Analysis Overview
Threat Level: Shows suspicious behavior
The file https://github.com/topics/robux-generator-free-download was found to be: Shows suspicious behavior.
Malicious Activity Summary
Reads user/profile data of web browsers
Drops startup file
Executes dropped EXE
Accesses cryptocurrency files/wallets, possible credential harvesting
Checks installed software on the system
Enumerates physical storage devices
Modifies registry class
Suspicious use of SetWindowsHookEx
Suspicious use of SendNotifyMessage
Suspicious behavior: EnumeratesProcesses
Suspicious use of FindShellTrayWindow
NTFS ADS
Modifies data under HKEY_USERS
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of WriteProcessMemory
Enumerates system info in registry
Suspicious behavior: GetForegroundWindowSpam
Suspicious use of AdjustPrivilegeToken
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-02-22 21:20
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-02-22 21:20
Reported
2024-02-22 21:22
Platform
win11-20240221-en
Max time kernel
122s
Max time network
125s
Command Line
Signatures
Drops startup file
| Description | Indicator | Process | Target |
| File created | C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\qemu-ga.exe | C:\Users\Admin\AppData\Local\Temp\7zOC4C73C28\Setup.exe | N/A |
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\7zOC4C73C28\Setup.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\qemu-ga.exe | N/A |
Reads user/profile data of web browsers
Accesses cryptocurrency files/wallets, possible credential harvesting
Checks installed software on the system
Enumerates physical storage devices
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133531104269899080" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-4181651180-3163410697-3990547336-1000_Classes\Local Settings | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4181651180-3163410697-3990547336-1000_Classes\Local Settings\MuiCache | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\Robux Generator.rar:Zone.Identifier | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| File created | C:\Users\Admin\AppData\Local\Temp\7zOC4C73C28\Setup.exe:Zone.Identifier | C:\Program Files\7-Zip\7zFM.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\7-Zip\7zFM.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffa51f99758,0x7ffa51f99768,0x7ffa51f99778
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://github.com/topics/robux-generator-free-download
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=312 --field-trial-handle=1796,i,8001100298039803033,15986874431127503830,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2108 --field-trial-handle=1796,i,8001100298039803033,15986874431127503830,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2100 --field-trial-handle=1796,i,8001100298039803033,15986874431127503830,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3020 --field-trial-handle=1796,i,8001100298039803033,15986874431127503830,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3044 --field-trial-handle=1796,i,8001100298039803033,15986874431127503830,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4972 --field-trial-handle=1796,i,8001100298039803033,15986874431127503830,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5048 --field-trial-handle=1796,i,8001100298039803033,15986874431127503830,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=4672 --field-trial-handle=1796,i,8001100298039803033,15986874431127503830,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=4556 --field-trial-handle=1796,i,8001100298039803033,15986874431127503830,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=5232 --field-trial-handle=1796,i,8001100298039803033,15986874431127503830,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=4716 --field-trial-handle=1796,i,8001100298039803033,15986874431127503830,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4696 --field-trial-handle=1796,i,8001100298039803033,15986874431127503830,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=5860 --field-trial-handle=1796,i,8001100298039803033,15986874431127503830,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=6012 --field-trial-handle=1796,i,8001100298039803033,15986874431127503830,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=6020 --field-trial-handle=1796,i,8001100298039803033,15986874431127503830,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=5272 --field-trial-handle=1796,i,8001100298039803033,15986874431127503830,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=6416 --field-trial-handle=1796,i,8001100298039803033,15986874431127503830,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=6484 --field-trial-handle=1796,i,8001100298039803033,15986874431127503830,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=4656 --field-trial-handle=1796,i,8001100298039803033,15986874431127503830,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=7264 --field-trial-handle=1796,i,8001100298039803033,15986874431127503830,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=6780 --field-trial-handle=1796,i,8001100298039803033,15986874431127503830,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=7524 --field-trial-handle=1796,i,8001100298039803033,15986874431127503830,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=7616 --field-trial-handle=1796,i,8001100298039803033,15986874431127503830,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=7780 --field-trial-handle=1796,i,8001100298039803033,15986874431127503830,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=7956 --field-trial-handle=1796,i,8001100298039803033,15986874431127503830,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --mojo-platform-channel-handle=6880 --field-trial-handle=1796,i,8001100298039803033,15986874431127503830,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --mojo-platform-channel-handle=8336 --field-trial-handle=1796,i,8001100298039803033,15986874431127503830,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=8344 --field-trial-handle=1796,i,8001100298039803033,15986874431127503830,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --mojo-platform-channel-handle=1540 --field-trial-handle=1796,i,8001100298039803033,15986874431127503830,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --mojo-platform-channel-handle=8784 --field-trial-handle=1796,i,8001100298039803033,15986874431127503830,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --mojo-platform-channel-handle=6484 --field-trial-handle=1796,i,8001100298039803033,15986874431127503830,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --mojo-platform-channel-handle=9028 --field-trial-handle=1796,i,8001100298039803033,15986874431127503830,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --mojo-platform-channel-handle=9068 --field-trial-handle=1796,i,8001100298039803033,15986874431127503830,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --mojo-platform-channel-handle=6704 --field-trial-handle=1796,i,8001100298039803033,15986874431127503830,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --mojo-platform-channel-handle=9292 --field-trial-handle=1796,i,8001100298039803033,15986874431127503830,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --mojo-platform-channel-handle=9032 --field-trial-handle=1796,i,8001100298039803033,15986874431127503830,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --mojo-platform-channel-handle=9612 --field-trial-handle=1796,i,8001100298039803033,15986874431127503830,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --mojo-platform-channel-handle=9780 --field-trial-handle=1796,i,8001100298039803033,15986874431127503830,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --mojo-platform-channel-handle=9940 --field-trial-handle=1796,i,8001100298039803033,15986874431127503830,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --mojo-platform-channel-handle=10152 --field-trial-handle=1796,i,8001100298039803033,15986874431127503830,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --mojo-platform-channel-handle=10288 --field-trial-handle=1796,i,8001100298039803033,15986874431127503830,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --mojo-platform-channel-handle=9252 --field-trial-handle=1796,i,8001100298039803033,15986874431127503830,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --mojo-platform-channel-handle=10436 --field-trial-handle=1796,i,8001100298039803033,15986874431127503830,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --mojo-platform-channel-handle=10112 --field-trial-handle=1796,i,8001100298039803033,15986874431127503830,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --mojo-platform-channel-handle=10768 --field-trial-handle=1796,i,8001100298039803033,15986874431127503830,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --mojo-platform-channel-handle=11044 --field-trial-handle=1796,i,8001100298039803033,15986874431127503830,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --mojo-platform-channel-handle=10916 --field-trial-handle=1796,i,8001100298039803033,15986874431127503830,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=10764 --field-trial-handle=1796,i,8001100298039803033,15986874431127503830,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --mojo-platform-channel-handle=2740 --field-trial-handle=1796,i,8001100298039803033,15986874431127503830,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --mojo-platform-channel-handle=1584 --field-trial-handle=1796,i,8001100298039803033,15986874431127503830,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --mojo-platform-channel-handle=11288 --field-trial-handle=1796,i,8001100298039803033,15986874431127503830,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --mojo-platform-channel-handle=11436 --field-trial-handle=1796,i,8001100298039803033,15986874431127503830,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --mojo-platform-channel-handle=11272 --field-trial-handle=1796,i,8001100298039803033,15986874431127503830,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --mojo-platform-channel-handle=11492 --field-trial-handle=1796,i,8001100298039803033,15986874431127503830,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --mojo-platform-channel-handle=11540 --field-trial-handle=1796,i,8001100298039803033,15986874431127503830,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --mojo-platform-channel-handle=9032 --field-trial-handle=1796,i,8001100298039803033,15986874431127503830,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --mojo-platform-channel-handle=9832 --field-trial-handle=1796,i,8001100298039803033,15986874431127503830,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --mojo-platform-channel-handle=9940 --field-trial-handle=1796,i,8001100298039803033,15986874431127503830,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=8544 --field-trial-handle=1796,i,8001100298039803033,15986874431127503830,131072 /prefetch:8
C:\Program Files\7-Zip\7zFM.exe
"C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\Downloads\Robux Generator.rar"
C:\Users\Admin\AppData\Local\Temp\7zOC4C73C28\Setup.exe
"C:\Users\Admin\AppData\Local\Temp\7zOC4C73C28\Setup.exe"
C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe
"C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe" -ServerName:MiniSearchUI.AppXj3y73at8fy1htwztzxs68sxx1v7cksp7.mca
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\qemu-ga.exe
"C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\qemu-ga.exe"
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalService -p -s NPSMSvc
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | github.com | udp |
| DE | 140.82.121.4:443 | github.com | tcp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.133:443 | user-images.githubusercontent.com | tcp |
| GB | 172.217.169.10:443 | content-autofill.googleapis.com | tcp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 140.82.113.21:443 | collector.github.com | tcp |
| DE | 140.82.121.5:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | 10.169.217.172.in-addr.arpa | udp |
| US | 185.199.108.133:443 | private-user-images.githubusercontent.com | tcp |
| GB | 172.217.169.10:443 | content-autofill.googleapis.com | udp |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 172.217.16.228:443 | www.google.com | udp |
| GB | 172.217.16.228:443 | www.google.com | tcp |
| NL | 149.154.164.13:443 | edit.telegra.ph | tcp |
| NL | 149.154.164.13:443 | edit.telegra.ph | tcp |
| NL | 149.154.167.99:443 | t.me | tcp |
| RU | 91.215.42.31:80 | gg.gg | tcp |
| RU | 91.215.42.31:80 | gg.gg | tcp |
| US | 104.16.114.74:443 | www.mediafire.com | tcp |
| US | 104.21.42.32:443 | privacy.gatekeeperconsent.com | tcp |
| US | 8.8.8.8:53 | translate.google.com | udp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 8.8.8.8:53 | cdn.amplitude.com | udp |
| US | 8.8.8.8:53 | static.mediafire.com | udp |
| US | 104.22.75.216:443 | btloader.com | tcp |
| US | 172.67.199.186:443 | privacy.gatekeeperconsent.com | tcp |
| US | 172.64.193.22:443 | www.ezojs.com | tcp |
| DE | 52.222.190.14:443 | cdn.amplitude.com | tcp |
| GB | 172.217.16.238:443 | translate.google.com | tcp |
| US | 104.16.56.101:443 | static.cloudflareinsights.com | tcp |
| US | 104.19.215.37:443 | cdn.otnolatrnup.com | tcp |
| US | 172.67.199.186:443 | privacy.gatekeeperconsent.com | udp |
| US | 104.21.42.32:443 | privacy.gatekeeperconsent.com | udp |
| GB | 216.58.201.106:443 | translate.googleapis.com | tcp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| US | 104.26.2.70:443 | ad-delivery.net | tcp |
| US | 104.26.2.70:443 | ad-delivery.net | tcp |
| FR | 35.181.89.222:443 | g.ezoic.net | tcp |
| US | 8.8.8.8:53 | 186.199.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 101.56.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.190.222.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 37.215.19.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 29.92.85.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 178.32.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.23.211.130.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 70.2.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 222.89.181.35.in-addr.arpa | udp |
| GB | 96.17.179.184:80 | apps.identrust.com | tcp |
| US | 172.64.193.4:443 | go.ezodn.com | tcp |
| US | 172.64.193.4:443 | go.ezodn.com | tcp |
| US | 172.64.193.4:443 | go.ezodn.com | tcp |
| US | 130.211.23.194:443 | api.btloader.com | udp |
| US | 104.21.42.32:443 | privacy.gatekeeperconsent.com | udp |
| US | 52.27.11.26:443 | api.amplitude.com | tcp |
| US | 172.64.193.4:443 | go.ezodn.com | udp |
| GB | 23.44.232.202:443 | ads.pubmatic.com | tcp |
| GB | 172.217.169.34:443 | securepubads.g.doubleclick.net | tcp |
| BE | 64.233.184.155:443 | stats.g.doubleclick.net | tcp |
| BE | 64.233.184.155:443 | stats.g.doubleclick.net | udp |
| US | 216.239.34.36:443 | region1.analytics.google.com | tcp |
| GB | 172.217.169.34:443 | securepubads.g.doubleclick.net | udp |
| GB | 216.58.204.67:443 | www.google.co.uk | tcp |
| GB | 216.58.204.67:443 | www.google.co.uk | tcp |
| IE | 52.211.215.251:443 | bcp.crwdcntrl.net | tcp |
| US | 172.64.192.4:443 | go.ezodn.com | tcp |
| IE | 52.213.118.200:443 | bcp.crwdcntrl.net | tcp |
| DE | 52.85.92.52:443 | tags.crwdcntrl.net | tcp |
| US | 8.8.8.8:53 | 251.215.211.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.192.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.118.213.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 52.92.85.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 184.179.17.96.in-addr.arpa | udp |
| US | 172.64.192.4:443 | go.ezodn.com | udp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | tcp |
| GB | 185.64.190.82:443 | ut.pubmatic.com | tcp |
| GB | 172.217.16.238:443 | fundingchoicesmessages.google.com | udp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| FR | 35.181.89.222:443 | g.ezoic.net | tcp |
| US | 104.26.8.169:443 | script.4dex.io | tcp |
| DE | 54.93.160.210:443 | tlx.3lift.com | tcp |
| US | 178.128.135.204:443 | rt.marphezis.com | tcp |
| US | 172.64.151.101:443 | ssum-sec.casalemedia.com | tcp |
| IE | 52.210.86.187:443 | hb.yellowblue.io | tcp |
| DE | 51.89.9.253:443 | onetag-sys.com | tcp |
| GB | 185.64.190.77:443 | hbopenbid.pubmatic.com | tcp |
| NL | 145.40.97.67:443 | sync.a-mo.net | tcp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| DE | 37.252.171.85:443 | ib.adnxs.com | tcp |
| US | 104.22.69.131:443 | static.smilewanted.com | tcp |
| US | 104.22.69.131:443 | static.smilewanted.com | tcp |
| US | 104.22.69.131:443 | static.smilewanted.com | tcp |
| US | 104.22.69.131:443 | static.smilewanted.com | tcp |
| US | 104.22.69.131:443 | static.smilewanted.com | tcp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | udp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| US | 34.96.70.87:443 | invstatic101.creativecdn.com | tcp |
| DE | 54.192.210.17:443 | cdn.prod.uidapi.com | tcp |
| US | 34.102.146.192:443 | oa.openxcdn.net | tcp |
| US | 104.22.53.86:443 | cdn.id5-sync.com | tcp |
| US | 104.18.35.167:443 | cdn-ima.33across.com | tcp |
| GB | 216.58.204.65:443 | 57ce0ebe1c7a064a4462716ea14441c9.safeframe.googlesyndication.com | tcp |
| US | 104.26.8.169:443 | script.4dex.io | tcp |
| GB | 216.58.212.193:443 | tpc.googlesyndication.com | tcp |
| US | 34.120.135.53:443 | oajs.openx.net | tcp |
| DE | 162.19.138.119:443 | id5-sync.com | tcp |
| GB | 216.58.212.193:443 | tpc.googlesyndication.com | udp |
| US | 34.120.135.53:443 | oajs.openx.net | udp |
| US | 35.244.159.8:443 | google-bidout-d.openx.net | tcp |
| US | 8.8.8.8:53 | 204.135.128.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 87.70.96.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 192.146.102.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 167.35.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.53.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 17.210.192.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 65.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 193.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 119.138.19.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 53.135.120.34.in-addr.arpa | udp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| GB | 142.250.180.1:443 | cdn.ampproject.org | tcp |
| GB | 142.250.180.1:443 | cdn.ampproject.org | tcp |
| GB | 142.250.180.1:443 | cdn.ampproject.org | tcp |
| GB | 142.250.180.1:443 | cdn.ampproject.org | tcp |
| GB | 142.250.180.1:443 | cdn.ampproject.org | tcp |
| US | 216.239.34.36:443 | region1.analytics.google.com | udp |
| US | 104.19.214.37:443 | cdn.otnolatrnup.com | udp |
| US | 199.91.155.91:443 | download2350.mediafire.com | tcp |
| US | 199.91.155.91:443 | download2350.mediafire.com | tcp |
| GB | 216.58.201.106:443 | translate-pa.googleapis.com | udp |
| US | 104.19.214.37:80 | cdn.otnolatrnup.com | tcp |
| US | 104.19.214.37:80 | cdn.otnolatrnup.com | tcp |
| DE | 54.230.206.4:443 | woreppercomming.com | tcp |
| US | 104.21.96.72:443 | www.ovardu.com | tcp |
| DE | 35.157.206.191:443 | www.opera.com | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| DE | 79.127.216.47:443 | id.a-mx.com | tcp |
| US | 104.22.4.69:443 | id.hadron.ad.gt | tcp |
| DE | 3.75.62.37:443 | ups.analytics.yahoo.com | tcp |
| US | 52.223.40.198:443 | match.adsrvr.org | tcp |
| US | 151.101.1.108:443 | acdn.adnxs.com | tcp |
| US | 172.64.149.180:443 | js-sec.indexww.com | tcp |
| DE | 51.89.9.253:443 | onetag-sys.com | udp |
| GB | 104.84.85.174:443 | cdn-production-opera-website.operacdn.com | tcp |
| GB | 104.84.85.174:443 | cdn-production-opera-website.operacdn.com | tcp |
| GB | 104.84.85.174:443 | cdn-production-opera-website.operacdn.com | tcp |
| GB | 104.84.85.174:443 | cdn-production-opera-website.operacdn.com | tcp |
| GB | 104.84.85.174:443 | cdn-production-opera-website.operacdn.com | tcp |
| GB | 216.58.213.14:443 | www.googleoptimize.com | tcp |
| US | 76.223.111.18:443 | eb2.3lift.com | tcp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| DE | 52.85.92.115:443 | static.hotjar.com | tcp |
| US | 151.101.1.140:443 | alb.reddit.com | tcp |
| GB | 96.17.178.38:443 | snap.licdn.com | tcp |
| GB | 104.84.85.174:443 | cdn-production-opera-website.operacdn.com | tcp |
| GB | 163.70.147.23:443 | connect.facebook.net | tcp |
| GB | 89.187.167.2:443 | tags.creativecdn.com | tcp |
| GB | 216.58.204.67:443 | www.google.co.uk | udp |
| US | 151.101.1.140:443 | alb.reddit.com | tcp |
| US | 151.101.1.140:443 | alb.reddit.com | tcp |
| NL | 185.184.8.90:443 | ams.creativecdn.com | tcp |
| US | 13.107.42.14:443 | px.ads.linkedin.com | tcp |
| DE | 18.155.153.85:443 | script.hotjar.com | tcp |
| GB | 163.70.147.23:443 | connect.facebook.net | udp |
| NL | 185.184.8.90:443 | ams.creativecdn.com | tcp |
| FR | 157.240.195.35:443 | www.facebook.com | tcp |
| US | 104.19.158.19:443 | assets.a-mo.net | tcp |
| DE | 3.69.82.17:443 | rtb.mfadsrvr.com | tcp |
| US | 216.200.232.253:443 | sync.mathtag.com | tcp |
| NL | 131.153.158.209:443 | c3.a-mo.net | tcp |
| DE | 35.157.206.191:443 | www.opera.com | tcp |
| US | 204.79.197.200:443 | bat.bing.com | tcp |
| US | 172.64.151.101:443 | ssum-sec.casalemedia.com | udp |
| GB | 185.64.190.78:443 | image6.pubmatic.com | tcp |
| DE | 162.19.138.116:443 | lb.eu-1-id5-sync.com | tcp |
| US | 13.107.246.64:443 | www.clarity.ms | tcp |
| US | 209.54.182.161:443 | s.amazon-adsystem.com | tcp |
| NL | 213.19.162.80:443 | pixel.rubiconproject.com | tcp |
| IE | 68.219.88.97:443 | c.clarity.ms | tcp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| IE | 67.220.224.144:443 | aax-eu.amazon-adsystem.com | tcp |
| DE | 162.19.138.119:443 | lb.eu-1-id5-sync.com | tcp |
| DE | 91.228.74.166:443 | cms.quantserve.com | tcp |
| GB | 185.64.191.210:443 | simage2.pubmatic.com | tcp |
| US | 20.119.174.243:443 | r.clarity.ms | tcp |
| GB | 23.215.239.190:443 | secure-assets.rubiconproject.com | tcp |
| NL | 198.47.127.205:443 | image2.pubmatic.com | tcp |
| NL | 198.47.127.18:443 | image8.pubmatic.com | tcp |
| US | 8.8.8.8:53 | 80.162.19.213.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 97.88.219.68.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 144.224.220.67.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 166.74.228.91.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 210.191.64.185.in-addr.arpa | udp |
| GB | 216.58.204.66:443 | cm.g.doubleclick.net | tcp |
| DE | 85.114.159.93:443 | dsp.adfarm1.adition.com | tcp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| US | 54.197.247.108:443 | sync.srv.stackadapt.com | tcp |
| GB | 23.37.1.59:443 | eus.rubiconproject.com | tcp |
| IE | 52.211.13.166:443 | match.prod.bidr.io | tcp |
| GB | 185.64.190.81:443 | image4.pubmatic.com | tcp |
| GB | 216.58.204.66:443 | cm.g.doubleclick.net | udp |
| DE | 18.195.132.36:443 | sonata-notifications.taptapnetworks.com | tcp |
| FR | 45.137.176.88:443 | sync.adotmob.com | tcp |
| NL | 193.0.160.131:443 | p.rfihub.com | tcp |
| US | 151.101.2.49:443 | sync-tm.everesttech.net | tcp |
| NL | 147.75.84.158:443 | pb-am.a-mo.net | tcp |
| SE | 213.155.156.167:443 | d5p.de17a.com | tcp |
| NL | 213.19.162.90:443 | pixel.rubiconproject.com | tcp |
| FR | 154.54.250.150:443 | ads.stickyadstv.com | tcp |
| NL | 82.145.213.8:443 | t.adx.opera.com | tcp |
| NL | 35.214.240.35:443 | csync.loopme.me | tcp |
| NL | 89.149.192.201:443 | rtb-csync.smartadserver.com | tcp |
| SI | 195.5.165.20:443 | core.iprom.net | tcp |
| NL | 35.204.158.49:443 | um.simpli.fi | tcp |
| FR | 141.94.240.143:443 | green.erne.co | tcp |
| NL | 72.251.241.196:443 | cm.adgrx.com | tcp |
| US | 35.186.193.173:443 | ipac.ctnsnet.com | tcp |
| US | 8.8.8.8:53 | 108.247.197.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 166.13.211.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 81.190.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.132.195.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.160.0.193.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.176.137.45.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 49.2.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 150.250.54.154.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.162.19.213.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 158.84.75.147.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 167.156.155.213.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.213.145.82.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.240.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 201.192.149.89.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 49.158.204.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 20.165.5.195.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 143.240.94.141.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.241.251.72.in-addr.arpa | udp |
| NL | 208.93.169.131:443 | bh.contextweb.com | tcp |
| SG | 35.186.154.107:443 | cm-supply-web.gammaplatform.com | tcp |
| US | 80.77.87.162:443 | cs.admanmedia.com | tcp |
| FR | 141.94.171.213:443 | pixel.onaudience.com | tcp |
| SG | 35.186.154.107:443 | cm-supply-web.gammaplatform.com | tcp |
| FR | 5.196.111.72:443 | sync.smartadserver.com | tcp |
| NL | 147.75.84.158:443 | pb-am.a-mo.net | tcp |
| DE | 79.127.216.47:443 | id.a-mx.com | tcp |
| NL | 213.19.162.90:443 | token.rubiconproject.com | tcp |
| FR | 5.196.111.68:443 | ssbsync-global.smartadserver.com | tcp |
| US | 35.227.252.103:443 | rtb.openx.net | tcp |
| US | 35.244.174.68:443 | id.rlcdn.com | tcp |
| US | 35.244.174.68:443 | id.rlcdn.com | udp |
| DK | 37.157.3.20:443 | cm.adform.net | tcp |
| IE | 34.248.138.40:443 | pr-bh.ybp.yahoo.com | tcp |
| US | 34.111.129.221:443 | cr.frontend.weborama.fr | tcp |
| NL | 185.89.210.122:443 | secure.adnxs.com | tcp |
| IE | 34.249.199.133:443 | a.audrte.com | tcp |
| US | 34.111.129.221:443 | cr.frontend.weborama.fr | udp |
| IE | 63.33.37.152:443 | ap.lijit.com | tcp |
| IE | 34.248.29.65:443 | ice.360yield.com | tcp |
| IE | 63.33.37.152:443 | ap.lijit.com | tcp |
| US | 8.2.110.33:443 | us.shb-sync.com | tcp |
| GB | 185.64.190.84:443 | ow.pubmatic.com | tcp |
| DE | 18.155.145.11:443 | s.ad.smaato.net | tcp |
| DE | 52.29.115.234:443 | a.sportradarserving.com | tcp |
| US | 34.111.131.239:443 | idsync.frontend.weborama.fr | tcp |
| US | 8.8.8.8:53 | 133.199.249.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.115.29.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 239.131.111.34.in-addr.arpa | udp |
| DK | 37.157.5.133:443 | c1.adform.net | tcp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | tcp |
| DE | 18.155.145.44:443 | live.primis.tech | tcp |
| NL | 63.215.202.169:443 | pubmatic-match.dotomi.com | tcp |
| GB | 104.91.71.144:443 | hb.yahoo.net | tcp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | udp |
| US | 52.55.53.160:443 | sync.ipredictive.com | tcp |
| NL | 46.228.164.11:443 | ad.turn.com | tcp |
| NL | 134.122.57.34:443 | match.adsby.bidtheatre.com | tcp |
| US | 34.102.163.6:443 | ad.mrtnsvr.com | tcp |
| NL | 198.47.127.20:443 | simage4.pubmatic.com | tcp |
| US | 104.18.25.173:443 | a.tribalfusion.com | tcp |
| DE | 23.88.86.2:443 | matching.truffle.bid | tcp |
| US | 34.102.163.6:443 | ad.mrtnsvr.com | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| NL | 213.19.162.90:443 | token.rubiconproject.com | tcp |
| US | 104.22.51.98:443 | mwzeom.zeotap.com | tcp |
| DK | 77.243.51.121:443 | uipglob.semasio.net | tcp |
| US | 172.64.146.152:443 | capi.connatix.com | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| US | 172.64.146.152:443 | capi.connatix.com | udp |
| FR | 141.94.171.212:443 | pixel.onaudience.com | tcp |
| US | 34.111.113.62:443 | pixel.tapad.com | tcp |
| US | 8.8.8.8:53 | 121.51.243.77.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 212.171.94.141.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 62.113.111.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ps.eyeota.net | udp |
| US | 34.111.113.62:443 | pixel.tapad.com | udp |
| DE | 3.121.27.153:443 | ps.eyeota.net | tcp |
| NL | 46.228.164.13:443 | d.turn.com | tcp |
| NL | 45.15.156.127:23000 | tcp | |
| GB | 184.25.204.57:443 | tcp | |
| US | 20.42.73.27:443 | browser.pipe.aria.microsoft.com | tcp |
| GB | 92.123.128.195:443 | r.bing.com | tcp |
| GB | 92.123.128.195:443 | r.bing.com | tcp |
| GB | 92.123.128.195:443 | r.bing.com | tcp |
| GB | 92.123.128.195:443 | r.bing.com | tcp |
| GB | 92.123.128.195:443 | r.bing.com | tcp |
| GB | 92.123.128.195:443 | r.bing.com | tcp |
| GB | 92.123.128.195:443 | r.bing.com | tcp |
| GB | 92.123.128.195:443 | r.bing.com | tcp |
| GB | 92.123.128.195:443 | r.bing.com | tcp |
| GB | 92.123.128.195:443 | r.bing.com | tcp |
| GB | 92.123.128.195:443 | r.bing.com | tcp |
| GB | 92.123.128.195:443 | r.bing.com | tcp |
| GB | 92.123.128.195:443 | r.bing.com | tcp |
| GB | 92.123.128.195:443 | r.bing.com | tcp |
| GB | 92.123.128.195:443 | r.bing.com | tcp |
| GB | 92.123.128.195:443 | r.bing.com | tcp |
| GB | 92.123.128.195:443 | r.bing.com | tcp |
| GB | 92.123.128.195:443 | r.bing.com | tcp |
| US | 52.111.227.11:443 | tcp | |
| GB | 92.123.128.162:443 | www.bing.com | tcp |
| GB | 23.213.251.133:443 | cxcs.microsoft.net | tcp |
| GB | 92.123.128.162:443 | www.bing.com | tcp |
| US | 52.113.196.254:443 | teams-ring.msedge.net | tcp |
| US | 13.107.228.254:443 | t-s1-ring.msedge.net | tcp |
| FR | 152.199.21.118:443 | static-ecst.licdn.com | tcp |
Files
\??\pipe\crashpad_1064_LWOQZKUWWJRSSFIE
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 72e935393013673460790acab12d95c8 |
| SHA1 | df75b94ba45b0ad9aaf4f4ad72371cc73bb43285 |
| SHA256 | 0fc6f1ed5ec643681c9f854a8cfa81a000004dec386b1a400fab9813391478b8 |
| SHA512 | d7b94066c9e5863d4abd5e53514fc92037d245831cede38beee5518c1ac0c78a1d069353f711145347acad5c7c77e292385785f016d0ac20c08a7ec90d9e9e9c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 6817cc2dbf8ad2299ff15b033f2aa452 |
| SHA1 | 4286eb0055325b0617bb5829d916815ff78791dd |
| SHA256 | 308892143f6300f2338dff1412941d5d311e72ea95bc47240265b567c351bb41 |
| SHA512 | 2f3f19226d1e8ebd5b2bd169fcfe2b96315e199f4bc50859ef189115105e91104db0ea3f5c09b569895da1132dce0d6bab6b2dced290b64594d9177916542b73 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 43c049a7d4e5bdb85ad7f4da3180a8a6 |
| SHA1 | b051794ca5694efb19e4162f8fa4f8cec5c52db2 |
| SHA256 | 5d89e419acb188c1807b29b4b664587694ff4f85eeb8f0ff2ae7b6de0c8f9a58 |
| SHA512 | 62cb4e6a504ce4342a752d2685930019927ede26c6488540ce0c21c70c4eee49968e3ce5dc6e579ad7409859a7596754daa0fe09c395737b7f444faf85d7b0ac |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 7464facc5a730dc83ae1b64adbe0bc71 |
| SHA1 | 9501a6132e6156b85b31bb11af4af56140fb3c4a |
| SHA256 | e33cfb0a3c2753ac791df94ba8cb7a9b7eb5f3eff81d6dc8811314e128c7f75a |
| SHA512 | bdc71fdee623556ab5f3bd96db4013f09aac917968f32ba8602e6bb4ac3cd322ce5a243217e4eb447801cf4934dab999572a4290c149cf13031085ecda0a5332 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f938c1ee8bf36bd1463235a5dec1811b |
| SHA1 | 52633cae98bb7a02bf54c18ac15125d7cc3de5e7 |
| SHA256 | 9efc36055ffa03bd79a44beeb8426b3bcd53524a7fefe368ac3b1624b1297cd8 |
| SHA512 | ea19c01509f33a3f7b4fe62b8b81a45a487e10e06b3406250a886177517fdec793d8b5647df06fd865e5f621b8ac671d4813beef99b393b6c34bb14299929a5e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 16d02ab8555805470e5a1c36f97638e5 |
| SHA1 | 072745f683a893a5d008ba306c67a974cfad7246 |
| SHA256 | 86a477fe061bb41a83cad589cde59e977634f7985188b1322b50f25f686a552b |
| SHA512 | c9ed21f79c98846bacdceedc8f7bd3faf0008c3ec5af9abfc512ea7b78d0b3a6421bf184a8af3cc8d29384aedeeed45e363cc5403f4b139e62af28f388d6622f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 7dd15badae8149dcd68437616ef961ea |
| SHA1 | 4183d8be5e3c8bee42827f901b143cae745b0c66 |
| SHA256 | 324ef58607fa831991c832e5052f879bc15c9905c352891f5f64be48eacc0e61 |
| SHA512 | e4ad778fde44f78ff3788c272a2b3cb77366cb335ebcb07257f1411a426fba8bba853aa749b64f512b9f28da3c3604412762078c2991f2a0b726edeebff2d0e7 |
C:\Users\Admin\Downloads\Robux Generator.rar:Zone.Identifier
| MD5 | fbccf14d504b7b2dbcb5a5bda75bd93b |
| SHA1 | d59fc84cdd5217c6cf74785703655f78da6b582b |
| SHA256 | eacd09517ce90d34ba562171d15ac40d302f0e691b439f91be1b6406e25f5913 |
| SHA512 | aa1d2b1ea3c9de3ccadb319d4e3e3276a2f27dd1a5244fe72de2b6f94083dddc762480482c5c2e53f803cd9e3973ddefc68966f974e124307b5043e654443b98 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 61e0b99050094922175610d1b8729ce4 |
| SHA1 | f4203a4de03054667e1356414e8cbc05a6e2d2c3 |
| SHA256 | 65b0a70143c437a2a351361cf79dbbc6d68d28695e7c45fefd8c100f94981a63 |
| SHA512 | 3ff153fdcf1faeaf4530e08148ba6ed985ddc0c668e2a6d2e65e328b3fc79c36fcfc2f5d34fa6ca472a5f212f3f9c683caac00af88b81ff9f87f3219abf24dae |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 18d46dd41e0eea0659f8dd30e42d57eb |
| SHA1 | ec816beebcc4f7ae85dd63c11a8be461c09197cd |
| SHA256 | a2058867d4abfa2722304aaf86283e87ad956c36f8138eabc86894d1d0476fbc |
| SHA512 | 4f7cf74a40eef429e5fec312c27060245c4fafd7eff9ab8ee2814ab61d1d43f0cd8d3501549a13ef9653f8d57af8212cccc7e99b7b8d123c3a8e889065092d38 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | c76063b208858ef6c789c4337bf34236 |
| SHA1 | f1992ba35240a63850615b4c37c66029bf3e16bf |
| SHA256 | b8304c6a17a26e759dc6b1bb7323271c39b80e19cdab08d58906d3e2950f1d9d |
| SHA512 | fc19b7040ad1c0d8744c0864fa013438369c78269da1e41ec2a7963366f7fde57b3691c826926a6d3b285b5d4a8b3e548b99bbddd88a2d60171748b2b6d4026d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe57ea7f.TMP
| MD5 | 964b5e1c7b88d22151d9358504efad57 |
| SHA1 | e9f8e95bf24552f5d655115d2ee7b28581895b3f |
| SHA256 | ce313c7c8ad8064cad3a500f60f5ef487968e421513798f6a4f8b421fb5ee0e2 |
| SHA512 | de600d0c334895d6ee89280e0211fdcc11e73d2e8b418f44c471252aab179d35a3750408ce5cf495e1aef2ab723924ce690533c32d22354f61f52de4c995ae8c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
| MD5 | 0b7c0cd12f869468a1823c6a027bcf04 |
| SHA1 | 8af8ac6c0831736ac82c5f16aea4e07de8443267 |
| SHA256 | c62f02122f173dd57358058c5a74cc91785b2807049146306063773b72ba12b5 |
| SHA512 | 953467e3477f8289f86829ae4a12a78a5bcacae93181ca9db53f44e75f6d6a0bf74e919f17cf2f5e75f76f6a4a81be28ea6b3c8191e4c26aad852d50095da0c7 |
C:\Users\Admin\Downloads\Robux Generator.rar
| MD5 | 61442bc7f95927cd2e7eea3e77aa2987 |
| SHA1 | e3162b8cee1ec84f766c3540ee7b0d49342b9b3f |
| SHA256 | 4b2b7981b259f448bcb805b60985d88700ff70c57b2d5f2e426b9b52d860b0cf |
| SHA512 | 12bf5621990c28a474d9d10415393348e9168b6bdeb8305c1789ad92cd163cc149c55ab9fb60b14c8badf9c1074da87df9956d287ec4e710c41ba52d32c560d5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 8f78bade3ec9efbaf340340a0b570d5e |
| SHA1 | 080a4bf6d91962cc803f37f58b73205e4a9496a3 |
| SHA256 | f9cce4306005f5e8aebeae3b8e524818b0661c550bbb19fa0b6bed69a131fd66 |
| SHA512 | 2a86fd993856f60e9eb6e3f85dbe9cb3f77e3ca1b58219dab43b797927b74efa86ee10a0a3eb440898001a9bbf71953641338500bbe296248790fbe777a661c4 |
C:\Users\Admin\AppData\Local\Temp\7zOC4C73C28\Setup.exe
| MD5 | f0b2a4746586e5ad4d4a1325c6cd0914 |
| SHA1 | 0f88773aa73ceab16e43612af00b30f51fdcae23 |
| SHA256 | 13a5d2dac747be8385c04ab9f60bebc16a5ad457d10d1426b9173e4ee20d41c9 |
| SHA512 | 96effd8298bea5ab715fe0e10fdc6c59bf6cd5c59e9398c1c29f53ab9cb96957b7e0caec49a86d6c7e2623fbc0199a1d661920a9d299c19717d612b4224120ac |
C:\Users\Admin\AppData\Local\Temp\7zOC4C73C28\Setup.exe:Zone.Identifier
| MD5 | b3ff799a65b31e584d4540cef8b694dc |
| SHA1 | c68fd401a7aee1fd525943b7111f5ade8a55c5ba |
| SHA256 | 8b390c801148534f158733eb259e90bfc36b393d848d5453cc7fee4a834abd74 |
| SHA512 | 0e4bd0b7a63f1275ac38f867d88aed65eccc95dec5bc2f946039243b7b317e7e2e6e8e48fb706ac8c51f493478dbb27b048922d945224253df637eef23ef7f73 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | 797a44eca7a8231a3905e7052abced81 |
| SHA1 | fcc8cf9304fbd869142c09536ad2f8216424a19a |
| SHA256 | 1ec23b55a98e559782d057662da6478e698f2fe3237bc6ec5220ee6b0c942817 |
| SHA512 | a522402dcc6fa541c7c7782336499534bd7fe51eb71800f3d769a7a512c45e512f46352077203a642bd71a8a0e4414d04355b216fe1eeb09f4da2db2b3c9fed9 |
memory/6284-713-0x0000000000AA0000-0x0000000000B32000-memory.dmp
memory/6284-717-0x0000000073E40000-0x00000000745F1000-memory.dmp
memory/6284-718-0x0000000004E50000-0x0000000004E60000-memory.dmp
memory/6284-719-0x0000000005480000-0x0000000005A98000-memory.dmp
memory/6284-720-0x0000000004E80000-0x0000000004E92000-memory.dmp
memory/6284-721-0x0000000004FB0000-0x00000000050BA000-memory.dmp
memory/6284-722-0x0000000004EE0000-0x0000000004F1C000-memory.dmp
memory/6284-723-0x0000000004F40000-0x0000000004F8C000-memory.dmp
memory/6284-724-0x0000000005300000-0x0000000005366000-memory.dmp
memory/6284-725-0x00000000062D0000-0x0000000006876000-memory.dmp
memory/6284-726-0x0000000005E00000-0x0000000005E92000-memory.dmp
memory/6284-727-0x0000000005EA0000-0x0000000005F16000-memory.dmp
memory/6284-728-0x0000000006120000-0x000000000613E000-memory.dmp
memory/6284-729-0x0000000006F20000-0x0000000006F70000-memory.dmp
memory/6284-731-0x0000000008170000-0x0000000008332000-memory.dmp
memory/6284-732-0x0000000008870000-0x0000000008D9C000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Cookies
| MD5 | 715ab480d82f38eb8f610c107fa44979 |
| SHA1 | 32bd346e7c40b299f7eb8eb1318d76bae844538e |
| SHA256 | 736428fc0ae2884d7125fe8f38df12ac6569fde628b252003b634cac3804dd2d |
| SHA512 | cd30397de1d1403b7adfe9fe71cf0868bf6395a341f3c7f392a68f614b9d7ea2eaa98cd61a61f14133c0ed048d47f9efaa38c7483a7ad779ab4e13a708574e06 |
C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TempState\SearchHoverUnifiedTileModelCache.dat
| MD5 | 82678367fa4297a26727ccc84e0b2f60 |
| SHA1 | 0c65ab90390566f7d2f5b4751b9027f6bac1d22a |
| SHA256 | fbf7356b28e05edc871dda40b318b147e6d07ece028da3d67c3cfbd30bfa0f29 |
| SHA512 | e5474444eecac25a06fe26a22dce9aa9311740dca264de1c824a36a7bc55216f301e934667fe0b9c3c7b062694f8a37e45ecce6b3889cb33bb47ecb9bd198db5 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\qemu-ga.exe
| MD5 | a5ce3aba68bdb438e98b1d0c70a3d95c |
| SHA1 | 013f5aa9057bf0b3c0c24824de9d075434501354 |
| SHA256 | 9b860be98a046ea97a7f67b006e0b1bc9ab7731dd2a0f3a9fd3d710f6c43278a |
| SHA512 | 7446f1256873b51a59b9d2d3498cef5a41dbce55864c2a5fb8cb7d25f7d6e6d8ea249d551a45b75d99b1ad0d6fb4b5e4544e5ca77bcd627717d6598b5f566a79 |
memory/7932-752-0x0000000000C50000-0x0000000000C58000-memory.dmp
memory/6284-754-0x0000000073E40000-0x00000000745F1000-memory.dmp
memory/7932-755-0x00007FFA3F990000-0x00007FFA40452000-memory.dmp
C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TempState\SearchHoverUnifiedTileModelCache.dat
| MD5 | 28d32a16ce87d488acc7632092f7d566 |
| SHA1 | 325dd247e49113dd987531ffe7ca26c22ce08c31 |
| SHA256 | ba6d4f09117c098bd27508a14d44822f13399ebe16d5d2539ad2844157fa4907 |
| SHA512 | 8159021f9d0e28d370faddf7fa41aa9d4bdf7a1aee71779706e43c30486526a0636568d8f90c580da543f8393f546090f71f87382f99e3e0a2b227b04670af57 |
memory/7932-767-0x00007FFA3F990000-0x00007FFA40452000-memory.dmp