3f5bad7ca273999012ebe8 |
| SHA1 | 58cd673ce472f3f2f961cf8b69b0c8b8c01d457c |
| SHA256 | e79c1e7a47250d88581e8e3baf78dcaf31fe660b74a1e015be0f4bafdfd63e12 |
| SHA512 | 165822c49ce0bdb82f3c3221e6725dac70f53cfdad722407a508fa29605bc669fb5e5070f825f02d830e0487b28925644438305372a366a3d60b55da039633d7 |
C:\Users\Admin\AppData\Local\Temp\nsgC9B9.tmp\7z-out\locales\de.pak
| MD5 | 8e6654b89ed4c1dc02e1e2d06764805a |
| SHA1 | ff660bc85bb4a0fa3b2637050d2b2d1aecc37ad8 |
| SHA256 | 61cbce9a31858ddf70cc9b0c05fb09ce7032bfb8368a77533521722465c57475 |
| SHA512 | 5ac71eda16f07f3f2b939891eda2969c443440350fd88ab3a9b3180b8b1a3ecb11e79e752cf201f21b3dbfba00bcc2e4f796f347e6137a165c081e86d970ee61 |
C:\Users\Admin\AppData\Local\Temp\nsgC9B9.tmp\7z-out\locales\da.pak
| MD5 | 1a53d374b9c37f795a462aac7a3f118f |
| SHA1 | 154be9cf05042eced098a20ff52fa174798e1fea |
| SHA256 | d0c38eb889ee27d81183a0535762d8ef314f0fdeb90ccca9176a0ce9ab09b820 |
| SHA512 | 395279c9246bd30a0e45d775d9f9c36353bd11d9463282661c2abd876bdb53be9c9b617bb0c2186592cd154e9353ea39e3feed6b21a07b6850ab8ecd57e1ed29 |
C:\Users\Admin\AppData\Local\Temp\nsgC9B9.tmp\7z-out\locales\en-GB.pak
| MD5 | d59e613e8f17bdafd00e0e31e1520d1f |
| SHA1 | 529017d57c4efed1d768ab52e5a2bc929fdfb97c |
| SHA256 | 90e585f101cf0bb77091a9a9a28812694cee708421ce4908302bbd1bc24ac6fd |
| SHA512 | 29ff3d42e5d0229f3f17bc0ed6576c147d5c61ce2bd9a2e658a222b75d993230de3ce35ca6b06f5afa9ea44cfc67817a30a87f4faf8dc3a5c883b6ee30f87210 |
C:\Users\Admin\AppData\Local\Temp\nsgC9B9.tmp\7z-out\locales\en-US.pak
| MD5 | 5e3813e616a101e4a169b05f40879a62 |
| SHA1 | 615e4d94f69625dda81dfaec7f14e9ee320a2884 |
| SHA256 | 4d207c5c202c19c4daca3fddb2ae4f747f943a8faf86a947eef580e2f2aee687 |
| SHA512 | 764a271a9cfb674cce41ee7aed0ad75f640ce869efd3c865d1b2d046c9638f4e8d9863a386eba098f5dcedd20ea98bad8bca158b68eb4bdd606d683f31227594 |
C:\Users\Admin\AppData\Local\Temp\nsgC9B9.tmp\7z-out\locales\fa.pak
| MD5 | 9d273af70eafd1b5d41f157dbfb94fdc |
| SHA1 | da98bde34b59976d4514ff518bd977a713ea4f2e |
| SHA256 | 319d1e20150d4e3f496309ba82fce850e91378ee4b0c7119a003a510b14f878b |
| SHA512 | 0a892071bea92cc7f1a914654bc4f9da6b9c08e3cb29bb41e9094f6120ddc7a08a257c0d2b475c98e7cdcf604830e582cf2a538cc184056207f196ffc43f29ad |
C:\Users\Admin\AppData\Local\Temp\nsgC9B9.tmp\7z-out\locales\et.pak
| MD5 | a94e1775f91ea8622f82ae5ab5ba6765 |
| SHA1 | ff17accdd83ac7fcc630e9141e9114da7de16fdb |
| SHA256 | 1606b94aef97047863481928624214b7e0ec2f1e34ec48a117965b928e009163 |
| SHA512 | a2575d2bd50494310e8ef9c77d6c1749420dfbe17a91d724984df025c47601976af7d971ecae988c99723d53f240e1a6b3b7650a17f3b845e3daeefaaf9fe9b9 |
C:\Users\Admin\AppData\Local\Temp\nsgC9B9.tmp\7z-out\locales\es.pak
| MD5 | a36992d320a88002697da97cd6a4f251 |
| SHA1 | c1f88f391a40ccf2b8a7b5689320c63d6d42935f |
| SHA256 | c5566b661675b613d69a507cbf98768bc6305b80e6893dc59651a4be4263f39d |
| SHA512 | 9719709229a4e8f63247b3efe004ecfeb5127f5a885234a5f78ee2b368f9e6c44eb68a071e26086e02aa0e61798b7e7b9311d35725d3409ffc0e740f3aa3b9b5 |
C:\Users\Admin\AppData\Local\Temp\nsgC9B9.tmp\7z-out\locales\es-419.pak
| MD5 | 7f6696cc1e71f84d9ec24e9dc7bd6345 |
| SHA1 | 36c1c44404ee48fc742b79173f2c7699e1e0301f |
| SHA256 | d1f17508f3a0106848c48a240d49a943130b14bd0feb5ed7ae89605c7b7017d1 |
| SHA512 | b226f94f00978f87b7915004a13cdbd23de2401a8afaa2517498538967df89b735f8ecc46870c92e3022cac795218a60ad2b8fff1efad9feea4ec193704a568a |
C:\Users\Admin\AppData\Local\Temp\nsgC9B9.tmp\7z-out\locales\fil.pak
| MD5 | 3165351c55e3408eaa7b661fa9dc8924 |
| SHA1 | 181bee2a96d2f43d740b865f7e39a1ba06e2ca2b |
| SHA256 | 2630a9d5912c8ef023154c6a6fb5c56faf610e1e960af66abef533af19b90caa |
| SHA512 | 3b1944ea3cfcbe98d4ce390ea3a8ff1f6730eb8054e282869308efe91a9ddcd118290568c1fc83bd80e8951c4e70a451e984c27b400f2bde8053ea25b9620655 |
C:\Users\Admin\AppData\Local\Temp\nsgC9B9.tmp\7z-out\locales\fi.pak
| MD5 | d4b776267efebdcb279162c213f3db22 |
| SHA1 | 7236108af9e293c8341c17539aa3f0751000860a |
| SHA256 | 297e3647eaf9b3b95cf833d88239919e371e74cc345a2e48a5033ebe477cd54e |
| SHA512 | 1dc7d966d12e0104aacb300fd4e94a88587a347db35ad2327a046ef833fb354fd9cbe31720b6476db6c01cfcb90b4b98ce3cd995e816210b1438a13006624e8f |
C:\Users\Admin\AppData\Local\Temp\nsgC9B9.tmp\7z-out\locales\hi.pak
| MD5 | 1766a05be4dc634b3321b5b8a142c671 |
| SHA1 | b959bcadc3724ae28b5fe141f3b497f51d1e28cf |
| SHA256 | 0eee8e751b5b0af1e226106beb09477634f9f80774ff30894c0f5a12b925ac35 |
| SHA512 | faec1d6166133674a56b5e38a68f9e235155cc910b5cceb3985981b123cc29eda4cd60b9313ab787ec0a8f73bf715299d9bf068e4d52b766a7ab8808bd146a39 |
C:\Users\Admin\AppData\Local\Temp\nsgC9B9.tmp\7z-out\locales\he.pak
| MD5 | 6d787dc113adfb6a539674af7d6195db |
| SHA1 | f966461049d54c61cdd1e48ef1ea0d3330177768 |
| SHA256 | a976fad1cc4eb29709018c5ffcc310793a7ceb2e69c806454717ccae9cbc4d21 |
| SHA512 | 6748dad2813fc544b50ddea0481b5ace3eb5055fb2d985ca357403d3b799618d051051b560c4151492928d6d40fce9bb33b167217c020bdcc3ed4cae58f6b676 |
C:\Users\Admin\AppData\Local\Temp\nsgC9B9.tmp\7z-out\locales\gu.pak
| MD5 | 7b5f52f72d3a93f76337d5cf3168ebd1 |
| SHA1 | 00d444b5a7f73f566e98abadf867e6bb27433091 |
| SHA256 | 798ea5d88a57d1d78fa518bf35c5098cbeb1453d2cb02ef98cd26cf85d927707 |
| SHA512 | 10c6f4faab8ccb930228c1d9302472d0752be19af068ec5917249675b40f22ab24c3e29ec3264062826113b966c401046cff70d91e7e05d8aadcc0b4e07fec9b |
C:\Users\Admin\AppData\Local\Temp\nsgC9B9.tmp\7z-out\locales\fr.pak
| MD5 | 0bf28aff31e8887e27c4cd96d3069816 |
| SHA1 | b5313cf6b5fbce7e97e32727a3fae58b0f2f5e97 |
| SHA256 | 2e1d413442def9cae2d93612e3fd04f3afaf3dd61e4ed7f86400d320af5500c2 |
| SHA512 | 95172b3b1153b31fceb4b53681635a881457723cd1000562463d2f24712267b209b3588c085b89c985476c82d9c27319cb6378619889379da4fae1595cb11992 |
C:\Users\Admin\AppData\Local\Temp\nsgC9B9.tmp\7z-out\locales\hu.pak
| MD5 | f5e1ca8a14c75c6f62d4bff34e27ddb5 |
| SHA1 | 7aba6bff18bdc4c477da603184d74f054805c78f |
| SHA256 | c0043d9fa0b841da00ec1672d60015804d882d4765a62b6483f2294c3c5b83e0 |
| SHA512 | 1050f96f4f79f681b3eaf4012ec0e287c5067b75ba7a2cbe89d9b380c07698099b156a0eb2cbc5b8aa336d2daa98e457b089935b534c4d6636987e7e7e32b169 |
C:\Users\Admin\AppData\Local\Temp\nsgC9B9.tmp\7z-out\locales\ko.pak
| MD5 | b4fbff56e4974a7283d564c6fc0365be |
| SHA1 | de68bd097def66d63d5ff04046f3357b7b0e23ac |
| SHA256 | 8c9acde13edcd40d5b6eb38ad179cc27aa3677252a9cd47990eba38ad42833e5 |
| SHA512 | 0698aa058561bb5a8fe565bb0bec21548e246dbb9d38f6010e9b0ad9de0f59bce9e98841033ad3122a163dd321ee4b11ed191277cdcb8e0b455d725593a88aa5 |
C:\Users\Admin\AppData\Local\Temp\nsgC9B9.tmp\7z-out\locales\kn.pak
| MD5 | c548a5f1fb5753408e44f3f011588594 |
| SHA1 | e064ab403972036dad1b35abe9794e95dbe4cc00 |
| SHA256 | 890f50a57b862f482d367713201e1e559ac778fc3a36322d1dfbbef2535dd9cb |
| SHA512 | 6975e4bb1a90e0906cf6266f79da6cc4ae32f72a6141943bcfcf9b33f791e9751a9aafde9ca537f33f6ba8e4d697125fbc2ec4ffd3bc35851f406567dae7e631 |
C:\Users\Admin\AppData\Local\Temp\nsgC9B9.tmp\7z-out\locales\ja.pak
| MD5 | d10d536bcd183030ba07ff5c61bf5e3a |
| SHA1 | 44dd78dba9f098ac61222eb9647d111ad1608960 |
| SHA256 | 2a3d3abc9f80bad52bd6da5769901e7b9e9f052b6a58a7cc95ce16c86a3aa85a |
| SHA512 | c67aede9ded1100093253e350d6137ab8b2a852bd84b6c82ba1853f792e053cecd0ea0519319498aed5759bedc66d75516a4f2f7a07696a0cef24d5f34ef9dd2 |
C:\Users\Admin\AppData\Local\Temp\nsgC9B9.tmp\7z-out\locales\it.pak
| MD5 | d58a43068bf847c7cd6284742c2f7823 |
| SHA1 | 497389765143fac48af2bd7f9a309bfe65f59ed9 |
| SHA256 | 265d8b1bc479ad64fa7a41424c446139205af8029a2469d558813edd10727f9c |
| SHA512 | 547a1581dda28c5c1a0231c736070d8a7b53a085a0ce643a4a1510c63a2d4670ff2632e9823cd25ae2c7cdc87fa65883e0a193853890d4415b38056cb730ab54 |
C:\Users\Admin\AppData\Local\Temp\nsgC9B9.tmp\7z-out\locales\id.pak
| MD5 | 7b39423028da71b4e776429bb4f27122 |
| SHA1 | cb052ab5f734d7a74a160594b25f8a71669c38f2 |
| SHA256 | 3d95c5819f57a0ad06a118a07e0b5d821032edcf622df9b10a09da9aa974885f |
| SHA512 | e40679b01ab14b6c8dfdce588f3b47bcaff55dbb1539b343f611b3fcbd1d0e7d8c347a2b928215a629f97e5f68d19c51af775ec27c6f906cac131beae646ce1a |
C:\Users\Admin\AppData\Local\Temp\nsgC9B9.tmp\7z-out\locales\hr.pak
| MD5 | 8f9498d18d90477ad24ea01a97370b08 |
| SHA1 | 3868791b549fc7369ab90cd27684f129ebd628be |
| SHA256 | 846943f77a425f3885689dcf12d62951c5b7646e68eadc533b8b5c2a1373f02e |
| SHA512 | 3c66a84592debe522f26c48b55c04198ad8a16c0dcfa05816825656c76c1c6cccf5767b009f20ecb77d5a589ee44b0a0011ec197fec720168a6c72c71ebf77fd |
C:\Users\Admin\AppData\Local\Temp\nsgC9B9.tmp\7z-out\locales\lv.pak
| MD5 | e4f7d9e385cb525e762ece1aa243e818 |
| SHA1 | 689d784379bac189742b74cd8700c687feeeded1 |
| SHA256 | 523d141e59095da71a41c14aec8fe9ee667ae4b868e0477a46dd18a80b2007ef |
| SHA512 | e4796134048cd12056d746f6b8f76d9ea743c61fee5993167f607959f11fd3b496429c3e61ed5464551fd1931de4878ab06f23a3788ee34bb56f53db25bcb6df |
C:\Users\Admin\AppData\Local\Temp\2Ol4e8rQz0h0wOoUdsfPrEXFdWg\locales\lt.pak
| MD5 | 980c27fd74cc3560b296fe8e7c77d51f |
| SHA1 | f581efa1b15261f654588e53e709a2692d8bb8a3 |
| SHA256 | 41e0f3619cda3b00abbbf07b9cd64ec7e4785ed4c8a784c928e582c3b6b8b7db |
| SHA512 | 51196f6f633667e849ef20532d57ec81c5f63bab46555cea8fab2963a078acdfa84843eded85c3b30f49ef3ceb8be9e4ef8237e214ef9ecff6373a84d395b407 |
C:\Users\Admin\AppData\Local\Temp\nsgC9B9.tmp\7z-out\locales\ru.pak
| MD5 | ab9902025dcf7d5408bf6377b046272b |
| SHA1 | c9496e5af3e2a43377290a4883c0555e27b1f10f |
| SHA256 | 983b15dcc31d0e9a3da78cd6021e5add2a3c2247322aded9454a5d148d127aae |
| SHA512 | d255d5f5b6b09af2cdec7b9c171eebb1de1094cc5b4ddf43a3d4310f8f5f223ac48b8da97a07764d1b44f1d4a14fe3a0c92a0ce6fe9a4ae9a6b4a342e038f842 |
C:\Users\Admin\AppData\Local\Temp\nsgC9B9.tmp\7z-out\locales\sk.pak
| MD5 | c6c7396dbfb989f034d50bd053503366 |
| SHA1 | 089f176b88235cce5bca7abfcc78254e93296d61 |
| SHA256 | 439f7d6c23217c965179898754edcef8fd1248bdd9b436703bf1ff710701117a |
| SHA512 | 1476963f47b45d2d26536706b7eeba34cfae124a3087f7727c4efe0f19610f94393012cda462060b1a654827e41f463d7226afa977654dcd85b27b7f8d1528eb |
C:\Users\Admin\AppData\Local\Temp\nsgC9B9.tmp\7z-out\locales\ro.pak
| MD5 | 99eaa3d101354088379771fd85159de1 |
| SHA1 | a32db810115d6dcf83a887e71d5b061b5eefe41f |
| SHA256 | 33f4c20f7910bc3e636bc3bec78f4807685153242dd4bc77648049772cf47423 |
| SHA512 | c6f87da1b5c156aa206dc21a9da3132cbfb0e12e10da7dc3b60363089de9e0124bbad00a233e61325348223fc5953d4f23e46fe47ec8e7ca07702ac73f3fd2e9 |
C:\Users\Admin\AppData\Local\Temp\nsgC9B9.tmp\7z-out\locales\sl.pak
| MD5 | d4bd9f20fd29519d6b017067e659442c |
| SHA1 | 782283b65102de4a0a61b901dea4e52ab6998f22 |
| SHA256 | f33afa6b8df235b09b84377fc3c90403c159c87edd8cd8004b7f6edd65c85ce6 |
| SHA512 | adf8d8ec17e8b05771f47b19e8027f88237ad61bca42995f424c1f5bd6efa92b23c69d363264714c1550b9cd0d03f66a7cfb792c3fbf9d5c173175b0a8c039dc |
C:\Users\Admin\AppData\Local\Temp\nsgC9B9.tmp\7z-out\locales\ur.pak
| MD5 | ff0a23974aef88afc86ecc806dbf1d60 |
| SHA1 | e7bae97cbb8692a0d106644dfaa9b7d7ea6fcef0 |
| SHA256 | f245ab242aafeef37db736c780476534fad0706aa66dcb8b6b8cd181b4778385 |
| SHA512 | aabe8160fac7e0eb8e8eb80963fe995fa4a802147d1b8f605bc0fe3f8e2474463c1d313471c11c85eb5578112232fdc8e89b8a6d43dbe38a328538ff30a78d08 |
C:\Users\Admin\AppData\Local\Temp\nsgC9B9.tmp\7z-out\locales\zh-TW.pak
| MD5 | 524711882cbfb5b95a63ef48f884cff0 |
| SHA1 | 1078037687cfc5d038eeb8b63d295239e0edc47a |
| SHA256 | 9e16499cd96a155d410c8df4c812c52ff2a750f8c4db87fd891c1e58c1428c78 |
| SHA512 | 16d45a81f7f4606eda9d12a8b1da06e3c866b11bdc0c92a4022bfb8d02b885d8f028457cf23e3f7589dfd191ed7f7fbc68c81b6e1411834edfcbc9cc85e0dc4d |
C:\Users\Admin\AppData\Local\Temp\nsgC9B9.tmp\7z-out\resources\elevate.exe
| MD5 | 792b92c8ad13c46f27c7ced0810694df |
| SHA1 | d8d449b92de20a57df722df46435ba4553ecc802 |
| SHA256 | 9b1fbf0c11c520ae714af8aa9af12cfd48503eedecd7398d8992ee94d1b4dc37 |
| SHA512 | 6c247254dc18ed81213a978cce2e321d6692848c64307097d2c43432a42f4f4f6d3cf22fb92610dfa8b7b16a5f1d94e9017cf64f88f2d08e79c0fe71a9121e40 |
C:\Users\Admin\AppData\Local\Temp\nsgC9B9.tmp\StdUtils.dll
| MD5 | c6a6e03f77c313b267498515488c5740 |
| SHA1 | 3d49fc2784b9450962ed6b82b46e9c3c957d7c15 |
| SHA256 | b72e9013a6204e9f01076dc38dabbf30870d44dfc66962adbf73619d4331601e |
| SHA512 | 9870c5879f7b72836805088079ad5bbafcb59fc3d9127f2160d4ec3d6e88d3cc8ebe5a9f5d20a4720fe6407c1336ef10f33b2b9621bc587e930d4cbacf337803 |
C:\Users\Admin\AppData\Local\Temp\nsgC9B9.tmp\StdUtils.dll
| MD5 | c6a6e03f77c313b267498515488c5740 |
| SHA1 | 3d49fc2784b9450962ed6b82b46e9c3c957d7c15 |
| SHA256 | b72e9013a6204e9f01076dc38dabbf30870d44dfc66962adbf73619d4331601e |
| SHA512 | 9870c5879f7b72836805088079ad5bbafcb59fc3d9127f2160d4ec3d6e88d3cc8ebe5a9f5d20a4720fe6407c1336ef10f33b2b9621bc587e930d4cbacf337803 |
C:\Users\Admin\AppData\Local\Temp\nsgC9B9.tmp\7z-out\resources\app.asar
| MD5 | 195df4b7998875821ed715b9f1535ac6 |
| SHA1 | 27a67ecf3e08b12fd7bc68a02cfa6105fb92d0f1 |
| SHA256 | 766cc67899cda8aed1732ee079d4fc62c8cf78706b2be3da911787d6669bab10 |
| SHA512 | cc8b0377cd2e88aedf1862f6b27dacbf6638ab4fd66a477740365fa370efd40cb06d75b38cd38f5b644b53a02d74322ff5e8c9a644bbfe11a9e6e337ed6a8400 |
C:\Users\Admin\AppData\Local\Temp\nsgC9B9.tmp\7z-out\locales\zh-CN.pak
| MD5 | 20f315d38e3b2edc5832931e7770b62a |
| SHA1 | 2390bd585dec1e884873454bb98b6f1467dcf7bb |
| SHA256 | 53a803724bbf2e7f40aab860325c348f786eeca1ea5ca39a76b4c4a616e3233f |
| SHA512 | c338e241de3561707c7c275b7d6e0fb16185a8cd7112057c08b74ffce122148ef693fe310c839ff93f102726a78e61de3e68c8e324f445a07a98ee9c4fdd4e13 |
C:\Users\Admin\AppData\Local\Temp\nsgC9B9.tmp\7z-out\locales\vi.pak
| MD5 | 3fe6f90f1f990aed508deda3810ce8c2 |
| SHA1 | 3b86f00666d55e984b4aca1a5e8319ffa8f411ff |
| SHA256 | 5eebb23221aebcf0be01bfc2695f7dd35b17f6769be1e28e5610d35c9717854b |
| SHA512 | 9aa9d55f112c8b32aa636086cfd2161d97ea313cac1a44101014128124a03504c992ac8efd265aba4e91787aef7134a14507a600f5ec96ff82df950a8883828c |
C:\Users\Admin\AppData\Local\Temp\nsgC9B9.tmp\7z-out\locales\uk.pak
| MD5 | ee70e9f3557b9c8c67bfb8dfcb51384d |
| SHA1 | fc4dfc35cde1a00f97eefe5e0a2b9b9c0149751e |
| SHA256 | 54324671a161f6d67c790bfd29349db2e2d21f5012dc97e891f8f5268bdf7e22 |
| SHA512 | f4e1da71cb0485851e8ebcd5d5cf971961737ad238353453db938b4a82a68a6bbaf3de7553f0ff1f915a0e6640a3e54f5368d9154b0a4ad38e439f5808c05b9f |
C:\Users\Admin\AppData\Local\Temp\nsgC9B9.tmp\7z-out\locales\tr.pak
| MD5 | 3a858619502c68d5f7de599060f96db9 |
| SHA1 | 80a66d9b5f1e04cda19493ffc4a2f070200e0b62 |
| SHA256 | d81f28f69da0036f9d77242b2a58b4a76f0d5c54b3e26ee96872ac54d7abb841 |
| SHA512 | 39a7ec0dfe62bcb3f69ce40100e952517b5123f70c70b77b4c9be3d98296772f10d3083276bc43e1db66ed4d9bfa385a458e829ca2a7d570825d7a69e8fbb5f4 |
C:\Users\Admin\AppData\Local\Temp\nsgC9B9.tmp\7z-out\locales\th.pak
| MD5 | 2c41616dfe7fcdb4913cfafe5d097f95 |
| SHA1 | cf7d9e8ad3aa47d683e47f116528c0e4a9a159b0 |
| SHA256 | f11041c48831c93aa11bbf885d330739a33a42db211daccf80192668e2186ed3 |
| SHA512 | 97329717e11bc63456c56022a7b7f5da730da133e3fc7b2cc660d63a955b1a639c556b857c039a004f92e5f35be61bf33c035155be0a361e3cd6d87b549df811 |
C:\Users\Admin\AppData\Local\Temp\nsgC9B9.tmp\7z-out\locales\te.pak
| MD5 | f809bf5184935c74c8e7086d34ea306c |
| SHA1 | 709ab3decff033cf2fa433ecc5892a7ac2e3752e |
| SHA256 | 9bbfa7a9f2116281bf0af1e8ffb279d1aa97ac3ed9ebc80c3ade19e922d7e2d4 |
| SHA512 | de4b14dd6018fdbdf5033abda4da2cb9f5fcf26493788e35d88c07a538b84fdd663ee20255dfd9c1aac201f0cce846050d2925c55bf42d4029cb78b057930acd |
C:\Users\Admin\AppData\Local\Temp\nsgC9B9.tmp\7z-out\locales\ta.pak
| MD5 | 7006691481966109cce413f48a349ff2 |
| SHA1 | 6bd243d753cf66074359abe28cfae75bcedd2d23 |
| SHA256 | 24ea4028da66a293a43d27102012235198f42a1e271fe568c7fd78490a3ee647 |
| SHA512 | e12c0d1792a28bf4885e77185c2a0c5386438f142275b8f77317eb8a5cee994b3241bb264d9502d60bfbce9cf8b3b9f605c798d67819259f501719d054083bea |
C:\Users\Admin\AppData\Local\Temp\nsgC9B9.tmp\7z-out\locales\sw.pak
| MD5 | 39277ae2d91fdc1bd38bea892b388485 |
| SHA1 | ff787fb0156c40478d778b2a6856ad7b469bd7cb |
| SHA256 | 6d6d095a1b39c38c273be35cd09eb1914bd3a53f05180a3b3eb41a81ae31d5d3 |
| SHA512 | be2d8fbedaa957f0c0823e7beb80de570edd0b8e7599cf8f2991dc671bdcbbbe618c15b36705d83be7b6e9a0d32ec00f519fc8543b548422ca8dcf07c0548ab4 |
C:\Users\Admin\AppData\Local\Temp\nsgC9B9.tmp\7z-out\locales\sv.pak
| MD5 | 502e4a8b3301253abe27c4fd790fbe90 |
| SHA1 | 17abcd7a84da5f01d12697e0dffc753ffb49991a |
| SHA256 | 7d72e3adb35e13ec90f2f4271ad2a9b817a2734da423d972517f3cff299165fd |
| SHA512 | bd270abaf9344c96b0f63fc8cec04f0d0ac9fc343ab5a80f5b47e4b13b8b1c0c4b68f19550573a1d965bb18a27edf29f5dd592944d754b80ea9684dbcedea822 |
C:\Users\Admin\AppData\Local\Temp\nsgC9B9.tmp\7z-out\locales\sr.pak
| MD5 | cbb817a58999d754f99582b72e1ae491 |
| SHA1 | 6ec3fd06dee0b1fe5002cb0a4fe8ec533a51f9fd |
| SHA256 | 4bd7e466cb5f5b0a451e1192aa1abaaf9526855a86d655f94c9ce2183ec80c25 |
| SHA512 | efef29cedb7b08d37f9df1705d36613f423e994a041b137d5c94d2555319ffb068bb311884c9d4269b0066746dacd508a7d01df40a8561590461d5f02cb52f8b |
C:\Users\Admin\AppData\Local\Temp\nsgC9B9.tmp\7z-out\locales\pt-PT.pak
| MD5 | 6a7232f316358d8376a1667426782796 |
| SHA1 | 8b70fe0f3ab2d73428f19ecd376c5deba4a0bb6c |
| SHA256 | 6a526cd5268b80df24104a7f40f55e4f1068185febbbb5876ba2cb7f78410f84 |
| SHA512 | 40d24b3d01e20ae150083b00bb6e10bca81737c48219bce22fa88faaad85bdc8c56ac9b1eb01854173b0ed792e34bdfbac26d3605b6a35c14cf2824c000d0da1 |
C:\Users\Admin\AppData\Local\Temp\nsgC9B9.tmp\7z-out\locales\pt-BR.pak
| MD5 | 0d9dea9e24645c2a3f58e4511c564a36 |
| SHA1 | dcd2620a1935c667737eea46ca7bb2bdcb31f3a6 |
| SHA256 | ca7b880391fcd319e976fcc9b5780ea71de655492c4a52448c51ab2170eeef3b |
| SHA512 | 8fcf871f8be7727e2368df74c05ca927c5f0bc3484c4934f83c0abc98ecaf774ad7aba56e1bf17c92b1076c0b8eb9c076cc949cd5427efcade9ddf14f6b56bc5 |
C:\Users\Admin\AppData\Local\Temp\nsgC9B9.tmp\7z-out\locales\pl.pak
| MD5 | 18d49d5376237bb8a25413b55751a833 |
| SHA1 | 0b47a7381de61742ac2184850822c5fa2afa559e |
| SHA256 | 1729aa5c8a7e24a0db98febcc91df8b7b5c16f9b6bb13a2b0795038f2a14b981 |
| SHA512 | 45344a533cc35c8ce05cf29b11da6c0f97d8854dae46cf45ef7d090558ef95c3bd5fdc284d9a7809f0b2bf30985002be2aa6a4749c0d9ae9bdff4ad13de4e570 |
C:\Users\Admin\AppData\Local\Temp\nsgC9B9.tmp\7z-out\locales\nl.pak
| MD5 | 181d2a0ece4b67281d9d2323e9b9824d |
| SHA1 | e8bdc53757e96c12f3cd256c7812532dd524a0ea |
| SHA256 | 6629e68c457806621ed23aa53b3675336c3e643f911f8485118a412ef9ed14ce |
| SHA512 | 10d8cc9411ca475c9b659a2cc88d365e811217d957c82d9c144d94843bc7c7a254ee2451a6f485e92385a660fa01577cffa0d64b6e9e658a87bef8fccbbeaf7e |
C:\Users\Admin\AppData\Local\Temp\nsgC9B9.tmp\7z-out\locales\nb.pak
| MD5 | af0fd9179417ba1d7fcca3cc5bee1532 |
| SHA1 | f746077bbf6a73c6de272d5855d4f1ca5c3af086 |
| SHA256 | e900f6d0dd9d5a05b5297618f1fe1600c189313da931a9cb390ee42383eb070f |
| SHA512 | c94791d6b84200b302073b09357abd2a1d7576b068bae01dccda7bc154a6487145c83c9133848ccf4cb9e6dc6c5a9d4be9d818e5a0c8f440a4e04ae8eabd4a29 |
C:\Users\Admin\AppData\Local\Temp\nsgC9B9.tmp\7z-out\locales\ms.pak
| MD5 | 9b3e2f3c49897228d51a324ab625eb45 |
| SHA1 | 8f3daec46e9a99c3b33e3d0e56c03402ccc52b9d |
| SHA256 | 61a3daae72558662851b49175c402e9fe6fd1b279e7b9028e49506d9444855c5 |
| SHA512 | 409681829a861cd4e53069d54c80315e0c8b97e5db4cd74985d06238be434a0f0c387392e3f80916164898af247d17e8747c6538f08c0ef1c5e92a7d1b14f539 |
C:\Users\Admin\AppData\Local\Temp\nsgC9B9.tmp\7z-out\locales\mr.pak
| MD5 | c0ef1866167d926fb351e9f9bf13f067 |
| SHA1 | 6092d04ef3ce62be44c29da5d0d3a04985e2bc04 |
| SHA256 | 88df231cf2e506db3453f90a797194662a5f85e23bbac2ed3169d91a145d2091 |
| SHA512 | 9e2b90f3ac1ae5744c22c2442fbcd86a8496afc2c58f6ca060d6dbb08af6f7411ef910a7c8ca5aedee99b5443d4dff709c7935e8322cb32f8b071ee59caee733 |
C:\Users\Admin\AppData\Local\Temp\nsgC9B9.tmp\7z-out\locales\ml.pak
| MD5 | 8b38c65fc30210c7af9b6fa0424266f4 |
| SHA1 | 116413710ffcf94fbfa38cb97a47731e43a306f5 |
| SHA256 | e8df9a74417c5839c531d7ccab63884a80afb731cc62cbbb3fd141779086ac7d |
| SHA512 | 0fd349c644ac1a2e7ed0247e40900d3a9957f5bef1351b872710d02687c934a8e63d3a7585e91f7df78054aeff8f7abd8c93a94fcd20c799779a64278bab2097 |
C:\Users\Admin\AppData\Local\Temp\2Ol4e8rQz0h0wOoUdsfPrEXFdWg\zzzzz.exe
| MD5 | a61f2d769a619abae02f4f4867df8de0 |
| SHA1 | 52fea8a06d5085f7427e5b141728bc2117335cb3 |
| SHA256 | 4910505ce5d346ef61bb240f9a303308f969103abd4de935206777a0e8aaa792 |
| SHA512 | 0d9a9931720f7cef9421b2cf9506401acaa0660db6d44a68e0cecda829d5055ea337a05cf60d06dad72debe85931ef43a8675444b5a155e179f86ebd2caea122 |
C:\Users\Admin\AppData\Local\Temp\2Ol4e8rQz0h0wOoUdsfPrEXFdWg\zzzzz.exe
| MD5 | a61f2d769a619abae02f4f4867df8de0 |
| SHA1 | 52fea8a06d5085f7427e5b141728bc2117335cb3 |
| SHA256 | 4910505ce5d346ef61bb240f9a303308f969103abd4de935206777a0e8aaa792 |
| SHA512 | 0d9a9931720f7cef9421b2cf9506401acaa0660db6d44a68e0cecda829d5055ea337a05cf60d06dad72debe85931ef43a8675444b5a155e179f86ebd2caea122 |
C:\Users\Admin\AppData\Local\Temp\2Ol4e8rQz0h0wOoUdsfPrEXFdWg\ffmpeg.dll
| MD5 | 94f687603aba179474517da648f436a5 |
| SHA1 | 4de598064481401366fbfc81f0a365c13879035c |
| SHA256 | 96e7ed9463802023c86ba42f8045d5249baaca7f679ac76087d29ae33be1ede0 |
| SHA512 | f94694bed9b6f2c5365b12acad28dc49579c9fbbd7db46569d1fd919cc6973236cba8aa4dd0d8d1a3a9ddef81c285c5dbce47294259462272f84e41a23d9d1e0 |
C:\Users\Admin\AppData\Local\Temp\2Ol4e8rQz0h0wOoUdsfPrEXFdWg\ffmpeg.dll
| MD5 | 94f687603aba179474517da648f436a5 |
| SHA1 | 4de598064481401366fbfc81f0a365c13879035c |
| SHA256 | 96e7ed9463802023c86ba42f8045d5249baaca7f679ac76087d29ae33be1ede0 |
| SHA512 | f94694bed9b6f2c5365b12acad28dc49579c9fbbd7db46569d1fd919cc6973236cba8aa4dd0d8d1a3a9ddef81c285c5dbce47294259462272f84e41a23d9d1e0 |
C:\Users\Admin\AppData\Local\Temp\2Ol4e8rQz0h0wOoUdsfPrEXFdWg\v8_context_snapshot.bin
| MD5 | 4f4d00247758c684c295243ddedd2948 |
| SHA1 | f8e8fc6c22fde9df1d60c329e38b38a85f96bb69 |
| SHA256 | 4ea84c4465eea20b46e6ded30f711f1e0d61e15574d861b0210819abd5e895e5 |
| SHA512 | 2c335672979114bd68ff6f1b1b94235fbf072fe8642cad1f7d61855b92741f0633fa0ccb77cd520be560db2d3ac75f9be08e22806487bf5d3045781e3903ad45 |
C:\Users\Admin\AppData\Local\Temp\2Ol4e8rQz0h0wOoUdsfPrEXFdWg\icudtl.dat
| MD5 | d89ce8c00659d8e5d408c696ee087ce3 |
| SHA1 | 49fc8109960be3bb32c06c3d1256cb66dded19a8 |
| SHA256 | 9dfbe0dad5c7021cfe8df7f52458c422cbc5be9e16ff33ec90665bb1e3f182de |
| SHA512 | db097ce3eb9e132d0444df79b167a7dcb2df31effbbd3df72da3d24ae2230cc5213c6df5e575985a9918fbd0a6576e335b6ebc12b6258bc93fa205399de64c37 |
memory/4948-987-0x0000025EE7CC0000-0x0000025EE7CC1000-memory.dmp
memory/4948-988-0x0000025EE7CC0000-0x0000025EE7CC1000-memory.dmp
memory/4948-989-0x0000025EE7CC0000-0x0000025EE7CC1000-memory.dmp
memory/4948-997-0x0000025EE7CC0000-0x0000025EE7CC1000-memory.dmp
memory/4948-998-0x0000025EE7CC0000-0x0000025EE7CC1000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\2Ol4e8rQz0h0wOoUdsfPrEXFdWg\resources\app.asar
| MD5 | 195df4b7998875821ed715b9f1535ac6 |
| SHA1 | 27a67ecf3e08b12fd7bc68a02cfa6105fb92d0f1 |
| SHA256 | 766cc67899cda8aed1732ee079d4fc62c8cf78706b2be3da911787d6669bab10 |
| SHA512 | cc8b0377cd2e88aedf1862f6b27dacbf6638ab4fd66a477740365fa370efd40cb06d75b38cd38f5b644b53a02d74322ff5e8c9a644bbfe11a9e6e337ed6a8400 |
memory/4948-1001-0x0000025EE7CC0000-0x0000025EE7CC1000-memory.dmp
memory/4948-999-0x0000025EE7CC0000-0x0000025EE7CC1000-memory.dmp
memory/4948-1002-0x0000025EE7CC0000-0x0000025EE7CC1000-memory.dmp
memory/4948-1003-0x0000025EE7CC0000-0x0000025EE7CC1000-memory.dmp
memory/4948-1004-0x0000025EE7CC0000-0x0000025EE7CC1000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\d74f1c37-761e-4bf7-9194-15e8132c15c7.tmp.node
| MD5 | de381eaa2ece8270012ee128d5cf9e2e |
| SHA1 | 1f06480a2491182f361683e9b901cf26115ef222 |
| SHA256 | ef775eba5a870f92f29be91cdd777e5b7451e44f1a1f23722d4f8d0c6ebe4ed6 |
| SHA512 | 7ca1ea7e3bdee2e5c6a5e1d04e8869af161ace08b914f2e1b4d67d17fadcd719c08f381b6a1c22d43769a066d87e39f91b7059065e4de0525a1f1a2853be982c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 7efec14ad7fa7d40460706a795bffe45 |
| SHA1 | 7fa9323b46ad8fe00c4aa0c399f5d0db0fbf1565 |
| SHA256 | f6bf77cfda488755db9e42500dc4b10544687e84eea2fbae344e2d2aabfc7a70 |
| SHA512 | 48134c6ceb5b881a007383eada61449899291fc458c2a293043f8d66b81672c78ad3f9837c522ecf5f39dddb32d4ba27b6bfceeab55e66eb8b0cd33657785106 |
C:\Users\Admin\AppData\Local\Temp\2Ol4e8rQz0h0wOoUdsfPrEXFdWg\resources.pak
| MD5 | c2b9f8256a070f23a2bac3457198657b |
| SHA1 | 8a6c14bfe8149476baf407e3695a78863aa35fd9 |
| SHA256 | b5ab9cbb8b4f5fb9a3b2f15989a8522d3985c2b4260b1ace9b4edb5173f10deb |
| SHA512 | 37bf0e2f1b2bc700519ac7b4fa023611f88a8338d9b303988e1ba37345c1f2199750e60a9cc1e8b3f34c37b78ca5a9ca1f02086755d6fe3d6c5aafeae449c66e |
C:\Users\Admin\AppData\Local\Temp\2Ol4e8rQz0h0wOoUdsfPrEXFdWg\locales\es.pak
| MD5 | a36992d320a88002697da97cd6a4f251 |
| SHA1 | c1f88f391a40ccf2b8a7b5689320c63d6d42935f |
| SHA256 | c5566b661675b613d69a507cbf98768bc6305b80e6893dc59651a4be4263f39d |
| SHA512 | 9719709229a4e8f63247b3efe004ecfeb5127f5a885234a5f78ee2b368f9e6c44eb68a071e26086e02aa0e61798b7e7b9311d35725d3409ffc0e740f3aa3b9b5 |
C:\Users\Admin\AppData\Local\Temp\2Ol4e8rQz0h0wOoUdsfPrEXFdWg\chrome_200_percent.pak
| MD5 | 4610337e3332b7e65b73a6ea738b47df |
| SHA1 | 8d824c9cf0a84ab902e8069a4de9bf6c1a9aaf3b |
| SHA256 | c91abf556e55c29d1ea9f560bb17cc3489cb67a5d0c7a22b58485f5f2fbcf25c |
| SHA512 | 039b50284d28dcd447e0a486a099fa99914d29b543093cccda77bbefdd61f7b7f05bb84b2708ae128c5f2d0c0ab19046d08796d1b5a1cff395a0689ab25ccb51 |
C:\Users\Admin\AppData\Local\Temp\2Ol4e8rQz0h0wOoUdsfPrEXFdWg\chrome_100_percent.pak
| MD5 | acd0fa0a90b43cd1c87a55a991b4fac3 |
| SHA1 | 17b84e8d24da12501105b87452f86bfa5f9b1b3c |
| SHA256 | ccbca246b9a93fa8d4f01a01345e7537511c590e4a8efd5777b1596d10923b4b |
| SHA512 | 3e4c4f31c6c7950d5b886f6a8768077331a8f880d70b905cf7f35f74be204c63200ff4a88fa236abccc72ec0fc102c14f50dd277a30f814f35adfe5a7ae3b774 |
C:\Users\Admin\AppData\Local\Temp\2Ol4e8rQz0h0wOoUdsfPrEXFdWg\ffmpeg.dll
| MD5 | 94f687603aba179474517da648f436a5 |
| SHA1 | 4de598064481401366fbfc81f0a365c13879035c |
| SHA256 | 96e7ed9463802023c86ba42f8045d5249baaca7f679ac76087d29ae33be1ede0 |
| SHA512 | f94694bed9b6f2c5365b12acad28dc49579c9fbbd7db46569d1fd919cc6973236cba8aa4dd0d8d1a3a9ddef81c285c5dbce47294259462272f84e41a23d9d1e0 |
C:\Users\Admin\AppData\Local\Temp\2Ol4e8rQz0h0wOoUdsfPrEXFdWg\zzzzz.exe
| MD5 | a61f2d769a619abae02f4f4867df8de0 |
| SHA1 | 52fea8a06d5085f7427e5b141728bc2117335cb3 |
| SHA256 | 4910505ce5d346ef61bb240f9a303308f969103abd4de935206777a0e8aaa792 |
| SHA512 | 0d9a9931720f7cef9421b2cf9506401acaa0660db6d44a68e0cecda829d5055ea337a05cf60d06dad72debe85931ef43a8675444b5a155e179f86ebd2caea122 |
C:\Users\Admin\AppData\Local\Temp\2Ol4e8rQz0h0wOoUdsfPrEXFdWg\zzzzz.exe
| MD5 | a61f2d769a619abae02f4f4867df8de0 |
| SHA1 | 52fea8a06d5085f7427e5b141728bc2117335cb3 |
| SHA256 | 4910505ce5d346ef61bb240f9a303308f969103abd4de935206777a0e8aaa792 |
| SHA512 | 0d9a9931720f7cef9421b2cf9506401acaa0660db6d44a68e0cecda829d5055ea337a05cf60d06dad72debe85931ef43a8675444b5a155e179f86ebd2caea122 |
C:\Users\Admin\AppData\Local\Temp\2Ol4e8rQz0h0wOoUdsfPrEXFdWg\ffmpeg.dll
| MD5 | 94f687603aba179474517da648f436a5 |
| SHA1 | 4de598064481401366fbfc81f0a365c13879035c |
| SHA256 | 96e7ed9463802023c86ba42f8045d5249baaca7f679ac76087d29ae33be1ede0 |
| SHA512 | f94694bed9b6f2c5365b12acad28dc49579c9fbbd7db46569d1fd919cc6973236cba8aa4dd0d8d1a3a9ddef81c285c5dbce47294259462272f84e41a23d9d1e0 |
C:\Users\Admin\AppData\Local\Temp\2Ol4e8rQz0h0wOoUdsfPrEXFdWg\D3DCompiler_47.dll
| MD5 | 3b4647bcb9feb591c2c05d1a606ed988 |
| SHA1 | b42c59f96fb069fd49009dfd94550a7764e6c97c |
| SHA256 | 35773c397036b368c1e75d4e0d62c36d98139ebe74e42c1ff7be71c6b5a19fd7 |
| SHA512 | 00cd443b36f53985212ac43b44f56c18bf70e25119bbf9c59d05e2358ff45254b957f1ec63fc70fb57b1726fd8f76ccfad8103c67454b817a4f183f9122e3f50 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 97ba4b74814e50a49b34571681f0fd08 |
| SHA1 | 5050c2f374f86711a4164a6bc98173d4638cadca |
| SHA256 | 06a90990458abfe861a932606953c32539a654fa88c8cf339c7b3980dcb9f566 |
| SHA512 | cfce5c54e853d4c9afa25678d77a1e36b8306d84ab67673ea6a5173c093d39d8cb440db33760b2136ebf995d3588978c8f5239a70cf23db8491bcde2156e4202 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 6bd435c08bcf738773c5e8e31f18a941 |
| SHA1 | 622806dcc29dcb63a44ff4e9bdbd2a0fb9c8b593 |
| SHA256 | 8bf95dafdbd63d25a1b3c843c0cfbe3e52f0dd839ff815630aeba797ec93bdbd |
| SHA512 | 4c9ce91c64cff27f36505287e9c9b5b6131d433cb8fb1a99ff5e956eca248e5f8dfc7c68b6e1d1a2ce33edb005670728ce96145756b5e961f5fc5630cd3d4afb |
C:\Users\Admin\AppData\Local\Temp\nstCC26.tmp\System.dll
| MD5 | 0d7ad4f45dc6f5aa87f606d0331c6901 |
| SHA1 | 48df0911f0484cbe2a8cdd5362140b63c41ee457 |
| SHA256 | 3eb38ae99653a7dbc724132ee240f6e5c4af4bfe7c01d31d23faf373f9f2eaca |
| SHA512 | c07de7308cb54205e8bd703001a7fe4fd7796c9ac1b4bb330c77c872bf712b093645f40b80ce7127531fe6746a5b66e18ea073ab6a644934abed9bb64126fea9 |
C:\Users\Admin\AppData\Local\Temp\nstCC26.tmp\nsis7z.dll
| MD5 | 80e44ce4895304c6a3a831310fbf8cd0 |
| SHA1 | 36bd49ae21c460be5753a904b4501f1abca53508 |
| SHA256 | b393f05e8ff919ef071181050e1873c9a776e1a0ae8329aefff7007d0cadf592 |
| SHA512 | c8ba7b1f9113ead23e993e74a48c4427ae3562c1f6d9910b2bbe6806c9107cf7d94bc7d204613e4743d0cd869e00dafd4fb54aad1e8adb69c553f3b9e5bc64df |
C:\Users\Admin\AppData\Roaming\index\Preferences
| MD5 | 94a653910a42a49fd566e03ca7a541a6 |
| SHA1 | 21c33c0bafa5e9f3f172fcd245b8ee7977d5cfeb |
| SHA256 | a029bb554adfcf222607af6413f0e6f5567fc5027cd6f3be146d643af1db65b0 |
| SHA512 | b4e74e73b7ff65c82fafcb537e1055c9be0df6a14ead662f1c2ffd664424fec841b831c57d63cef575ecfe3afbcd460df61135eea03ec681eaa385ea25f789c5 |
C:\Users\Admin\AppData\Roaming\index\Preferences~RFe58e990.TMP
| MD5 | 8a9bbc2f833ed90104d3e81732369d1c |
| SHA1 | 488256a8361ef1496ad01a67dbf5eb4149aef667 |
| SHA256 | eccd0ffbf81c7646a3a23e4727206b08596cbc0c36597ddb13a8c6906ed89115 |
| SHA512 | ee423d4ceb3bfbd8a6d61cc48077e92c2f764d0135d58d07f2c742de9e936a86059d60c08998918fadb0e3e66eb25b3bdd49e4bb95e7a67dada71fc487a345ef |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
| MD5 | 52957d4bf2f5b79a0cf7b42e9eb1a954 |
| SHA1 | c6ca0bc3ebd37a4a7a99b3ec8b4cc29368c5fac5 |
| SHA256 | 373963e79b7dd7a50576b9bf92f1a5c356e30bad53e25c44d245dfcc2f869d6b |
| SHA512 | 90f957c13fe611b314c501d6cff5fa6d747ce1bb67d32b73997292c6c846c516e509ca76351f827bfaefe80960d4ba8ee89ac7a2a9330f4741f6dce9b4170036 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | b1a923e1a5719ad4cd2d610bce8bf74c |
| SHA1 | 9d1e017cbe823e970456f1073cffc293f857a940 |
| SHA256 | 4e4206ca0fd78777c4e097b26547bab2bc689189853d0e73ad182a789e19ec03 |
| SHA512 | e38a33d36d472c1c4db603c4276897cdc60b34c79da7ca58fbea59cc63acb0fefb0c911b5f425384635046d2dbdd1c55c7da92b55e859032141c2ea3b12fe15e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ff79d9f96eb0edc0c86c0a8c84a02c3b |
| SHA1 | b06aaf66231d7491125b77e65594d95386f61040 |
| SHA256 | 5e961fc4a52cf82bd2adb146f9b3125a18ea7217dea8ff6b301392450c412032 |
| SHA512 | d951d4e18649da522ae84908f02bf01a8a545dc48e038b619d1cd5be9515d2272dcad5bbd10deaab131410a0b0f10b1d705ceca119067c79fc0f74e8ee94c3e2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000029
| MD5 | 109e1354dcad59ff8d3e589dcc09299a |
| SHA1 | bc2cf564c7967a59936c2074b78e124e17439c3a |
| SHA256 | a9f34a49984f7a94c7a522a6d171e470701d34a4b630dcb7ae673e6cfaf2e5ae |
| SHA512 | 4a85f37ac35db60a44e729a0ee842e45172657c17c71022dfa73aed445106b833cdceccf94b1735737d5b9c06da8db19a6799186bbf742544c943a4b8de737ce |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | 2b5e3033c60ca3bd2f808038be6882ed |
| SHA1 | 27771b52ac1648f51462b0ab15aec40239084a9f |
| SHA256 | 147f6408ca816bac36f330998fc27d3f3ee80069fe3615b11252d87247ce003f |
| SHA512 | 79808a9b27c19807d1de1247ef0a2ea139130a244e90ccf01268ee10b6e4319470bd8b3a0b918a8d60de49574d79c31d259cc540c8dacda6a08280987c454a6a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 0c1b91411781ad69eb4f80bd20797657 |
| SHA1 | 0dd24b68605710d3f62cd93f22032f53295ae825 |
| SHA256 | 49f82cc6ce779cfd418a6ef93ec765d3e76bbd7c1de3c494e9384d08e72d8775 |
| SHA512 | 07a378a7db3407c87b929084b9128ac11701c0460cd9075142f37e63af837d6318bfc661605477355577bbb824ebc140317d06e8aec586c9bd87ba9b7dd06ef1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 596746d702b777ad1d516454300da91c |
| SHA1 | ecaaeb10cdd54506ecd9c5cf4c2996345dcbc500 |
| SHA256 | 5ac7c870180e4807f3aa8545f42eaebb235e48611edc4f3a61ede804583f0fe1 |
| SHA512 | 9b3bd9fa4cff3eb8a70872882c93935d29b1fe2e58badcac73b7a568528771785239c297f215f1f5c4e3263e349d99a2e89fab134eb7a5a47f5957f57d9c24a6 |
C:\Users\Admin\AppData\Local\Temp\nstCC26.tmp\app-32.7z
| MD5 | 262aacc27fd68c2e83f65267a6f9128f |
| SHA1 | deebc359fa09d3f6a30eeb380fbf9ea8f945cf2d |
| SHA256 | 64f951459098a3a730ba13267a9ed0671d41c6f329185445414f50589d6cf614 |
| SHA512 | f589cb617c98c7cacb9ddcaf71c5a61df90dea4e78d8bfa41348bead4c23ffb695c141b13aa5de2aad39182725f51b02933e7e0c1e0098d254da1d058fa3ab07 |
C:\Users\Admin\AppData\Local\Temp\895116bc-3034-4b2c-9251-0cfe1817760f.tmp.node
| MD5 | de381eaa2ece8270012ee128d5cf9e2e |
| SHA1 | 1f06480a2491182f361683e9b901cf26115ef222 |
| SHA256 | ef775eba5a870f92f29be91cdd777e5b7451e44f1a1f23722d4f8d0c6ebe4ed6 |
| SHA512 | 7ca1ea7e3bdee2e5c6a5e1d04e8869af161ace08b914f2e1b4d67d17fadcd719c08f381b6a1c22d43769a066d87e39f91b7059065e4de0525a1f1a2853be982c |
C:\Users\Admin\AppData\Local\Temp\54f364ca-98de-4305-8e36-31f1e07fb21f.tmp.node
| MD5 | ded033e7e5371e470d7b41d1b4e5de3c |
| SHA1 | 83a8d677f577774cba6f1ea35e730d253df96688 |
| SHA256 | 393e2339f75de2d5a44fcd1db078de5f99659efa98cc210b497eba38b29317f0 |
| SHA512 | 1f0edca43beb822332e9f6a1ec8e38e7f767c2197d181c83446553ca7f2dc481837a2be2a2935064f36f129826fbb18b27e4e9da7c2e0a0a2974381980e5d6d2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Web Data.bby
| MD5 | 780853cddeaee8de70f28a4b255a600b |
| SHA1 | ad7a5da33f7ad12946153c497e990720b09005ed |
| SHA256 | 1055ff62de3dea7645c732583242adf4164bdcfb9dd37d9b35bbb9510d59b0a3 |
| SHA512 | e422863112084bb8d11c682482e780cd63c2f20c8e3a93ed3b9efd1b04d53eb5d3c8081851ca89b74d66f3d9ab48eb5f6c74550484f46e7c6e460a8250c9b1d8 |
C:\Users\Admin\AppData\Roaming\index\Network\Network Persistent State
| MD5 | 8edcb096239ebd5ac6b4515b9a549c0c |
| SHA1 | 81e87cb199117915c22c8dcdf4caf6dc3ca02a27 |
| SHA256 | ebeab13e1c8f54c2eee08e39bb7338c965ec65fee43661b76e3e9e1129e76655 |
| SHA512 | 356106bf4ee5ee89b0ffed40499de1b9985706a721ff904df19d7390a3d4b73761420f685bbc9bf27b08b3263cc06e7a9468bf3bdfd6987c67c8542f13813d7e |