Analysis Overview
Threat Level: Likely malicious
The file https://geteasypdf.com/pdf/lp5?main=headline3&lower=headline3&utm_source=oh-gdn&utm_medium=153500824274&utm_campaign=17428010086&utm_term=npiprofile.com&utm_content=689508795359&gclid=EAIaIQobChMIsojp3ve8hAMVCqcAAB0pAgFCEAEYASAAEgJ85vD_BwE was found to be: Likely malicious.
Malicious Activity Summary
Downloads MZ/PE file
Executes dropped EXE
Checks computer location settings
Registers COM server for autorun
Loads dropped DLL
Reads user/profile data of web browsers
Legitimate hosting services abused for malware hosting/C2
Enumerates connected drives
Adds Run key to start application
Checks installed software on the system
Detected potential entity reuse from brand google.
Drops file in Program Files directory
Program crash
Enumerates physical storage devices
Suspicious behavior: AddClipboardFormatListener
Script User-Agent
Modifies data under HKEY_USERS
Modifies registry class
Suspicious use of WriteProcessMemory
Uses Task Scheduler COM API
Kills process with taskkill
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
Suspicious use of FindShellTrayWindow
Enumerates system info in registry
Suspicious behavior: EnumeratesProcesses
Suspicious use of AdjustPrivilegeToken
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-02-21 17:44
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-02-21 17:44
Reported
2024-02-21 17:47
Platform
win10v2004-20240221-en
Max time kernel
192s
Max time network
193s
Command Line
Signatures
Downloads MZ/PE file
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-3316742141-2240921845-2885234760-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3316742141-2240921845-2885234760-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3316742141-2240921845-2885234760-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3316742141-2240921845-2885234760-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\is-6OQRM.tmp\OneLaunch - Easy PDF_pm5kl.tmp | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3316742141-2240921845-2885234760-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\is-C61QT.tmp\OneLaunch Setup_pm5kl.tmp | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3316742141-2240921845-2885234760-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3316742141-2240921845-2885234760-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\is-7GT07.tmp\OneLaunch - Easy PDF_pm5kl.tmp | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3316742141-2240921845-2885234760-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3316742141-2240921845-2885234760-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3316742141-2240921845-2885234760-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3316742141-2240921845-2885234760-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3316742141-2240921845-2885234760-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3316742141-2240921845-2885234760-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\onelaunch.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3316742141-2240921845-2885234760-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3316742141-2240921845-2885234760-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe | N/A |
Executes dropped EXE
Loads dropped DLL
Reads user/profile data of web browsers
Registers COM server for autorun
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-3316742141-2240921845-2885234760-1000_Classes\CLSID\{41dbafb1-26cc-a64e-6fd4-36024342151e}\LocalServer32 | C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\onelaunch.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3316742141-2240921845-2885234760-1000_Classes\CLSID\{41dbafb1-26cc-a64e-6fd4-36024342151e}\LocalServer32\ = "\"C:\\Users\\Admin\\AppData\\Local\\OneLaunch\\5.27.0\\onelaunch.exe\" -ToastActivated" | C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\onelaunch.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{41dbafb1-26cc-a64e-6fd4-36024342151e}\LocalServer32 | C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\onelaunch.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{41dbafb1-26cc-a64e-6fd4-36024342151e}\LocalServer32\ = "\"C:\\Users\\Admin\\AppData\\Local\\OneLaunch\\5.27.0\\onelaunch.exe\" -ToastActivated" | C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\onelaunch.exe | N/A |
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3316742141-2240921845-2885234760-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OneLaunch = "C:\\Users\\Admin\\AppData\\Local\\OneLaunch\\5.27.0\\onelaunch.exe /startedFrom=registry" | C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\onelaunch.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3316742141-2240921845-2885234760-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OneLaunchChromium = "C:\\Users\\Admin\\AppData\\Local\\OneLaunch\\5.27.0\\ChromiumStartupProxy.exe" | C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\onelaunch.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3316742141-2240921845-2885234760-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OneLaunchUpdater = "C:\\Users\\Admin\\AppData\\Local\\OneLaunch\\5.27.0\\OneLaunchUpdaterProxy.exe" | C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\onelaunch.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3316742141-2240921845-2885234760-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OneLaunch = "C:\\Users\\Admin\\AppData\\Local\\OneLaunch\\5.27.0\\onelaunch.exe" | C:\Users\Admin\AppData\Local\Temp\is-C61QT.tmp\OneLaunch Setup_pm5kl.tmp | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3316742141-2240921845-2885234760-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OneLaunchChromium = "C:\\Users\\Admin\\AppData\\Local\\OneLaunch\\5.27.0\\ChromiumStartupProxy.exe" | C:\Users\Admin\AppData\Local\Temp\is-C61QT.tmp\OneLaunch Setup_pm5kl.tmp | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3316742141-2240921845-2885234760-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OneLaunchUpdater = "C:\\Users\\Admin\\AppData\\Local\\OneLaunch\\5.27.0\\onelaunch.exeUpdaterProxy" | C:\Users\Admin\AppData\Local\Temp\is-C61QT.tmp\OneLaunch Setup_pm5kl.tmp | N/A |
Checks installed software on the system
Enumerates connected drives
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | api.keen.io | N/A | N/A |
| N/A | api.keen.io | N/A | N/A |
| N/A | api.keen.io | N/A | N/A |
| N/A | dropbox.com | N/A | N/A |
| N/A | api.keen.io | N/A | N/A |
| N/A | api.keen.io | N/A | N/A |
| N/A | api.keen.io | N/A | N/A |
| N/A | api.keen.io | N/A | N/A |
| N/A | api.keen.io | N/A | N/A |
| N/A | api.keen.io | N/A | N/A |
| N/A | api.keen.io | N/A | N/A |
| N/A | api.keen.io | N/A | N/A |
| N/A | dropbox.com | N/A | N/A |
| N/A | dropbox.com | N/A | N/A |
| N/A | api.keen.io | N/A | N/A |
| N/A | api.keen.io | N/A | N/A |
Detected potential entity reuse from brand google.
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File created | C:\Program Files (x86)\chrome_PuffinComponentUnpacker_BeginUnzipping4616_1188382275\manifest.json | C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe | N/A |
| File created | C:\Program Files (x86)\chrome_PuffinComponentUnpacker_BeginUnzipping4616_1188382275\LICENSE | C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe | N/A |
| File created | C:\Program Files (x86)\chrome_PuffinComponentUnpacker_BeginUnzipping4616_1188382275\_metadata\verified_contents.json | C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe | N/A |
| File created | C:\Program Files (x86)\chrome_PuffinComponentUnpacker_BeginUnzipping4616_1188382275\manifest.fingerprint | C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe | N/A |
| File created | C:\Program Files (x86)\chrome_PuffinComponentUnpacker_BeginUnzipping4616_1188382275\sets.json | C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe | N/A |
Enumerates physical storage devices
Program crash
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\WerFault.exe | C:\Users\Admin\AppData\Local\Temp\is-C61QT.tmp\OneLaunch Setup_pm5kl.tmp |
| N/A | N/A | C:\Windows\SysWOW64\WerFault.exe | C:\Users\Admin\AppData\Local\Temp\is-C61QT.tmp\OneLaunch Setup_pm5kl.tmp |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe | N/A |
Kills process with taskkill
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\taskkill.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\taskkill.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\taskkill.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-3316742141-2240921845-2885234760-1000_Classes\OneLaunchHTML\Shell | C:\Users\Admin\AppData\Local\Temp\is-C61QT.tmp\OneLaunch Setup_pm5kl.tmp | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3316742141-2240921845-2885234760-1000_Classes\OneLaunchHTML\Shell\open\Command\ = "\"C:\\Users\\Admin\\AppData\\Local\\OneLaunch\\5.27.0\\chromium\\chromium.exe\" -- \"%1\"" | C:\Users\Admin\AppData\Local\Temp\is-C61QT.tmp\OneLaunch Setup_pm5kl.tmp | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3316742141-2240921845-2885234760-1000_Classes\CLSID | C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\onelaunch.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{41dbafb1-26cc-a64e-6fd4-36024342151e}\AppId = "{41dbafb1-26cc-a64e-6fd4-36024342151e}" | C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\onelaunch.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{41dbafb1-26cc-a64e-6fd4-36024342151e} | C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\onelaunch.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3316742141-2240921845-2885234760-1000_Classes\OneLaunchHTML | C:\Users\Admin\AppData\Local\Temp\is-C61QT.tmp\OneLaunch Setup_pm5kl.tmp | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3316742141-2240921845-2885234760-1000_Classes\OneLaunchHTML\Shell\open | C:\Users\Admin\AppData\Local\Temp\is-C61QT.tmp\OneLaunch Setup_pm5kl.tmp | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3316742141-2240921845-2885234760-1000_Classes\CLSID\{41dbafb1-26cc-a64e-6fd4-36024342151e}\LocalServer32 | C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\onelaunch.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3316742141-2240921845-2885234760-1000_Classes\CLSID\{41dbafb1-26cc-a64e-6fd4-36024342151e}\LocalServer32\ = "\"C:\\Users\\Admin\\AppData\\Local\\OneLaunch\\5.27.0\\onelaunch.exe\" -ToastActivated" | C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\onelaunch.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3316742141-2240921845-2885234760-1000_Classes\AppUserModelId | C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\onelaunch.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3316742141-2240921845-2885234760-1000_Classes\OneLaunchHTML\Application\ApplicationCompany = "OneLaunch" | C:\Users\Admin\AppData\Local\Temp\is-C61QT.tmp\OneLaunch Setup_pm5kl.tmp | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3316742141-2240921845-2885234760-1000_Classes\OneLaunchHTML\DefaultIcon\ = "C:\\Users\\Admin\\AppData\\Local\\OneLaunch\\5.27.0\\chromium\\chromium.exe,0" | C:\Users\Admin\AppData\Local\Temp\is-C61QT.tmp\OneLaunch Setup_pm5kl.tmp | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\AppID\{41dbafb1-26cc-a64e-6fd4-36024342151e}\RunAs = "Interactive User" | C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\onelaunch.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3316742141-2240921845-2885234760-1000_Classes\AppUserModelId\Microsoft.AutoGenerated.{AA019E86-DD4A-0F00-9FDA-FBCF0B4BA2E7} | C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\onelaunch.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3316742141-2240921845-2885234760-1000_Classes\OneLaunchHTML\Application | C:\Users\Admin\AppData\Local\Temp\is-C61QT.tmp\OneLaunch Setup_pm5kl.tmp | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3316742141-2240921845-2885234760-1000_Classes\OneLaunchHTML\Application\ApplicationIcon = "C:\\Users\\Admin\\AppData\\Local\\OneLaunch\\5.27.0\\chromium\\chromium.exe,0" | C:\Users\Admin\AppData\Local\Temp\is-C61QT.tmp\OneLaunch Setup_pm5kl.tmp | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{41dbafb1-26cc-a64e-6fd4-36024342151e}\LocalServer32\ = "\"C:\\Users\\Admin\\AppData\\Local\\OneLaunch\\5.27.0\\onelaunch.exe\" -ToastActivated" | C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\onelaunch.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3316742141-2240921845-2885234760-1000_Classes\AppUserModelId\Microsoft.AutoGenerated.{AA019E86-DD4A-0F00-9FDA-FBCF0B4BA2E7}\Has7.0.1Fix = "1" | C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\onelaunch.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3316742141-2240921845-2885234760-1000_Classes\OneLaunchHTML\Application\ApplicationDescription = "Access the Internet" | C:\Users\Admin\AppData\Local\Temp\is-C61QT.tmp\OneLaunch Setup_pm5kl.tmp | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{41dbafb1-26cc-a64e-6fd4-36024342151e}\LocalServer32 | C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\onelaunch.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3316742141-2240921845-2885234760-1000_Classes\CLSID\{41dbafb1-26cc-a64e-6fd4-36024342151e} | C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\onelaunch.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\AppID\{41dbafb1-26cc-a64e-6fd4-36024342151e} | C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\onelaunch.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3316742141-2240921845-2885234760-1000_Classes\AppUserModelId\Microsoft.AutoGenerated.{AA019E86-DD4A-0F00-9FDA-FBCF0B4BA2E7}\DisplayName = "OneLaunch" | C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\onelaunch.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3316742141-2240921845-2885234760-1000_Classes\wbappbar | C:\Users\Admin\AppData\Local\Temp\is-C61QT.tmp\OneLaunch Setup_pm5kl.tmp | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3316742141-2240921845-2885234760-1000_Classes\OneLaunchHTML\Application\ApplicationName = "OneLaunch" | C:\Users\Admin\AppData\Local\Temp\is-C61QT.tmp\OneLaunch Setup_pm5kl.tmp | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3316742141-2240921845-2885234760-1000_Classes\OneLaunchHTML\Application\AppUserModelId = "OneLaunchHTML" | C:\Users\Admin\AppData\Local\Temp\is-C61QT.tmp\OneLaunch Setup_pm5kl.tmp | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3316742141-2240921845-2885234760-1000_Classes\OneLaunchHTML\Shell\open\Command | C:\Users\Admin\AppData\Local\Temp\is-C61QT.tmp\OneLaunch Setup_pm5kl.tmp | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3316742141-2240921845-2885234760-1000_Classes\OneLaunchHTML\DefaultIcon | C:\Users\Admin\AppData\Local\Temp\is-C61QT.tmp\OneLaunch Setup_pm5kl.tmp | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3316742141-2240921845-2885234760-1000_Classes\AppUserModelId\Microsoft.AutoGenerated.{AA019E86-DD4A-0F00-9FDA-FBCF0B4BA2E7}\IconUri = "C:\\Users\\Admin\\AppData\\Local\\ToastNotificationManagerCompat\\Apps\\Microsoft.AutoGenerated.{AA019E86-DD4A-0F00-9FDA-FBCF0B4BA2E7}\\Icon.png" | C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\onelaunch.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3316742141-2240921845-2885234760-1000_Classes\AppUserModelId\Microsoft.AutoGenerated.{AA019E86-DD4A-0F00-9FDA-FBCF0B4BA2E7}\IconBackgroundColor = "FFDDDDDD" | C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\onelaunch.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3316742141-2240921845-2885234760-1000_Classes\AppUserModelId\Microsoft.AutoGenerated.{AA019E86-DD4A-0F00-9FDA-FBCF0B4BA2E7}\CustomActivator = "{41dbafb1-26cc-a64e-6fd4-36024342151e}" | C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\onelaunch.exe | N/A |
Script User-Agent
| Description | Indicator | Process | Target |
| HTTP User-Agent header | Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5) | N/A | N/A |
| HTTP User-Agent header | Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5) | N/A | N/A |
| HTTP User-Agent header | Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5) | N/A | N/A |
| HTTP User-Agent header | Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5) | N/A | N/A |
| HTTP User-Agent header | Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5) | N/A | N/A |
| HTTP User-Agent header | Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5) | N/A | N/A |
| HTTP User-Agent header | Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5) | N/A | N/A |
| HTTP User-Agent header | Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5) | N/A | N/A |
| HTTP User-Agent header | Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5) | N/A | N/A |
| HTTP User-Agent header | Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5) | N/A | N/A |
Suspicious behavior: AddClipboardFormatListener
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\onelaunch.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\onelaunch.exe | N/A |
Suspicious use of WriteProcessMemory
Uses Task Scheduler COM API
Processes
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://geteasypdf.com/pdf/lp5?main=headline3&lower=headline3&utm_source=oh-gdn&utm_medium=153500824274&utm_campaign=17428010086&utm_term=npiprofile.com&utm_content=689508795359&gclid=EAIaIQobChMIsojp3ve8hAMVCqcAAB0pAgFCEAEYASAAEgJ85vD_BwE
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x100,0x104,0x108,0xfc,0xd8,0x7ff9526e9758,0x7ff9526e9768,0x7ff9526e9778
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2132 --field-trial-handle=1796,i,12133853555319833755,9390733796248705857,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2232 --field-trial-handle=1796,i,12133853555319833755,9390733796248705857,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2968 --field-trial-handle=1796,i,12133853555319833755,9390733796248705857,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2960 --field-trial-handle=1796,i,12133853555319833755,9390733796248705857,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1712 --field-trial-handle=1796,i,12133853555319833755,9390733796248705857,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5048 --field-trial-handle=1796,i,12133853555319833755,9390733796248705857,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5224 --field-trial-handle=1796,i,12133853555319833755,9390733796248705857,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1664 --field-trial-handle=1796,i,12133853555319833755,9390733796248705857,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5448 --field-trial-handle=1796,i,12133853555319833755,9390733796248705857,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5392 --field-trial-handle=1796,i,12133853555319833755,9390733796248705857,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5612 --field-trial-handle=1796,i,12133853555319833755,9390733796248705857,131072 /prefetch:8
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x4f8 0x514
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5496 --field-trial-handle=1796,i,12133853555319833755,9390733796248705857,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5560 --field-trial-handle=1796,i,12133853555319833755,9390733796248705857,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5508 --field-trial-handle=1796,i,12133853555319833755,9390733796248705857,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6076 --field-trial-handle=1796,i,12133853555319833755,9390733796248705857,131072 /prefetch:8
C:\Users\Admin\Downloads\OneLaunch - Easy PDF_pm5kl.exe
"C:\Users\Admin\Downloads\OneLaunch - Easy PDF_pm5kl.exe"
C:\Users\Admin\AppData\Local\Temp\is-6OQRM.tmp\OneLaunch - Easy PDF_pm5kl.tmp
"C:\Users\Admin\AppData\Local\Temp\is-6OQRM.tmp\OneLaunch - Easy PDF_pm5kl.tmp" /SL5="$C0212,2484167,893952,C:\Users\Admin\Downloads\OneLaunch - Easy PDF_pm5kl.exe"
C:\Users\Admin\Downloads\OneLaunch - Easy PDF_pm5kl.exe
"C:\Users\Admin\Downloads\OneLaunch - Easy PDF_pm5kl.exe" /PDATA=eyJ1dG1fY2FtcGFpZ24iOiIxNzQyODAxMDA4NiIsImxvd2VyIjoiaGVhZGxpbmUzIiwidXRtX21lZGl1bSI6IjE1MzUwMDgyNDI3NCIsInByb2ZpbGUiOiJwZGYiLCJtYWluIjoiaGVhZGxpbmUzIiwidWEiOiJjaHJvbWUiLCJ1dG1fdGVybSI6Im5waXByb2ZpbGUuY29tIiwiZ2NsaWQiOiJFQUlhSVFvYkNoTUlzb2pwM3ZlOGhBTVZDcWNBQUIwcEFnRkNFQUVZQVNBQUVnSjg1dkRfQndFIiwiZGlzdGluY3RfaWQiOiI2ZmYzNzEzNy0xMGJkLTRkMmItOTJjNS05OWYzOWM3ZDkzM2EiLCJscF91cmwiOiJodHRwczovL2dldGVhc3lwZGYuY29tL3BkZi9scDUiLCJ3aGl0ZWxhYmVsIjoiZWFzeXBkZiIsImxwYyI6MCwidXRtX3NvdXJjZSI6Im9oLWdkbiIsInV0bV9jb250ZW50IjoiNjg5NTA4Nzk1MzU5IiwiaW5zdGFsbF90aW1lIjoxNzA4NTM3NTAxLCJkZWZhdWx0X2Jyb3dzZXIiOiJNU0VkZ2VIVE0iLCJpbml0aW5hbF92ZXJzaW9uIjoiNS4yNy4wLjAiLCJwYWNrYWdlZF9icm93c2VyIjoiTm9uZSIsInNwbGl0IjoiYSIsIm5vX3NwbGl0IjpmYWxzZSwic3BsaXQyIjoiYiIsInNlcnZlcl9zaWRlX3NwbGl0XzI4XzExX250cF9kaXN0cmlidXRpb24iOiJ2YXJpYXRpb24iLCJzZXJ2ZXJfc2lkZV9zcGxpdF8yM18xMF9lbmhhbmNlZF9zZWFyY2hfYXNzaXN0IjoidmFyaWF0aW9uIiwic2VydmVyX3NpZGVfc3BsaXRfMjNfMDZfcm91bmRlZF9zZWFyY2hiYXIiOiJ2YXJpYXRpb24iLCJzcGxpdF8yMl8xMl9tb3JlX2VkdWNhdGlvbmFsX21pbmlwcm9tcHRzIjoidmFyaWF0aW9uIiwiZW5jb2RlZF9zcGxpdHMiOiIwMDAifQ== /LAUNCHER /VERYSILENT
C:\Users\Admin\AppData\Local\Temp\is-7GT07.tmp\OneLaunch - Easy PDF_pm5kl.tmp
"C:\Users\Admin\AppData\Local\Temp\is-7GT07.tmp\OneLaunch - Easy PDF_pm5kl.tmp" /SL5="$70202,2484167,893952,C:\Users\Admin\Downloads\OneLaunch - Easy PDF_pm5kl.exe" /PDATA=eyJ1dG1fY2FtcGFpZ24iOiIxNzQyODAxMDA4NiIsImxvd2VyIjoiaGVhZGxpbmUzIiwidXRtX21lZGl1bSI6IjE1MzUwMDgyNDI3NCIsInByb2ZpbGUiOiJwZGYiLCJtYWluIjoiaGVhZGxpbmUzIiwidWEiOiJjaHJvbWUiLCJ1dG1fdGVybSI6Im5waXByb2ZpbGUuY29tIiwiZ2NsaWQiOiJFQUlhSVFvYkNoTUlzb2pwM3ZlOGhBTVZDcWNBQUIwcEFnRkNFQUVZQVNBQUVnSjg1dkRfQndFIiwiZGlzdGluY3RfaWQiOiI2ZmYzNzEzNy0xMGJkLTRkMmItOTJjNS05OWYzOWM3ZDkzM2EiLCJscF91cmwiOiJodHRwczovL2dldGVhc3lwZGYuY29tL3BkZi9scDUiLCJ3aGl0ZWxhYmVsIjoiZWFzeXBkZiIsImxwYyI6MCwidXRtX3NvdXJjZSI6Im9oLWdkbiIsInV0bV9jb250ZW50IjoiNjg5NTA4Nzk1MzU5IiwiaW5zdGFsbF90aW1lIjoxNzA4NTM3NTAxLCJkZWZhdWx0X2Jyb3dzZXIiOiJNU0VkZ2VIVE0iLCJpbml0aW5hbF92ZXJzaW9uIjoiNS4yNy4wLjAiLCJwYWNrYWdlZF9icm93c2VyIjoiTm9uZSIsInNwbGl0IjoiYSIsIm5vX3NwbGl0IjpmYWxzZSwic3BsaXQyIjoiYiIsInNlcnZlcl9zaWRlX3NwbGl0XzI4XzExX250cF9kaXN0cmlidXRpb24iOiJ2YXJpYXRpb24iLCJzZXJ2ZXJfc2lkZV9zcGxpdF8yM18xMF9lbmhhbmNlZF9zZWFyY2hfYXNzaXN0IjoidmFyaWF0aW9uIiwic2VydmVyX3NpZGVfc3BsaXRfMjNfMDZfcm91bmRlZF9zZWFyY2hiYXIiOiJ2YXJpYXRpb24iLCJzcGxpdF8yMl8xMl9tb3JlX2VkdWNhdGlvbmFsX21pbmlwcm9tcHRzIjoidmFyaWF0aW9uIiwiZW5jb2RlZF9zcGxpdHMiOiIwMDAifQ== /LAUNCHER /VERYSILENT
C:\Users\Admin\AppData\Local\Temp\OneLaunch Setup_pm5kl.exe
"C:\Users\Admin\AppData\Local\Temp\OneLaunch Setup_pm5kl.exe" /PDATA=eyJ1dG1fY2FtcGFpZ24iOiIxNzQyODAxMDA4NiIsImxvd2VyIjoiaGVhZGxpbmUzIiwidXRtX21lZGl1bSI6IjE1MzUwMDgyNDI3NCIsInByb2ZpbGUiOiJwZGYiLCJtYWluIjoiaGVhZGxpbmUzIiwidWEiOiJjaHJvbWUiLCJ1dG1fdGVybSI6Im5waXByb2ZpbGUuY29tIiwiZ2NsaWQiOiJFQUlhSVFvYkNoTUlzb2pwM3ZlOGhBTVZDcWNBQUIwcEFnRkNFQUVZQVNBQUVnSjg1dkRfQndFIiwiZGlzdGluY3RfaWQiOiI2ZmYzNzEzNy0xMGJkLTRkMmItOTJjNS05OWYzOWM3ZDkzM2EiLCJscF91cmwiOiJodHRwczovL2dldGVhc3lwZGYuY29tL3BkZi9scDUiLCJ3aGl0ZWxhYmVsIjoiZWFzeXBkZiIsImxwYyI6MCwidXRtX3NvdXJjZSI6Im9oLWdkbiIsInV0bV9jb250ZW50IjoiNjg5NTA4Nzk1MzU5IiwiaW5zdGFsbF90aW1lIjoxNzA4NTM3NTAxLCJkZWZhdWx0X2Jyb3dzZXIiOiJNU0VkZ2VIVE0iLCJpbml0aW5hbF92ZXJzaW9uIjoiNS4yNy4wLjAiLCJwYWNrYWdlZF9icm93c2VyIjoiTm9uZSIsInNwbGl0IjoiYSIsIm5vX3NwbGl0IjpmYWxzZSwic3BsaXQyIjoiYiIsInNlcnZlcl9zaWRlX3NwbGl0XzI4XzExX250cF9kaXN0cmlidXRpb24iOiJ2YXJpYXRpb24iLCJzZXJ2ZXJfc2lkZV9zcGxpdF8yM18xMF9lbmhhbmNlZF9zZWFyY2hfYXNzaXN0IjoidmFyaWF0aW9uIiwic2VydmVyX3NpZGVfc3BsaXRfMjNfMDZfcm91bmRlZF9zZWFyY2hiYXIiOiJ2YXJpYXRpb24iLCJzcGxpdF8yMl8xMl9tb3JlX2VkdWNhdGlvbmFsX21pbmlwcm9tcHRzIjoidmFyaWF0aW9uIiwiZW5jb2RlZF9zcGxpdHMiOiIwMDAifQ==
C:\Users\Admin\AppData\Local\Temp\is-C61QT.tmp\OneLaunch Setup_pm5kl.tmp
"C:\Users\Admin\AppData\Local\Temp\is-C61QT.tmp\OneLaunch Setup_pm5kl.tmp" /SL5="$10252,104692097,893952,C:\Users\Admin\AppData\Local\Temp\OneLaunch Setup_pm5kl.exe" /PDATA=eyJ1dG1fY2FtcGFpZ24iOiIxNzQyODAxMDA4NiIsImxvd2VyIjoiaGVhZGxpbmUzIiwidXRtX21lZGl1bSI6IjE1MzUwMDgyNDI3NCIsInByb2ZpbGUiOiJwZGYiLCJtYWluIjoiaGVhZGxpbmUzIiwidWEiOiJjaHJvbWUiLCJ1dG1fdGVybSI6Im5waXByb2ZpbGUuY29tIiwiZ2NsaWQiOiJFQUlhSVFvYkNoTUlzb2pwM3ZlOGhBTVZDcWNBQUIwcEFnRkNFQUVZQVNBQUVnSjg1dkRfQndFIiwiZGlzdGluY3RfaWQiOiI2ZmYzNzEzNy0xMGJkLTRkMmItOTJjNS05OWYzOWM3ZDkzM2EiLCJscF91cmwiOiJodHRwczovL2dldGVhc3lwZGYuY29tL3BkZi9scDUiLCJ3aGl0ZWxhYmVsIjoiZWFzeXBkZiIsImxwYyI6MCwidXRtX3NvdXJjZSI6Im9oLWdkbiIsInV0bV9jb250ZW50IjoiNjg5NTA4Nzk1MzU5IiwiaW5zdGFsbF90aW1lIjoxNzA4NTM3NTAxLCJkZWZhdWx0X2Jyb3dzZXIiOiJNU0VkZ2VIVE0iLCJpbml0aW5hbF92ZXJzaW9uIjoiNS4yNy4wLjAiLCJwYWNrYWdlZF9icm93c2VyIjoiTm9uZSIsInNwbGl0IjoiYSIsIm5vX3NwbGl0IjpmYWxzZSwic3BsaXQyIjoiYiIsInNlcnZlcl9zaWRlX3NwbGl0XzI4XzExX250cF9kaXN0cmlidXRpb24iOiJ2YXJpYXRpb24iLCJzZXJ2ZXJfc2lkZV9zcGxpdF8yM18xMF9lbmhhbmNlZF9zZWFyY2hfYXNzaXN0IjoidmFyaWF0aW9uIiwic2VydmVyX3NpZGVfc3BsaXRfMjNfMDZfcm91bmRlZF9zZWFyY2hiYXIiOiJ2YXJpYXRpb24iLCJzcGxpdF8yMl8xMl9tb3JlX2VkdWNhdGlvbmFsX21pbmlwcm9tcHRzIjoidmFyaWF0aW9uIiwiZW5jb2RlZF9zcGxpdHMiOiIwMDAifQ==
C:\Windows\SysWOW64\taskkill.exe
"C:\Windows\System32\taskkill.exe" /f /im onelaunch.exe
C:\Windows\SysWOW64\taskkill.exe
"C:\Windows\System32\taskkill.exe" /f /im chromium.exe
C:\Windows\SysWOW64\taskkill.exe
"C:\Windows\System32\taskkill.exe" /f /im onelaunchtray.exe
C:\Windows\system32\schtasks.exe
"schtasks" /Delete /TN "OneLaunchLaunchTask" /F
C:\Windows\system32\schtasks.exe
"schtasks" /Delete /TN "ChromiumLaunchTask" /F
C:\Windows\system32\schtasks.exe
"schtasks" /Delete /TN "OneLaunchUpdateTask" /F
C:\Windows\system32\schtasks.exe
"schtasks" /delete /tn OneLaunchLaunchTask /f
C:\Windows\system32\schtasks.exe
"schtasks" /delete /tn ChromiumLaunchTask /f
C:\Windows\system32\schtasks.exe
"schtasks" /delete /tn OneLaunchUpdateTask /f
C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\onelaunch.exe
"C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\onelaunch.exe" /l /startedFrom=installer
C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe
"C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe" --start-maximized --tab-trigger=Launch
C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe
C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\OneLaunch\User Data" /prefetch:7 --monitor-self --monitor-self-argument=--type=crashpad-handler "--monitor-self-argument=--user-data-dir=C:\Users\Admin\AppData\Local\OneLaunch\User Data" --monitor-self-argument=/prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\OneLaunch\User Data\Crashpad" --annotation=plat=Win32 --annotation=prod=OneLaunch --annotation=ver=118.1.0.0 --initial-client-data=0x290,0x294,0x298,0x26c,0x29c,0x6f5d2d80,0x6f5d2d90,0x6f5d2d9c
C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe
C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\OneLaunch\User Data" /prefetch:7 --no-periodic-tasks --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\OneLaunch\User Data\Crashpad" --annotation=plat=Win32 --annotation=prod=OneLaunch --annotation=ver=118.1.0.0 --initial-client-data=0x2cc,0x2d0,0x2d4,0x2a8,0x2d8,0xae6660,0xae6670,0xae667c
C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\onelaunchtray.exe
"C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\onelaunchtray.exe"
C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe
"C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe" --type=gpu-process --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=2380 --field-trial-handle=2384,i,7937487816179824244,3884699709356178582,262144 /prefetch:2
C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe
"C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3024 --field-trial-handle=2384,i,7937487816179824244,3884699709356178582,262144 /prefetch:8
C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe
"C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --network-service-scheduler --mojo-platform-channel-handle=2984 --field-trial-handle=2384,i,7937487816179824244,3884699709356178582,262144 /prefetch:8
C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe
"C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe" --type=utility --utility-sub-type=chrome.mojom.ProfileImport --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --mojo-platform-channel-handle=3404 --field-trial-handle=2384,i,7937487816179824244,3884699709356178582,262144 /prefetch:8
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 452 -p 3520 -ip 3520
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 3520 -s 2184
C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe
"C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe" --type=renderer --disable-nacl --first-renderer-process --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3712 --field-trial-handle=2384,i,7937487816179824244,3884699709356178582,262144 /prefetch:1
C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe
"C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe" --type=renderer --instant-process --disable-nacl --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3904 --field-trial-handle=2384,i,7937487816179824244,3884699709356178582,262144 /prefetch:1
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 512 -p 3520 -ip 3520
C:\program files\google\chrome\application\chrome.exe
"C:\program files\google\chrome\application\chrome.exe" "https://geteasypdf.com/thanks/?data=eyJ1dG1fY2FtcGFpZ24iOiIxNzQyODAxMDA4NiIsImxvd2VyIjoiaGVhZGxpbmUzIiwidXRtX21lZGl1bSI6IjE1MzUwMDgyNDI3NCIsInByb2ZpbGUiOiJwZGYiLCJtYWluIjoiaGVhZGxpbmUzIiwidWEiOiJjaHJvbWUiLCJ1dG1fdGVybSI6Im5waXByb2ZpbGUuY29tIiwiZ2NsaWQiOiJFQUlhSVFvYkNoTUlzb2pwM3ZlOGhBTVZDcWNBQUIwcEFnRkNFQUVZQVNBQUVnSjg1dkRfQndFIiwiZGlzdGluY3RfaWQiOiI2ZmYzNzEzNy0xMGJkLTRkMmItOTJjNS05OWYzOWM3ZDkzM2EiLCJscF91cmwiOiJodHRwczovL2dldGVhc3lwZGYuY29tL3BkZi9scDUiLCJ3aGl0ZWxhYmVsIjoiZWFzeXBkZiIsImxwYyI6MCwidXRtX3NvdXJjZSI6Im9oLWdkbiIsInV0bV9jb250ZW50IjoiNjg5NTA4Nzk1MzU5IiwiaW5zdGFsbF90aW1lIjoxNzA4NTM3NTAxLCJkZWZhdWx0X2Jyb3dzZXIiOiJNU0VkZ2VIVE0iLCJpbml0aW5hbF92ZXJzaW9uIjoiNS4yNy4wLjAiLCJwYWNrYWdlZF9icm93c2VyIjoiY2hyb21pdW0iLCJzcGxpdCI6ImEiLCJub19zcGxpdCI6ZmFsc2UsInNwbGl0MiI6ImIiLCJzcGxpdF8yMl8xMl9tb3JlX2VkdWNhdGlvbmFsX21pbmlwcm9tcHRzIjoidmFyaWF0aW9uIiwiZW5jb2RlZF9zcGxpdHMiOiIwMDAiLCJzZXJ2ZXJfc2lkZV9zcGxpdF8yOF8xMV9udHBfZGlzdHJpYnV0aW9uIjoidmFyaWF0aW9uIiwic2VydmVyX3NpZGVfc3BsaXRfMjNfMTBfZW5oYW5jZWRfc2VhcmNoX2Fzc2lzdCI6InZhcmlhdGlvbiIsInNlcnZlcl9zaWRlX3NwbGl0XzIzXzA2X3JvdW5kZWRfc2VhcmNoYmFyIjoidmFyaWF0aW9uIn0="
C:\program files\google\chrome\application\chrome.exe
"C:\program files\google\chrome\application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ff9526e9758,0x7ff9526e9768,0x7ff9526e9778
C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe
"C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --mojo-platform-channel-handle=4476 --field-trial-handle=2384,i,7937487816179824244,3884699709356178582,262144 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=5060 --field-trial-handle=1796,i,12133853555319833755,9390733796248705857,131072 /prefetch:1
C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe
"C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --mojo-platform-channel-handle=5388 --field-trial-handle=2384,i,7937487816179824244,3884699709356178582,262144 /prefetch:8
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 3520 -s 2184
C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe
"C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --mojo-platform-channel-handle=4760 --field-trial-handle=2384,i,7937487816179824244,3884699709356178582,262144 /prefetch:8
C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe
"C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --mojo-platform-channel-handle=5384 --field-trial-handle=2384,i,7937487816179824244,3884699709356178582,262144 /prefetch:8
C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe
"C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --mojo-platform-channel-handle=5768 --field-trial-handle=2384,i,7937487816179824244,3884699709356178582,262144 /prefetch:8
C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe
"C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --mojo-platform-channel-handle=5900 --field-trial-handle=2384,i,7937487816179824244,3884699709356178582,262144 /prefetch:8
C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe
"C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --mojo-platform-channel-handle=6028 --field-trial-handle=2384,i,7937487816179824244,3884699709356178582,262144 /prefetch:8
C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe
"C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --mojo-platform-channel-handle=6168 --field-trial-handle=2384,i,7937487816179824244,3884699709356178582,262144 /prefetch:8
C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe
"C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --mojo-platform-channel-handle=5904 --field-trial-handle=2384,i,7937487816179824244,3884699709356178582,262144 /prefetch:8
C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe
"C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe" --type=renderer --extension-process --disable-nacl --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=5200 --field-trial-handle=2384,i,7937487816179824244,3884699709356178582,262144 /prefetch:1
C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe
"C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe" --type=renderer --extension-process --disable-nacl --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=5396 --field-trial-handle=2384,i,7937487816179824244,3884699709356178582,262144 /prefetch:1
C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe
"C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --mojo-platform-channel-handle=6408 --field-trial-handle=2384,i,7937487816179824244,3884699709356178582,262144 /prefetch:8
C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe
"C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe" --type=renderer --disable-nacl --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=5872 --field-trial-handle=2384,i,7937487816179824244,3884699709356178582,262144 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6080 --field-trial-handle=1796,i,12133853555319833755,9390733796248705857,131072 /prefetch:2
C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe
"C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --mojo-platform-channel-handle=5052 --field-trial-handle=2384,i,7937487816179824244,3884699709356178582,262144 /prefetch:8
C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe
"C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe" https://wbd_ol.ampxdirect.com/amazon?sub1=default&sub2=amazon --tab-trigger=app
C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe
C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\OneLaunch\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\OneLaunch\User Data\Crashpad" --annotation=plat=Win32 --annotation=prod=OneLaunch --annotation=ver=118.1.0.0 --initial-client-data=0x15c,0x160,0x164,0x138,0x168,0x6f5d2d80,0x6f5d2d90,0x6f5d2d9c
C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe
"C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe" --type=gpu-process --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=1768 --field-trial-handle=1760,i,2396561744595652505,12494502558270741781,262144 /prefetch:2
C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe
"C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe" --type=renderer --disable-nacl --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=5280 --field-trial-handle=2384,i,7937487816179824244,3884699709356178582,262144 /prefetch:1
C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe
"C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --network-service-scheduler --mojo-platform-channel-handle=1984 --field-trial-handle=1760,i,2396561744595652505,12494502558270741781,262144 /prefetch:8
C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe
"C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe" --type=renderer --extension-process --disable-nacl --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=5072 --field-trial-handle=2384,i,7937487816179824244,3884699709356178582,262144 /prefetch:1
C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe
"C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe" --type=renderer --disable-nacl --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=5428 --field-trial-handle=2384,i,7937487816179824244,3884699709356178582,262144 /prefetch:1
C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe
"C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe" --type=renderer --disable-nacl --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=6520 --field-trial-handle=2384,i,7937487816179824244,3884699709356178582,262144 /prefetch:1
C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe
"C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe" https://www.sodapdf.com/services/web/pdf-converter/?uid=1018533&wid=7135&ref=sodapdf.com/online&cmp=ol&key1=PdfConverter --tab-trigger=app
C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe
C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\OneLaunch\User Data" /prefetch:7 --monitor-self --monitor-self-argument=--type=crashpad-handler "--monitor-self-argument=--user-data-dir=C:\Users\Admin\AppData\Local\OneLaunch\User Data" --monitor-self-argument=/prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\OneLaunch\User Data\Crashpad" --annotation=plat=Win32 --annotation=prod=OneLaunch --annotation=ver=118.1.0.0 --initial-client-data=0x15c,0x160,0x164,0x138,0x168,0x6f5d2d80,0x6f5d2d90,0x6f5d2d9c
C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe
C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\OneLaunch\User Data" /prefetch:7 --no-periodic-tasks --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\OneLaunch\User Data\Crashpad" --annotation=plat=Win32 --annotation=prod=OneLaunch --annotation=ver=118.1.0.0 --initial-client-data=0x1c8,0x1ac,0x1cc,0x1c4,0x174,0xae6660,0xae6670,0xae667c
C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe
"C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe" --type=renderer --disable-nacl --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=6660 --field-trial-handle=2384,i,7937487816179824244,3884699709356178582,262144 /prefetch:1
C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe
"C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe" --type=gpu-process --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=1984 --field-trial-handle=1988,i,11778269641760450339,9703589902731673537,262144 /prefetch:2
C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe
"C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --network-service-scheduler --mojo-platform-channel-handle=2020 --field-trial-handle=1988,i,11778269641760450339,9703589902731673537,262144 /prefetch:8
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | geteasypdf.com | udp |
| US | 172.67.210.87:443 | geteasypdf.com | tcp |
| US | 8.8.8.8:53 | 41.110.16.96.in-addr.arpa | udp |
| US | 8.8.8.8:53 | apps.identrust.com | udp |
| GB | 96.17.179.184:80 | apps.identrust.com | tcp |
| US | 172.67.210.87:443 | geteasypdf.com | udp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 104.16.57.101:443 | static.cloudflareinsights.com | tcp |
| US | 8.8.8.8:53 | cloudflareinsights.com | udp |
| US | 8.8.8.8:53 | 42.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 87.210.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 184.179.17.96.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 101.57.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.159.190.20.in-addr.arpa | udp |
| US | 104.16.56.101:443 | cloudflareinsights.com | tcp |
| US | 8.8.8.8:53 | 6dbdxxya.apicdn.sanity.io | udp |
| US | 34.102.211.197:443 | 6dbdxxya.apicdn.sanity.io | tcp |
| US | 34.102.211.197:443 | 6dbdxxya.apicdn.sanity.io | udp |
| US | 8.8.8.8:53 | api.keen.io | udp |
| US | 8.8.8.8:53 | cdn.sanity.io | udp |
| US | 35.190.70.79:443 | cdn.sanity.io | tcp |
| US | 35.163.208.158:443 | api.keen.io | tcp |
| US | 35.163.208.158:443 | api.keen.io | tcp |
| US | 8.8.8.8:53 | 101.56.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 197.211.102.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.228.82.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 79.70.190.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 55.36.223.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | tcp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | bat.bing.com | udp |
| GB | 142.250.178.4:443 | www.google.com | udp |
| US | 204.79.197.200:443 | bat.bing.com | tcp |
| GB | 142.250.178.4:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 204.79.197.200:443 | g.bing.com | tcp |
| US | 8.8.8.8:53 | 232.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 158.208.163.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.24.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 53.95.9.65.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | tcp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| BE | 74.125.206.155:443 | stats.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | 36.32.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 155.206.125.74.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 172.67.210.87:443 | geteasypdf.com | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | attribution.onelaunch.com | udp |
| CZ | 65.9.95.58:443 | attribution.onelaunch.com | tcp |
| US | 8.8.8.8:53 | update.onelaunch.com | udp |
| US | 104.26.13.224:443 | update.onelaunch.com | tcp |
| US | 8.8.8.8:53 | 58.95.9.65.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api.keen.io | udp |
| US | 35.163.208.158:443 | api.keen.io | tcp |
| US | 8.8.8.8:53 | 224.13.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api.mixpanel.com | udp |
| US | 107.178.240.159:443 | api.mixpanel.com | tcp |
| US | 8.8.8.8:53 | 159.240.178.107.in-addr.arpa | udp |
| US | 8.8.8.8:53 | release-cdn.onelaunch.com | udp |
| US | 104.26.12.224:443 | release-cdn.onelaunch.com | tcp |
| US | 8.8.8.8:53 | 224.12.26.104.in-addr.arpa | udp |
| US | 104.26.13.224:443 | release-cdn.onelaunch.com | tcp |
| US | 8.8.8.8:53 | 199.178.17.96.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api.keen.io | udp |
| US | 35.163.208.158:443 | api.keen.io | tcp |
| US | 107.178.240.159:443 | api.mixpanel.com | tcp |
| US | 104.26.13.224:443 | release-cdn.onelaunch.com | tcp |
| US | 8.8.8.8:53 | 21.236.111.52.in-addr.arpa | udp |
| US | 104.26.13.224:443 | release-cdn.onelaunch.com | tcp |
| US | 8.8.8.8:53 | update.googleapis.com | udp |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| US | 8.8.8.8:53 | chromium-updates.onelaunch.com | udp |
| US | 8.8.8.8:53 | chromium-updates.onelaunch.com | udp |
| US | 8.8.8.8:53 | update.googleapis.com | udp |
| US | 8.8.8.8:53 | update.googleapis.com | udp |
| US | 8.8.8.8:53 | chromium-updates.onelaunch.com | udp |
| GB | 142.250.200.14:80 | clients2.google.com | tcp |
| US | 8.8.8.8:53 | chromium-updates.onelaunch.com | udp |
| US | 8.8.8.8:53 | chromium-updates.onelaunch.com | udp |
| US | 8.8.8.8:53 | onenews.com | udp |
| US | 8.8.8.8:53 | onenews.com | udp |
| US | 104.22.0.81:443 | onenews.com | tcp |
| US | 8.8.8.8:53 | 14.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 81.0.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | static.slickdealscdn.com | udp |
| US | 104.18.23.62:443 | static.slickdealscdn.com | tcp |
| US | 8.8.8.8:53 | 62.23.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | chrmxtnsnhdnnlnch.onelaunch.com | udp |
| US | 8.8.8.8:53 | chrmxtnsnhdnnlnch.onelaunch.com | udp |
| US | 104.26.12.224:443 | chrmxtnsnhdnnlnch.onelaunch.com | tcp |
| NL | 173.194.79.84:443 | accounts.google.com | tcp |
| US | 172.67.210.87:443 | geteasypdf.com | udp |
| US | 8.8.8.8:53 | 84.79.194.173.in-addr.arpa | udp |
| US | 8.8.8.8:53 | extensions-cdn.onelaunch.com | udp |
| US | 8.8.8.8:53 | extensions-cdn.onelaunch.com | udp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| US | 104.26.13.224:443 | extensions-cdn.onelaunch.com | tcp |
| DE | 172.217.16.131:443 | beacons.gcp.gvt2.com | tcp |
| US | 107.178.240.159:443 | api.mixpanel.com | tcp |
| US | 8.8.8.8:53 | 6dbdxxya.apicdn.sanity.io | udp |
| US | 8.8.8.8:53 | 131.16.217.172.in-addr.arpa | udp |
| US | 34.102.211.197:443 | 6dbdxxya.apicdn.sanity.io | udp |
| US | 34.102.211.197:443 | 6dbdxxya.apicdn.sanity.io | udp |
| US | 34.102.211.197:443 | 6dbdxxya.apicdn.sanity.io | tcp |
| US | 8.8.8.8:53 | api.keen.io | udp |
| US | 54.186.176.79:443 | api.keen.io | tcp |
| US | 35.190.70.79:443 | cdn.sanity.io | udp |
| US | 8.8.8.8:53 | 79.176.186.54.in-addr.arpa | udp |
| US | 54.186.176.79:443 | api.keen.io | tcp |
| US | 104.26.13.224:443 | extensions-cdn.onelaunch.com | tcp |
| BE | 74.125.206.155:443 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 34.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 172.217.169.2:443 | googleads.g.doubleclick.net | tcp |
| US | 107.178.240.159:443 | api.mixpanel.com | tcp |
| US | 107.178.240.159:443 | api.mixpanel.com | tcp |
| GB | 142.250.178.4:443 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| GB | 216.58.204.67:443 | www.google.co.uk | tcp |
| US | 8.8.8.8:53 | api-ext.slickdeals.net | udp |
| US | 8.8.8.8:53 | api-ext.slickdeals.net | udp |
| US | 8.8.8.8:53 | 2.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api.accuweather.com | udp |
| US | 199.182.50.101:443 | api-ext.slickdeals.net | tcp |
| US | 199.182.50.101:443 | api-ext.slickdeals.net | tcp |
| GB | 104.91.71.19:80 | api.accuweather.com | tcp |
| US | 8.8.8.8:53 | youtube.com | udp |
| US | 8.8.8.8:53 | slickdeals.net | udp |
| US | 8.8.8.8:53 | slickdeals.net | udp |
| GB | 142.250.187.238:443 | youtube.com | tcp |
| US | 104.17.125.18:443 | slickdeals.net | tcp |
| US | 107.178.240.159:443 | api.mixpanel.com | tcp |
| US | 54.186.176.79:443 | api.keen.io | tcp |
| US | 104.26.13.224:443 | extensions-cdn.onelaunch.com | tcp |
| US | 54.186.176.79:443 | api.keen.io | tcp |
| GB | 104.91.71.19:443 | api.accuweather.com | tcp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| GB | 216.58.212.238:443 | www.youtube.com | tcp |
| US | 54.186.176.79:443 | api.keen.io | tcp |
| US | 8.8.8.8:53 | optimizationguide-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | optimizationguide-pa.googleapis.com | udp |
| GB | 216.58.201.106:443 | optimizationguide-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | 19.71.91.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 238.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.125.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 101.50.182.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 238.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.201.58.216.in-addr.arpa | udp |
| US | 104.26.13.224:443 | extensions-cdn.onelaunch.com | tcp |
| US | 199.182.50.101:443 | api-ext.slickdeals.net | tcp |
| US | 8.8.8.8:53 | olntptiles.tiles.ampfeed.com | udp |
| US | 8.8.8.8:53 | olntptiles.tiles.ampfeed.com | udp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| GB | 104.84.93.117:443 | olntptiles.tiles.ampfeed.com | tcp |
| GB | 142.250.180.10:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | 234.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 117.93.84.104.in-addr.arpa | udp |
| US | 107.178.240.159:443 | api.mixpanel.com | tcp |
| US | 8.8.8.8:53 | api-js.mixpanel.com | udp |
| US | 35.186.241.51:443 | api-js.mixpanel.com | tcp |
| US | 8.8.8.8:53 | static.hotjar.com | udp |
| US | 8.8.8.8:53 | static.hotjar.com | udp |
| CZ | 65.9.95.121:443 | static.hotjar.com | tcp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| GB | 142.250.187.238:443 | www.youtube.com | tcp |
| US | 216.239.34.36:443 | region1.analytics.google.com | tcp |
| BE | 74.125.206.155:443 | stats.g.doubleclick.net | tcp |
| BE | 74.125.206.155:443 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | script.hotjar.com | udp |
| US | 8.8.8.8:53 | script.hotjar.com | udp |
| GB | 216.58.204.67:443 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | 51.241.186.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 121.95.9.65.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.34.239.216.in-addr.arpa | udp |
| CZ | 65.9.95.27:443 | script.hotjar.com | tcp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| GB | 216.58.212.238:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | facebook.com | udp |
| GB | 163.70.147.35:443 | facebook.com | tcp |
| US | 8.8.8.8:53 | 27.95.9.65.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| GB | 163.70.147.35:443 | www.facebook.com | tcp |
| GB | 163.70.147.35:443 | www.facebook.com | tcp |
| US | 8.8.8.8:53 | 35.147.70.163.in-addr.arpa | udp |
| GB | 163.70.147.35:443 | www.facebook.com | tcp |
| US | 8.8.8.8:53 | 123.35.104.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | static.xx.fbcdn.net | udp |
| GB | 163.70.147.23:443 | static.xx.fbcdn.net | tcp |
| US | 8.8.8.8:53 | reddit.com | udp |
| US | 151.101.129.140:443 | reddit.com | tcp |
| US | 151.101.129.140:443 | reddit.com | tcp |
| US | 8.8.8.8:53 | 23.147.70.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 140.129.101.151.in-addr.arpa | udp |
| US | 151.101.129.140:443 | reddit.com | tcp |
| US | 151.101.129.140:443 | reddit.com | tcp |
| US | 151.101.129.140:443 | reddit.com | tcp |
| US | 8.8.8.8:53 | www.reddit.com | udp |
| US | 151.101.1.140:443 | www.reddit.com | tcp |
| US | 151.101.129.140:443 | www.reddit.com | tcp |
| US | 151.101.129.140:443 | www.reddit.com | tcp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | 140.1.101.151.in-addr.arpa | udp |
| US | 151.101.129.140:443 | www.reddit.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.178.4:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | t2.gstatic.com | udp |
| GB | 142.250.187.228:443 | t2.gstatic.com | tcp |
| US | 8.8.8.8:53 | en.wikipedia.org | udp |
| NL | 185.15.59.224:443 | en.wikipedia.org | tcp |
| US | 8.8.8.8:53 | 228.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 224.59.15.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | twitter.com | udp |
| US | 104.244.42.193:443 | twitter.com | tcp |
| US | 104.244.42.193:443 | twitter.com | tcp |
| US | 104.244.42.193:443 | twitter.com | tcp |
| US | 104.244.42.193:443 | twitter.com | tcp |
| US | 8.8.8.8:53 | 193.42.244.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | t3.gstatic.com | udp |
| GB | 142.250.178.4:443 | t3.gstatic.com | tcp |
| US | 8.8.8.8:53 | ebay.com | udp |
| GB | 23.48.165.132:443 | ebay.com | tcp |
| US | 8.8.8.8:53 | 132.165.48.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.ebay.com | udp |
| GB | 173.222.9.77:443 | www.ebay.com | tcp |
| GB | 173.222.9.77:80 | www.ebay.com | tcp |
| US | 8.8.8.8:53 | 77.9.222.173.in-addr.arpa | udp |
| US | 8.8.8.8:53 | pages.ebay.com | udp |
| GB | 173.222.9.178:80 | pages.ebay.com | tcp |
| GB | 173.222.9.178:443 | pages.ebay.com | tcp |
| US | 8.8.8.8:53 | 178.9.222.173.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.169.217.172.in-addr.arpa | udp |
| GB | 23.48.165.132:443 | ebay.com | tcp |
| GB | 23.48.165.132:443 | ebay.com | tcp |
| GB | 23.48.165.132:443 | ebay.com | tcp |
| GB | 173.222.9.77:443 | www.ebay.com | tcp |
| US | 8.8.8.8:53 | instagram.com | udp |
| GB | 163.70.147.174:443 | instagram.com | tcp |
| US | 8.8.8.8:53 | www.instagram.com | udp |
| FR | 157.240.195.174:443 | www.instagram.com | tcp |
| GB | 163.70.147.174:443 | instagram.com | tcp |
| US | 8.8.8.8:53 | 174.195.240.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 174.147.70.163.in-addr.arpa | udp |
| FR | 157.240.195.174:443 | www.instagram.com | tcp |
| US | 8.8.8.8:53 | static.cdninstagram.com | udp |
| GB | 163.70.147.63:443 | static.cdninstagram.com | tcp |
| US | 8.8.8.8:53 | netflix.com | udp |
| IE | 3.251.50.149:443 | netflix.com | tcp |
| IE | 3.251.50.149:443 | netflix.com | tcp |
| IE | 3.251.50.149:443 | netflix.com | tcp |
| IE | 3.251.50.149:443 | netflix.com | tcp |
| IE | 3.251.50.149:443 | netflix.com | tcp |
| US | 8.8.8.8:53 | 63.147.70.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 149.50.251.3.in-addr.arpa | udp |
| IE | 3.251.50.149:443 | netflix.com | tcp |
| IE | 3.251.50.149:443 | netflix.com | tcp |
| IE | 3.251.50.149:443 | netflix.com | tcp |
| US | 8.8.8.8:53 | t1.gstatic.com | udp |
| GB | 142.250.178.4:443 | t1.gstatic.com | tcp |
| US | 8.8.8.8:53 | linkedin.com | udp |
| US | 13.107.42.14:443 | linkedin.com | tcp |
| US | 8.8.8.8:53 | www.linkedin.com | udp |
| US | 13.107.42.14:443 | www.linkedin.com | tcp |
| US | 8.8.8.8:53 | 14.42.107.13.in-addr.arpa | udp |
| US | 13.107.42.14:443 | www.linkedin.com | tcp |
| US | 8.8.8.8:53 | wbd_ol.ampxdirect.com | udp |
| US | 8.8.8.8:53 | wbd_ol.ampxdirect.com | udp |
| US | 104.218.72.27:443 | wbd_ol.ampxdirect.com | tcp |
| US | 104.218.72.27:443 | wbd_ol.ampxdirect.com | tcp |
| US | 8.8.8.8:53 | amazon.com | udp |
| US | 8.8.8.8:53 | amazon.com | udp |
| US | 205.251.242.103:443 | amazon.com | tcp |
| US | 13.107.42.14:443 | www.linkedin.com | tcp |
| US | 8.8.8.8:53 | www.amazon.com | udp |
| US | 8.8.8.8:53 | www.amazon.com | udp |
| CZ | 65.9.92.45:443 | www.amazon.com | tcp |
| US | 8.8.8.8:53 | 27.72.218.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 103.242.251.205.in-addr.arpa | udp |
| US | 8.8.8.8:53 | static.licdn.com | udp |
| GB | 88.221.135.104:443 | static.licdn.com | tcp |
| US | 8.8.8.8:53 | images-na.ssl-images-amazon.com | udp |
| US | 8.8.8.8:53 | m.media-amazon.com | udp |
| US | 8.8.8.8:53 | m.media-amazon.com | udp |
| US | 8.8.8.8:53 | completion.amazon.com | udp |
| US | 8.8.8.8:53 | completion.amazon.com | udp |
| CZ | 13.226.89.188:443 | images-na.ssl-images-amazon.com | tcp |
| CZ | 13.226.89.188:443 | images-na.ssl-images-amazon.com | tcp |
| US | 151.101.1.16:443 | m.media-amazon.com | tcp |
| US | 151.101.1.16:443 | m.media-amazon.com | tcp |
| US | 8.8.8.8:53 | outlook.live.com | udp |
| GB | 52.97.208.34:443 | outlook.live.com | tcp |
| CZ | 13.226.89.188:443 | images-na.ssl-images-amazon.com | udp |
| US | 8.8.8.8:53 | fls-na.amazon.com | udp |
| US | 8.8.8.8:53 | fls-na.amazon.com | udp |
| US | 151.101.1.16:443 | m.media-amazon.com | udp |
| US | 151.101.1.16:443 | m.media-amazon.com | udp |
| CZ | 13.226.89.188:443 | images-na.ssl-images-amazon.com | udp |
| US | 34.231.75.248:443 | fls-na.amazon.com | tcp |
| US | 8.8.8.8:53 | 45.92.9.65.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 16.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 188.89.226.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.135.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.208.97.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 248.75.231.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| CZ | 65.9.92.45:443 | www.amazon.com | udp |
| US | 8.8.8.8:53 | twitch.tv | udp |
| US | 151.101.2.167:443 | twitch.tv | tcp |
| US | 8.8.8.8:53 | sentry.io | udp |
| US | 8.8.8.8:53 | sentry.io | udp |
| US | 35.186.247.156:443 | sentry.io | tcp |
| US | 8.8.8.8:53 | www.twitch.tv | udp |
| FR | 199.232.170.167:443 | www.twitch.tv | tcp |
| US | 8.8.8.8:53 | 167.2.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 156.247.186.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 167.170.232.199.in-addr.arpa | udp |
| US | 44.215.128.78:443 | completion.amazon.com | tcp |
| US | 8.8.8.8:53 | unagi-na.amazon.com | udp |
| US | 8.8.8.8:53 | unagi-na.amazon.com | udp |
| US | 151.101.2.167:443 | twitch.tv | tcp |
| US | 209.54.180.209:443 | unagi-na.amazon.com | tcp |
| US | 8.8.8.8:53 | chase.com | udp |
| US | 159.53.116.62:443 | chase.com | tcp |
| US | 8.8.8.8:53 | unagi.amazon.com | udp |
| US | 8.8.8.8:53 | unagi.amazon.com | udp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| CZ | 65.9.98.75:443 | c.amazon-adsystem.com | tcp |
| US | 52.94.239.40:443 | unagi.amazon.com | tcp |
| US | 8.8.8.8:53 | 78.128.215.44.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 209.180.54.209.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 62.116.53.159.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 75.98.9.65.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.chase.com | udp |
| US | 8.8.8.8:53 | s.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | s.amazon-adsystem.com | udp |
| US | 52.46.130.91:443 | s.amazon-adsystem.com | tcp |
| GB | 92.122.54.120:443 | www.chase.com | tcp |
| US | 159.53.116.62:443 | chase.com | tcp |
| US | 52.94.239.40:443 | unagi.amazon.com | tcp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| US | 8.8.8.8:53 | match.360yield.com | udp |
| US | 8.8.8.8:53 | match.360yield.com | udp |
| US | 8.8.8.8:53 | rtb-csync.smartadserver.com | udp |
| US | 8.8.8.8:53 | rtb-csync.smartadserver.com | udp |
| US | 8.8.8.8:53 | dsum-sec.casalemedia.com | udp |
| US | 8.8.8.8:53 | dsum-sec.casalemedia.com | udp |
| US | 8.8.8.8:53 | ups.analytics.yahoo.com | udp |
| US | 8.8.8.8:53 | ups.analytics.yahoo.com | udp |
| US | 8.8.8.8:53 | capi.connatix.com | udp |
| US | 8.8.8.8:53 | capi.connatix.com | udp |
| US | 8.8.8.8:53 | amazon.partners.tremorhub.com | udp |
| US | 8.8.8.8:53 | amazon.partners.tremorhub.com | udp |
| US | 8.8.8.8:53 | www.imdb.com | udp |
| US | 8.8.8.8:53 | www.imdb.com | udp |
| US | 8.8.8.8:53 | usersync.samplicio.us | udp |
| US | 8.8.8.8:53 | usersync.samplicio.us | udp |
| DE | 37.252.171.21:443 | ib.adnxs.com | tcp |
| IE | 54.220.80.246:443 | match.360yield.com | tcp |
| IE | 54.220.80.246:443 | match.360yield.com | tcp |
| US | 172.64.151.101:443 | dsum-sec.casalemedia.com | tcp |
| US | 172.64.146.152:443 | capi.connatix.com | udp |
| DE | 3.71.149.231:443 | ups.analytics.yahoo.com | tcp |
| DE | 18.196.24.98:443 | usersync.samplicio.us | tcp |
| FR | 5.196.111.72:443 | rtb-csync.smartadserver.com | tcp |
| CZ | 13.226.89.210:443 | www.imdb.com | tcp |
| US | 54.146.228.128:443 | amazon.partners.tremorhub.com | tcp |
| US | 8.8.8.8:53 | 40.239.94.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 120.54.122.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.130.46.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 152.146.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ads.samba.tv | udp |
| US | 8.8.8.8:53 | ads.samba.tv | udp |
| US | 8.8.8.8:53 | pixel.rubiconproject.com | udp |
| US | 8.8.8.8:53 | pixel.rubiconproject.com | udp |
| US | 8.8.8.8:53 | dpm.demdex.net | udp |
| US | 8.8.8.8:53 | dpm.demdex.net | udp |
| US | 8.8.8.8:53 | odr.mookie1.com | udp |
| US | 8.8.8.8:53 | odr.mookie1.com | udp |
| US | 8.8.8.8:53 | c1.adform.net | udp |
| US | 8.8.8.8:53 | c1.adform.net | udp |
| US | 172.64.151.101:443 | dsum-sec.casalemedia.com | udp |
| NL | 213.19.162.90:443 | pixel.rubiconproject.com | tcp |
| US | 54.92.144.42:443 | ads.samba.tv | tcp |
| IE | 52.214.81.36:443 | dpm.demdex.net | tcp |
| US | 34.160.236.64:443 | odr.mookie1.com | tcp |
| DK | 37.157.4.29:443 | c1.adform.net | tcp |
| US | 52.46.130.91:443 | s.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | bs.serving-sys.com | udp |
| US | 8.8.8.8:53 | bs.serving-sys.com | udp |
| US | 8.8.8.8:53 | cookie-matching.mediarithmics.com | udp |
| US | 8.8.8.8:53 | cookie-matching.mediarithmics.com | udp |
| US | 52.46.130.91:443 | s.amazon-adsystem.com | tcp |
| DE | 3.121.35.96:443 | bs.serving-sys.com | tcp |
| FR | 54.36.150.182:443 | cookie-matching.mediarithmics.com | tcp |
| US | 52.46.130.91:443 | s.amazon-adsystem.com | tcp |
| US | 159.53.116.62:443 | chase.com | tcp |
| US | 8.8.8.8:53 | ssum-sec.casalemedia.com | udp |
| US | 8.8.8.8:53 | ssum-sec.casalemedia.com | udp |
| US | 52.46.130.91:443 | s.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | crb.kargo.com | udp |
| US | 8.8.8.8:53 | crb.kargo.com | udp |
| US | 52.46.130.91:443 | s.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | lm.serving-sys.com | udp |
| US | 8.8.8.8:53 | lm.serving-sys.com | udp |
| DE | 18.159.120.5:443 | crb.kargo.com | tcp |
| US | 8.8.8.8:53 | ssum-sec.casalemedia.com | udp |
| DE | 3.71.140.96:443 | lm.serving-sys.com | tcp |
| US | 8.8.8.8:53 | image2.pubmatic.com | udp |
| US | 8.8.8.8:53 | image2.pubmatic.com | udp |
| FR | 54.36.150.182:443 | cookie-matching.mediarithmics.com | tcp |
| US | 8.8.8.8:53 | token.rubiconproject.com | udp |
| US | 8.8.8.8:53 | token.rubiconproject.com | udp |
| GB | 185.64.191.210:443 | image2.pubmatic.com | tcp |
| NL | 213.19.162.90:443 | token.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | loadus.exelator.com | udp |
| US | 8.8.8.8:53 | loadus.exelator.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | lciapi.ninthdecimal.com | udp |
| US | 8.8.8.8:53 | lciapi.ninthdecimal.com | udp |
| US | 8.8.8.8:53 | sync-amazon.ads.yieldmo.com | udp |
| US | 8.8.8.8:53 | sync-amazon.ads.yieldmo.com | udp |
| IE | 34.254.143.3:443 | loadus.exelator.com | tcp |
| US | 159.53.116.62:443 | chase.com | tcp |
| US | 52.86.206.170:443 | lciapi.ninthdecimal.com | tcp |
| IE | 54.73.97.67:443 | sync-amazon.ads.yieldmo.com | tcp |
| GB | 163.70.147.35:443 | www.facebook.com | tcp |
| US | 8.8.8.8:53 | us-u.openx.net | udp |
| US | 8.8.8.8:53 | us-u.openx.net | udp |
| US | 8.8.8.8:53 | sync.taboola.com | udp |
| US | 8.8.8.8:53 | sync.taboola.com | udp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| US | 34.98.64.218:443 | us-u.openx.net | tcp |
| NL | 141.226.228.48:443 | sync.taboola.com | tcp |
| GB | 142.250.200.2:443 | cm.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | aa.agkn.com | udp |
| US | 8.8.8.8:53 | aa.agkn.com | udp |
| US | 8.8.8.8:53 | x.bidswitch.net | udp |
| US | 8.8.8.8:53 | x.bidswitch.net | udp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| IE | 52.209.97.3:443 | aa.agkn.com | tcp |
| US | 8.8.8.8:53 | tags.bluekai.com | udp |
| US | 8.8.8.8:53 | tags.bluekai.com | udp |
| US | 8.8.8.8:53 | t.myvisualiq.net | udp |
| US | 8.8.8.8:53 | nc.onenews.com | udp |
| GB | 2.19.169.14:443 | tags.bluekai.com | tcp |
| US | 8.8.8.8:53 | public-prod-dspcookiematching.dmxleo.com | udp |
| US | 8.8.8.8:53 | public-prod-dspcookiematching.dmxleo.com | udp |
| US | 8.8.8.8:53 | 246.80.220.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.171.252.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | t.myvisualiq.net | udp |
| US | 8.8.8.8:53 | 101.151.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 72.111.196.5.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.24.196.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 210.89.226.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 128.228.146.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.236.160.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.81.214.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.162.19.213.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 29.4.157.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 42.144.92.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 96.35.121.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 96.140.71.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 182.150.36.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 210.191.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.143.254.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.97.73.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 170.206.86.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 218.64.98.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 48.228.226.141.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cms.analytics.yahoo.com | udp |
| GB | 142.250.200.2:443 | cm.g.doubleclick.net | udp |
| US | 172.67.14.199:443 | nc.onenews.com | tcp |
| US | 8.8.8.8:53 | t.myvisualiq.net | udp |
| US | 8.8.8.8:53 | t.myvisualiq.net | udp |
| FR | 188.65.124.66:443 | public-prod-dspcookiematching.dmxleo.com | tcp |
| US | 8.8.8.8:53 | ads.stickyadstv.com | udp |
| US | 8.8.8.8:53 | sync.rfp.fout.jp | udp |
| US | 8.8.8.8:53 | sync.rfp.fout.jp | udp |
| US | 8.8.8.8:53 | beacon.krxd.net | udp |
| US | 8.8.8.8:53 | beacon.krxd.net | udp |
| FR | 154.54.250.150:443 | ads.stickyadstv.com | tcp |
| US | 35.186.196.148:443 | sync.rfp.fout.jp | tcp |
| IE | 52.30.87.132:443 | beacon.krxd.net | tcp |
| US | 8.8.8.8:53 | match.sharethrough.com | udp |
| US | 8.8.8.8:53 | match.sharethrough.com | udp |
| FR | 154.54.250.150:443 | ads.stickyadstv.com | tcp |
| US | 8.8.8.8:53 | usermatch.krxd.net | udp |
| US | 8.8.8.8:53 | usermatch.krxd.net | udp |
| US | 8.8.8.8:53 | sb.scorecardresearch.com | udp |
| US | 8.8.8.8:53 | sb.scorecardresearch.com | udp |
| US | 34.98.64.218:443 | us-u.openx.net | udp |
| DE | 52.28.114.104:443 | match.sharethrough.com | tcp |
| US | 18.214.126.143:443 | usermatch.krxd.net | tcp |
| US | 8.8.8.8:53 | eb2.3lift.com | udp |
| US | 8.8.8.8:53 | eb2.3lift.com | udp |
| CZ | 65.9.95.111:443 | sb.scorecardresearch.com | tcp |
| US | 13.248.245.213:443 | eb2.3lift.com | tcp |
| US | 8.8.8.8:53 | redirect.prod.experiment.routing.cloudfront.aws.a2z.com | udp |
| US | 8.8.8.8:53 | redirect.prod.experiment.routing.cloudfront.aws.a2z.com | udp |
| US | 8.8.8.8:53 | uipglob.semasio.net | udp |
| US | 8.8.8.8:53 | uipglob.semasio.net | udp |
| US | 8.8.8.8:53 | pi.ispot.tv | udp |
| US | 8.8.8.8:53 | pi.ispot.tv | udp |
| US | 3.20.93.84:443 | redirect.prod.experiment.routing.cloudfront.aws.a2z.com | tcp |
| US | 8.8.8.8:53 | image6.pubmatic.com | udp |
| US | 8.8.8.8:53 | image6.pubmatic.com | udp |
| DK | 77.243.51.122:443 | uipglob.semasio.net | tcp |
| US | 172.67.14.199:80 | nc.onenews.com | tcp |
| US | 151.101.2.132:443 | pi.ispot.tv | tcp |
| GB | 185.64.190.78:443 | image6.pubmatic.com | tcp |
| US | 159.53.116.62:443 | chase.com | tcp |
| US | 8.8.8.8:53 | a65170702f72b14f8f7eeccd2388801ae.profile.fra56-p4.cloudfront.net | udp |
| US | 8.8.8.8:53 | a65170702f72b14f8f7eeccd2388801ae.profile.fra56-p4.cloudfront.net | udp |
| DE | 52.222.232.41:443 | a65170702f72b14f8f7eeccd2388801ae.profile.fra56-p4.cloudfront.net | tcp |
| GB | 92.122.54.120:443 | www.chase.com | tcp |
| US | 8.8.8.8:53 | 91.149.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.97.209.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.169.19.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 199.14.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.124.65.188.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 150.250.54.154.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 132.87.30.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.114.28.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 148.196.186.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 111.95.9.65.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 213.245.248.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 143.126.214.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 132.2.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 122.51.243.77.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 78.190.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 84.93.20.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | media-cldnry.s-nbcnews.com | udp |
| GB | 23.213.249.37:443 | media-cldnry.s-nbcnews.com | tcp |
| US | 8.8.8.8:53 | media.cnn.com | udp |
| US | 151.101.3.5:443 | media.cnn.com | tcp |
| GB | 92.122.54.120:80 | www.chase.com | tcp |
| US | 8.8.8.8:53 | mail.google.com | udp |
| GB | 172.217.16.229:443 | mail.google.com | tcp |
| US | 8.8.8.8:53 | 41.232.222.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 37.249.213.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 5.3.101.151.in-addr.arpa | udp |
| GB | 172.217.16.229:443 | mail.google.com | tcp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| NL | 173.194.79.84:443 | accounts.google.com | tcp |
| US | 8.8.8.8:53 | 229.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ssl.gstatic.com | udp |
| GB | 216.58.212.195:443 | ssl.gstatic.com | tcp |
| US | 8.8.8.8:53 | office.com | udp |
| US | 13.107.6.156:443 | office.com | tcp |
| US | 8.8.8.8:53 | 195.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.office.com | udp |
| US | 13.107.6.156:443 | www.office.com | tcp |
| US | 13.107.6.156:443 | www.office.com | tcp |
| US | 209.54.180.209:443 | unagi-na.amazon.com | tcp |
| US | 209.54.180.209:443 | unagi-na.amazon.com | tcp |
| US | 209.54.180.209:443 | unagi-na.amazon.com | tcp |
| US | 13.107.6.156:443 | www.office.com | tcp |
| US | 8.8.8.8:53 | 156.6.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | res.cdn.office.net | udp |
| GB | 92.123.26.35:443 | res.cdn.office.net | tcp |
| US | 8.8.8.8:53 | craigslist.org | udp |
| US | 208.82.237.129:443 | craigslist.org | tcp |
| US | 8.8.8.8:53 | 35.26.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.craigslist.org | udp |
| US | 208.82.237.17:443 | www.craigslist.org | tcp |
| US | 208.82.237.17:443 | www.craigslist.org | tcp |
| US | 8.8.8.8:53 | 129.237.82.208.in-addr.arpa | udp |
| US | 208.82.237.129:443 | www.craigslist.org | tcp |
| US | 208.82.237.129:443 | www.craigslist.org | tcp |
| US | 8.8.8.8:53 | 17.237.82.208.in-addr.arpa | udp |
| US | 208.82.237.129:443 | www.craigslist.org | tcp |
| US | 208.82.237.129:443 | www.craigslist.org | tcp |
| US | 208.82.237.129:443 | www.craigslist.org | tcp |
| US | 208.82.237.129:443 | www.craigslist.org | tcp |
| US | 8.8.8.8:53 | cnn.com | udp |
| US | 151.101.3.5:443 | cnn.com | tcp |
| US | 8.8.8.8:53 | www.cnn.com | udp |
| US | 151.101.3.5:443 | www.cnn.com | tcp |
| US | 8.8.8.8:53 | edition.cnn.com | udp |
| US | 151.101.131.5:443 | edition.cnn.com | tcp |
| US | 151.101.3.5:443 | edition.cnn.com | tcp |
| US | 151.101.3.5:443 | edition.cnn.com | tcp |
| US | 151.101.131.5:443 | edition.cnn.com | tcp |
| US | 151.101.3.5:443 | edition.cnn.com | tcp |
| US | 151.101.3.5:443 | edition.cnn.com | tcp |
| US | 151.101.3.5:443 | edition.cnn.com | tcp |
| US | 8.8.8.8:53 | 5.131.101.151.in-addr.arpa | udp |
| US | 151.101.3.5:443 | edition.cnn.com | tcp |
| US | 151.101.3.5:443 | edition.cnn.com | tcp |
| US | 151.101.131.5:443 | edition.cnn.com | tcp |
| US | 151.101.131.5:80 | edition.cnn.com | tcp |
| US | 8.8.8.8:53 | espn.com | udp |
| CZ | 65.9.95.61:443 | espn.com | tcp |
| US | 8.8.8.8:53 | www.espn.com | udp |
| US | 52.84.150.51:443 | www.espn.com | tcp |
| US | 8.8.8.8:53 | microsoft.com | udp |
| US | 20.112.250.133:443 | microsoft.com | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| GB | 92.123.241.137:443 | www.microsoft.com | tcp |
| US | 8.8.8.8:53 | www.sodapdf.com | udp |
| US | 8.8.8.8:53 | www.sodapdf.com | udp |
| US | 104.16.180.79:443 | www.sodapdf.com | tcp |
| US | 104.16.180.79:443 | www.sodapdf.com | tcp |
| US | 8.8.8.8:53 | 61.95.9.65.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 51.150.84.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.250.112.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 137.241.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 79.180.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | imgur.com | udp |
| US | 199.232.196.193:443 | imgur.com | tcp |
| US | 8.8.8.8:53 | jtracking.sodapdf.com | udp |
| US | 8.8.8.8:53 | jtracking.sodapdf.com | udp |
| US | 8.8.8.8:53 | track.sodapdf.com | udp |
| US | 8.8.8.8:53 | track.sodapdf.com | udp |
| US | 8.8.8.8:53 | qti.avanquest.com | udp |
| US | 8.8.8.8:53 | qti.avanquest.com | udp |
| US | 8.8.8.8:53 | jtracking-gate.lulusoft.com | udp |
| US | 8.8.8.8:53 | jtracking-gate.lulusoft.com | udp |
| US | 8.8.8.8:53 | cdn.fuseplatform.net | udp |
| US | 8.8.8.8:53 | cdn.fuseplatform.net | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 104.18.6.41:443 | qti.avanquest.com | tcp |
| CA | 64.15.159.203:443 | jtracking-gate.lulusoft.com | tcp |
| GB | 104.77.160.197:443 | cdn.fuseplatform.net | tcp |
| NL | 173.194.79.84:443 | accounts.google.com | tcp |
| US | 8.8.8.8:53 | cdn.cookielaw.org | udp |
| US | 8.8.8.8:53 | cdn.cookielaw.org | udp |
| US | 8.8.8.8:53 | imdb.com | udp |
| US | 104.18.131.236:443 | cdn.cookielaw.org | tcp |
| US | 8.8.8.8:53 | 193.196.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 41.6.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 197.160.77.104.in-addr.arpa | udp |
| US | 52.94.225.248:443 | imdb.com | tcp |
| US | 104.18.131.236:443 | cdn.cookielaw.org | tcp |
| NL | 173.194.79.84:443 | accounts.google.com | udp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | c.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | cdn.confiant-integrations.net | udp |
| US | 104.18.6.41:443 | qti.avanquest.com | tcp |
| GB | 104.77.160.197:443 | cdn.fuseplatform.net | tcp |
| US | 8.8.8.8:53 | geolocation.onetrust.com | udp |
| US | 8.8.8.8:53 | geolocation.onetrust.com | udp |
| GB | 142.250.179.226:443 | securepubads.g.doubleclick.net | tcp |
| CZ | 65.9.98.75:443 | c.amazon-adsystem.com | tcp |
| US | 104.18.43.90:443 | cdn.confiant-integrations.net | udp |
| US | 104.18.32.137:443 | geolocation.onetrust.com | tcp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.imdb.com | udp |
| GB | 142.250.178.4:443 | www.google.com | udp |
| CZ | 13.226.89.210:443 | www.imdb.com | tcp |
| US | 8.8.8.8:53 | gate.upclick.com | udp |
| US | 8.8.8.8:53 | gate.upclick.com | udp |
| GB | 142.250.179.226:443 | securepubads.g.doubleclick.net | udp |
| CA | 64.18.87.11:443 | gate.upclick.com | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| CZ | 65.9.98.75:443 | c.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | config.aps.amazon-adsystem.com | udp |
| GB | 142.250.179.226:443 | googleads.g.doubleclick.net | udp |
| CZ | 65.9.95.29:443 | config.aps.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | btloader.com | udp |
| US | 8.8.8.8:53 | btloader.com | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 104.22.75.216:443 | btloader.com | tcp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | 203.159.15.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 236.131.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 248.225.94.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.43.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 137.32.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 229.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.87.18.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 29.95.9.65.in-addr.arpa | udp |
| GB | 216.58.204.67:443 | www.google.co.uk | udp |
| US | 216.239.34.36:443 | region1.analytics.google.com | tcp |
| US | 8.8.8.8:53 | cgate.sodapdf.com | udp |
| US | 8.8.8.8:53 | cgate.sodapdf.com | udp |
| BE | 74.125.206.156:443 | stats.g.doubleclick.net | tcp |
| CA | 64.18.87.10:443 | cgate.sodapdf.com | tcp |
| US | 8.8.8.8:53 | api.btloader.com | udp |
| US | 8.8.8.8:53 | api.btloader.com | udp |
| US | 8.8.8.8:53 | ad-delivery.net | udp |
| US | 8.8.8.8:53 | ad-delivery.net | udp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| US | 104.26.3.70:443 | ad-delivery.net | tcp |
| US | 104.26.3.70:443 | ad-delivery.net | tcp |
| US | 8.8.8.8:53 | dropbox.com | udp |
| US | 162.125.248.18:443 | dropbox.com | tcp |
| US | 130.211.23.194:443 | api.btloader.com | udp |
| US | 8.8.8.8:53 | www.dropbox.com | udp |
| GB | 162.125.64.18:443 | www.dropbox.com | tcp |
| US | 162.125.248.18:443 | dropbox.com | tcp |
| US | 8.8.8.8:53 | 216.75.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 156.206.125.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.87.18.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.23.211.130.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 70.3.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.248.125.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.64.125.162.in-addr.arpa | udp |
| GB | 162.125.64.18:443 | www.dropbox.com | tcp |
| US | 8.8.8.8:53 | cfl.dropboxstatic.com | udp |
| US | 104.16.99.29:443 | cfl.dropboxstatic.com | tcp |
| US | 8.8.8.8:53 | paypal.com | udp |
| US | 8.8.8.8:53 | 29.99.16.104.in-addr.arpa | udp |
| US | 64.4.250.36:443 | paypal.com | tcp |
| US | 8.8.8.8:53 | www.paypal.com | udp |
| US | 151.101.1.21:443 | www.paypal.com | tcp |
| US | 8.8.8.8:53 | www.paypalobjects.com | udp |
| US | 151.101.2.133:443 | www.paypalobjects.com | tcp |
| US | 64.4.250.36:443 | paypal.com | tcp |
| US | 151.101.1.21:443 | www.paypal.com | tcp |
| US | 151.101.1.21:443 | www.paypal.com | tcp |
| US | 8.8.8.8:53 | 36.250.4.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.2.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | salesforce.com | udp |
| AU | 23.1.35.132:443 | salesforce.com | tcp |
| US | 8.8.8.8:53 | 132.35.1.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.salesforce.com | udp |
| GB | 92.122.54.99:443 | www.salesforce.com | tcp |
| AU | 23.1.35.132:443 | salesforce.com | tcp |
| US | 8.8.8.8:53 | 99.54.122.92.in-addr.arpa | udp |
| GB | 92.122.54.99:443 | www.salesforce.com | tcp |
Files
\??\pipe\crashpad_2760_KXMDLDFUHJVTVJJI
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 8dcaccedf4f8f8a99b24dff91deb223b |
| SHA1 | ea200581a2fda70e52db6c1bbe2d50db25ad5fc6 |
| SHA256 | 49992fca73addcc1388367a51eb193b3fcd790fbad9b13fb42763f78099d7b6c |
| SHA512 | 8de0eb1f32c2db95bd66a860be944d7d4ea185be4a021279e5c247570dbf2137260aa62ecdbe0cb56b773e4d89647f7bd094bf72bf94caa0cf0a3844fb2ffc20 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 91cebe326335f6ac7bc6cb4c97082db6 |
| SHA1 | 2bcfecde7b231eb72f52b9ed2222caee5c9d9aaf |
| SHA256 | b0f90e1e1c335618e12a6929806250a9e9c9137eff1072db1c1e0da97f217dc3 |
| SHA512 | fc27c831855dc6d6da4a60d63e11fa446204f4bdd18220c897217c2752768744b0570389df955ad310da46f67ba47782913229046aabd4078af072beeae2628b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | ec7240ff51e8d5908aa630811d77c979 |
| SHA1 | 81319098c4d9b3b02ed920e199bf8fd03a42e524 |
| SHA256 | 8f7ee67a339794d6a337f2e86199e36085a894f3b4481d7ccdf105ba185250ce |
| SHA512 | 361e886dab70eee95158e8443a66ce7e511a494c608f342a2f6473f52bf39f9fb13242f4cce1bd5e05cebefd1c7244172c14ee9bf38bc28cbbbc16d40cf0f85e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 3f53526df1f390fcdd7ec977d8846746 |
| SHA1 | d187eca0720dea3a9fb699d789559f15be0b9873 |
| SHA256 | 5109fa8871be663b15c8cdd0d9717681142dedc6eeb20630ee4e4961ec7face3 |
| SHA512 | 03962987c777544828bf33fb2724e94a27f8ab1a64ba4e546481422ebf087ac292d4a278aa19568d134fd966eb5f45eef7d390f99e174eb5e2d161939402727e |
C:\Users\Admin\Downloads\Unconfirmed 997713.crdownload
| MD5 | 6a05cd2d9491ef255c709724b782b476 |
| SHA1 | 6ce3f0f26a1e3fefe7ddb63e838d90908929c0b6 |
| SHA256 | b5a9381d8ea317ba2bedbda0d9b858a3cad1b09528f63761fe5c4bd0de5098a8 |
| SHA512 | e7b6d7df9a396484c64994dbad32e6ddcc9f8f38ce946633dcbfa5876c19235650025cde68cf46cc43b3c04c0638864a1023ab5a5c60bc2e9162b7b135cd84fc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | bae1dabb16d07c46554670eb29e184db |
| SHA1 | d62213bdde07f4e9f0bd917635d0956313b196ad |
| SHA256 | 18c4b75a38f349c15bea614ea2ce8aad9a0b1f9686f2365b00aa3a50edcda256 |
| SHA512 | 84dd036309abf45f41622ba5d6bf963b790d0594e807e5d3ebd5a324b7b74af5087503ebe095a0fcbdc0261800aa43ccc359beb8f314767ebb5b8c1bed9d52b1 |
memory/2984-159-0x0000000000400000-0x00000000004E8000-memory.dmp
memory/2984-161-0x0000000000400000-0x00000000004E8000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\is-6OQRM.tmp\OneLaunch - Easy PDF_pm5kl.tmp
| MD5 | 0859be57626d393b36096262e1881e8f |
| SHA1 | f06debaa544dba35f45bba0e2542189d53e6da9b |
| SHA256 | c406decc37ad9cc8a96b73a0526016d19235367a420a1f82b8d8d3f76fe0c4f1 |
| SHA512 | fa16bfb5958917e562e7c8f5152001eeed2b4de093fb3852e86bbc84bf60b0cca8746f2950e15ed0d4e1751c713db50726de2bf91a6260d8506ea7ea31f88800 |
memory/1236-166-0x0000000002800000-0x0000000002801000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\is-CRI3O.tmp\Win32Library.dll
| MD5 | f8c19389f44e9216600ba7bbd5355d3d |
| SHA1 | 79c78b77de6d9690bf3329833355cb9d30d449bf |
| SHA256 | fb1109a29b39702440daef0cc92db50063b1cb7f5cde93ba10bcb49bef5d3cf7 |
| SHA512 | 527ea720bed7e5c756b2c08c21c62ce300807ac21249f0106512481909c12bf1a49e9670c9c964d69d0a08e2a8c1fa040deada05a073b17ed12e0e685ae46dcc |
memory/1236-181-0x0000000003730000-0x0000000003740000-memory.dmp
memory/1236-185-0x0000000008FC0000-0x0000000008FD4000-memory.dmp
memory/1236-186-0x0000000074110000-0x0000000074124000-memory.dmp
memory/1236-188-0x00000000733E0000-0x0000000073B90000-memory.dmp
memory/1236-187-0x0000000008FE0000-0x0000000009072000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\is-CRI3O.tmp\onelaunch.png
| MD5 | d3110fb775ee7fd24426503d67840c25 |
| SHA1 | 54f649c8bf3af2ad3a4d92cd8b1397bad1a49a75 |
| SHA256 | f8392390dc81756e79ec5f359dbdcac3b4bd219b5188a429b814fc51aabb6e36 |
| SHA512 | f6b79f728be17c9060edb2df2dac2b0f59a4dffd8c416e7e957bc3fa4696f4237e5969647309f5425a6297f189e351e20c99c642f90d1476050285929657c32f |
C:\Users\Admin\AppData\Local\Temp\is-CRI3O.tmp\pdf.png
| MD5 | 485cd5451b6a5e12380aa2e181abf046 |
| SHA1 | e1fe4637b2568aa8b26057ba6e653c0d37c8abc8 |
| SHA256 | 1d227c280d121311a0c7ec32acf8da0ffb34090da2c4c1e47cca701cd8b32c47 |
| SHA512 | 3dd90236103a52b112bfe4b90ba1bf985fec0d23f70f21ee7b2d677a0f29e929266fb1f2abb37e06a0029448f08e0feb5d4f8612115a7e81b05de0a5875a85f3 |
memory/1236-212-0x00000000037C0000-0x0000000003900000-memory.dmp
memory/1236-213-0x00000000037C0000-0x0000000003900000-memory.dmp
memory/1236-214-0x00000000037C0000-0x0000000003900000-memory.dmp
memory/1236-215-0x00000000037C0000-0x0000000003900000-memory.dmp
memory/1236-216-0x00000000037C0000-0x0000000003900000-memory.dmp
memory/1236-217-0x00000000037C0000-0x0000000003900000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | 881de0eaffb12065158e7871fa9dde35 |
| SHA1 | 47fa92fb45b1ac56b75a86590081ae8654ab6902 |
| SHA256 | ea15bb9b22deb0c3704c2ce64ec360821f5f91656c6ea436de26653fe4e8412a |
| SHA512 | 00b60ca4400b742c43ab199e4b501d9a36d2af3c6dc39c88fc13ef8ec095b06eb74313a9ce2b2b795f622aaf7a8ecd174e8fe8c3ef92e32d8d2373513db80abe |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe580f5d.TMP
| MD5 | a5ff2e09ed8b4ed63aee14116c05bb11 |
| SHA1 | fd667eab9e7dc51ca551ba1093efc7e62e81f64d |
| SHA256 | 73f5da2562b72fb5482270347b94a544f0db8ac937ef3827142fa7ec42683bf6 |
| SHA512 | 23b08be8382da5c208e8b28b5c442ce6a2794c530c800fccdfaf3a021e2713b6aa1394655717212b2e7a81b927657464abf880ab5aa186fcf18cf4f8cfb4ecc2 |
memory/2984-236-0x0000000000400000-0x00000000004E8000-memory.dmp
memory/1236-237-0x0000000000400000-0x000000000070A000-memory.dmp
memory/1236-242-0x00000000037C0000-0x0000000003900000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\OneLaunch Setup.exe
| MD5 | 1c08b352f5297ca54c982c44417ca428 |
| SHA1 | e9299de8ddb836ab73fb25ef88d4184a89b555f2 |
| SHA256 | 978c841da9ea5e4c16521bc0077ce747d64d401fee04478ee5aed4d7019fbc0a |
| SHA512 | 35e827393de3c90a67ead9309ee25f773a1aa09e1b100d0238b091e3f027beda5a4e1ae458d8a215b7d4a0149d94cfd6e7076c908d43ccfc50e2ef8ad7461bc8 |
memory/1236-247-0x00000000037C0000-0x0000000003900000-memory.dmp
memory/3384-250-0x0000000000400000-0x00000000004E8000-memory.dmp
memory/1236-257-0x0000000002800000-0x0000000002801000-memory.dmp
memory/3644-258-0x00000000009E0000-0x00000000009E1000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\OneLaunch Setup.exe
| MD5 | 23118f1dd957dd75c8d40ae71c1516b7 |
| SHA1 | 2caf0aa12207003b39de7c634581db46cc523708 |
| SHA256 | 77e5e401862860822ba69dc2f1a2a798708ec218d55ff1e07a5c1d2fc08c4d8e |
| SHA512 | df4081213b52c89320c34cd40efa3932cad4d62881e5c90eb59d37b0794eeae53888e6ecad5dcf2bda4cdf038c38e9302dc1080dfe5894073e2cd83494ea69e4 |
C:\Users\Admin\AppData\Local\Temp\OneLaunch Setup_pm5kl.exe
| MD5 | d2472e77fd84fe296d903151090e1d7e |
| SHA1 | 93fd3b883ed0735d065dac4bb58c2185a5d27d62 |
| SHA256 | 1f155136d463607dbd3fc1304b3ee5bf9cb7a5cab5f3bd715decc3083a7c4468 |
| SHA512 | 963f2f3cd4926e7af981b5020bc58562b3bb086e8629fd63b9d70a3510e44ef3264980753aadde36932eea9595dd51e78af2ec78aabe2649aa023127c1ca6f11 |
memory/5056-270-0x0000000000400000-0x00000000004E8000-memory.dmp
memory/1236-273-0x0000000000400000-0x000000000070A000-memory.dmp
memory/5056-274-0x0000000000400000-0x00000000004E8000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\is-C61QT.tmp\OneLaunch Setup_pm5kl.tmp
| MD5 | f248f132c4ecb30df87c74463ac18e0c |
| SHA1 | 1e55b7c2c7b18f908df6422268c7f79a720eb046 |
| SHA256 | ee59c8d03d3600ab0d883ae62d03a550550f6749c7a070f1eeb780eb1673632a |
| SHA512 | f34713f264a759ea03d00899f0742cbb613dd2b1483c5ee18869b18b4ee780fbe2351a8661046916ed2207da91bfa921ee7e9b85884d3f5e4b6e4200135a4d57 |
memory/1236-279-0x0000000003730000-0x0000000003740000-memory.dmp
memory/3520-280-0x0000000000B70000-0x0000000000B71000-memory.dmp
memory/1236-290-0x00000000733E0000-0x0000000073B90000-memory.dmp
memory/3384-291-0x0000000000400000-0x00000000004E8000-memory.dmp
memory/3644-292-0x0000000000400000-0x000000000070A000-memory.dmp
memory/3520-294-0x00000000036C0000-0x0000000003800000-memory.dmp
memory/3520-293-0x00000000036C0000-0x0000000003800000-memory.dmp
memory/1236-295-0x00000000037C0000-0x0000000003900000-memory.dmp
memory/3520-296-0x00000000036C0000-0x0000000003800000-memory.dmp
memory/3520-305-0x0000000006DB0000-0x0000000006DC4000-memory.dmp
memory/3520-317-0x000000006FAA0000-0x000000006FAB4000-memory.dmp
memory/5056-318-0x0000000000400000-0x00000000004E8000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\is-FE6HO.tmp\min-10-light.png
| MD5 | 2257b1d0d33a41f509e7c3e117819f8b |
| SHA1 | 87583bfbc655aec4e8cc4465b341c3f7889a6317 |
| SHA256 | d43e4b285b5b54313b53e87d2a56ca9ba0c85f8f55c9c5fdcdb4fac815ff4d02 |
| SHA512 | 702d1a126a0a7a64af5cee9450daeed74364aa9e9f123e1bc398ecd4215c082e7f55e43dd292a4119749e84999b015109bff8b11732df11143d202b385411cc5 |
C:\Users\Admin\AppData\Local\Temp\is-FE6HO.tmp\min-rest.bmp
| MD5 | 2484489c7443ec4745488a77ed084d80 |
| SHA1 | fcf49d1be8bbbae3d0dea49bb5e677fb19d98d9d |
| SHA256 | 70b6921812f29b698f454927802db818c1625402baefd53ced1bfb9135c17d5a |
| SHA512 | a4776969b6bf215a85e7cfbc8f13dbb1beb4ef42eb5abfa572bb7f54c0032941c8bb178e7b77eda0c442741c29fccb02d8de157068dd31203bfed4e49ce051a5 |
memory/3520-335-0x0000000003540000-0x0000000003550000-memory.dmp
memory/1236-334-0x00000000037C0000-0x0000000003900000-memory.dmp
memory/3520-354-0x00000000733E0000-0x0000000073B90000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | ab3ffecf07470967a72ed59912b0a958 |
| SHA1 | 02cb70d25a695f21aa4c181128d46415c26a0658 |
| SHA256 | 1120866074fb3deb5985064e65f151b1900c549c192fa1090b2abf83bee4f483 |
| SHA512 | d7da78423b6f259d728fbd8d95abfece831fd916d3193cc34fdb04e897123d5930b5f387b172ea4aa2daa3dc62e2117f8f84c27af5519ddf470aa62d0b508688 |
C:\Users\Admin\AppData\Local\Temp\is-FE6HO.tmp\checkmark-10-light.png
| MD5 | a4d4dc66a41d9c3b54a2ed3ee8d4b3df |
| SHA1 | e91a5e7a6690c14c6f799e2433beb2f6388c4df6 |
| SHA256 | 46e9c171e2115cd43e5d05f6a5f6015b27bda065fbab939916fee2fd5c06d5a4 |
| SHA512 | 99d5425aa653b93d0b6065020f88c095c39d982fb20a0ed0078418e8e862a104b4f0392791c79d2df86410a0ba5ba60e644852943a9fc602f7eaf82fecaaefd4 |
memory/1236-388-0x00000000037C0000-0x0000000003900000-memory.dmp
memory/1236-387-0x00000000733E0000-0x0000000073B90000-memory.dmp
memory/2984-389-0x0000000000400000-0x00000000004E8000-memory.dmp
memory/3520-390-0x0000000000400000-0x000000000070A000-memory.dmp
memory/3520-392-0x00000000036C0000-0x0000000003800000-memory.dmp
memory/3520-394-0x00000000036C0000-0x0000000003800000-memory.dmp
memory/3520-393-0x00000000036C0000-0x0000000003800000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\is-FE6HO.tmp\features.json
| MD5 | f9eff3539962e941e2c8389e7ff3b03f |
| SHA1 | c4fc63586750c6132d2bb99b7b493b84e3beeb6d |
| SHA256 | 3c3e85b89969aa3313848bc7944d8e8648ffd95dff755adf9c28bbf10613a3be |
| SHA512 | 8b97d5a7a8c1f3653d2b665abf0075858f76031c3a4df20b2f957f31e2daaa9dd6afd94a6e23275947d26357681c07860f021527c1ed2995ea1c8987c637af31 |
memory/3520-406-0x00000000036C0000-0x0000000003800000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\is-FE6HO.tmp\profile_descriptions.json
| MD5 | d23e9f5a6bff3160b1ba511ccc6135fa |
| SHA1 | fb8954917f695af80b607c8fca8c16563b0571fa |
| SHA256 | c4d2d5b80624095a2f2acb0db4cb05ddcdfc9e3022567c82d5227ec515ea1e4a |
| SHA512 | 1c46992f3f23306e911dcee65d1c6ec073765de3aac3de3a5f9d9ebd55cff908e1036467ba04ab82803442d07c44a23b1615aeceb8f8c120ae1226bde3b0550f |
C:\Users\Admin\AppData\Local\Temp\is-FE6HO.tmp\profile_headlines.json
| MD5 | 752c01ebe7dfb51ca60fb6161c55b582 |
| SHA1 | 11303edfb61b10ed5a22d513ed748e7fa154073d |
| SHA256 | 18e328f40e5a54ebbb28dd121cf429f2b51603d1a90f26fd52de1abd68e0d6ca |
| SHA512 | 67b21cd8f0b2e04dac8f44a351f42127dcbe036ea07468066c54cce927ae29f0d739b4ed2bd09678cca70a36156df92ce7671200a96386e0ebefea9ff128a80d |
C:\Users\Admin\AppData\Local\Temp\is-FE6HO.tmp\button-10-light.png
| MD5 | a879852024bf6de33c3bb293704e6fe5 |
| SHA1 | 8487af86f572f80d18720157906c6b74de2a52a8 |
| SHA256 | a45a7bf12d8e17d5b05c81cc3bd5ee5e9299b9b522e4b883ed00808635d99bba |
| SHA512 | 34666447f27f4355f991b66e4781738400619a4553415060c2c0dde59198b797999be4f24734ee04fa3c1c6dd3b4eb26ba48c361cd891855b30eed7586d521a7 |
C:\Users\Admin\AppData\Local\Temp\is-FE6HO.tmp\button-cancel-10-light.png
| MD5 | 7631238b127e061a3509d98f83da7487 |
| SHA1 | 6c7ad20207be9a0fda44092de3772743a594835b |
| SHA256 | 160f9a1ac9cdef54357cf709ecff851b84001709baf6c1516b77493597e41e39 |
| SHA512 | 2e5805c6c85baf164b79b9358def543a4f3c3a9935d614be86e9a1cdb6e3bd3c1a38cf9592bb4b324f668fd9e22e1ed3b4fa36b964fb92c2c27029da2920f243 |
C:\Users\Admin\AppData\Local\Temp\is-FE6HO.tmp\exit-10-light.png
| MD5 | 2cce6763f61dddb4599cb058d6761c56 |
| SHA1 | 40bb1a5e735e52791c7c3f0a22ca4a63ec9a3737 |
| SHA256 | 0fc8e40a3b0e7a516e108dc0f3267dcccb4de04d28a21eb68a45a8ac1bb9df8f |
| SHA512 | bda0d42e1a844b2a9608816b07160ee42e1f4c8705d820cadf5cd5e714b7c9fb0c6e066db04b74d573a1f8f435324d807634648c348d5e456a61cc9dab684fa2 |
C:\Users\Admin\AppData\Local\OneLaunch\profile.ico
| MD5 | d3c9b4d1d3878103ff515bf5233395c0 |
| SHA1 | 2f4c871057b9ef3f364074579afa6c5ef5c006c1 |
| SHA256 | 85cf400ce5de14535f8bef5097230aa5f10beaec06061848441ec294916a1022 |
| SHA512 | 0041b024d0b15d0840777e4a187df8f35f3667e60159f41fe76863f47b19cd2e8f38ebd4e9627a17e93f8bbe7407b47c3dda49eff7824a86345faf781df67f09 |
memory/3520-815-0x0000000000400000-0x000000000070A000-memory.dmp
memory/3520-853-0x0000000000B70000-0x0000000000B71000-memory.dmp
C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\OneLaunch.exe
| MD5 | 1fc926c08c238c4c4db7c4eb2b858c7e |
| SHA1 | 32feec3bb3e67ce21e3fc006bb68327d05a784a0 |
| SHA256 | 2fb77c9768b10bb33357b2f78468ebb44a64a6a114ca56ce4c8473d3bfcf8446 |
| SHA512 | f77ac171dbe7f7811cc7d4335b872daa2c53a7e6f458d4389062b4dd0e5279fc42b8ff764fcc39a1337e59aa3a2520a707416b2d4d8a1770042ff08454f74422 |
memory/3520-1343-0x0000000000400000-0x000000000070A000-memory.dmp
memory/3520-1344-0x00000000036C0000-0x0000000003800000-memory.dmp
C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\OneLaunch.exe
| MD5 | 5ed46637d81ce52effd2036c8e67de67 |
| SHA1 | 2eeb9932b8d019231734478687d577c98896a1a7 |
| SHA256 | 819ec76259cb569b80f741e9bc6286fee470caab12b6f96a00f1133a57da0e9f |
| SHA512 | 3a793bb37a738baa790c68b8993eb98f2b358b0a7ef4c07dac1887367613b91b2a54a2fda3673f2fb4b146a8a63e0184f8ffdbb08250c0b616935a187e76d692 |
C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\onelaunch.exe
| MD5 | b05a9adb75476fdd6b1d6450598a73c0 |
| SHA1 | 78a67c255bf2556012fb7eed75bf1224220d23f8 |
| SHA256 | fd97d0103339a96eeca0533c78d1a8332c81e26d4b6308fd43033ddc56774d05 |
| SHA512 | 60da9e7ee1c5d62e3de2673170f16d85669bfa34d9348e654d31aea983e7d464c4893e843d134df479b67988481518eee5380d10fb7f57bfa9b85b16b67a2ef7 |
C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\onelaunch.exe.config
| MD5 | 2722a3de42a1d0ef4089459da2cb3596 |
| SHA1 | a3b2a985eff4f694bfb4936fcf8ee8904e3b6917 |
| SHA256 | f9d49daf8e030400897c673abe22e7b4d4e38c7411b2aa2dd990de27643c6f21 |
| SHA512 | b50f4ac22281092a505d49deea50d50a6ba476f2c78db5d632e4afd8fab7246bac812a166adf5f6fa287c94e325cdf49ffcbd6d8b19bfedf97a716a4f0cfd816 |
memory/3520-1356-0x0000000003540000-0x0000000003550000-memory.dmp
memory/3520-1357-0x00000000733E0000-0x0000000073B90000-memory.dmp
memory/3992-1358-0x00007FF93FD30000-0x00007FF9407F1000-memory.dmp
memory/3992-1359-0x0000019F64BE0000-0x0000019F65CE8000-memory.dmp
memory/3992-1361-0x0000019F67A00000-0x0000019F67A46000-memory.dmp
C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\log4net.dll
| MD5 | 5c1c94140a2f815f64117dbb63a4477a |
| SHA1 | 9a79e9c6325e20e5c10e654908d6fd923a25229b |
| SHA256 | 55b2fe686bc8f739ce845d1689fd08cbca20381c8e0d2417185d1a0018d8a938 |
| SHA512 | 502e77236418afac1d9a15d9840b3b6872440f8a1601706e7a4b0e98a62d0de70c3acd192d53d5c29994d1e088fab07c7e299ab7f6b3232a858cc8782d283084 |
memory/3992-1362-0x0000019F00520000-0x0000019F00530000-memory.dmp
memory/3992-1364-0x0000019F660A0000-0x0000019F660BC000-memory.dmp
memory/3992-1365-0x0000019F660C0000-0x0000019F660DA000-memory.dmp
memory/3992-1367-0x0000019F67AD0000-0x0000019F67B46000-memory.dmp
C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\common.dll
| MD5 | f8982bca959e27db5ce19d7932551d43 |
| SHA1 | 755b3ca63d16c57f93f073989162575304843f5d |
| SHA256 | 0ad834746488898d82e2a42d30ee3e8e6c70d1efb64d1abd6bc7430be38c3212 |
| SHA512 | 81f9fb461e619792c51c1fe41dbb9d1a4b76554e65441fc82be7b39f103efbc8ea744c24b9833b98bef5a0803619f733e3d247dbdfc3290d6bc5770adc33b3b3 |
C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\ServiceWire.dll
| MD5 | 99b3d7efabd8f3afe78405d3e9ff2d00 |
| SHA1 | ff7742716bf3759ecab5547520362e1694786696 |
| SHA256 | 152558a74c510f529ffa5c9397fdfb37858961371bd23e89219236a14f4ea16a |
| SHA512 | 01392be8b1c28ac135b15c700913879e1250a78092adf32443ce77f4b95f942a4451e46123241f43bdc06c14488a7c2f636891fecf1c8fa3ab0bccaa7f53a03f |
memory/3992-1369-0x0000019F67A50000-0x0000019F67A7A000-memory.dmp
C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\Unity.Container.dll
| MD5 | d618cbbbab32121bb8f78ed1de80189a |
| SHA1 | f52efd7e2fbb87c57be0f6a981a527a6a6e9b338 |
| SHA256 | 033ffdf50a855fd3b42e8950a4707edb2ed0820e37d2c9ee9456af41d22aeb7e |
| SHA512 | 607074853bdd4e953906896686b873c0214edee889730ea47ea643173ba2cd9c44ee10006943952d2c60ed2f43414776b7ae38050ca62e0628723fbbd9306e31 |
memory/3992-1371-0x0000019F660E0000-0x0000019F660F6000-memory.dmp
C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\Unity.Abstractions.dll
| MD5 | 1b066b3cb5d8ca243a8bbd13e11fa596 |
| SHA1 | 63f9d1c08e011d9aca6bdc6839887d03d38944a8 |
| SHA256 | 788f516054fa47046514fab1ba81b712fb441814e9745fb46c09d29f6de8a464 |
| SHA512 | a35a8881b928057c165be32f637ffafce456c5a23eded2d867847898c37a84fc0db4f1892550eb11d86e89d55123520c0b34626321b756e2fede7974592a0b22 |
C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\Win32Library.dll
| MD5 | 48b3ed59d4716f040be7bde04ef9419e |
| SHA1 | b8a3086b8229294c6d0c307f9576bc3582ffa7c8 |
| SHA256 | 06b116abc62a4fc8002c394e8e0f241769dd89545c39d8b155e87dc691e981e2 |
| SHA512 | 13abdd70947eb24eaa4419201e30737d7b61d8128c4142e76c8112d42c083888a8afca457613f491bf29d76992685c2f9be7d4ecc10bb66103cd3e99ee5314a8 |
memory/3992-1373-0x0000019F67A80000-0x0000019F67A92000-memory.dmp
C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\Microsoft.Toolkit.Uwp.Notifications.dll
| MD5 | f58e9ca60368433534c420b054b01cd3 |
| SHA1 | 598b9280153e53c6fff56af80d2c59d087809612 |
| SHA256 | 51eebdb28f042f6169e3c71cec16d3fa95634c4284a20ed1d4e4d182de5f4bec |
| SHA512 | 14e180a029a81c777e2b4e938891de578203ef01ac2f187280e87fc161a2b7de9e36cff5fbd810ff5ca5bbc5cc84bdbce68f120014813c8e5ed17ee200e7f573 |
C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe
| MD5 | 1c12d15f2c7c534deea964f20942b471 |
| SHA1 | 162fb05640cdc592049419273b5176b00503cd5d |
| SHA256 | e250c58662c2c8efa8e2c74bcec8de1f193e4b9ff6d60e4551a5b49e66fbff22 |
| SHA512 | 01a18f084df947ab353aff014a98fda6cacd9619566ec8d344a29f677006603a14cb5f194642f139d6ed8ccc7da982792fe2ac409f9049465917caf950f9c991 |
memory/3992-1376-0x0000019F67B50000-0x0000019F67B78000-memory.dmp
memory/3992-1384-0x0000019F7FFE0000-0x0000019F80090000-memory.dmp
C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe
| MD5 | f19af1770216a3bbf159536c937ea006 |
| SHA1 | 73e29b5bea48a1e3e99e48b1dd3e42a19c90fdd5 |
| SHA256 | be04bcd256b493009ce9f088d0455e9f0e71aca8951ccf8776c49360aa96bf2d |
| SHA512 | 24a7c55e12d14ce8acbe4f7a692b247a956820425b2cf1bdc878569058e61e94d728c5f7908f29f6ef1615421605e8da4784bd44b2b37ec4185478e2df9bec25 |
C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\118.1.0.0\chrome_elf.dll
| MD5 | 610dfa442b3fc7f9a33a8763a17965c5 |
| SHA1 | 1d509b1bfe71a6a3a4fe32e1e8b26b3341a7b3e9 |
| SHA256 | e10d236ccf37aff5d60fc9cd5ad8f2950d52cb67afce73f079f19e4abc932c8b |
| SHA512 | aedc8a3acdac6e9d4e8cb5118914d009a6a6be127d6d354c9d928f2562e255372769a242edcdc9bb507a104dbf42fe529187070ba17b20a9b7a575e1c2c9e8f1 |
C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\chromium.exe
| MD5 | 9e973c1a8973e95ffce646261adb55ff |
| SHA1 | 2fc2f7d3a16cae2f24ba35bbe9dd420702ce27b2 |
| SHA256 | af91df851d4628723163a4eecafd81a7e43034f690a4a0197ee626ff029888c6 |
| SHA512 | ea552d5e2608e4209b32a307ec9f72e72de2318a5cd6a7969451fcfe4d8e1c5220cd958835d3499f0a8be2398003d393d9895ba243939e782e379a258ed6a145 |
C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\Newtonsoft.Json.dll
| MD5 | 081d9558bbb7adce142da153b2d5577a |
| SHA1 | 7d0ad03fbda1c24f883116b940717e596073ae96 |
| SHA256 | b624949df8b0e3a6153fdfb730a7c6f4990b6592ee0d922e1788433d276610f3 |
| SHA512 | 2fdf035661f349206f58ea1feed8805b7f9517a21f9c113e7301c69de160f184c774350a12a710046e3ff6baa37345d319b6f47fd24fbba4e042d54014bee511 |
memory/3992-1392-0x0000019F66090000-0x0000019F66098000-memory.dmp
memory/3992-1396-0x0000019F7FF30000-0x0000019F7FF52000-memory.dmp
C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\System.Runtime.CompilerServices.Unsafe.dll
| MD5 | c610e828b54001574d86dd2ed730e392 |
| SHA1 | 180a7baafbc820a838bbaca434032d9d33cceebe |
| SHA256 | 37768488e8ef45729bc7d9a2677633c6450042975bb96516e186da6cb9cd0dcf |
| SHA512 | 441610d2b9f841d25494d7c82222d07e1d443b0da07f0cf735c25ec82f6cce99a3f3236872aec38cc4df779e615d22469666066ccefed7fe75982eefada46396 |
C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\118.1.0.0\chrome.dll
| MD5 | c95d8af04638b30481302f38fe8b79d5 |
| SHA1 | 32bb93da214e43c59e5777db05c3e6e30ce2fb63 |
| SHA256 | dd5f58b930c02a5757729fad09926c39e47d422bf21046bab92ac4bc400960a8 |
| SHA512 | 982ab62a337571faeff6b3ab1b0312ce6bf060535517faae161e1790994aec741c8340b189595457b5e874974d311531d4fc7b5a8da2416dfb425ff56175075f |
C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\118.1.0.0\chromium_base_version
| MD5 | 24af27209c641f801d94a63cf07cb346 |
| SHA1 | 9568aef96d210612927b9a3d09f2b6bb34947093 |
| SHA256 | 924771ab3d4b68a38632467dc23654c6a8defaa8da8cf8fb610c1849b8c34881 |
| SHA512 | 45c240bff6ed765eca17a50965c1f5c69a2c072331bcc2cbe45e978cd1850505994c318939616f942929d49c968f1a15da3623c567cb56b23b1991f801fc7065 |
memory/3992-1399-0x0000019F80090000-0x0000019F80106000-memory.dmp
memory/3992-1400-0x0000019F7FF60000-0x0000019F7FF7E000-memory.dmp
memory/3992-1402-0x0000019F7FF80000-0x0000019F7FF98000-memory.dmp
C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\SharpVectors.Runtime.Wpf.dll
| MD5 | ef579ac90fcd8525234a517e055a3e88 |
| SHA1 | d14e31848b8688562b48f3c756492ee1bf71981f |
| SHA256 | de7c471617d8f42fe9a42e5b0b96fab23196f941a336fbd57c888b453a8a13c9 |
| SHA512 | 288c6c8f13d64f7b6c24c8294760f9f9937c76e1331a5a74c171f0e3ce3a7e47441b82e3bb3adddba4abc564b1b58d11612f7e92a00059a6f36dbdb9b32fb897 |
C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\118.1.0.0\icudtl.dat
| MD5 | b53dab2644e2b44c874df9eb7ff9ba9d |
| SHA1 | 8dd5459e1358026316bf4199ed39ab646def0c98 |
| SHA256 | 8eee505762b93042e43cf8b4b79b48ac1e965bbcfba664965b7436c4202c477d |
| SHA512 | 3435fe2f1e8a357394358b47ef3931e9de4b33d9ca27b7db2f81520f8df79d9032abe7261aaf7be30f3f5aa8fb5b664bdceded3090ba278687d875b7fe4594f3 |
C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\118.1.0.0\chrome_100_percent.pak
| MD5 | 69f3466601fdbfef17cc97570e7fbba4 |
| SHA1 | 85cfdf98b47692509d6c29d556e03a61e069dfe6 |
| SHA256 | 0c80e85f6ba285a21b59a7a135535a0047008492d20147a8a2140ae3d1e1eb15 |
| SHA512 | a5c7b2f4ec5dcc88dcfe68144ef3c91fea35e7603c153266546181ec4e350aebe544f4dcc79e49310da9063737f66877096b7841557480b8a4b73124d4ee434e |
C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\118.1.0.0\resources.pak
| MD5 | 7cebebf809266e2d3f85dfdd50c010f0 |
| SHA1 | 4678901b0009690f7662885b0fa0a6d5b58b54d4 |
| SHA256 | 6416c87723b94113908ab2897c28e87c8ff6f31e2c7f31182acfc85c0982d98e |
| SHA512 | bccd818edb2d2e8a66372888140c2cf8e204b28ba5437c215e0b6abbf7a303fbaac368bfa82d86432576ca78ae1793a5d76dd7f5e2089c2032d3e0411e296333 |
C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\118.1.0.0\locales\en-US.pak
| MD5 | 2ba0eb22acbc90d8955e33b613337ab3 |
| SHA1 | 6479d1295e4cc071cd23a09412e521db0d025e45 |
| SHA256 | 49813a25d205ca5b046a32881f9dfd189efacd815e913d7aeacc7087583dc2e1 |
| SHA512 | b24e6535bb282c0919f7f782aaf8170f129280949bbbeec3e35b8bcf44acdf88507a615794095e9ee39c78ef4208ede49fe3fb039453744cdf5f1b708912cc9f |
C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\118.1.0.0\chrome_200_percent.pak
| MD5 | b191cca204eaa14e4e6e48a4892f4ce6 |
| SHA1 | 7944d268039d1f033209c0c65fe6823222c5fa24 |
| SHA256 | b4a1f4f93eb1f6d5d570a4c31393405839b580804f0133fca0f74ce55333572f |
| SHA512 | 555ad5c0f38b9e2e8269d7f013dc3858097d390dd299a5f2adeb42d04c2c1ba7424ce92afaea52469a9001c25e9f53476142348cc6b8751525e58b6572b24a24 |
C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\master_preferences
| MD5 | 1145e5f59ecbb095fb6b2c589c45e824 |
| SHA1 | f867d306e1d59a477b6221b2cb4a37a18a71cdd9 |
| SHA256 | 6717cf4c3142666873a050c9e6578977e874aeb5553d6aa4a653a9a9a2cd7ad0 |
| SHA512 | 4968fe6874f5d410a3e8faf3ea4a8c0bdb0e07472698dc1a98a94414abcb960e01440e1e04b8636a69fd3907e71ad3967309c3f6428fed1a3e845c1c08f974f3 |
memory/3992-1411-0x0000019F00520000-0x0000019F00530000-memory.dmp
memory/3520-1410-0x00000000036C0000-0x0000000003800000-memory.dmp
memory/3992-1408-0x0000019F66100000-0x0000019F66110000-memory.dmp
C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\System.Windows.Interactivity.dll
| MD5 | 580244bc805220253a87196913eb3e5e |
| SHA1 | ce6c4c18cf638f980905b9cb6710ee1fa73bb397 |
| SHA256 | 93fbc59e4880afc9f136c3ac0976ada7f3faa7cacedce5c824b337cbca9d2ebf |
| SHA512 | 2666b594f13ce9df2352d10a3d8836bf447eaf6a08da528b027436bb4affaad9cd5466b4337a3eaf7b41d3021016b53c5448c7a52c037708cae9501db89a73f0 |
C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\118.1.0.0\chrome.dll
| MD5 | 97d64cfb656ede0c2d01279ec5f0f867 |
| SHA1 | c48417fc09f85509259823aebfd91e63c2f2953e |
| SHA256 | 64f66c23a084451ebb7fafecf7ee3db165a2d8e48219a964166b4d890f569a6d |
| SHA512 | bb00f243857ba5639e3cb504fe024f9eb7da0e296f9d8a8db14a48b59b3cded02902363ceffab65535e63763521f73f1aa64fc687cd3cd40f28817b7b98c7f37 |
memory/3992-1419-0x0000019F7FFA0000-0x0000019F7FFBC000-memory.dmp
C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\Microsoft.Expression.Interactions.dll
| MD5 | 3034cc0d5cf3731ed90153aa616f3f59 |
| SHA1 | aace8d26358d9829f0e6632bddf183534acfec0d |
| SHA256 | 63cd5e8a60d77d1007352538a4285c60c0c3efb9c771035589105a284e4f63a9 |
| SHA512 | 88589b022d713d565342e331394ed5600d1fe346aa788e45e16cf51221ce898f10bd28c6a09fdc44d9ad94f25b4ed22c6f0eb28fa832863c01732def5b6c6086 |
memory/3992-1422-0x0000019F80170000-0x0000019F801C8000-memory.dmp
memory/3992-1430-0x0000019F7FFC0000-0x0000019F7FFD2000-memory.dmp
memory/3520-1431-0x0000000000400000-0x000000000070A000-memory.dmp
memory/3520-1432-0x00000000036C0000-0x0000000003800000-memory.dmp
memory/3992-1466-0x0000019F00520000-0x0000019F00530000-memory.dmp
memory/3992-1469-0x0000019F66120000-0x0000019F6612A000-memory.dmp
memory/3992-1470-0x0000019F67AA0000-0x0000019F67AA8000-memory.dmp
memory/3992-1480-0x0000019F67AB0000-0x0000019F67AB8000-memory.dmp
memory/3992-1507-0x0000019F67AC0000-0x0000019F67AC8000-memory.dmp
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\fe687687-a998-41c5-b64a-4681c8bf1ecf.tmp
| MD5 | a3521925004fbbbec5a0818595eadeb4 |
| SHA1 | f59ad7f16254402c91d2c83b3307f9d4ee0b1f86 |
| SHA256 | 2361a312323d45991cef2ab16c8674c775e196e241c4b42ad0506c481b1b2022 |
| SHA512 | 78aee5267af2084fe839d774b8b0fa0a55008652f039ced988d7c29f35a4ae924efe5384478a25d41d7255d5f76eac3608229ccbec4516c2a73cfc60a478b24e |
memory/2960-1477-0x00007FF93FD30000-0x00007FF9407F1000-memory.dmp
memory/2960-1474-0x000001D567EE0000-0x000001D567F84000-memory.dmp
memory/3992-1472-0x0000019F801D0000-0x0000019F801F6000-memory.dmp
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\Extension Rules\MANIFEST-000001
| MD5 | 5af87dfd673ba2115e2fcf5cfdb727ab |
| SHA1 | d5b5bbf396dc291274584ef71f444f420b6056f1 |
| SHA256 | f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4 |
| SHA512 | de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\Extension Rules\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Temp\255E87C.tmp
| MD5 | 349e6eb110e34a08924d92f6b334801d |
| SHA1 | bdfb289daff51890cc71697b6322aa4b35ec9169 |
| SHA256 | c9fd7be4579e4aa942e8c2b44ab10115fa6c2fe6afd0c584865413d9d53f3b2a |
| SHA512 | 2a635b815a5e117ea181ee79305ee1baf591459427acc5210d8c6c7e447be3513ead871c605eb3d32e4ab4111b2a335f26520d0ef8c1245a4af44e1faec44574 |
C:\Users\Admin\AppData\Local\Temp\255E858.tmp
| MD5 | 02d2c46697e3714e49f46b680b9a6b83 |
| SHA1 | 84f98b56d49f01e9b6b76a4e21accf64fd319140 |
| SHA256 | 522cad95d3fa6ebb3274709b8d09bbb1ca37389d0a924cd29e934a75aa04c6c9 |
| SHA512 | 60348a145bfc71b1e07cb35fa79ab5ff472a3d0a557741ea2d39b3772bc395b86e261bd616f65307ae0d997294e49b5548d32f11e86ef3e2704959ca63da8aac |
C:\Users\Admin\AppData\Local\Microsoft\Windows Media\12.0\WMSDKNS.XML
| MD5 | 7050d5ae8acfbe560fa11073fef8185d |
| SHA1 | 5bc38e77ff06785fe0aec5a345c4ccd15752560e |
| SHA256 | cb87767c4a384c24e4a0f88455f59101b1ae7b4fb8de8a5adb4136c5f7ee545b |
| SHA512 | a7a295ac8921bb3dde58d4bcde9372ed59def61d4b7699057274960fa8c1d1a1daff834a93f7a0698e9e5c16db43af05e9fd2d6d7c9232f7d26ffcff5fc5900b |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\DawnCache\data_3
| MD5 | 41876349cb12d6db992f1309f22df3f0 |
| SHA1 | 5cf26b3420fc0302cd0a71e8d029739b8765be27 |
| SHA256 | e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c |
| SHA512 | e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\DawnCache\data_2
| MD5 | 0962291d6d367570bee5454721c17e11 |
| SHA1 | 59d10a893ef321a706a9255176761366115bedcb |
| SHA256 | ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7 |
| SHA512 | f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\DawnCache\data_1
| MD5 | d0d388f3865d0523e451d6ba0be34cc4 |
| SHA1 | 8571c6a52aacc2747c048e3419e5657b74612995 |
| SHA256 | 902f30c1fb0597d0734bc34b979ec5d131f8f39a4b71b338083821216ec8d61b |
| SHA512 | 376011d00de659eb6082a74e862cfac97a9bb508e0b740761505142e2d24ec1c30aa61efbc1c0dd08ff0f34734444de7f77dd90a6ca42b48a4c7fad5f0bddd17 |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\DawnCache\data_0
| MD5 | cf89d16bb9107c631daabf0c0ee58efb |
| SHA1 | 3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b |
| SHA256 | d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e |
| SHA512 | 8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0 |
C:\Users\Admin\AppData\Local\Temp\43db418a-4546-42a6-ace4-83ebef103d29.tmp
| MD5 | 5058f1af8388633f609cadb75a75dc9d |
| SHA1 | 3a52ce780950d4d969792a2559cd519d7ee8c727 |
| SHA256 | cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8 |
| SHA512 | 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21 |
C:\Users\Admin\AppData\Local\OneLaunch\5.27.0\chromium\118.1.0.0\extensions\gcklppdiegejnfnpepkaagjmdneobkgi.crx
| MD5 | d5b2db9b5a51865f66452f32fb7c4e81 |
| SHA1 | 64e679e7f732f5b005528c2af25f777c85109e7e |
| SHA256 | 71a31380a317480881b882a9efb315412762eaca5660fdf11815d158126692ad |
| SHA512 | 6971eb104e8f5a7d080ea33b19450baffed81a713242cfe4bcdfe60964bacacb8369ea000622f2598364d6a69b18bd5287173198f88196169f5f135d07570c7c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000002
| MD5 | 5a7ab5fbacf71c3d8715f77a1d6b4cbf |
| SHA1 | 0a63a4ebb7fd505fcc0e569fb4a74af763a503ec |
| SHA256 | 98238e2a03fe407645a13d6e1654487ddb761ff25036aeb214055f5db4ab0cbd |
| SHA512 | e110b1e979f7a3032ef6b195c58a8c5b7abd6760bf9a469437f763570e451c01716059626487080edc8be775a37a2cb7b66cb0426dc638b97e7a73d8ed7701db |
C:\Users\Admin\AppData\Local\Temp\5deefdb6-9d93-4c52-a24d-d8e1103214a8.tmp
| MD5 | 034ce0c40d7bcefb3e6b5bdf3480bce7 |
| SHA1 | 3b19e399d7b2cbd4f3b8a7dd17d8b4a3af839e53 |
| SHA256 | 93def3fa90190d2434bd74843575f4cccb634ba8481dfba5520815e01cf2325f |
| SHA512 | 9304cc186fee44ea84759530be33da9f45d702878823fc5c64e15bb39fa28c3be0a942593e9e43bdf2af9376bb2fa7717b942aa494dbc345a6e00c3362b21061 |
memory/3520-1848-0x0000000000400000-0x000000000070A000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\scoped_dir4616_239892526\CRX_INSTALL\src\contentScript\globalInjector\index.js
| MD5 | fe07a602fcdc55732a567bceda208e17 |
| SHA1 | cded2eae412bfc40d31e8285e3fae7bbd995bb69 |
| SHA256 | d459db412275bd93229a3c44dd4acef7c5880b35fa50732f76114a2378fcb5e2 |
| SHA512 | a8b49dbb4dbc184332fa4dc1b03f7664a09939cfd472bbf772bf411c5ed1e01a251e628246484a2ab35144b3f97f25c8818304346a7b392108c33b4b3347fdef |
memory/5056-2021-0x0000000000400000-0x00000000004E8000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\scoped_dir4616_239892526\CRX_INSTALL\assets\src\contentScript\slickdealsStart\index.a0908cfc.js
| MD5 | 19cc33d58ec9e3d42825a814b8d9063b |
| SHA1 | bce43d7ab37440ebb87f9822f2f7ca77aaa79b6b |
| SHA256 | dc57439f8f8747f3b55ce505ed1937e915b9011c697b0bc29b0b2848fb4b0df5 |
| SHA512 | b278f43bbb7d0eea8dc982d157bea877d43b0d57231ff2cd146696e072392ae6c4a6bb9c6bfb46545af74c8cc73c1fa572a0abb704e6aac9c06722f40c6b9a07 |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\Extensions\gcklppdiegejnfnpepkaagjmdneobkgi\3.5.3_0\icons\16.png
| MD5 | f7964407d8460444ac479a39866b8291 |
| SHA1 | 1f07f558e639f507ef5c0a3d15c5567f43ce09e7 |
| SHA256 | 1206d28eb2995f94cfdc64db6837704999b16a68536b097bdc2a7b2c6ec27f26 |
| SHA512 | b063f81ee01787bf27b7ce3078d0d620e2ba52dbfdfbd43ed9929722ce7e27abca3df63370b9778d5d1ee5400b7d83b1cbcacc8369dcc329bfcd17cef82bee82 |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\Extensions\gcklppdiegejnfnpepkaagjmdneobkgi\3.5.3_0\manifest.json
| MD5 | bd71d16d73d457de9c55312b53458b5b |
| SHA1 | c99af7188e136fdc6fc59144e77ff21df0cc8d0c |
| SHA256 | 7189850ed2f8e830153634e7fc936d5ab3f0eed9a5d1408c57ee750d07f4829d |
| SHA512 | a4bba3c470c7306035fc2c14352fb37a6a9dd80bb0b11c9a936bf9c4bfe6317270512f7626d3ee480e4f9f4ad272b6c4a58845fb792b0cd714eaecb8ab3b3ccb |
C:\Users\Admin\AppData\Local\Temp\scoped_dir4616_239892526\CRX_INSTALL\src\contentScript\globalStart\index.js
| MD5 | 97c06edc57360ed9d8ced96ffb10c265 |
| SHA1 | 00778a6df29f8c34f4b66472d9c9c905577c2613 |
| SHA256 | 8eff34dd1eaeac24aeb9e385dd77a69eae9fb975400389ecce6b73a5385c2dd4 |
| SHA512 | b25dde0368501e7935e0d177009dbd5e91288bf648407a958d715f62e7df19fc67a60ca9597a3c938a0f3d12c10559b53f25c58e50d49db50145b9475d4e75df |
C:\Users\Admin\AppData\Local\Temp\scoped_dir4616_239892526\CRX_INSTALL\src\contentScript\slickdealsDealDetails\index.js
| MD5 | 6f13fe2d9ad6c6dca797c4aaa7ea520c |
| SHA1 | 33abd608ce8c6687c0930776c4bdd252b6e03ce7 |
| SHA256 | 120fcbc0bb7e09aee7f2dda95f2cde930c3379878c27fb96e0a21b92b1114b11 |
| SHA512 | 9823a2321acd4cc37a6cae09e2b5817690efa1f923ef01220291194f5fa40fa615ebc384a9eecc9126fea2567750179e349ee21d14aaf423705ee5fd872cad92 |
C:\Users\Admin\AppData\Local\Temp\scoped_dir4616_239892526\CRX_INSTALL\src\contentScript\slickdealsIdle\index.js
| MD5 | 4df3facc60197e3c00afaa676a844367 |
| SHA1 | ccf1df4c665eba566276fc833da0d48490dfef8f |
| SHA256 | ab2270fbfea2cc9a9e871abafa5d152003d460591cd96bed34c4b90666e1ed29 |
| SHA512 | 87c5d67fc5bcb016b7f85523e3073cc963293632a152f93a8d61b9ca6ff6f851e22de9568de77eb2c8a90aae6d395530a2acddc99c353beb2d624512f0f0befb |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\Network\d462e830-11e5-4260-98fe-67bbd14f05b3.tmp
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\Extensions\gcklppdiegejnfnpepkaagjmdneobkgi\3.5.3_0\serviceWorker.js
| MD5 | 02bc07d152eacaffe4a31e667d9fbd0e |
| SHA1 | f22c58599db466522eb70606fd9187bd59cd6b01 |
| SHA256 | 85c8d0928c6ba30ea4ee87f5f39e001876acab70acd155e16d088f3a56878e97 |
| SHA512 | 0eea4cde4b673a42926e6601741205637869593d3ed9dc65b3f6a40f2ac61c3b9391cd7b0f75036a1e091eee4a3ed0c73e2cd2f9cffd2ba973c76a92c880842a |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\Service Worker\ScriptCache\index
| MD5 | 54cb446f628b2ea4a5bce5769910512e |
| SHA1 | c27ca848427fe87f5cf4d0e0e3cd57151b0d820d |
| SHA256 | fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d |
| SHA512 | 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0 |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\Extensions\gcklppdiegejnfnpepkaagjmdneobkgi\3.5.3_0\assets\src\background\index.c3470784.js
| MD5 | 1bcb87bfe1672dd9d5b6d2ec4bdd1440 |
| SHA1 | 7af255523505b9e6c0cf373484127c4401861b1b |
| SHA256 | e51b2907b1e86b1c58ade11475a6eb1ee1454f0c524cd8e6102ab5fc76d0b5c4 |
| SHA512 | 0ef4fdcb8e038d75fe271bd60f57cc92dc1e00a4acec13bca416001ffd305561cf3ebc6ef0bfb3a9a2cc4946706e893b072bf9c0a66e1e3fce18813f26a72587 |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\Extensions\gcklppdiegejnfnpepkaagjmdneobkgi\3.5.3_0\assets\devLog.fc48ebad.js
| MD5 | 9db618256c16923d4be2d163196b028d |
| SHA1 | adfa216df1a5e9eb88fdd755b335c393bf0fd7a0 |
| SHA256 | 1e88e611c49a97f75e2a4c17a06448b4e7cced3f94139181c9641226a6c10b28 |
| SHA512 | ce184074527b8ce85181c045eb0af2787f5a5f66448d8ddf4a6db1a92a1cf1d8ad7b85883398d0eeeb8e79a2e3f51ef9b33286379de0308686a08dc6121489b7 |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\Extensions\gcklppdiegejnfnpepkaagjmdneobkgi\3.5.3_0\assets\popupInitializer.ee567670.js
| MD5 | 68f1d1b16ed68737147103e509a2e4f5 |
| SHA1 | 1a5880149ee4c86f2cd43b1d07d170b1c9476eda |
| SHA256 | eb2ead8ce52358f547bdbd4f737f27cdea65078b9d8746a0f73eb3596a765af2 |
| SHA512 | 775084ff48e7d6ed71ac0e793a2b932f99685fc615664b2b0ecf56f621d1fc70362d09da15f445dc033cea973d7b0447a79a73f969c43bc95ffd568e45f1fe03 |
memory/3644-2285-0x0000000000400000-0x000000000070A000-memory.dmp
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\Extensions\gcklppdiegejnfnpepkaagjmdneobkgi\3.5.3_0\assets\index.0a1d9bc1.js
| MD5 | a9881409aa51da613775f3413ff5165c |
| SHA1 | 6f6f016a330bc9c152839f839aa2b785ab44e01d |
| SHA256 | 4f291e9a648c109b78669cd878f8e6b5e32333b10a3d73a7c19df2ff8e03fccb |
| SHA512 | 58b035189bb35f6819343cab6e28d23155e90fb47eed930d158fb43398c47348f9062bb92e0a6681e3983849ea2c485385f21f63dfc7e5e97f46657fc3cc6798 |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\Extensions\gcklppdiegejnfnpepkaagjmdneobkgi\3.5.3_0\assets\loyaltyOfferService.4f4dbe5f.js
| MD5 | e4a9f2b0e51084e81ca6c0b658277ee5 |
| SHA1 | 45a86f5b7741339efde55e55c9765c6e9b65525f |
| SHA256 | 18c195435be4e22778f0f1c52f5a63f926d12a9d6b8c8323e10ebb299f275f07 |
| SHA512 | f734589bd7b6a0d0249fcc33b8f905ab1ee48ca1ceca6aa1ae79292f0b538e815455b7a4617186194ae079aa2531f98db470f3f0e23cdeddb419bc86c6531ba9 |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\Extensions\gcklppdiegejnfnpepkaagjmdneobkgi\3.5.3_0\assets\directToMerchantOnboardingService.4d58e5e4.js
| MD5 | 0e394aa21637d49b1ef3fa330b3c6824 |
| SHA1 | e1036eacebee448e5a54193626a4a6b74e23bf40 |
| SHA256 | 71041e19472c9d5cd9e914d2d613eaf281bb1ac660b3f5ecd20ca8f97f005ba3 |
| SHA512 | e207b43120e24de398e7878abe3d2d8a947fcf9590cc8b223f1c16abb85339bdb9af7a08fb39761b3f796a65be913623aef1afe2ed6196d49e8adc528230c084 |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\Extensions\gcklppdiegejnfnpepkaagjmdneobkgi\3.5.3_0\src\contentScript\slickdealsWorldStart\index.js
| MD5 | 4ccc13ba0eaa600938bcaf8d673134e2 |
| SHA1 | 2d34a38435f2f014f99b345cbe7e7fa568a28d17 |
| SHA256 | fd2de0e6a6d5c30d33b0778ab1aab323b56f40cf788f298d03477e693694a189 |
| SHA512 | 26a2adf768c410dd88f75597be01a77e95583fab142f433d7d66030bc8b46efbbf07075dbd10eeb599fa1c03a4ee7b8aafd9c41166192134a439b6a68f82ac9b |
memory/3384-2302-0x0000000000400000-0x00000000004E8000-memory.dmp
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Local State
| MD5 | 85211def82555799521713419ce37a4e |
| SHA1 | 137e145a30f09d5e831db5a541d76d379a5fa829 |
| SHA256 | 287cacdb766e7febbbc6bc58029f6b8650105f379b5bcdfebdbb9bb0626d2cfa |
| SHA512 | 28642c4bfa6e323b5165af93623b05a96e0649f491681e4535279b225446a3f99fa965d594dfff954b1f99615f2c2b74ad6f94a140a7aa9693af7eee27f59b78 |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Local State~RFe590ab4.TMP
| MD5 | 7ecd58391e598b751f43eda24fcf4132 |
| SHA1 | dcaf96acd3cc51f8c69ac0c09e6c3054ae2d72fa |
| SHA256 | 55c6e146ba41f947a247cb270fa0d47c69e8932d5bf8afad8ea9ddadc455a687 |
| SHA512 | 3b41bf1ba7e1dd4b12108469bc6f5c68c8facac77713f065027d71eb5f4656a91491a7d70ecc79b92edee2203987f01777d55098af0bda264405526132e367a2 |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\Preferences
| MD5 | bba23e98382921266328f98ebf367aac |
| SHA1 | c2eed6a54f46b0e3c537d7d6dd8cccacf0a483c7 |
| SHA256 | 6cb8b296fa83990fa03a74068ccdcad278c7810d3bbf8e8194cbb041d7c75b9e |
| SHA512 | 5a7f63b4f563e48116f37be8e43b33118ea34af25f491c595992eb02c9a9b852c4999d522e0463483365a832eff97ee7823af6d7a1109cf5e61063ef9170732e |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\Preferences~RFe590b12.TMP
| MD5 | 476d130df779b5880a2a7f6affbddd8e |
| SHA1 | 12d798efc1a23254c858427c4bb1815171b510ec |
| SHA256 | 15e85768ff37563fee2c7eec2e0e379fa20b068169109705a822f45169781c7b |
| SHA512 | ff1f2d02fdf9c96f82e86c80dbc2294c64d9e8d34b2311f0d4b2220b4913c7f473bb1437340e382dafc436d1f489243e62f61cecd2a8be060a3005bdddbb61ab |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\Extensions\gcklppdiegejnfnpepkaagjmdneobkgi\3.5.3_0\icons\monochrome\32.png
| MD5 | 2f3fcb68a97b28572ea5a6f6036e9d2d |
| SHA1 | 1f40c0e5ca228895f5251b318840089390a92109 |
| SHA256 | 95477dfa9523aeeb6c54b99e05b2e77aebd169707ff4870d7a88312c3c9db472 |
| SHA512 | 28ee5356d0b08749d4ed5df9d2baac0bff7570f6a4f3ccf117481879a549cd63cd33d9371ca769e79c00fe2f050bd027fb1df71502916f55dbb90315603e4b13 |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\Extensions\gcklppdiegejnfnpepkaagjmdneobkgi\3.5.3_0\icons\monochrome\38.png
| MD5 | 6963ca5b2b2d542066627aba5a524ba1 |
| SHA1 | ba505166df7dbd99eca91b369fee3ebcafe27e61 |
| SHA256 | c214904497572f7d19b1a9745d8e90a398098a86a8116c4db7f6bb430cd0da21 |
| SHA512 | 3207e96f545477fa9106c212d96646921bd3505851e1323f4c283ea0ed964e961beb2dc04f920b76270326964cee8391ccac2d8b23f5c94762b719c0958a7131 |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\Extensions\gcklppdiegejnfnpepkaagjmdneobkgi\3.5.3_0\icons\monochrome\19.png
| MD5 | ac164fe8d95aab9ef6c9aaf862e8f2d6 |
| SHA1 | dd8fa00ec5ff4caccd74329b5d61b313974d8167 |
| SHA256 | 28a2d5edc6fd51c7274b75b465649f15316bfd3f5e47fe955de262a93ca1dd86 |
| SHA512 | 2de6700a9e68dd7bc386d1c15ebcc3624b6e32d3dc16d624b87b6e0664ada8c330f6eab5cfd3307bbd0f8d32255ee5734d14e48164cc9b8014a422bbc8ef1255 |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\Extensions\gcklppdiegejnfnpepkaagjmdneobkgi\3.5.3_0\icons\monochrome\16.png
| MD5 | e9bd81b06e20c5d05aeac790c732f77d |
| SHA1 | cdb7484d2f7c4a4ce354c3a42e5356a5124157d6 |
| SHA256 | b9c0d50fa39d97ae1d26d89f20c6da8309e0ad060c89c5a9c600c12213a54449 |
| SHA512 | 1dad56a3c56170e5d2c7b3d688be6b6f8e498951578c54a68a00f3aedeaf5dc047573443391397221c9f0cd662909eb189543303bf6ba998f76750a61ff14753 |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\Cache\Cache_Data\f_00000a
| MD5 | 87e8230a9ca3f0c5ccfa56f70276e2f2 |
| SHA1 | eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7 |
| SHA256 | e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9 |
| SHA512 | 37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | da7136f2d2ad85045b02561d32a1410a |
| SHA1 | cb43c0f31fe865b0dbafe32347b56ac3b6554648 |
| SHA256 | 9d988119e926ab4e7ec04dcf04654355977d853b1f995877fb04fb96b52068a6 |
| SHA512 | e50b6744f90469845627f2f4c5b667e8edf7cda0d3d98203641dd41bdaf126cfe5d5ee889a1a0f8c33e1c4d9e67cebbb4741eac7616566643ffd5bc2074742f6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 8c0aadbb81435bf0e572754ee04f7205 |
| SHA1 | 5916955dd445f30de188829b81d9a156da944739 |
| SHA256 | f8aa0d65a4dc9d7ff3bbb12d2c61d3f4cd6b80d6f41ed6575f65aad8992a9b6e |
| SHA512 | e11630071dd5cf294c53adb14bc348d0e2aa26ad707b6c5cc5d6f9df76e0a1b8bac19ee1dad8a7ff38a6a6f3ee1ab0000affaebb94cd8255246da72d6505f702 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 565f72b9605b76996f62bfd3db027e0c |
| SHA1 | b56f50a251ea0f88fdae01e2ffbc619f92955c4a |
| SHA256 | 6213418fbec1845a4cec756efe7276c2ac6ef7dfbbe92c74c3cc35040c9c1cff |
| SHA512 | 0a529c5cd0c129e337cd0944c15b5077ccf7d2ae183e875aa8b082ba78dc4b2d595f1580c1e3efbba5e033326ea259d4176a9cf644c0b4d4d5d599f59ca19862 |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\Secure Preferences~RFe593445.TMP
| MD5 | c75d3221165d55c3758fd957e92edce1 |
| SHA1 | 9f814a1f4346d0ad2e7a78017efc06bce70a9430 |
| SHA256 | d1a11bb1dcab2793abf69999ca8112022f24c07414fd3d024cf1f4ede61abc51 |
| SHA512 | e938bf3c447bcf432045048af95fba7c7e395146dae967ac97fae2305900139d2ad0e8e9189b26334ba1ee0a701273f2d2f46efcacf3d12504c5dd85c8e4dcb4 |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\Secure Preferences
| MD5 | 1bd34930c50fb850727c1541ad1c5f41 |
| SHA1 | 7ce144ed7e19bd50c27cd82c384bd47c70633f90 |
| SHA256 | 4be5f94ddc91c4b3b37cee1ebb78b4543a9d3d311234695061b8395a9d63db22 |
| SHA512 | f7b4bbf2fe9b289b0e46074dbfc8434cd9eeec0974284b7f3ccb16f2269908e10d376c53a2648f9c7ed5dae5824628cc408d08848a54c2ac466531d0246858b3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 9dcfdef6647ce7de7b474825a642d477 |
| SHA1 | 4617faef6752596f88ae5f47658a5393f88779ab |
| SHA256 | c5816e056e65288a36c01ea7e547f999aa84cfcbbd404aeb78726ad0cb48db00 |
| SHA512 | 13a3988372a932efb060bd4e0c64606a75875458dfaf8afe7dfe251a6935b2ee05927792c3e12178a61df85a121884a0c949422d409cdcf7720ed952cfa8abbf |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | b2ad98547884cdd0b2be52f4f770238a |
| SHA1 | 86080282d1f7c805e6fee300b86ff91c06fa92a6 |
| SHA256 | c98c5cfeca1fb51553dfffec49ec368ce890c3e8d53b97566402c5d31d672453 |
| SHA512 | bc9ff26e0d7eacc4e1b5e075a3be5e779881b353676af89c94374cd2fc4ac942c319483edb5f5443198e64d3e33135ddcd0f07925e2bf4279c6ca16977514328 |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe595450.TMP
| MD5 | c0a233203273011cac185f1cbedf6ac0 |
| SHA1 | 0cb848cefa632c1653f46da749628502f42fb9a3 |
| SHA256 | 75ac1442d85ed0430bc17609d871be0dcd806c9a40aef286fea25a93a667f95a |
| SHA512 | b0d481989208c311cae20785ff9dcc8209f3bcafc4d37ae2427e376ede462c6bfc971ac6f5b0bd60435904e32dd0cdf2e5db81a8847d2e20f74c2d62be85dd0c |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 4a078d56fe11ee7af8c2bcf091c151a4 |
| SHA1 | 9e3266901b0445b18f5803ab8f4b33e40fb4830e |
| SHA256 | bb0d45c5886079f578507b6ceeb0f304b79e34c84e7e909fbb125c67201a3180 |
| SHA512 | f04c8b48fb463a02c119daf24f9226901cbb95ee7b912be36bbc76c0111745ac70a8b0a70774d0a0b855b24b91f89b058455217528e868ceca55f1cecf5ba90c |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 09f9ee2c947ceafa65d5e990dff855c3 |
| SHA1 | f3bfe8d5eae6bae7c2dc874d1c34b02a7412ebb7 |
| SHA256 | 6b98fa799ef103226be1344b0efed190553d513eb92fcc875a7480948fd7a93b |
| SHA512 | 8aefcb6c01a2264b90e4efe361a3e3ed17afdf86cafbffa5966597ed6b56c19db098098726f0b7a1786384ef3742fe08cb1be8f2f1df3dbfb96926e31a5ca19b |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\Code Cache\js\index-dir\the-real-index~RFe596577.TMP
| MD5 | 3795fd0ad33c0878047fe51d8e9f43a7 |
| SHA1 | 7d354d8012ebbcdaa6cb67d235fe72007a3c6ead |
| SHA256 | 77e13bfd1c729c73c551b51b1c3e01ab6af848e38475a06e7005cc3106fcbfd5 |
| SHA512 | fd709a0e0f692a6660129f295e0fda9b8e9186e75c754421ce1821109601236ecd0d43572a743cafaa821760a69aaf05211c03edf1d1741809c0be92751b3862 |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\Preferences
| MD5 | 6b9002185175983fa85caea853926d7e |
| SHA1 | 74004263499de63f1f1b24e3ad55f30c3c969916 |
| SHA256 | 4714047e247004e7c2cae908afae6b4e02fde6e7183a7f47005bf17bdb4d8017 |
| SHA512 | 5a5c53524e25c5d426b79ca09c4aa0d624c7e782f4f3988abd8af9bf9ed42515ccae888f2f9c852ee3d76b8d69b90fe5da4e941d3d60e99bc7f197f82ff7b25b |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Local State
| MD5 | 71c87dc33d1fe2a316a1cdf19b6c9e29 |
| SHA1 | 1ad83b667653000425ddc37f1ce9afe6938ec066 |
| SHA256 | 92c84fda7496dd666f1cf52040fce093d1f3b2e8d421d192a9759c93468c53a2 |
| SHA512 | 310f7256865381c69fca1a369bdf383fc3b1dcbd473ddfd7257fe32a7f44c7072d386d847ee417ad9db6e69b003262948731686520114ff67415c9a391b529d0 |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Local State
| MD5 | 99f6b371e2b8b282400b80879ce64c3e |
| SHA1 | 14d38d9af16e30a5bbad4a586ef055f05f8457f6 |
| SHA256 | aec6d656f61db37a6c990bbf95038439cbadd51dc221b513e7edcecb14822709 |
| SHA512 | b801b3cf5b173d23df643a47045a3601dc0e0b56944addf99c3e83a04f79df8af2813a0bd2592d3f5102342fd62eaaa978d48a83d9b7164fedc2dc5efe9931f9 |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\Cache\Cache_Data\f_000003
| MD5 | 4e82ccecaa3808ffe23b3c92e21d17fc |
| SHA1 | 8d45e94a4b5ad406c40cda4bd7fe90aa1d72caf2 |
| SHA256 | 6e536340da1a503fd176e1b1af0bd6d14a73a87ca35702cf3e59b8bea57a6958 |
| SHA512 | 4c9abc4899c5ab97fdc7a88bcce4ddf800380b6f3735dd12b2c1ade318bc38465584449a9fb275343f523074e7175389a0bcb81b3a692ae7681240a499f9a7e4 |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\Extensions\gcklppdiegejnfnpepkaagjmdneobkgi\3.5.3_0\assets\src\contentScript\globalStart\index.3fc83030.js
| MD5 | 745f189cb113d2af0d8d6f33adf177e9 |
| SHA1 | b0066ed915549e99502ebf5f0a5a3cfd785e199c |
| SHA256 | 2fde09e7b5af6b339b43ae81258600eaf05ea3e04f9302697e0e3a80ace3bf95 |
| SHA512 | a8ea04967daa4f6cb7cb20759420de33918b272edf0b61447ec49d349271b544016026f9901d016d6a9c4b00cd5831c94e89a731d3e7118ad54142b5f6c78d09 |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\Extensions\gcklppdiegejnfnpepkaagjmdneobkgi\3.5.3_0\assets\src\contentScript\globalInjector\index.44abef34.js
| MD5 | 621f84413426d85ef949dbc76823cb34 |
| SHA1 | 73f05326fb64de58f03876c5457ec10a601c1f13 |
| SHA256 | 5e542429604c5dcd7b1baad8a6f1a14daa13b47e4c4294673aac9a0309735e77 |
| SHA512 | 7f0a5caa17b38dd3ed214b129329feb972290c962a06b433682a16e4b3b0d19a19d986d869b2f65b4a0273048906cd5917cd1ba88c5caef71ed76a79b3f5dc43 |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\Extensions\gcklppdiegejnfnpepkaagjmdneobkgi\3.5.3_0\src\contentScript\global\index.js
| MD5 | bdd15e1b6c881a285d940e7666bd55f8 |
| SHA1 | 65be02986526cfe30c7c22f169b95f5a5b50b503 |
| SHA256 | 8e1b2a501459c11ede2ff2c6accf0b4698d68d3f592a2222d164b402d995b04a |
| SHA512 | efe4e7c0795c84eae25e20b7f9666ff98ae9961f556b17484375da79b27a2559b5dda53ea6b7f09a981501edfe210ecc544d6cff7aa585e371f22e124b034807 |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\Extensions\gcklppdiegejnfnpepkaagjmdneobkgi\3.5.3_0\icons\38.png
| MD5 | c293039207c726e8dbef0573c555a7aa |
| SHA1 | 477494d9f5806772d88055f2e5de66ca5a6e002c |
| SHA256 | 64f92d2995941adc86691fa92b8393d31d009cadb9d8ce3f625012d6608239dc |
| SHA512 | 0b09ab12b7e72a45f2aa9bde58528ef7cb43dfdb5b93c519c5eb7e48def7fffb6eb9f192bf6b732e0e6ca0383b0e2b3f7617ea622290b9d31d7d126500eadcfe |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\Extensions\gcklppdiegejnfnpepkaagjmdneobkgi\3.5.3_0\icons\19.png
| MD5 | 0b8f18a16604fda757ec7a3a832a7dd0 |
| SHA1 | 600a3306bb45c07c85120cb112ef29692f9a9b35 |
| SHA256 | 23f928e03099819d19eb933c4e0afbf1e93b12489402a22af2c7b417c11a26f6 |
| SHA512 | dfa4b25a532beed330962626910b9a4c54cef73edd9017367d73ece6dd5e7acb52924b08e2d73c3a378d5d40d2bfc83076a956393ae042b1a0ddbc87dd1a60a9 |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\Extensions\gcklppdiegejnfnpepkaagjmdneobkgi\3.5.3_0\icons\32.png
| MD5 | 8b15174b525809349b2dbf3c94868de8 |
| SHA1 | 0440586b9c9e79c9d747720f77f65dc262b334e4 |
| SHA256 | 90acec76dc5819b26e042c39d5bc676df7e6edbe3d8fb2d316957bfcb306e026 |
| SHA512 | f4dcbdbe0657c25a88b8a67d4159aab919537900ef3be3870244e031fd3ef59987165fb7ae0d566047763c27630e0dfe61d3608b6ded0216f0629f345bda5895 |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\Extensions\gcklppdiegejnfnpepkaagjmdneobkgi\3.5.3_0\assets\index.b3c97f2b.css
| MD5 | 1abfa7da15f6c808d5f538078e78d7b4 |
| SHA1 | d20164b4620ae3f8e040fd02ff4536f41d7e63ef |
| SHA256 | b3c97f2b4cfc637908e35c8c4b4ae80f5b17941cab3f2c3800703c3349afeb5b |
| SHA512 | ff7f1d3d715dca165411c2b8b09f6cf616ee0f31607244dc8c2069eb9df79d65f667e9b7b32112d4937f973f28b96db3217d866b9feee543bf43c28982ff32bb |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\Extensions\gcklppdiegejnfnpepkaagjmdneobkgi\3.5.3_0\assets\ExtensionWindow.f4ea2052.css
| MD5 | 4435a64c8f61c9afb24d74143c300571 |
| SHA1 | 85f6d6f276a8c424757d0b6c4cf21607909d6fc5 |
| SHA256 | f4ea20524a0ded94fd090a55ad8ec5d625a54bec9722c27a38766a5d61d3c9dd |
| SHA512 | 7fec5d8dd9711dfc1ed14d1e0587ce578bc9d563ff12fbc03e57c20f713563c505f4ba2451d5510b1deb7c2cead8386f397443b96ae0f0197d14ea46cb8f70a4 |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\Extensions\gcklppdiegejnfnpepkaagjmdneobkgi\3.5.3_0\assets\style.3f520dd4.css
| MD5 | 3816984d480cb86722053c2a2237b4f8 |
| SHA1 | 53a7b4c0cde388b926f14300d4ec9dbf2c108445 |
| SHA256 | 3f520dd47ec8f642261b56d22fc8a98be494184ad8e702beaf04f1f97a80f4ff |
| SHA512 | c600f6688a891387bfcd4c6526c3b9fa6585816dfd6f346c8a8724467c87db49b3dbf222eb167a6a85c646c1c3e3cdfe7420ce29c404dc53c7c4f3449723e277 |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\Extensions\gcklppdiegejnfnpepkaagjmdneobkgi\3.5.3_0\assets\renderContent.f6e675db.js
| MD5 | a192f4fe97074c38501a480d8b7a3534 |
| SHA1 | 9d9169a8603ce308ed3984ea49a9d44a114f89be |
| SHA256 | acd8c5b9d0ccdb296b5d48e206e2f720d119cb1c107309b4c8b32fd8ef9f3abe |
| SHA512 | 302c87f4e93b59123020df65d56242c2f31347fd75fc1ca26f9b6fd082c716b02bdaab42904ec16c48c3914e996a1d1387ff52bdb9718e5faa613e3973b5556b |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\Extensions\gcklppdiegejnfnpepkaagjmdneobkgi\3.5.3_0\assets\close.0f2bda35.js
| MD5 | 502ebbaa12e936bc95c4d036f28a02e5 |
| SHA1 | e58888c7a26065109ea7fea9844a075ecf3044bc |
| SHA256 | ffde759cb7d17e47ee8535820ee87dc1685bf82e15d67548d0e2290d8df010fd |
| SHA512 | 008c4344e14d78bc30c162ab17dfa69db88308c790fdf5fc40737497ff8f9aa799f4461fe1de058cd13e13a1890dd32433a6f6bd71368049d4c6045ea28d8292 |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\Extensions\gcklppdiegejnfnpepkaagjmdneobkgi\3.5.3_0\assets\ExtensionWindow.cd04b84f.js
| MD5 | 1d5b9214149a9dd0d74ef479d2f751ca |
| SHA1 | 04a511fcddfaa11de5e89e3fdbda588fd4860e9a |
| SHA256 | 8158334cf59a29e36cae8bdca82646a616b45ab987d0e1f599b079f5cbfa8c47 |
| SHA512 | ffa34af3d4d23e1e3935b0e7d82f7a7a0c495cbf157fb347b4d9ac9d32cfc5eb3d0764c7ce32a24aa7fd14fba070f7433de2b344e83ecb05dfbe5b4d26031890 |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\Extensions\gcklppdiegejnfnpepkaagjmdneobkgi\3.5.3_0\assets\src\contentScript\global\index.3de956d6.js
| MD5 | 7c0ac97a9e6fa4e0047467a073baf9a8 |
| SHA1 | 6c074a4cc7eae4e360e7be9df271ec496ec486c2 |
| SHA256 | 2567adf149a8bf70c083c6e10e79fe088de7da9bcb855882fffb8bda54987ac4 |
| SHA512 | 9da4f8a7ee585865905f7dfa15ae9e20a39436fccc2bb4cec63e1ce0d2a2099ab7ce1e3c83da707c4800c0a83c5bacc7b0d189070acd93a649f70c10441922dd |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\Preferences
| MD5 | 5c41c9afbd3a806582a78da39c549f18 |
| SHA1 | 5aabf3c30e5f90912030a696b9529e34978586ee |
| SHA256 | 2514d462805a3b4d454691fabaf0108dda0130a791e38d8baca98ef5a4fe6738 |
| SHA512 | 2788a865077acbb876f361029393689f62b64ebc0ab511d06c3cf341b9310d085232fc452bc2cdb9f95ccf247c2620999c0fb7cf6ec584617fe91132bcc82451 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | dd709f20d8c75906b683df9af63eba54 |
| SHA1 | 33d96c378f5d05579532564e9f8c359e819f33f6 |
| SHA256 | f528d90a84ec55a6151c5083864031dbf5eeb5f885507222d33259d36953fb75 |
| SHA512 | f5b7e4ccd7fb2644bd8afde07a327c4fe20f00034e23b1d5fef0efcb32eca37f3b7d226621d9357517bbaad8be25fa6343a219ec64edf9c5a2f3cda6f1ca020a |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\Network\TransportSecurity
| MD5 | 3cac364d11e3588bcec549723e08400d |
| SHA1 | 3c93589e33e61301b182dac496258c337faafaf8 |
| SHA256 | 7511e854e1c79af884d0e03343f5607005e67ad6b1d72d837027c5df1e8398c2 |
| SHA512 | fc955c7bd5dc174fa81e1906f66cc5a1f851475def9a6a01d3b5615b7c4a8bcff0c139daa1db93a8daae5ab12f905f9785955229d7d412d2bb41205de8c8a9bd |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\Network\TransportSecurity~RFe59be74.TMP
| MD5 | b4b978e23497cbcce2b4b2b8ff987b7a |
| SHA1 | 94214be5b3f688d1d7bde2351f7b51791f2335a9 |
| SHA256 | 678baa2188d6526abc9384a06237f759fbd760c7a556fc60d0cac93b432fcbf9 |
| SHA512 | 9cc621ee905b6c7fc9341e66094a07d3bb3a590bc959b392b13e7778b578ac962dd5a1b7f611353348427900526d20d2c2cc2d0a826ad9c07a9f9ce1ce54cb4b |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\Network\TransportSecurity
| MD5 | ae48c09697aa0d5fc020f762959e498d |
| SHA1 | d48aeb00b816ab87f348f84d4efd062f88350988 |
| SHA256 | 1b71555aae39d75f000206a67b7220824f2ecbc086860456670d75003581cb48 |
| SHA512 | 4861b8a3a789b6d55fd7f256cbd208ac00e5f72dc183acb556b87e4f20f8356565e51b762f820ec279de4ab75c624aa9e1dae7cd09a6a37acdd6e981c854d65b |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Local State
| MD5 | 6ce494fc2412739cb49c84723f389f25 |
| SHA1 | c8aad6006f9b4a522df92b1b727364c34a00e1f9 |
| SHA256 | c4aa47e7de4fa2f5638c19e1de8f91561178bff5645837f3291a175a4d3b68e1 |
| SHA512 | 35325c610155152fd1116b02304a5c7508f9a6f6c16f490eb4d48aff4c2840fe0a8966b502d42b590b8ff5ea86c851894a3683d50d378a7594d1121c4fcc0efc |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Crashpad\settings.dat
| MD5 | c404d408bcc5ff1cba2788609d75808e |
| SHA1 | ebe205dd87d71c0f1df021d76a7b8fcd914e4ee7 |
| SHA256 | 64c47d14a47c17cfe342d0c4981efcac366cee117931b9de0640943c32fd831a |
| SHA512 | 518bfe20970c3a8fb7c0514c7e3d7eb57535232d2fc8e4dcf4713c1cbc961394d550b1c12561eb42dcc22e3d2fc8d84b596c3708a5beae43696d0e7d33af310b |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 8ba1863775809e690a51992d7e2773ab |
| SHA1 | 9a3f9b21fa9b5f3d49a248c807f1334c26560ef2 |
| SHA256 | a2f30e3ffdc6cda1506b7d68d1e172d40467e366fcaf3789718a1e0e186811c9 |
| SHA512 | f4289ff42f6c45c61e13231a3c558c6edcf81192da8fd4b0247f6eb5089ae12feb803d59bd9c6cb8cc3c94c487bba7ec77086f1936e44d31769b4317f5ea3312 |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\Network\Network Persistent State
| MD5 | 4d9529696e46602f36dccbbe33a997c8 |
| SHA1 | 09904fdce2321ca522312a27a730a2eaef6626af |
| SHA256 | 197a399503d50034ab795314f3519c7fa2de62bd1f38d89cedfb2537804aaaef |
| SHA512 | e9226b801e22d9a05986923ad87b6d613c7a6dbf51aa3fe3b35aed48d80c7aca919b8770e993a4da5e32dbfebcd893160b0e0575d7b8cf70627ed64a60a120b6 |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\Network\Network Persistent State~RFe5a0d9e.TMP
| MD5 | 2800881c775077e1c4b6e06bf4676de4 |
| SHA1 | 2873631068c8b3b9495638c865915be822442c8b |
| SHA256 | 226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974 |
| SHA512 | e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\Network\TransportSecurity
| MD5 | 20e926672d1e170200538df1188afc31 |
| SHA1 | cddf3df571126cf60410f1b36c946370d247aced |
| SHA256 | d00b6d9ba28552db62951fcf1328b778583ba2f83cc1154d884d1021df89ee2d |
| SHA512 | d66fa1b0b3a38fdd15e643b8612413be7f32e1dc392427d892965a1940beca887ab75f8335cc50c0d166dd6b53e31690d3447258516a243dcd9d242f0413c550 |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Local State
| MD5 | 198ec60f1702926ee1e9450315fafc95 |
| SHA1 | 66eb8e0369969dde3081596e2760c61436059f8f |
| SHA256 | 3a668128ba0aea3985a57f4a3a061a717f1be7b129956f4ffd7eb2c2bf97ba36 |
| SHA512 | a08a17d7d2e475eefdb17c59eac43629d2ea0328a6e9e13402fb736f572d9aec8420afa3565360b76770c969c298012753bc79873dc6236106e4ce49aefe8636 |
C:\Users\Admin\AppData\Local\OneLaunch\User Data\Default\Preferences
| MD5 | e1fafa1f572a7acbcd5fe9cb53ccac53 |
| SHA1 | 709c433e36be02c93bb61eeb7ac08f4c0931e01b |
| SHA256 | 129501a6edc9b5ede834f4ec0a782ad17e479429b1d1e8c97890ea67a3eda78d |
| SHA512 | f54dc6bed7fe41ec97c361a6e0bb575f77fa66de618dabd9f3873438545f37fecc35712e04de95a09c28dbb71458eb8c7e6d990382f180993cd8ec52045b612c |