Analysis Overview
Threat Level: Shows suspicious behavior
The file https://github.com/topics/robux-generator-free-download was found to be: Shows suspicious behavior.
Malicious Activity Summary
Drops startup file
Executes dropped EXE
Reads user/profile data of web browsers
Checks installed software on the system
Accesses cryptocurrency files/wallets, possible credential harvesting
Enumerates physical storage devices
Suspicious use of SendNotifyMessage
Suspicious behavior: EnumeratesProcesses
Suspicious use of FindShellTrayWindow
Modifies registry class
NTFS ADS
Opens file in notepad (likely ransom note)
Suspicious behavior: GetForegroundWindowSpam
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Enumerates system info in registry
Suspicious use of WriteProcessMemory
Suspicious use of AdjustPrivilegeToken
Modifies data under HKEY_USERS
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-02-22 21:10
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-02-22 21:10
Reported
2024-02-22 21:13
Platform
win11-20240221-en
Max time kernel
179s
Max time network
172s
Command Line
Signatures
Drops startup file
| Description | Indicator | Process | Target |
| File created | C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\qemu-ga.exe | C:\Users\Admin\AppData\Local\Temp\7zO88287F79\Setup.exe | N/A |
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\7zO88287F79\Setup.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\qemu-ga.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\7zO882DF8F9\Setup.exe | N/A |
Reads user/profile data of web browsers
Accesses cryptocurrency files/wallets, possible credential harvesting
Checks installed software on the system
Enumerates physical storage devices
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133531098498253884" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-4280069375-290121026-380765049-1000_Classes\Local Settings | C:\Program Files\7-Zip\7zFM.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4280069375-290121026-380765049-1000_Classes\Local Settings | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\Robux Generator.rar:Zone.Identifier | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| File created | C:\Users\Admin\AppData\Local\Temp\7zO88287F79\Setup.exe:Zone.Identifier | C:\Program Files\7-Zip\7zFM.exe | N/A |
| File created | C:\Users\Admin\AppData\Local\Temp\7zO88289D39\readme.txt:Zone.Identifier | C:\Program Files\7-Zip\7zFM.exe | N/A |
| File created | C:\Users\Admin\AppData\Local\Temp\7zO882DF8F9\Setup.exe:Zone.Identifier | C:\Program Files\7-Zip\7zFM.exe | N/A |
Opens file in notepad (likely ransom note)
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\NOTEPAD.EXE | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\7-Zip\7zFM.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://github.com/topics/robux-generator-free-download
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffce04b9758,0x7ffce04b9768,0x7ffce04b9778
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2132 --field-trial-handle=1816,i,6615511984267678334,6667948594473674391,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2108 --field-trial-handle=1816,i,6615511984267678334,6667948594473674391,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1572 --field-trial-handle=1816,i,6615511984267678334,6667948594473674391,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3024 --field-trial-handle=1816,i,6615511984267678334,6667948594473674391,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3016 --field-trial-handle=1816,i,6615511984267678334,6667948594473674391,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4728 --field-trial-handle=1816,i,6615511984267678334,6667948594473674391,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4852 --field-trial-handle=1816,i,6615511984267678334,6667948594473674391,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=4936 --field-trial-handle=1816,i,6615511984267678334,6667948594473674391,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=4764 --field-trial-handle=1816,i,6615511984267678334,6667948594473674391,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=5088 --field-trial-handle=1816,i,6615511984267678334,6667948594473674391,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=2304 --field-trial-handle=1816,i,6615511984267678334,6667948594473674391,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5372 --field-trial-handle=1816,i,6615511984267678334,6667948594473674391,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=5376 --field-trial-handle=1816,i,6615511984267678334,6667948594473674391,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=5720 --field-trial-handle=1816,i,6615511984267678334,6667948594473674391,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=3832 --field-trial-handle=1816,i,6615511984267678334,6667948594473674391,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=4732 --field-trial-handle=1816,i,6615511984267678334,6667948594473674391,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=4864 --field-trial-handle=1816,i,6615511984267678334,6667948594473674391,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=5064 --field-trial-handle=1816,i,6615511984267678334,6667948594473674391,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=6392 --field-trial-handle=1816,i,6615511984267678334,6667948594473674391,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=6580 --field-trial-handle=1816,i,6615511984267678334,6667948594473674391,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=6736 --field-trial-handle=1816,i,6615511984267678334,6667948594473674391,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=6744 --field-trial-handle=1816,i,6615511984267678334,6667948594473674391,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=6864 --field-trial-handle=1816,i,6615511984267678334,6667948594473674391,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7212 --field-trial-handle=1816,i,6615511984267678334,6667948594473674391,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=7580 --field-trial-handle=1816,i,6615511984267678334,6667948594473674391,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --mojo-platform-channel-handle=7376 --field-trial-handle=1816,i,6615511984267678334,6667948594473674391,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --mojo-platform-channel-handle=7756 --field-trial-handle=1816,i,6615511984267678334,6667948594473674391,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=7744 --field-trial-handle=1816,i,6615511984267678334,6667948594473674391,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --mojo-platform-channel-handle=8092 --field-trial-handle=1816,i,6615511984267678334,6667948594473674391,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --mojo-platform-channel-handle=8248 --field-trial-handle=1816,i,6615511984267678334,6667948594473674391,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --mojo-platform-channel-handle=8460 --field-trial-handle=1816,i,6615511984267678334,6667948594473674391,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --mojo-platform-channel-handle=8600 --field-trial-handle=1816,i,6615511984267678334,6667948594473674391,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --mojo-platform-channel-handle=8800 --field-trial-handle=1816,i,6615511984267678334,6667948594473674391,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --mojo-platform-channel-handle=8568 --field-trial-handle=1816,i,6615511984267678334,6667948594473674391,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --mojo-platform-channel-handle=7724 --field-trial-handle=1816,i,6615511984267678334,6667948594473674391,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --mojo-platform-channel-handle=7204 --field-trial-handle=1816,i,6615511984267678334,6667948594473674391,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --mojo-platform-channel-handle=7752 --field-trial-handle=1816,i,6615511984267678334,6667948594473674391,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --mojo-platform-channel-handle=8036 --field-trial-handle=1816,i,6615511984267678334,6667948594473674391,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --mojo-platform-channel-handle=8100 --field-trial-handle=1816,i,6615511984267678334,6667948594473674391,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --mojo-platform-channel-handle=7908 --field-trial-handle=1816,i,6615511984267678334,6667948594473674391,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --mojo-platform-channel-handle=5032 --field-trial-handle=1816,i,6615511984267678334,6667948594473674391,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --mojo-platform-channel-handle=6824 --field-trial-handle=1816,i,6615511984267678334,6667948594473674391,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --mojo-platform-channel-handle=8336 --field-trial-handle=1816,i,6615511984267678334,6667948594473674391,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --mojo-platform-channel-handle=7832 --field-trial-handle=1816,i,6615511984267678334,6667948594473674391,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --mojo-platform-channel-handle=8060 --field-trial-handle=1816,i,6615511984267678334,6667948594473674391,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --mojo-platform-channel-handle=7968 --field-trial-handle=1816,i,6615511984267678334,6667948594473674391,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --mojo-platform-channel-handle=8604 --field-trial-handle=1816,i,6615511984267678334,6667948594473674391,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7876 --field-trial-handle=1816,i,6615511984267678334,6667948594473674391,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=8852 --field-trial-handle=1816,i,6615511984267678334,6667948594473674391,131072 /prefetch:8
C:\Program Files\7-Zip\7zFM.exe
"C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\Downloads\Robux Generator.rar"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=8920 --field-trial-handle=1816,i,6615511984267678334,6667948594473674391,131072 /prefetch:2
C:\Users\Admin\AppData\Local\Temp\7zO88287F79\Setup.exe
"C:\Users\Admin\AppData\Local\Temp\7zO88287F79\Setup.exe"
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\qemu-ga.exe
"C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\qemu-ga.exe"
C:\Windows\system32\NOTEPAD.EXE
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\AppData\Local\Temp\7zO88289D39\readme.txt
C:\Users\Admin\AppData\Local\Temp\7zO882DF8F9\Setup.exe
"C:\Users\Admin\AppData\Local\Temp\7zO882DF8F9\Setup.exe"
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | github.com | udp |
| DE | 140.82.121.4:443 | github.com | tcp |
| DE | 140.82.121.4:443 | github.com | tcp |
| US | 8.8.8.8:53 | 4.121.82.140.in-addr.arpa | udp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.133:443 | private-user-images.githubusercontent.com | tcp |
| GB | 142.250.200.42:443 | content-autofill.googleapis.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 140.82.114.22:443 | collector.github.com | tcp |
| DE | 140.82.121.6:443 | api.github.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 185.199.108.133:443 | private-user-images.githubusercontent.com | tcp |
| GB | 142.250.200.42:443 | content-autofill.googleapis.com | udp |
| GB | 172.217.16.228:443 | www.google.com | udp |
| GB | 172.217.16.228:443 | www.google.com | tcp |
| NL | 149.154.164.13:443 | telegra.ph | tcp |
| NL | 149.154.164.13:443 | telegra.ph | tcp |
| NL | 149.154.167.99:443 | t.me | tcp |
| RU | 91.215.42.31:80 | gg.gg | tcp |
| RU | 91.215.42.31:80 | gg.gg | tcp |
| US | 104.16.114.74:443 | www.mediafire.com | tcp |
| US | 104.21.42.32:443 | privacy.gatekeeperconsent.com | tcp |
| US | 8.8.8.8:53 | translate.google.com | udp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 8.8.8.8:53 | cdn.amplitude.com | udp |
| US | 8.8.8.8:53 | static.mediafire.com | udp |
| US | 104.22.75.216:443 | btloader.com | tcp |
| US | 172.67.199.186:443 | privacy.gatekeeperconsent.com | tcp |
| US | 172.64.193.22:443 | www.ezojs.com | tcp |
| US | 104.16.57.101:443 | static.cloudflareinsights.com | tcp |
| GB | 172.217.16.238:443 | translate.google.com | tcp |
| DE | 52.222.190.14:443 | cdn.amplitude.com | tcp |
| US | 104.19.215.37:443 | cdn.otnolatrnup.com | tcp |
| US | 172.67.199.186:443 | privacy.gatekeeperconsent.com | udp |
| US | 104.21.42.32:443 | privacy.gatekeeperconsent.com | udp |
| US | 104.26.2.70:443 | ad-delivery.net | tcp |
| US | 104.26.2.70:443 | ad-delivery.net | tcp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| FR | 13.39.145.251:443 | g.ezoic.net | tcp |
| US | 8.8.8.8:53 | 238.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 101.57.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.190.222.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 37.215.19.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 70.2.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.23.211.130.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.187.250.142.in-addr.arpa | udp |
| GB | 96.17.179.205:80 | apps.identrust.com | tcp |
| US | 130.211.23.194:443 | api.btloader.com | udp |
| US | 172.64.193.4:443 | go.ezodn.com | tcp |
| US | 172.64.193.4:443 | go.ezodn.com | tcp |
| US | 172.64.193.4:443 | go.ezodn.com | tcp |
| US | 104.21.42.32:443 | privacy.gatekeeperconsent.com | udp |
| GB | 172.217.169.34:443 | securepubads.g.doubleclick.net | tcp |
| US | 54.214.191.129:443 | api.amplitude.com | tcp |
| GB | 185.64.190.77:443 | hbopenbid.pubmatic.com | tcp |
| US | 34.120.63.153:443 | prebid.media.net | tcp |
| DE | 3.122.39.255:443 | btlr.sharethrough.com | tcp |
| DE | 3.122.39.255:443 | btlr.sharethrough.com | tcp |
| DE | 3.122.39.255:443 | btlr.sharethrough.com | tcp |
| DE | 3.122.39.255:443 | btlr.sharethrough.com | tcp |
| DE | 3.122.39.255:443 | btlr.sharethrough.com | tcp |
| DE | 3.67.82.186:443 | tlx.3lift.com | tcp |
| BE | 64.233.184.157:443 | stats.g.doubleclick.net | tcp |
| US | 172.64.193.4:443 | go.ezodn.com | udp |
| GB | 172.217.169.34:443 | securepubads.g.doubleclick.net | udp |
| BE | 64.233.184.157:443 | stats.g.doubleclick.net | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | tcp |
| GB | 216.58.204.67:443 | www.google.co.uk | tcp |
| GB | 216.58.204.67:443 | www.google.co.uk | tcp |
| IE | 52.212.53.200:443 | ad.crwdcntrl.net | tcp |
| DE | 52.85.92.52:443 | tags.crwdcntrl.net | tcp |
| IE | 52.211.215.251:443 | ad.crwdcntrl.net | tcp |
| US | 8.8.8.8:53 | 129.191.214.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 157.184.233.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 227.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.32.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.53.212.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 52.92.85.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 251.215.211.52.in-addr.arpa | udp |
| GB | 172.217.16.238:443 | fundingchoicesmessages.google.com | udp |
| FR | 13.39.145.251:443 | g.ezoic.net | tcp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | tcp |
| US | 34.102.146.192:443 | oa.openxcdn.net | tcp |
| US | 34.96.70.87:443 | invstatic101.creativecdn.com | tcp |
| US | 104.18.35.167:443 | cdn-ima.33across.com | tcp |
| DE | 54.192.210.17:443 | cdn.prod.uidapi.com | tcp |
| US | 104.22.53.86:443 | cdn.id5-sync.com | tcp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| GB | 216.58.204.65:443 | faa8bd54484ec81651e22f6f8e535869.safeframe.googlesyndication.com | tcp |
| GB | 23.37.0.27:443 | contextual.media.net | tcp |
| GB | 96.16.109.9:443 | ads.pubmatic.com | tcp |
| US | 76.223.111.18:443 | eb2.3lift.com | tcp |
| US | 34.120.135.53:443 | oajs.openx.net | tcp |
| DE | 162.19.138.118:443 | id5-sync.com | tcp |
| GB | 216.58.212.193:443 | tpc.googlesyndication.com | tcp |
| GB | 142.250.180.1:443 | cdn.ampproject.org | tcp |
| GB | 142.250.180.1:443 | cdn.ampproject.org | tcp |
| GB | 142.250.180.1:443 | cdn.ampproject.org | tcp |
| GB | 142.250.180.1:443 | cdn.ampproject.org | tcp |
| GB | 142.250.180.1:443 | cdn.ampproject.org | tcp |
| GB | 216.58.212.193:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 53.135.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 118.138.19.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 193.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 27.0.37.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.109.16.96.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 229.1.101.151.in-addr.arpa | udp |
| US | 34.120.135.53:443 | oajs.openx.net | udp |
| GB | 172.217.16.226:443 | googleads.g.doubleclick.net | tcp |
| US | 34.98.64.218:443 | google-bidout-d.openx.net | tcp |
| NL | 198.47.127.19:443 | image6.pubmatic.com | tcp |
| GB | 172.217.16.226:443 | googleads.g.doubleclick.net | udp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| IE | 52.94.223.167:443 | aax-eu.amazon-adsystem.com | tcp |
| DE | 91.228.74.166:443 | cms.quantserve.com | tcp |
| GB | 216.58.212.194:443 | cm.g.doubleclick.net | tcp |
| GB | 216.58.212.194:443 | cm.g.doubleclick.net | tcp |
| GB | 216.58.212.194:443 | cm.g.doubleclick.net | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 34.111.129.221:443 | cr.frontend.weborama.fr | tcp |
| IE | 52.211.95.176:443 | a.audrte.com | tcp |
| US | 52.223.40.198:443 | match.adsrvr.org | tcp |
| IE | 63.35.153.207:443 | pr-bh.ybp.yahoo.com | tcp |
| NL | 35.204.74.118:443 | um.simpli.fi | tcp |
| DK | 37.157.6.243:443 | c1.adform.net | tcp |
| DE | 3.71.149.231:443 | ups.analytics.yahoo.com | tcp |
| US | 34.111.129.221:443 | cr.frontend.weborama.fr | udp |
| US | 8.8.8.8:53 | 198.40.223.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 176.95.211.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 118.74.204.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 207.153.35.63.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 243.6.157.37.in-addr.arpa | udp |
| NL | 198.47.127.205:443 | simage2.pubmatic.com | tcp |
| NL | 198.47.127.205:443 | simage2.pubmatic.com | tcp |
| NL | 198.47.127.205:443 | simage2.pubmatic.com | tcp |
| GB | 216.58.212.194:443 | cm.g.doubleclick.net | udp |
| NL | 198.47.127.205:443 | simage2.pubmatic.com | tcp |
| NL | 198.47.127.205:443 | simage2.pubmatic.com | tcp |
| US | 34.111.131.239:443 | idsync.frontend.weborama.fr | tcp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| US | 104.19.214.37:443 | otnolatrnup.com | udp |
| US | 199.91.155.91:443 | download2350.mediafire.com | tcp |
| US | 199.91.155.91:443 | download2350.mediafire.com | tcp |
| NL | 198.47.127.20:443 | image4.pubmatic.com | tcp |
| US | 104.19.214.37:80 | otnolatrnup.com | tcp |
| US | 104.19.214.37:80 | otnolatrnup.com | tcp |
| DE | 54.230.206.4:443 | woreppercomming.com | tcp |
| DE | 37.252.171.85:443 | ib.adnxs.com | tcp |
| US | 54.196.44.21:443 | sync.srv.stackadapt.com | tcp |
| US | 104.21.96.72:443 | www.ovardu.com | tcp |
| DE | 37.252.171.85:443 | ib.adnxs.com | tcp |
| IE | 34.252.165.171:443 | match.prod.bidr.io | tcp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| NL | 193.0.160.130:443 | p.rfihub.com | tcp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| US | 54.196.44.21:443 | sync.srv.stackadapt.com | tcp |
| US | 151.101.2.49:443 | sync-tm.everesttech.net | tcp |
| DK | 77.243.51.121:443 | uipglob.semasio.net | tcp |
| US | 104.22.50.98:443 | mwzeom.zeotap.com | tcp |
| DE | 35.157.206.191:443 | www.opera.com | tcp |
| US | 151.101.2.49:443 | sync-tm.everesttech.net | tcp |
| US | 104.22.50.98:443 | mwzeom.zeotap.com | tcp |
| DK | 77.243.51.121:443 | uipglob.semasio.net | tcp |
| DE | 35.157.206.191:443 | www.opera.com | tcp |
| FR | 141.94.171.212:443 | pixel.onaudience.com | tcp |
| NL | 208.93.169.131:443 | bh.contextweb.com | tcp |
| US | 8.8.8.8:53 | 98.50.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 121.51.243.77.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 191.206.157.35.in-addr.arpa | udp |
| FR | 141.94.171.212:443 | pixel.onaudience.com | tcp |
| DE | 85.114.159.93:443 | dsp.adfarm1.adition.com | tcp |
| DE | 85.114.159.93:443 | dsp.adfarm1.adition.com | tcp |
| GB | 216.58.213.14:443 | www.googleoptimize.com | tcp |
| GB | 104.84.85.174:443 | cdn-production-opera-website.operacdn.com | tcp |
| GB | 104.84.85.174:443 | cdn-production-opera-website.operacdn.com | tcp |
| GB | 104.84.85.174:443 | cdn-production-opera-website.operacdn.com | tcp |
| GB | 104.84.85.174:443 | cdn-production-opera-website.operacdn.com | tcp |
| GB | 104.84.85.174:443 | cdn-production-opera-website.operacdn.com | tcp |
| NL | 185.184.8.90:443 | ams.creativecdn.com | tcp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | tcp |
| NL | 63.215.202.140:443 | pubmatic-match.dotomi.com | tcp |
| GB | 104.84.85.174:443 | cdn-production-opera-website.operacdn.com | tcp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | udp |
| DE | 18.195.132.36:443 | sonata-notifications.taptapnetworks.com | tcp |
| US | 8.8.8.8:53 | 140.202.215.63.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 174.85.84.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 212.171.94.141.in-addr.arpa | udp |
| DE | 18.195.132.36:443 | sonata-notifications.taptapnetworks.com | tcp |
| DE | 3.124.210.90:443 | ps.eyeota.net | tcp |
| NL | 81.17.55.173:443 | rtb-csync.smartadserver.com | tcp |
| NL | 46.228.164.13:443 | d.turn.com | tcp |
| GB | 104.84.85.174:443 | cdn-production-opera-website.operacdn.com | tcp |
| US | 151.101.1.140:443 | alb.reddit.com | tcp |
| DE | 52.85.92.13:443 | static.hotjar.com | tcp |
| US | 151.101.1.140:443 | alb.reddit.com | tcp |
| GB | 88.221.135.104:443 | snap.licdn.com | tcp |
| GB | 163.70.147.23:443 | connect.facebook.net | tcp |
| GB | 216.58.204.67:443 | www.google.co.uk | udp |
| GB | 89.187.167.9:443 | tags.creativecdn.com | tcp |
| NL | 185.184.8.90:443 | ams.creativecdn.com | tcp |
| NL | 185.184.8.90:443 | ams.creativecdn.com | tcp |
| US | 151.101.1.140:443 | alb.reddit.com | tcp |
| US | 13.107.42.14:443 | www.linkedin.com | tcp |
| GB | 163.70.147.23:443 | connect.facebook.net | udp |
| DE | 18.155.153.11:443 | script.hotjar.com | tcp |
| GB | 157.240.221.35:443 | www.facebook.com | tcp |
| DE | 35.157.206.191:443 | www.opera.com | tcp |
| US | 204.79.197.200:443 | c.bing.com | tcp |
| US | 13.107.246.64:443 | www.clarity.ms | tcp |
| IE | 68.219.88.97:443 | c.clarity.ms | tcp |
| US | 20.119.174.243:443 | r.clarity.ms | tcp |
| IE | 68.219.88.97:443 | c.clarity.ms | tcp |
| US | 8.8.8.8:53 | csync.loopme.me | udp |
| US | 8.8.8.8:53 | core.iprom.net | udp |
| SE | 213.155.156.168:443 | d5p.de17a.com | tcp |
| NL | 35.214.136.108:443 | csync.loopme.me | tcp |
| NL | 82.145.213.8:443 | t.adx.opera.com | tcp |
| SI | 195.5.165.20:443 | core.iprom.net | tcp |
| FR | 141.94.242.204:443 | green.erne.co | tcp |
| NL | 72.251.241.196:443 | cm.adgrx.com | tcp |
| US | 35.186.193.173:443 | ipac.ctnsnet.com | tcp |
| US | 8.8.8.8:53 | 204.242.94.141.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 20.165.5.195.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.241.251.72.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ad.turn.com | udp |
| US | 8.8.8.8:53 | match.adsby.bidtheatre.com | udp |
| SG | 35.186.154.107:443 | cm-supply-web.gammaplatform.com | tcp |
| NL | 64.227.64.62:443 | match.adsby.bidtheatre.com | tcp |
| NL | 46.228.164.11:443 | ad.turn.com | tcp |
| SG | 35.186.154.107:443 | cm-supply-web.gammaplatform.com | tcp |
| FR | 141.94.171.215:443 | pixel-eu.onaudience.com | tcp |
| DE | 3.124.210.90:443 | ps.eyeota.net | tcp |
| US | 20.119.174.243:443 | r.clarity.ms | tcp |
| DE | 162.55.120.196:443 | matching.truffle.bid | tcp |
| US | 104.18.24.173:443 | a.tribalfusion.com | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| US | 34.102.163.6:443 | ad.mrtnsvr.com | tcp |
| US | 34.102.163.6:443 | ad.mrtnsvr.com | tcp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| NL | 172.217.168.227:443 | beacons.gcp.gvt2.com | tcp |
| GB | 172.217.169.3:443 | beacons3.gvt2.com | tcp |
| GB | 172.217.169.3:443 | beacons3.gvt2.com | udp |
| NL | 172.217.168.227:443 | beacons.gcp.gvt2.com | udp |
| US | 35.211.148.231:443 | e2c49.gcp.gvt2.com | tcp |
| GB | 172.217.169.67:443 | beacons.gvt2.com | tcp |
| NL | 45.15.156.127:23000 | tcp | |
| NL | 45.15.156.127:23000 | tcp |
Files
\??\pipe\crashpad_1860_WJMKDTVYVFKECWQG
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\629e8e5c-6221-4738-9fa2-4476ec791f2e.tmp
| MD5 | 5e45178a5e7b308648554861f635e182 |
| SHA1 | 172ec66831554dc07ba7eb951258c1739bf44aea |
| SHA256 | d5caee9baff6da684e70811e31e672807f817dd137c542dd605ee09d0ec1635d |
| SHA512 | 904223df071d9a7a4820fab5cd30af9123fc10edbe93ffa28439aefbc40990a01778e1a95c7bc3ce906abcc57e4db38d1c6cd5d4ca7d8104ab3ca48b1904b9de |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | aa1df6b6832abd079c33b405ff7cda1a |
| SHA1 | fb79ab6f7ffa5b12acf27211b67c04679a93710c |
| SHA256 | 38ff6699504ee122ca09a49f752f1ff5617842c5afb1f0d9ef2271394aa949d8 |
| SHA512 | 8e0ce32452a6aa22cb2f0cc3aa853f52b1dca164847fbbf8980141bff462688dd721b43446211cc4da24dc3591d912490c1308db3fbb61646bfff56a10fbae55 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 8e7d666a08fb0c5cec7d5f7f1f305d5a |
| SHA1 | 1d4576496ca1604c13ce3d563b8a1c195cb3ce31 |
| SHA256 | a6a89238887e1851d44db51d9f2f78bb3993506d0ccb7b63c935c0f4f35e0268 |
| SHA512 | c6a2367fba3388adcb1b959b7cf8e11ad4068443ffd00bb642d17c2c5d0cc2017f3d1e8859318a7368c9501e4fd8f0175cbffd271e80ca0334b93269e96f7322 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 3aedd8a2d68ba28248a8d41e6d448d31 |
| SHA1 | 7534c0a9a9e1eaac0aeefbff08edcee539b0640a |
| SHA256 | 82c5950cb8028c75ef5b05dc04e2a4b9303c473f7b1d4c4ade76c43becd4de08 |
| SHA512 | 60e5dcc2999c8ac48a6f14493dcbf663b9514bedd3ea9a2d2c628c2e7ac655eda26c97e9d9213b0c9002e13ab5dfa4eb1efe8921e3e4543a663584148cd3edbb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d35a821aadec8f469a145772a5b39bf3 |
| SHA1 | 8b66920092a973fdaf834c78c8ebbfcdbc12173b |
| SHA256 | 3c017ef206c758a5c2fe89c67205a9e318b4d459d5adaea0f204472a7597a064 |
| SHA512 | b90a0a4f4d644d485e3a73007e7ea71c019e8f5c83b98682c18957038fbb1827af54cdc89cd112f08db360c05886e8ac537e2bad44fca672e2196a158d4b3117 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 1240999143531e2c33afed6dcaf68fc8 |
| SHA1 | 63be231c474010a2da8ef7cb7e5741dd520bf5c8 |
| SHA256 | 9e72beaf48b22e981a49440c0b7566edc8c819f038e140015a2c32b63dfa6480 |
| SHA512 | c08545ad2b546eb940a60cc21ef0a580125e61710615f27b61d406e478585eff40bd06f35879f491a6d7dca31c0d077e35ee656e2f692f9636c3780e1f6dc17e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7f5799e8c2885401a37ca8c3b38f5abb |
| SHA1 | c3e63951eb9f4339e7eb2c7b2a2956da15f9a062 |
| SHA256 | ac88b8bace0509789f4f558d7954d774eb89ac143aba39f546fbb7310c4071c1 |
| SHA512 | 4c89b40543caabcbceed2daa382cbc284edc2589e41c350dd69bdb06befe2be3a73ccdba9ac65dcb37e8870ba780458ba9691bbf07f0c1d11a71dd91a76f1088 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | f228ad14b22e4a6f1509a77fdc1fea68 |
| SHA1 | 6eeee94ee6e12d768489f0aeb01d2d5bd7bac7c0 |
| SHA256 | 3bacf521d042e86be35a0cce80a951c4c87cc2ac5a4fe7977fc5843a59e494a3 |
| SHA512 | 24f6f99f363feaf731adaf895e699f785c5c1cdd78a5cabffaa7a86a7cf67d9381245735ac38cb3d0767062685b5387fd6a18da1fb56ab55ba2c888c5654c622 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | af6ae0af9ec1ec8f5c78a6a4aef9d24f |
| SHA1 | f050ea84299f47f9a229eb8670ea11a8f25e913c |
| SHA256 | f4a454dba016f091e5253d763f5cf23a7d765f17557cd001c189377fa73b060c |
| SHA512 | 1b5c29f06a843b9372e1c2cf0c4f5566f5acf91d9da79962dd1c9f16e9fe6dbd7bb835e7d4fd098c7a7b102aa0d544634e30d9fde2fc4c8110b256f913deac2b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 010f20bd01521e2c2b5c4dbf5d31f95b |
| SHA1 | 47614bc93a8d511ba98f85cbea9d604d36bcdaee |
| SHA256 | 9016f12f477c9bc9cd9476d984519417584173c68e0820cfeb7767bf054b6669 |
| SHA512 | b876c1ebeee07979c5cef248023bea86f2743ee1e287c4ed641babe73f6a7b5dc473d9a6e7b61f726687d0059b64ba35a96bf1086afe206bc663b575fb1e542a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 52ace5d302d9fb84d823654a49ffe87b |
| SHA1 | af6225d78b02a707a6cc559c3767ff1fd0ba8715 |
| SHA256 | 44374102baa94f9ded61a7154502e71628b7f3185313c7bac715a3755f3bacd9 |
| SHA512 | 42a4d8ca1d6e0cc3e5df73c495025643aab0f8b913d6a3d4bf74e184d7f2702bd8466cebbcc33b55b28ed8a9e9b27aea139808d9b7f4932e1bac4a505d9a47e7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 112743625a78f1078975405fc86ce2d2 |
| SHA1 | 49ca875f18a89bd6b6a56c6077434a02a0707e94 |
| SHA256 | 9855726dc6f76a88039ab16fb87cafbdd302463badd4dacb1803a4f99a6d2827 |
| SHA512 | f5ae63860dbeb9216ff2cffde3a9995805cba17b9fcade356244fbfa430699acd7907e75b1c1ddf5f4937e921333732b221613e6c3c8ebaffcbd5794bbfc56b7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | c76063b208858ef6c789c4337bf34236 |
| SHA1 | f1992ba35240a63850615b4c37c66029bf3e16bf |
| SHA256 | b8304c6a17a26e759dc6b1bb7323271c39b80e19cdab08d58906d3e2950f1d9d |
| SHA512 | fc19b7040ad1c0d8744c0864fa013438369c78269da1e41ec2a7963366f7fde57b3691c826926a6d3b285b5d4a8b3e548b99bbddd88a2d60171748b2b6d4026d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe584978.TMP
| MD5 | 964b5e1c7b88d22151d9358504efad57 |
| SHA1 | e9f8e95bf24552f5d655115d2ee7b28581895b3f |
| SHA256 | ce313c7c8ad8064cad3a500f60f5ef487968e421513798f6a4f8b421fb5ee0e2 |
| SHA512 | de600d0c334895d6ee89280e0211fdcc11e73d2e8b418f44c471252aab179d35a3750408ce5cf495e1aef2ab723924ce690533c32d22354f61f52de4c995ae8c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\8bb8892e-71bf-480b-9e24-a3a5679937a5.tmp
| MD5 | a2057488367697cc9b7a724b69ab3c82 |
| SHA1 | 4c4a4fc2938fcadd6d7552f6b41e96b2d89dbdf2 |
| SHA256 | a0e204eec9445cb8142763631234d0d9e07ddcf411de22c7be686161ef008ade |
| SHA512 | 88e538a65e1e5e54e8c779fbf2d2ace13ccdc2bc673fec16f68c4734eba9ba8132def56030798a64e44dbde197d6e34ab0ef708df70d3bba35437d68968bb159 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 1a60d36f23fc0892ce99a8091959af96 |
| SHA1 | c86e73a09c4723e111840fb987d3ca836cb9e2cf |
| SHA256 | 56d79179c669d2012708ed7dcf0665e3e414b2513a8f77a2dc963210d1c8cbfd |
| SHA512 | e0dd4e406234c9155703914472730b50381f2e011947e3a3562042154cbf5b62c1297c4f269daf9ffa205191d5a43a0c2282ea93e3b59339cc9b49a0eb88afab |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | e8fd091851bff63bc1f03b6a65bf56c5 |
| SHA1 | 7d35c00be675c5639ece62facf8cca88fe201a59 |
| SHA256 | 85351797d9e31934602f0c2b3c3b81304eb02f4c84f2c4d861ac502ebe7dab1c |
| SHA512 | cc56df53e08c14e3aee857569d5908c7686333824cae4501b80e50042819287a0728fb650ac2dc7e20416a0150e7c9efd2a8143f56234dede684d002cfe344a3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | a9f26f0837fa59a7c4b4106a2a2e46c2 |
| SHA1 | cf2af44622d7378ce52d04f86320a74ed014b60f |
| SHA256 | df5fdcc3b89fb0edc13a8004d72bf687edf18bd6c3dbed7641fd77df0c545c1a |
| SHA512 | e39317fb49c2136333012340c32493ba8d56119d3a762e37ec048bf1c8729b35183f6e8c0e7b7851afe40e2dbfc6e73f8db33e2d52ef0dd4071fd1b6d376dbc2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
| MD5 | 8703b10fa75f2e890b0eb118777137b8 |
| SHA1 | dce6f25aa0c8d870577836e937fc7ac7c47f1ed5 |
| SHA256 | b7a48d1912723b69941a7f497925278b00b8d291167bd7ca3e9b4690258fb0f7 |
| SHA512 | 2f3c56d6d2fb6e28edc78ffb3362a26ce185e099a67c75da23fdb94361f3c713460635ce91172410b856446f5ddeac98bb9985aec17d6e9dc742513f1137d170 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 4b2a3c9c92975541856fa549efd64b66 |
| SHA1 | c6407b4dec50d6b94aa3b1a64e18155d1025845e |
| SHA256 | 3edec94f78a7a8363a106b32c2cadeae574ba0ed7802852911110811190b0bdb |
| SHA512 | 63d9114e12cf60e11bbd9067522e5be036f4c394054100f96b71cdaff91439ef33ac3ff9939f9419d4a14eef308136d542a81902cc3e620618e1a2356cfd70ca |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 5fa68507ee55f69cdb51be3cc8772098 |
| SHA1 | 1bdb62c2ec7eecc75e71a342b31c93e7e3cf194f |
| SHA256 | 59096ca669c64793cb2a432fbbc6548aa54997d7806defce790d33f1458df6e0 |
| SHA512 | 57e585f922ac4c7ba0b342e8b8313c9aee4610971fbce0ef62bc5c43f8b4cb7f8c80d7e606110114674f06b17ca999a896e3d9288ba2a50a57212674a13da5e2 |
C:\Users\Admin\Downloads\Robux Generator.rar:Zone.Identifier
| MD5 | fbccf14d504b7b2dbcb5a5bda75bd93b |
| SHA1 | d59fc84cdd5217c6cf74785703655f78da6b582b |
| SHA256 | eacd09517ce90d34ba562171d15ac40d302f0e691b439f91be1b6406e25f5913 |
| SHA512 | aa1d2b1ea3c9de3ccadb319d4e3e3276a2f27dd1a5244fe72de2b6f94083dddc762480482c5c2e53f803cd9e3973ddefc68966f974e124307b5043e654443b98 |
C:\Users\Admin\Downloads\Robux Generator.rar
| MD5 | 4614968a90860920e19f09a1367ae759 |
| SHA1 | e04d6b38723c35d8fd535d961300f7faa4d13e43 |
| SHA256 | 6a57fd49af9f048c7a54cfd1397bd5922b030817c04af46bda7b282aed6caeb5 |
| SHA512 | 8a1a432447dec740e14ee8c2430355ddcceec3ab6e0bfe769fece9b413010d3f741f53893eb2085b42379ecec9f8865ec6df9afb233d04fdbd446456fe0d4acf |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 89c8f8be09b02fc2021adf858b04d8bc |
| SHA1 | 3f0dd41c0c0d3975117373ce4e75531e69e37e18 |
| SHA256 | 77eb936295555b0d9917672823f753119b9b87b8bf9908c967fdb82bd5eafbc5 |
| SHA512 | 8eba16cd6c583856c607bb54e7f45b4ef796c6c3db3c18ffedb359ba16057d3ef218a810cee54a77d2d488005e28b01f9b44e236d5dae94bed4495bb96f043a2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 0f3fa064bac653c86e68ee8a550fee00 |
| SHA1 | c3be65cce08a73260f9284ae97232a4122dcac3e |
| SHA256 | 7154968067d2fd7ed0b95da9d668fd10837c8ec7c20576a9d25f72417ab8bcf0 |
| SHA512 | c7d77a9480bcee274ccd59cf50cfd08fe1715dbddd0293652e0deb6636f556ddafc291dc09a6d387679ad371f5ec3282fb023996f8e7739482d376c1762a9de3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | 797a44eca7a8231a3905e7052abced81 |
| SHA1 | fcc8cf9304fbd869142c09536ad2f8216424a19a |
| SHA256 | 1ec23b55a98e559782d057662da6478e698f2fe3237bc6ec5220ee6b0c942817 |
| SHA512 | a522402dcc6fa541c7c7782336499534bd7fe51eb71800f3d769a7a512c45e512f46352077203a642bd71a8a0e4414d04355b216fe1eeb09f4da2db2b3c9fed9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | ec99acf3e98d954dbcd5ac3a39f2ffb8 |
| SHA1 | 7cfe59826c2d92a7e5f4fc9b6a5dfdc759d40dc6 |
| SHA256 | e7086c0d4dfefabff6d000feacd75143f3a88a240bee874f8eb4be974530e055 |
| SHA512 | 65f6e29b22f64ca76f3e5c56201013d21f0049f3c1f33c4dadc32b0a5b80b2653e8a70a331a5f04c440d6a6cb6eef845e521358594c0f89d01d3122ebaf1c4ef |
C:\Users\Admin\AppData\Local\Temp\7zO88287F79\Setup.exe:Zone.Identifier
| MD5 | 84a6c591519a710be7fa640bc1241300 |
| SHA1 | 01e319e2dac7ac1098360f0713e8dd33d6882fd7 |
| SHA256 | b180f4fb87329a10bbd875f1bc6d7678cfc64f90fe79bcaa33be29fbb497d394 |
| SHA512 | 486210b723740359479c56f87432cdc7f97fcbd00825ed54b66908c5db5a9aee22fadd4fd188beb88401b6580aa847a0410acd2bdf57f14d1fc1d04fa4d9277d |
C:\Users\Admin\AppData\Local\Temp\7zO88287F79\Setup.exe
| MD5 | f0b2a4746586e5ad4d4a1325c6cd0914 |
| SHA1 | 0f88773aa73ceab16e43612af00b30f51fdcae23 |
| SHA256 | 13a5d2dac747be8385c04ab9f60bebc16a5ad457d10d1426b9173e4ee20d41c9 |
| SHA512 | 96effd8298bea5ab715fe0e10fdc6c59bf6cd5c59e9398c1c29f53ab9cb96957b7e0caec49a86d6c7e2623fbc0199a1d661920a9d299c19717d612b4224120ac |
memory/5208-798-0x00000000010C0000-0x0000000001152000-memory.dmp
memory/5208-802-0x0000000073D40000-0x00000000744F1000-memory.dmp
memory/5208-803-0x0000000005740000-0x0000000005750000-memory.dmp
memory/5208-804-0x0000000005D70000-0x0000000006388000-memory.dmp
memory/5208-805-0x0000000005640000-0x0000000005652000-memory.dmp
memory/5208-806-0x0000000005860000-0x000000000596A000-memory.dmp
memory/5208-807-0x00000000056A0000-0x00000000056DC000-memory.dmp
memory/5208-808-0x0000000005750000-0x000000000579C000-memory.dmp
memory/5208-809-0x00000000059E0000-0x0000000005A46000-memory.dmp
memory/5208-810-0x0000000006B40000-0x00000000070E6000-memory.dmp
memory/5208-811-0x0000000006630000-0x00000000066C2000-memory.dmp
memory/5208-812-0x0000000006750000-0x00000000067C6000-memory.dmp
memory/5208-813-0x00000000067F0000-0x000000000680E000-memory.dmp
memory/5208-814-0x00000000075C0000-0x0000000007610000-memory.dmp
memory/5208-816-0x00000000079E0000-0x0000000007BA2000-memory.dmp
memory/5208-817-0x00000000088F0000-0x0000000008E1C000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Cookies
| MD5 | e7a3465e278dfaddb44c5f0e318794b6 |
| SHA1 | 7ca75229a7a9af26521cc06461fb8077e60f3563 |
| SHA256 | ed56a8ee68035c57bdde5733f09f7795782483b100127fe41e83f6bc3ba98a57 |
| SHA512 | 7efedd174c83600648600f94a4c1115ad18692167776b6ace81c9d1df7669ac20420b9d2b864abdda69be86c4a15aeeb11dfde0064d8d273a53dfbb060537374 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\qemu-ga.exe
| MD5 | a5ce3aba68bdb438e98b1d0c70a3d95c |
| SHA1 | 013f5aa9057bf0b3c0c24824de9d075434501354 |
| SHA256 | 9b860be98a046ea97a7f67b006e0b1bc9ab7731dd2a0f3a9fd3d710f6c43278a |
| SHA512 | 7446f1256873b51a59b9d2d3498cef5a41dbce55864c2a5fb8cb7d25f7d6e6d8ea249d551a45b75d99b1ad0d6fb4b5e4544e5ca77bcd627717d6598b5f566a79 |
memory/2620-832-0x0000000000550000-0x0000000000558000-memory.dmp
memory/5208-833-0x0000000073D40000-0x00000000744F1000-memory.dmp
memory/2620-834-0x00007FFCCECF0000-0x00007FFCCF7B2000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\7zO88289D39\readme.txt
| MD5 | 25b9fe2ddcaa9929214b4fcb0e19a69d |
| SHA1 | 1ca44bdd0b7975915f1b70cfe1dcbcbb76ce6b6c |
| SHA256 | c255b68834c04ebd3357dd9832deab12d4f11782e2be4b2a4ec6d40eb2223cba |
| SHA512 | eb14e621e95493e0e97e920fb727592df8526bf9ed5bf650c55dd757816f23572999561e8aadcaecc6faf5fdcdb09ddbf055d17931160daf37d55d2d86bd9c61 |
memory/2620-842-0x00007FFCCECF0000-0x00007FFCCF7B2000-memory.dmp
memory/5748-861-0x0000000002EB0000-0x0000000002F42000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\AppLaunch.exe.log
| MD5 | e60127b3e8b4ce88960ef1c651a9dd6b |
| SHA1 | 13e0ea7b290fe2e3279680363ad0c9c7bc57441f |
| SHA256 | 4d915b692e3122f38834b65684122e99d2f2eb909d5a856806a45466e83ecc54 |
| SHA512 | b7b05d55f71183c34529a69f3689dbdbe7996dee216bb6be8a9e74010580c95c3f2eba763eeb1e7999a83e22e78019d55588f2c511d986b24903415742a81160 |
memory/5748-866-0x0000000073D40000-0x00000000744F1000-memory.dmp
memory/5748-867-0x0000000005AE0000-0x0000000005AF0000-memory.dmp
memory/5748-869-0x0000000073D40000-0x00000000744F1000-memory.dmp