Analysis Overview
Threat Level: Likely malicious
The file https://steamunlocked.net/cbb91-tomb-raider-legend-free-pc-download/ was found to be: Likely malicious.
Malicious Activity Summary
Downloads MZ/PE file
Modifies Windows Firewall
Loads dropped DLL
Reads user/profile data of web browsers
Executes dropped EXE
Checks installed software on the system
Adds Run key to start application
Drops file in System32 directory
Enumerates physical storage devices
Suspicious use of WriteProcessMemory
Modifies registry class
Suspicious behavior: EnumeratesProcesses
Checks processor information in registry
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
NTFS ADS
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Enumerates system info in registry
Modifies data under HKEY_USERS
Suspicious behavior: AddClipboardFormatListener
Suspicious use of SetWindowsHookEx
Suspicious use of AdjustPrivilegeToken
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-02-22 20:55
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-02-22 20:55
Reported
2024-02-22 20:59
Platform
win11-20240221-en
Max time kernel
207s
Max time network
208s
Command Line
Signatures
Downloads MZ/PE file
Modifies Windows Firewall
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\netsh.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\netsh.exe | N/A |
Executes dropped EXE
Loads dropped DLL
Reads user/profile data of web browsers
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-4181651180-3163410697-3990547336-1000\Software\Microsoft\Windows\CurrentVersion\Run\Mental Mentor = "\"C:\\Users\\Admin\\mentalmentor\\mentalmentor.exe\" silent" | C:\Users\Admin\mentalmentor\mentalmentor.exe | N/A |
Checks installed software on the system
Drops file in System32 directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content | C:\Users\Admin\mentalmentor\luminati\net_updater32.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\698460A0B6E60F2F602361424D832905_8BB23D43DE574E82F2BEE0DF0EC47EEB | C:\Users\Admin\mentalmentor\luminati\net_updater32.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\C8E534EE129F27D55460CE17FD628216_1130D9B25898B0DB0D4F04DC5B93F141 | C:\Users\Admin\mentalmentor\luminati\net_updater32.exe | N/A |
| File created | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\test_wpf.exe.log | C:\ProgramData\BrightData\d1bab175a2a8d47f9b561f4c58dc046b93194db0\test_wpf.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft | C:\Users\Admin\mentalmentor\luminati\net_updater32.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData | C:\Users\Admin\mentalmentor\luminati\net_updater32.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\698460A0B6E60F2F602361424D832905_8BB23D43DE574E82F2BEE0DF0EC47EEB | C:\Users\Admin\mentalmentor\luminati\net_updater32.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\C8E534EE129F27D55460CE17FD628216_1130D9B25898B0DB0D4F04DC5B93F141 | C:\Users\Admin\mentalmentor\luminati\net_updater32.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\8EC9B1D0ABBD7F98B401D425828828CE_488E097E1A6B1768143D54114E281A12 | C:\Users\Admin\mentalmentor\luminati\net_updater32.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache | C:\Users\Admin\mentalmentor\luminati\net_updater32.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\BrightData | C:\Users\Admin\mentalmentor\luminati\net_updater32.exe | N/A |
| File created | C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\idle_report.exe.log | C:\ProgramData\BrightData\d1bab175a2a8d47f9b561f4c58dc046b93194db0\idle_report.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\8EC9B1D0ABBD7F98B401D425828828CE_488E097E1A6B1768143D54114E281A12 | C:\Users\Admin\mentalmentor\luminati\net_updater32.exe | N/A |
Enumerates physical storage devices
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key opened | \Registry\Machine\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\mentalmentor\luminati\net_updater32.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Users\Admin\mentalmentor\luminati\net_updater32.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\Certificates | C:\Users\Admin\mentalmentor\luminati\net_updater32.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133531089400406082" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CRLs | C:\Users\Admin\mentalmentor\luminati\net_updater32.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed | C:\Users\Admin\mentalmentor\luminati\net_updater32.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root | C:\Users\Admin\mentalmentor\luminati\net_updater32.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Users\Admin\mentalmentor\luminati\net_updater32.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Users\Admin\mentalmentor\luminati\net_updater32.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates | C:\Users\Admin\mentalmentor\luminati\net_updater32.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs | C:\Users\Admin\mentalmentor\luminati\net_updater32.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CTLs | C:\Users\Admin\mentalmentor\luminati\net_updater32.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CTLs | C:\Users\Admin\mentalmentor\luminati\net_updater32.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed | C:\Users\Admin\mentalmentor\luminati\net_updater32.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CTLs | C:\Users\Admin\mentalmentor\luminati\net_updater32.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Users\Admin\mentalmentor\luminati\net_updater32.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CTLs | C:\Users\Admin\mentalmentor\luminati\net_updater32.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Users\Admin\mentalmentor\luminati\net_updater32.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CRLs | C:\Users\Admin\mentalmentor\luminati\net_updater32.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\Certificates | C:\Users\Admin\mentalmentor\luminati\net_updater32.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA | C:\Users\Admin\mentalmentor\luminati\net_updater32.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates | C:\Users\Admin\mentalmentor\luminati\net_updater32.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Users\Admin\mentalmentor\luminati\net_updater32.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Users\Admin\mentalmentor\luminati\net_updater32.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CRLs | C:\Users\Admin\mentalmentor\luminati\net_updater32.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople | C:\Users\Admin\mentalmentor\luminati\net_updater32.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust | C:\Users\Admin\mentalmentor\luminati\net_updater32.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing | C:\Users\Admin\mentalmentor\luminati\net_updater32.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA | C:\Users\Admin\mentalmentor\luminati\net_updater32.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CTLs | C:\Users\Admin\mentalmentor\luminati\net_updater32.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Users\Admin\mentalmentor\luminati\net_updater32.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CRLs | C:\Users\Admin\mentalmentor\luminati\net_updater32.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CRLs | C:\Users\Admin\mentalmentor\luminati\net_updater32.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Users\Admin\mentalmentor\luminati\net_updater32.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates | C:\Users\Admin\mentalmentor\luminati\net_updater32.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\Certificates | C:\Users\Admin\mentalmentor\luminati\net_updater32.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections | C:\Users\Admin\mentalmentor\luminati\net_updater32.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust | C:\Users\Admin\mentalmentor\luminati\net_updater32.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot | C:\Users\Admin\mentalmentor\luminati\net_updater32.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Users\Admin\mentalmentor\luminati\net_updater32.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople | C:\Users\Admin\mentalmentor\luminati\net_updater32.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Users\Admin\mentalmentor\luminati\net_updater32.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Users\Admin\mentalmentor\luminati\net_updater32.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Users\Admin\mentalmentor\luminati\net_updater32.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CTLs | C:\Users\Admin\mentalmentor\luminati\net_updater32.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{1f3427c8-5c10-4210-aa03-2ee45287d668}\Instance\ | C:\Users\Admin\mentalmentor\mentalmentor.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4181651180-3163410697-3990547336-1000_Classes\Local Settings\MuiCache | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\MentalMentor.exe:Zone.Identifier | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| File opened for modification | C:\ProgramData\BrightData\d1bab175a2a8d47f9b561f4c58dc046b93194db0\lum_sdk_session_id:LUM:$DATA | C:\Users\Admin\mentalmentor\luminati\luminati.exe | N/A |
Suspicious behavior: AddClipboardFormatListener
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\mentalmentor\mentalmentor.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\mentalmentor\mentalmentor.exe | N/A |
| N/A | N/A | C:\Users\Admin\mentalmentor\mentalmentor.exe | N/A |
| N/A | N/A | C:\Users\Admin\mentalmentor\mentalmentor.exe | N/A |
| N/A | N/A | C:\Users\Admin\mentalmentor\mentalmentor.exe | N/A |
| N/A | N/A | C:\Users\Admin\mentalmentor\mentalmentor.exe | N/A |
| N/A | N/A | C:\Users\Admin\mentalmentor\mentalmentor.exe | N/A |
| N/A | N/A | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://steamunlocked.net/cbb91-tomb-raider-legend-free-pc-download/
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffa3e149758,0x7ffa3e149768,0x7ffa3e149778
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1628 --field-trial-handle=1764,i,13113588402391593588,3003610985527945613,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2164 --field-trial-handle=1764,i,13113588402391593588,3003610985527945613,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3020 --field-trial-handle=1764,i,13113588402391593588,3003610985527945613,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3012 --field-trial-handle=1764,i,13113588402391593588,3003610985527945613,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2088 --field-trial-handle=1764,i,13113588402391593588,3003610985527945613,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4752 --field-trial-handle=1764,i,13113588402391593588,3003610985527945613,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5328 --field-trial-handle=1764,i,13113588402391593588,3003610985527945613,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5324 --field-trial-handle=1764,i,13113588402391593588,3003610985527945613,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=4000 --field-trial-handle=1764,i,13113588402391593588,3003610985527945613,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4932 --field-trial-handle=1764,i,13113588402391593588,3003610985527945613,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=928 --field-trial-handle=1764,i,13113588402391593588,3003610985527945613,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=5844 --field-trial-handle=1764,i,13113588402391593588,3003610985527945613,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=5980 --field-trial-handle=1764,i,13113588402391593588,3003610985527945613,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=2144 --field-trial-handle=1764,i,13113588402391593588,3003610985527945613,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=6092 --field-trial-handle=1764,i,13113588402391593588,3003610985527945613,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=2204 --field-trial-handle=1764,i,13113588402391593588,3003610985527945613,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=5176 --field-trial-handle=1764,i,13113588402391593588,3003610985527945613,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=6028 --field-trial-handle=1764,i,13113588402391593588,3003610985527945613,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6292 --field-trial-handle=1764,i,13113588402391593588,3003610985527945613,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6612 --field-trial-handle=1764,i,13113588402391593588,3003610985527945613,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=3224 --field-trial-handle=1764,i,13113588402391593588,3003610985527945613,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5192 --field-trial-handle=1764,i,13113588402391593588,3003610985527945613,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5184 --field-trial-handle=1764,i,13113588402391593588,3003610985527945613,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5180 --field-trial-handle=1764,i,13113588402391593588,3003610985527945613,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6864 --field-trial-handle=1764,i,13113588402391593588,3003610985527945613,131072 /prefetch:8
C:\Users\Admin\Downloads\MentalMentor.exe
"C:\Users\Admin\Downloads\MentalMentor.exe"
C:\Users\Admin\AppData\Local\Temp\is-OAGJT.tmp\MentalMentor.tmp
"C:\Users\Admin\AppData\Local\Temp\is-OAGJT.tmp\MentalMentor.tmp" /SL5="$15022E,2483341,845312,C:\Users\Admin\Downloads\MentalMentor.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --mojo-platform-channel-handle=5684 --field-trial-handle=1764,i,13113588402391593588,3003610985527945613,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --mojo-platform-channel-handle=3196 --field-trial-handle=1764,i,13113588402391593588,3003610985527945613,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=6172 --field-trial-handle=1764,i,13113588402391593588,3003610985527945613,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --mojo-platform-channel-handle=5416 --field-trial-handle=1764,i,13113588402391593588,3003610985527945613,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1588 --field-trial-handle=1764,i,13113588402391593588,3003610985527945613,131072 /prefetch:2
C:\Users\Admin\AppData\Local\Temp\is-1EFJF.tmp\7z.exe
"C:\Users\Admin\AppData\Local\Temp\is-1EFJF.tmp\7z.exe" x "C:\Users\Admin\AppData\Local\Temp\is-1EFJF.tmp\zip_libs.7z" -o"C:\Users\Admin\mentalmentor\" * -r -aoa
C:\Users\Admin\AppData\Local\Temp\is-1EFJF.tmp\7z.exe
"C:\Users\Admin\AppData\Local\Temp\is-1EFJF.tmp\7z.exe" x "C:\Users\Admin\AppData\Local\Temp\is-1EFJF.tmp\zip_bin.7z" -o"C:\Users\Admin\mentalmentor\" * -r -aoa
C:\Users\Admin\AppData\Local\Temp\is-1EFJF.tmp\7z.exe
"C:\Users\Admin\AppData\Local\Temp\is-1EFJF.tmp\7z.exe" x "C:\Users\Admin\AppData\Local\Temp\is-1EFJF.tmp\zip_lum.7z" -o"C:\Users\Admin\mentalmentor\luminati\" * -r -aoa
C:\Users\Admin\AppData\Local\Temp\is-1EFJF.tmp\7z.exe
"C:\Users\Admin\AppData\Local\Temp\is-1EFJF.tmp\7z.exe" x "C:\Users\Admin\AppData\Local\Temp\is-1EFJF.tmp\zip_html.7z" -o"C:\Users\Admin\mentalmentor\settings\temp\inst_gui\" * -r -aoa
C:\Windows\SysWOW64\netsh.exe
"netsh" advfirewall firewall add rule name="Mental Mentor" dir=in action=allow program="C:\Users\Admin\mentalmentor\mentalmentor.exe" enable=yes
C:\Windows\SysWOW64\netsh.exe
"netsh" advfirewall firewall add rule name="Mental Mentor" dir=in action=allow program="C:\Users\Admin\mentalmentor\QtWebEngineProcess.exe" enable=yes
C:\Users\Admin\mentalmentor\mentalmentor.exe
"C:\Users\Admin\mentalmentor\mentalmentor.exe" install
C:\Users\Admin\mentalmentor\mentalmentor_crashpad_handler.exe
C:\Users\Admin\mentalmentor\mentalmentor_crashpad_handler.exe --no-rate-limit --database=C:\Users\Admin\mentalmentor\sentry --metrics-dir=C:\Users\Admin\mentalmentor\sentry --url=https://o4505329939513344.ingest.sentry.io:443/api/4506451695239168/minidump/?sentry_client=sentry.native/0.4.6&sentry_key=0cb1bfe551768937b10a49cd2122722e --attachment=C:/Users/Admin/mentalmentor/sentry/log --attachment=C:\Users\Admin\mentalmentor\sentry\63c1a362-d711-49bd-3367-68aef6aef7c3.run\__sentry-event --attachment=C:\Users\Admin\mentalmentor\sentry\63c1a362-d711-49bd-3367-68aef6aef7c3.run\__sentry-breadcrumb1 --attachment=C:\Users\Admin\mentalmentor\sentry\63c1a362-d711-49bd-3367-68aef6aef7c3.run\__sentry-breadcrumb2 --initial-client-data=0x574,0x578,0x57c,0x55c,0x580,0x72a27b7c,0x72a27b90,0x72a27ba0
C:\Users\Admin\mentalmentor\luminati\luminati.exe
"C:\Users\Admin\mentalmentor\luminati\luminati.exe" switch_on
C:\ProgramData\BrightData\d1bab175a2a8d47f9b561f4c58dc046b93194db0\test_wpf.exe
C:\ProgramData\BrightData\d1bab175a2a8d47f9b561f4c58dc046b93194db0\test_wpf.exe
C:\Users\Admin\mentalmentor\luminati\net_updater32.exe
"C:\Users\Admin\mentalmentor\luminati\net_updater32.exe" --install win_global_microtrading.mental_mentor --no-cleanup
C:\Users\Admin\mentalmentor\QtWebEngineProcess.exe
"C:\Users\Admin\mentalmentor\QtWebEngineProcess.exe" --type=renderer --no-sandbox --disable-speech-api --enable-threaded-compositing --enable-features=AllowContentInitiatedDataUrlNavigations,NetworkServiceInProcess,TracingServiceInProcess --disable-features=BackgroundFetch,ConsolidatedMovementXY,DnsOverHttpsUpgrade,FormControlsRefresh,MojoVideoCapture,PictureInPicture,SmsReceiver,UseSkiaRenderer,WebPayments,WebUSB --disable-gpu-compositing --lang=en-US --webengine-schemes=qrc:sLV --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=2 --mojo-platform-channel-handle=3776 /prefetch:1
C:\Users\Admin\mentalmentor\luminati\net_updater32.exe
"C:/Users/Admin/mentalmentor/luminati/net_updater32.exe" --updater win_global_microtrading.mental_mentor
C:\ProgramData\BrightData\d1bab175a2a8d47f9b561f4c58dc046b93194db0\test_wpf.exe
C:\ProgramData\BrightData\d1bab175a2a8d47f9b561f4c58dc046b93194db0\test_wpf.exe
C:\ProgramData\BrightData\d1bab175a2a8d47f9b561f4c58dc046b93194db0\idle_report.exe
C:\ProgramData\BrightData\d1bab175a2a8d47f9b561f4c58dc046b93194db0\idle_report.exe --id 32300 --screen
C:\ProgramData\BrightData\d1bab175a2a8d47f9b561f4c58dc046b93194db0\brightdata.exe
C:\ProgramData\BrightData\d1bab175a2a8d47f9b561f4c58dc046b93194db0\brightdata.exe --appid win_global_microtrading.mental_mentor
C:\Windows\system32\wbem\WmiApSrv.exe
C:\Windows\system32\wbem\WmiApSrv.exe
C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe
"C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe" -ServerName:MiniSearchUI.AppXj3y73at8fy1htwztzxs68sxx1v7cksp7.mca
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | steamunlocked.net | udp |
| US | 104.23.133.10:443 | steamunlocked.net | tcp |
| US | 104.23.133.10:443 | steamunlocked.net | tcp |
| US | 104.23.133.10:443 | steamunlocked.net | udp |
| US | 8.8.8.8:53 | js.hcaptcha.com | udp |
| US | 104.19.219.90:443 | api.hcaptcha.com | tcp |
| US | 216.239.34.36:443 | region1.google-analytics.com | tcp |
| US | 104.19.219.90:443 | api.hcaptcha.com | udp |
| US | 8.8.8.8:53 | 232.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.219.19.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.34.239.216.in-addr.arpa | udp |
| GB | 216.58.212.234:443 | content-autofill.googleapis.com | tcp |
| US | 104.19.219.90:443 | imgs3.hcaptcha.com | tcp |
| US | 104.19.219.90:443 | imgs3.hcaptcha.com | tcp |
| US | 104.19.218.90:443 | imgs3.hcaptcha.com | tcp |
| US | 104.19.218.90:443 | imgs3.hcaptcha.com | tcp |
| US | 104.19.218.90:443 | imgs3.hcaptcha.com | tcp |
| US | 104.19.218.90:443 | imgs3.hcaptcha.com | tcp |
| US | 104.19.218.90:443 | imgs3.hcaptcha.com | tcp |
| US | 104.19.218.90:443 | imgs3.hcaptcha.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 104.19.218.90:443 | imgs3.hcaptcha.com | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| US | 199.232.192.134:443 | steamunlocked-com.disqus.com | tcp |
| DE | 52.85.92.42:443 | c.disquscdn.com | tcp |
| US | 151.101.128.134:443 | disqus.com | tcp |
| DE | 52.85.92.42:443 | c.disquscdn.com | tcp |
| US | 169.197.82.18:443 | uploadhaven.com | tcp |
| US | 169.197.82.18:443 | uploadhaven.com | tcp |
| GB | 216.58.212.234:443 | content-autofill.googleapis.com | udp |
| US | 199.232.194.49:443 | a.disquscdn.com | tcp |
| US | 199.232.192.134:443 | steamunlocked-com.disqus.com | tcp |
| GB | 172.217.16.228:443 | www.google.com | udp |
| GB | 172.217.16.228:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | ghabovethec.info | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | jecromaha.info | udp |
| DE | 108.138.7.68:443 | ukworlowedonh.com | tcp |
| DE | 108.138.7.68:443 | ukworlowedonh.com | tcp |
| US | 188.114.97.2:443 | pogothere.xyz | tcp |
| US | 188.114.97.2:443 | pogothere.xyz | tcp |
| US | 104.21.22.186:443 | ameoutofthe.info | tcp |
| GB | 18.244.140.110:443 | ghabovethec.info | tcp |
| GB | 163.70.151.35:443 | www.facebook.com | tcp |
| US | 103.224.212.215:443 | jecromaha.info | tcp |
| NL | 173.194.69.84:443 | accounts.google.com | udp |
| US | 104.21.22.186:443 | ameoutofthe.info | tcp |
| US | 103.224.212.215:443 | jecromaha.info | tcp |
| US | 104.21.22.186:443 | ameoutofthe.info | tcp |
| US | 104.21.22.186:443 | ameoutofthe.info | tcp |
| GB | 96.17.179.184:80 | apps.identrust.com | tcp |
| DE | 18.155.152.67:443 | ddzswov1e84sp.cloudfront.net | tcp |
| GB | 96.17.179.184:80 | apps.identrust.com | tcp |
| DE | 18.155.152.67:443 | ddzswov1e84sp.cloudfront.net | tcp |
| US | 8.8.8.8:53 | 67.152.155.18.in-addr.arpa | udp |
| US | 104.21.22.186:443 | ameoutofthe.info | udp |
| US | 54.225.185.110:443 | xlmbc.wedonhisdhiltew.info | tcp |
| US | 169.197.82.18:443 | uploadhaven.com | tcp |
| US | 103.224.212.215:443 | jecromaha.info | tcp |
| US | 103.224.212.215:443 | jecromaha.info | tcp |
| US | 103.224.212.215:443 | jecromaha.info | tcp |
| US | 103.224.212.215:443 | jecromaha.info | tcp |
| DE | 116.202.16.124:443 | file.myfontastic.com | tcp |
| GB | 163.70.151.35:443 | www.facebook.com | udp |
| DE | 116.202.16.124:443 | file.myfontastic.com | tcp |
| US | 103.224.212.215:443 | jecromaha.info | tcp |
| US | 103.224.212.215:443 | jecromaha.info | tcp |
| US | 103.224.212.215:443 | jecromaha.info | tcp |
| DE | 116.202.16.124:443 | file.myfontastic.com | tcp |
| US | 54.225.185.110:443 | xlmbc.wedonhisdhiltew.info | tcp |
| US | 103.224.212.215:443 | jecromaha.info | tcp |
| GB | 18.165.201.121:443 | ecentalsindus.com | tcp |
| GB | 18.165.201.121:443 | ecentalsindus.com | tcp |
| US | 8.8.8.8:53 | 121.201.165.18.in-addr.arpa | udp |
| US | 54.225.185.110:443 | xlmbc.wedonhisdhiltew.info | tcp |
| NL | 139.45.197.239:443 | dukirliaon.com | tcp |
| NL | 139.45.197.240:443 | propeller-tracking.com | tcp |
| NL | 139.45.195.8:443 | my.rtmark.net | tcp |
| US | 172.64.132.4:443 | yourfreshjournal.com | tcp |
| US | 172.64.132.4:443 | yourfreshjournal.com | tcp |
| NL | 212.117.190.201:443 | sr7pv7n5x.com | tcp |
| US | 8.8.8.8:53 | 4.132.64.172.in-addr.arpa | udp |
| US | 172.64.132.4:443 | yourfreshjournal.com | udp |
| US | 172.67.10.98:443 | littlecdn.com | tcp |
| NL | 139.45.197.251:443 | jouteetu.net | tcp |
| NL | 139.45.197.251:443 | jouteetu.net | tcp |
| NL | 139.45.197.251:443 | jouteetu.net | tcp |
| NL | 139.45.197.251:443 | jouteetu.net | tcp |
| NL | 139.45.197.251:443 | jouteetu.net | tcp |
| NL | 139.45.197.251:443 | jouteetu.net | tcp |
| GB | 18.244.155.103:443 | askdomainad.com | tcp |
| US | 8.8.8.8:53 | mmentorapp.com | udp |
| US | 8.8.8.8:53 | i.cdnfimgs.com | udp |
| US | 8.8.8.8:53 | s.viibkthk.com | udp |
| US | 104.21.68.128:443 | mmentorapp.com | tcp |
| US | 104.21.68.128:443 | mmentorapp.com | tcp |
| NL | 45.133.44.37:443 | i.cdnfimgs.com | tcp |
| NL | 185.98.54.153:443 | s.viibkthk.com | tcp |
| NL | 45.133.44.37:443 | i.cdnfimgs.com | tcp |
| NL | 139.45.197.226:443 | coogoanu.net | tcp |
| US | 104.21.68.128:443 | mmentorapp.com | udp |
| DE | 168.119.9.23:443 | nnipth.xyz | tcp |
| DE | 168.119.9.23:443 | nnipth.xyz | tcp |
| NL | 139.45.197.226:443 | coogoanu.net | tcp |
| NL | 139.45.197.151:443 | static.ptoahaistais.com | tcp |
| NL | 139.45.197.151:443 | static.ptoahaistais.com | tcp |
| NL | 77.245.57.64:443 | click-eu.pclk.name | tcp |
| NL | 77.245.57.64:443 | click-eu.pclk.name | tcp |
| DE | 144.76.199.80:443 | cdn4image.com | tcp |
| DE | 178.63.248.54:443 | wnt-some-push.net | tcp |
| NL | 51.158.210.166:443 | web.mymentalmentor.net | tcp |
| NL | 51.158.210.166:443 | web.mymentalmentor.net | tcp |
| US | 8.8.8.8:53 | 54.248.63.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 166.210.158.51.in-addr.arpa | udp |
| DE | 168.119.9.23:443 | nnipth.xyz | tcp |
| DE | 178.63.248.54:443 | wnt-some-push.net | tcp |
| US | 54.225.185.110:443 | xlmbc.wedonhisdhiltew.info | tcp |
| US | 54.225.185.110:443 | xlmbc.wedonhisdhiltew.info | tcp |
| NL | 51.158.210.166:443 | web.mymentalmentor.net | tcp |
| US | 52.111.227.13:443 | tcp | |
| NL | 51.158.210.166:443 | web.mymentalmentor.net | tcp |
| US | 198.134.116.29:443 | xml.cow-timerbudder.org | tcp |
| US | 198.134.116.29:443 | xml.cow-timerbudder.org | tcp |
| GB | 88.221.135.114:443 | static.servingserved.com | tcp |
| GB | 88.221.135.114:443 | static.servingserved.com | tcp |
| NL | 185.98.54.153:443 | s.viibkthk.com | tcp |
| US | 103.224.212.215:443 | jecromaha.info | tcp |
| US | 104.21.22.186:443 | ameoutofthe.info | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| NL | 139.45.197.239:443 | dukirliaon.com | tcp |
| NL | 139.45.195.8:443 | my.rtmark.net | tcp |
| US | 172.64.132.4:443 | yourfreshjournal.com | udp |
| NL | 139.45.197.226:443 | coogoanu.net | tcp |
| NL | 139.45.197.251:443 | phicmune.net | tcp |
| NL | 139.45.197.250:443 | amunfezanttor.com | tcp |
| NL | 139.45.197.250:443 | amunfezanttor.com | tcp |
| NL | 139.45.197.240:443 | propeller-tracking.com | tcp |
| NL | 139.45.197.169:443 | fortyphlosiona.com | tcp |
| NL | 139.45.197.169:443 | fortyphlosiona.com | tcp |
| NL | 139.45.197.251:443 | phicmune.net | tcp |
| NL | 139.45.197.251:443 | phicmune.net | tcp |
| DE | 64.190.63.222:443 | confirm.95urbehxy2dh.top | tcp |
| DE | 178.63.83.79:443 | img.cdn.house | tcp |
| DE | 178.63.83.79:443 | img.cdn.house | tcp |
| US | 54.225.185.110:443 | xlmbc.wedonhisdhiltew.info | tcp |
| NL | 51.158.210.166:443 | web.mymentalmentor.net | tcp |
| NL | 51.158.210.166:443 | web.mymentalmentor.net | tcp |
| US | 161.35.48.195:443 | perr.l-err.biz | tcp |
| US | 161.35.48.195:443 | perr.l-err.biz | tcp |
| US | 3.228.177.90:443 | clientsdk.bright-sdk.com | tcp |
| US | 206.189.231.23:443 | perr.l-err.biz | tcp |
| US | 161.35.48.195:443 | perr.l-err.biz | tcp |
| US | 192.81.214.145:443 | perr.l-err.biz | tcp |
| FR | 195.154.71.230:443 | web.mentor-staging.mymentalmentor.net | tcp |
| US | 159.223.133.120:443 | perr.l-err.biz | tcp |
| US | 161.35.48.195:443 | perr.l-err.biz | tcp |
| US | 161.35.48.195:443 | perr.l-err.biz | tcp |
| US | 161.35.48.195:443 | perr.l-err.biz | tcp |
| N/A | 127.0.0.1:51055 | tcp | |
| N/A | 127.0.0.1:51103 | tcp | |
| N/A | 127.0.0.1:51120 | tcp | |
| N/A | 127.0.0.1:51125 | tcp | |
| US | 161.35.48.195:443 | perr.l-err.biz | tcp |
| US | 161.35.48.195:443 | perr.l-err.biz | tcp |
| US | 161.35.48.195:443 | perr.l-err.biz | tcp |
| US | 161.35.48.195:443 | perr.l-err.biz | tcp |
| US | 161.35.48.195:443 | perr.l-err.biz | tcp |
| N/A | 127.0.0.1:51132 | tcp | |
| N/A | 127.0.0.1:51137 | tcp | |
| US | 3.228.36.186:443 | clientsdk.bright-sdk.com | tcp |
| US | 159.223.133.120:443 | perr.l-err.biz | tcp |
| US | 8.8.8.8:53 | www.dropbox.com | udp |
| US | 8.8.8.8:53 | brdtest.com | udp |
| GB | 162.125.64.18:443 | www.dropbox.com | tcp |
| US | 3.94.72.89:443 | brdtest.com | tcp |
| US | 161.35.48.195:443 | perr.l-err.biz | tcp |
| N/A | 127.0.0.1:51160 | tcp | |
| US | 161.35.48.195:443 | perr.l-err.biz | tcp |
| US | 161.35.48.195:443 | perr.l-err.biz | tcp |
| GB | 162.125.64.15:443 | ucfe52f76c80c37820b08f3eb283.dl.dropboxusercontent.com | tcp |
| US | 161.35.48.195:443 | perr.l-err.biz | tcp |
| US | 161.35.48.195:443 | perr.l-err.biz | tcp |
| US | 3.33.193.183:443 | 3.33.193.183 | tcp |
| US | 161.35.48.195:443 | perr.l-err.biz | tcp |
| N/A | 127.0.0.1:51215 | tcp | |
| US | 161.35.48.195:443 | perr.l-err.biz | tcp |
| US | 192.81.214.145:443 | perr.l-err.biz | tcp |
| N/A | 127.0.0.1:51239 | tcp | |
| N/A | 127.0.0.1:51243 | tcp | |
| N/A | 127.0.0.1:51260 | tcp | |
| N/A | 127.0.0.1:51271 | tcp | |
| US | 206.189.231.23:443 | perr.l-err.biz | tcp |
Files
\??\pipe\crashpad_4256_CVMBAPCLVISGGVDU
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | df32490278ee02a0c7d22fe55c4b1cd1 |
| SHA1 | d4bdadc156eeec025d152f826153e3a69cd94a6d |
| SHA256 | 1e11b001fe96d2c4494ed8f65813faffcea0304547519ce6684db3a87b84dfbc |
| SHA512 | 51793da74c096437c90e5317d439933ca4e0f45becfddf4f940d9d2eb32a6993c192f1aee96a0c95d04c5e5e0cc0d44a628cd3abc14862d44ff61189f1fba751 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f8da1f8b7b6409e08fb0fba43fd76f79 |
| SHA1 | 47dfe8df57e0ed6ca193a3770c6b239e3189c374 |
| SHA256 | 216687b12a25c54876f6d02eb323f72c15a4bf1e4b8de079195ce9969d1ab9ac |
| SHA512 | eff1e46d2e22d3a26b6d6eaa4b15d06d4afb491875a0eeac52587ff7de14cdb17d8f8290d8b33460c566157be72a66a0fb82cf27fdef4575fa797c5ea2f28cb9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 9186855f23c388d71ae4bbbd5c5b46f8 |
| SHA1 | 209275297b032bc1279d0735432f750f65fd0d27 |
| SHA256 | 914873f1aba88761a96010e947aed62bd4cd682977d470c1ff967ca0ce1c5d8e |
| SHA512 | dadba2a458d7f552d0dff0522860ca672fd77a66b1c8d661bc7d23938ebe79e322ee42bd4eabb0024dd4d21cd659766940e9876e3038b9869cd58da6ee522446 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 3ff817366106b066aec0d57569a09b35 |
| SHA1 | 1b9bcd9bb564a28e0c900d00bab509139ac18644 |
| SHA256 | c0a6a5eac348d1efc15b1af7c4d6d4d3999e6be2b5c9a68d61560cf60c1b7bee |
| SHA512 | f866804c8aa754347542088883becddbd9f80d4d1538867d177426c81ec75415853042e8c26656c4ce8074e27359da9cf292fbf66806be77f00f8ce69ecd163e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 910859670c3c0080baf46221263cd357 |
| SHA1 | 42a6e7ce12cca28e162607ff627547520ec41529 |
| SHA256 | 869f64e593f0fae2cfde4bedac61e16877ae63a22694281aa329466b219ccf20 |
| SHA512 | 1702538cf19a659c066642b24b9ff3cca3c75ed9735be44ec71a1364e3dccff9616997405cc6ae3dfda1e6c0c8e263ad4fc78d25dbc1aa293cf70cfae218bd08 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | b92079d71222733490c451e2c3ab3f67 |
| SHA1 | 377d6cfeac9670d684bb84876a3c9bdd0f0dfcf4 |
| SHA256 | 7a779240c5b71753cbc97ec18934111027db2bf32112e1c44b7c2079a6c495f4 |
| SHA512 | 918826b64ddf79ef1771681fcb53ae1c8c2d32df042ee2fc771ebb01932c30b15d091c0e1fde573d7c6c1d404956bc1cad4f7d451561579293cd5f082eea8005 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe580f2e.TMP
| MD5 | 8b06d372a6e6760fac8d17a107b62e21 |
| SHA1 | 29fec1c84e65d0a4736331cfcf6f0cab0869886b |
| SHA256 | 8f27173f120f6b81a11ee5f6bb1553f69db00c9f453abfa92904fb52348c6aa6 |
| SHA512 | f23414260caca148c13d0660291175621274091902343eb63f21837e09bd4f36f4bae3874da9dadfd0f9c54c694fd39c51808b9bc5bd4eb7aa3ee3141abe6647 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | d6828a3a25fad8ed3d7cb46660f8fe4f |
| SHA1 | ae55281dd0f79795629c82c7f524db305a249895 |
| SHA256 | 718ea8f8c8654df3f5323a036fce04157dcaddaeace1ec243bcf5d7ef91ba170 |
| SHA512 | 40abbf6039ad3b19f14550578766c84939e15249fc438ebf4b7556fc465003cb9fce5434130867b5c8d39816f1de09f335c8e10938c7358bdb57ef5bb30e8a7a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 1b6bcdf9157d548d4a8c521a01735c40 |
| SHA1 | 20defc826b3b81dd2c42b0aceddd6699801c0d32 |
| SHA256 | 360645f729d683fcd708422af9fc40fe0455e69fc47dca1a8f22cd86b61bb5b9 |
| SHA512 | 57d4a324aedc702a5b41273f22bde92cd77086798158a1c077d62e5cf090ee264d4d0432288ba9ea92ac09eadff930706a26f699bd0164afb3df37f4c5c7bdc9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 0e0b5a25232baacd3fad294fb18a887f |
| SHA1 | 4aac3b1e7ea1fd47deb52efcb12f64e075fceed3 |
| SHA256 | ba24eb803d0b1c69f08906239ecea63e5bb0b5c1861896f970ef10670beefa5a |
| SHA512 | cfaff714c6d3f6e560af80067fe2639c178be868f64f8a50a0045c0b1b9700d302aa61f6baf64c826cf2fb785148934c4149d4cb678ca54a50b7fcc3e30bd49a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GCM Store\MANIFEST-000001
| MD5 | 5af87dfd673ba2115e2fcf5cfdb727ab |
| SHA1 | d5b5bbf396dc291274584ef71f444f420b6056f1 |
| SHA256 | f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4 |
| SHA512 | de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_yourfreshjournal.com_0.indexeddb.leveldb\MANIFEST-000001
| MD5 | 3fd11ff447c1ee23538dc4d9724427a3 |
| SHA1 | 1335e6f71cc4e3cf7025233523b4760f8893e9c9 |
| SHA256 | 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed |
| SHA512 | 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | c0653d0369621f3b77dcd7e2d458e987 |
| SHA1 | baa81ebf82508ea2467e0f206d8b2b19fd1c0671 |
| SHA256 | 9d88ad0716c00d2f879ad708a98f2c7f99ea50159d99d355324154b5919d8668 |
| SHA512 | 9f7b36c24135cb744d7f710b1dcb05e89ed3d0ac6e94b92f1ef9a80b10fb40b9b4e51ec9ead3220008c1fc530dcf9de013f85ff6db474fce21407f4c0d2f4372 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c0d5a86b8567419483a3c8b73842219f |
| SHA1 | 861b1b86bfd460517e5c83445d0335da9d1cefc7 |
| SHA256 | f50fb764d87b3738c5216f493b5e3c9b044fc4e78426595023cf422daa6573dc |
| SHA512 | a20070330b608524e681bfdb9abb7356b240eb7c1b320ae6f713c5bbd1ad9fe495e6e293c89fb58b30837c096292febdeb1d5ab454e9acbc61528d7b77d92d14 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 2943faea6f7bca87ecb2342a58d06b38 |
| SHA1 | b8728048f008e7b1d17bc3aa680ddb8d38167b80 |
| SHA256 | 3b12dfe8efecf9d5607eb6d093c979fe263698824de4dd63da58afb313885f0e |
| SHA512 | 7b0bcff1a9dddd1781a1070fb58d1af79f7ce2c133d6d3c940fb1c9c526203a95ca0402246da75eaa1165105bbf9aa353d4b2779a8163c13927c9ec2deb27175 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 28b19f4d8f16beaf95edb577691e6d34 |
| SHA1 | 4f9e2e62ae7b6b9bfbf1df33ad9af7ee3b7ab55f |
| SHA256 | e23453485c350f57ac50665e941c2b8e364af9bdd000c583fe3198aedeb296eb |
| SHA512 | 3c349bf5f6401848e2f142eb0295632be71b210d2e368bf59521def70cd47cd0f30ebeca1bfb60a428db593caca48c5d72fb98cf935ceaa0df1c34ce8c3a9204 |
C:\Users\Admin\Downloads\Unconfirmed 699078.crdownload
| MD5 | a069ee7b342973e07c28045e30e674cf |
| SHA1 | 0895e0e90beee9479839203e2475e6a08c725573 |
| SHA256 | 8445cc5aac6a306220789b46c6a5d3c9e9296edef13db36127007a7bbaf4bb5d |
| SHA512 | d4ac2f8d34f39d350f70ed3e709bc4721780679debda79b23ac5078486bd77c48928cfb7ef39d4948ab97ba3c01f65dec967618e30ac660d1071b24312c80e01 |
C:\Users\Admin\Downloads\MentalMentor.exe:Zone.Identifier
| MD5 | fbccf14d504b7b2dbcb5a5bda75bd93b |
| SHA1 | d59fc84cdd5217c6cf74785703655f78da6b582b |
| SHA256 | eacd09517ce90d34ba562171d15ac40d302f0e691b439f91be1b6406e25f5913 |
| SHA512 | aa1d2b1ea3c9de3ccadb319d4e3e3276a2f27dd1a5244fe72de2b6f94083dddc762480482c5c2e53f803cd9e3973ddefc68966f974e124307b5043e654443b98 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 20df97bfd7d89e42539f6cd2706fd6cc |
| SHA1 | 037dc64e41961a085720b8f6ef31091ede129aa1 |
| SHA256 | 4d3440fa308a8574b62fb2e3769182d0c0c3c3c170e107cbb982930eed0ac41a |
| SHA512 | 524d1ce5915ed7d8637fcebda51cf6cfef9557a71e6e80405f0d4924c2d21eac493ed5a22210fc922b33ab34c089ac327f82aa838927cfa564525a6b8f92a811 |
C:\Users\Admin\Downloads\MentalMentor.exe
| MD5 | fc60d120aad87a071d7953fff7f003bd |
| SHA1 | 1b4c7dac191dc8c3ad7fa9df2622be3266df2c14 |
| SHA256 | e85be484849c18dd6d89cf235a0327ba251b5c7a1ae53ec30ac92951819580a7 |
| SHA512 | c1dab948e7c89fa29714c563d229e6cfce72036a2c175825b0c40047a70555e89b3a2ebdf55bb68d158bd9633c51786e909333cfd8794764a10897f30607bb47 |
memory/2808-362-0x0000000000400000-0x00000000004DC000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\is-OAGJT.tmp\MentalMentor.tmp
| MD5 | 0d041f22d598f3a63bdf0e66c448bdab |
| SHA1 | 591fc72ec32e7efe2e641dba38c3cd7b6d415450 |
| SHA256 | e6b54015c403e3016b848b18fc488d4d281a752bc9ab2a3324ba4d8efb642563 |
| SHA512 | 5dd3af37f06f308f348213c0305acab38cf279556c12a9b14d0343072b1f431778c75129715a2b04abcf219baaeba665faa08fcb4692d2ede36b2511178de210 |
memory/944-368-0x00000000026F0000-0x00000000026F1000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\is-1EFJF.tmp\idp.dll
| MD5 | 59fd376f6e67cf49bfb0ac6724140e72 |
| SHA1 | e02a4185b9272ae6a3b5eaa4333905fc989698e2 |
| SHA256 | 88d2da3783c9ef9b2c9f20224a399fe3607581f338daea94f68606a760cc06d5 |
| SHA512 | 9510b201f43cb9a2362842dd382dd3be794b439227241f97f89c1f15246888099094c91b96905b55c1e490ef7dc26aff06382c2c69971d4506ad5f8a66a811eb |
memory/944-376-0x0000000002590000-0x00000000026D0000-memory.dmp
memory/944-377-0x0000000002590000-0x00000000026D0000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\is-1EFJF.tmp\mentor-inno-lib.dll
| MD5 | 7d992de7a01b53b3e243241d4a6df978 |
| SHA1 | 5cbabf55b43201ecdbeb0350a8a29989c4b8847d |
| SHA256 | 2f647a8dc42804459d6aca834e532d407fd69f93a7fcd908e3bfda5faafcd665 |
| SHA512 | 0919937fc42b5a1c383fbce76e3627107b242d5394f20ab8204b2651f01bfaf1c94cbe4fbc950f192eae7949637dd6b7aab661b47e999f6f8625ea49f5a67b2c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 833fe66cd05e2dac98139e660e0ab9e1 |
| SHA1 | 3d146dea30c73988fc65ca57c638fbe39bde88ad |
| SHA256 | 5afc2b5b429541076c122dd6c390d328c0344ab0618717e585c4672769c9ce57 |
| SHA512 | 117aa5323e4cca1a4d81621937b7f8db4092c6318d6f1e3e076d8f47c72d95852e74723898dee77bea08c629efbb780907e16ecec696441ecfaa5ca75613fb8a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe5895a4.TMP
| MD5 | 6cdbd0ca12649a1f706f88a8de16834c |
| SHA1 | 0ba5d9a63647ee1c9da89e8aa34298bf53c74d5a |
| SHA256 | 28ac27e0b6eff241bd939d792d1baafeaf60562645e16d109b858ae2ef7d1512 |
| SHA512 | e557f540697e2bc1a4ec2514c9c73566a11cc38ce79df371c6c9be492deee25f7e3295fd89e346547fec9bfc36dfe17905417ecbb8f06932315e90b345330031 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 05a6a066040c85236c3985313fe590fd |
| SHA1 | 2a341b0dcf22646f0677b5c4fac8be11991a2b86 |
| SHA256 | 984a948e7450607a73b5afe958f6b59a1781e67159d31325245d2c8de32c4944 |
| SHA512 | db46d1412875f842bcf0af2155f3784fc2dc5a81532c6812b9b99b09835761d8c81d92493217812da1a36edc153047d032d9dc238f19966eaaf6e58476303298 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 45afdb6b030126280ae23fb562e17ad7 |
| SHA1 | 5c51d16abd1ad798ac3eb036d61c921fe892feb7 |
| SHA256 | 77c154cb779b7a52d8887737d930f2e82f9599f4bc1b2b8fe788d3b74b2b83df |
| SHA512 | 6da10a01d7ea413d92d92a91b167b61a3c45421109eb4575f578f2ba07f62d56e85cf641149ce7aafabef282dc8c1b2de7f3f5c7a9b5837f969f58d945cc6e19 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | 2f1460494065aac45520c3066670c297 |
| SHA1 | 31e06e6c3a4bbba93c2faeef770e23c19677d50b |
| SHA256 | 1c7f8abc6f56d3a54cb983b3fd4e92b08e60f28257b34dfb2d63470dfe036ba4 |
| SHA512 | 2e579bfba09c5599ff28010c9eada085de2d877519b1b781c26454918c4849ae555c45f16abb01a21429e16f384f3c3e9054174111a933dbf4463cae4800200c |
memory/2808-424-0x0000000000400000-0x00000000004DC000-memory.dmp
memory/944-425-0x0000000000400000-0x0000000000717000-memory.dmp
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\103621DE9CD5414CC2538780B4B75751
| MD5 | 822467b728b7a66b081c91795373789a |
| SHA1 | d8f2f02e1eef62485a9feffd59ce837511749865 |
| SHA256 | af2343382b88335eea72251ad84949e244ff54b6995063e24459a7216e9576b9 |
| SHA512 | bacea07d92c32078ca6a0161549b4e18edab745dd44947e5f181d28cc24468e07769d6835816cdfb944fd3d0099bde5e21b48f4966824c5c16c1801712303eb6 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\103621DE9CD5414CC2538780B4B75751
| MD5 | d84c3d03d5349eb444b1b2fe779ef736 |
| SHA1 | a8b386d08eda1ff87554b7e9ad6216907e666858 |
| SHA256 | ffa6f45cf9a0d20c9c02b30d8f00183ea48fba8d5697c5b5c4b80138fc1ae3e3 |
| SHA512 | e0fed90bfc28a487a5a3dce324fcdba35215a24810cae47e1362f48efdda444bfcc93233aff34a3d5f1405b955af5e300ec82d63f45ee8517d7c2d1cd60d32ec |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b7176aeef878706fd5b5eb80bc1f8462 |
| SHA1 | 87ed7a025a7efbd298e6c975bccf8c62fdc22d15 |
| SHA256 | 9d3baa19240996d6f53cf21ff2dc38e1d98fe32f6362edd44b4b28c2c52eda95 |
| SHA512 | bc555d4e75f473870423cff47dcc995bf69f692fc5d4e1782274a166efce5bb05c52356139ef6dc6b2d058917575d82f004850f85f9392137986985c166cee5d |
memory/944-451-0x00000000026F0000-0x00000000026F1000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | cba454b7f4070f27069ccb90e13f46f6 |
| SHA1 | 0f2be00a744dcbe6798fbae2664c13b490d9076a |
| SHA256 | e10617a233253373eedea117f2175871064a7cbb84eeb29ff54b8d916e23a677 |
| SHA512 | 99b9d4605d69c9bbb7686b00c33cac1f0da7c7320aedb76710d3e979c633b0e2d9183115c081135777059da19f3e1a9c96858fc567dad646ce15a73fd471c320 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f5ec0cc3f3bced3cd0df3e706cb1fc88 |
| SHA1 | 11328cbf4ef89be7f76ee861e912da42619e9c0e |
| SHA256 | e07f48fc60801d56f71a70a178158e95f0feb1a71ebdac4c817b559e0d2c6aa2 |
| SHA512 | 07b176e2dabf5f6e0dd0c46343535e3f4003062c76a2e6820d788a9be98c0718015aba9e6d80325ca57ad3f4142de73c11fe9b82d53feb63888bd2e95b2091d4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | ae5bf0309706a1ae430d3b70ca1e7823 |
| SHA1 | 9626e0f1a7df375ce01659a5807939695dcbeac4 |
| SHA256 | e0b34af216b77af006dbebd68f533d877c61124d385ecc38a2adc78a2444eeb5 |
| SHA512 | a1f0d7280ed019147b21b08c1dc68e857b3653b0e45e62dbd18150d405b892ff71dcab20422eff8a1f724d69e96f1de123cbb1d1f25cab2375ab696d03d45002 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | e112cad92e15c61cf23fdaa51a5ab053 |
| SHA1 | 96c0fca24e2cfee9221d1e2a18e8cc54bff244a1 |
| SHA256 | 4cba6aebec88804f781931db3674397874d282ae78ce4c4759072594360d631d |
| SHA512 | 1dd5268308ee6c0763b997c354a877418486a2659741fe2aabb05aa9c5be5912926b5b9ff8212c005dade57050acf922ca648c4c5cae5595c1500b87bf6fc05a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 1d894302ddd9ab0dd66969848a2cff8f |
| SHA1 | df56157d7e163c04327d96a21b897ec63483ff4d |
| SHA256 | 29b48b50d9812ba7a6170f09fe1c8cab87f90701016b94a2b255bd6ce03931fb |
| SHA512 | f16a699aa7457a9e37804a7cb12811ad4df0c8e28f4390b00fc16ab9f3413e05f62b5286679b7fba69caa6872460d53914e0e9dcf3fe95fd8d11daca74afb2bd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 7b4a589c9ae4699c587947a3c6054fa7 |
| SHA1 | 0a6625f621f2125b0501cf44fc8a9cf78305e65e |
| SHA256 | 4e5b71af2c7510d9d99c383c299852eea0d6a9d514f8d664b6e96a39e05388b4 |
| SHA512 | 634903463178f3d02f9aee4d5ad5177bae370338503622e8f776fe209d43463090019aeac19b21b266da4ea29ed70e350ad4ec4193b80564d3d2e6725b023587 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 1dfaafa2c016b19d8fb6ebcab6c5f9f3 |
| SHA1 | 05a7867768264d772b6ba093507a8380cdb9f941 |
| SHA256 | 6a57e5669c40328378255d52a6cccece64c85277ede2b1811a4488e7e0a4942b |
| SHA512 | ff7e480568d466034d2d73b1f4883f4f565b2710ac223bfdda04c1735dcb67b64f823271a6edce5b5cee91dfa6def58be1a4b3c0c10d7915835417c136cd699c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 9f4dd5b097334b79f2296db9105b6ab7 |
| SHA1 | aaaff27a714267068018b1598af670541d9d9e96 |
| SHA256 | 0d440468ced4bc0a9333250024da9e2e6349cb6fac505083fe7abcaf97ac38c1 |
| SHA512 | d2fc15cb9c7e1c4200e8d9e19a694da9bd18069f9a6273d7ca18ee6a392c7398dd414bc7675de5caf0203e3e885ffc505d388b300d7ba491cafe2d312164752b |
C:\Users\Admin\AppData\Local\Temp\is-1EFJF.tmp\7z.exe
| MD5 | a51d90f2f9394f5ea0a3acae3bd2b219 |
| SHA1 | 20fea1314dbed552d5fedee096e2050369172ee1 |
| SHA256 | ac9674feb8f2fad20c1e046de67f899419276ae79a60e8cc021a4bf472ae044f |
| SHA512 | c11f981136db7d9bde01046b1953fd924ff29447d41257da09dd762451e27390cea9b69e43206a8fff825ebcd4ddec5a6247bb502aefbd6e8285622caa985bf6 |
C:\Users\Admin\AppData\Local\Temp\is-1EFJF.tmp\7z.dll
| MD5 | 04ad4b80880b32c94be8d0886482c774 |
| SHA1 | 344faf61c3eb76f4a2fb6452e83ed16c9cce73e0 |
| SHA256 | a1e1d1f0fff4fcccfbdfa313f3bdfea4d3dfe2c2d9174a615bbc39a0a6929338 |
| SHA512 | 3e3aaf01b769471b18126e443a721c9e9a0269e9f5e48d0a10251bc1ee309855bd71ede266caa6828b007359b21ba562c2a5a3469078760f564fb7bd43acabfb |
C:\Users\Admin\AppData\Local\Temp\is-1EFJF.tmp\zip_libs.7z
| MD5 | b4d9d066b511b841e0697a421904a261 |
| SHA1 | 36390477fa043baa19b5c345e626ff57f823b420 |
| SHA256 | 10ffc5bd3add651a6e84fbfaabd9d430b66f8484931f722ac54d91adf538a69a |
| SHA512 | daf115bc7bbf4eba0b7124bd13409d2ea8edfac55dd004eb3f1efe51de4a7ba010ecb01bacaf927674b00d0581d3beccfe116f88ab68ddf1de93aaec9c45b0d2 |
C:\Users\Admin\AppData\Local\Temp\is-1EFJF.tmp\zip_bin.7z
| MD5 | 38e6b4e9710bd68a5d6708e89e96cf0a |
| SHA1 | bf1ec92fef909965d22b7a0c36a412018cb4051f |
| SHA256 | 9019570b0e815f10077fe42c1f807cbf29afb26e38123453d80a457501f74467 |
| SHA512 | 0d8e2c491513c9c2f09880c8ca57ae283a98baf53832702612fc5d5bd34fc2201d88eedce66984d4ec185fbf8521dd0ea3b2151d4cc9d5f724bed2cffe04e889 |
memory/944-927-0x0000000000400000-0x0000000000717000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\is-1EFJF.tmp\zip_lum.7z
| MD5 | aae7bd94dd15b8dfdcc9538d2005b86d |
| SHA1 | 3ae4e609eeecd871a2c2a9cfb0ccbf8fa987ae73 |
| SHA256 | e78c1b6693dbe7e9bc8c22865207269231bf34b68b2e3df86c46a379a9c07c15 |
| SHA512 | 860cae1b6c8b16d38649679766ad37ca360e220bcc0ef11a5828e3258ff34bcc7cc04e9c5b14028d3b96afe75be3271d905e7f66dad9634d7bb877456148ea41 |
C:\Users\Admin\AppData\Local\Temp\is-1EFJF.tmp\zip_html.7z
| MD5 | 6a348b9bbde447ab1a829f9e07bf3abb |
| SHA1 | 3bf9cde74b081044649b2a0d46c4fef72770c478 |
| SHA256 | 94ec3aa4d0485c049963817449f07a9d1c6675536dfd0d54a05edbf89c471c68 |
| SHA512 | fc362bc07bf170ee7f06ff20d35709ffcf1537736c11feaf39ee113b7aa760cc41fa97f41e6cf1871387af324ecd14f10b4a883821662e716599d984f2c5c931 |
C:\Users\Admin\mentalmentor\mentalmentor.exe
| MD5 | 44199ffc2941e2d27937f21932c73115 |
| SHA1 | f34f09dc56038835191dc06e6d65681629c8814b |
| SHA256 | 0a414f10d5bc7aefb6e32840da572eead21e758bf6c014549894f4061f46e37b |
| SHA512 | 462001bb8decfed8351e04a85e656af00c07911dd65b9d00f6cdef2321a7bb643392c0e79f5d076a6966132b1ded451012f78475bce338d5e5d552025d196e05 |
C:\Users\Admin\mentalmentor\sentry.dll
| MD5 | 231c11192fa58f32794dc7fa6fec9f8c |
| SHA1 | 7bf5f9364a4251b91a274188f504d839e9b4c428 |
| SHA256 | 9288b5cbc3f1287a40adc794766abc74e5ff5edb8e271c075b39c596d6859a5d |
| SHA512 | 6699ba3f71d48a733a37102f53ac702d3b77b6608f96a4495f6a570606a29366b76552b3a5bfc9370ae4883c9af31282c468cb6a7c359d25c7731997217ec867 |
C:\Users\Admin\mentalmentor\libcrypto-1_1.dll
| MD5 | d5a5e2b8e937e31c881dafd4179f5536 |
| SHA1 | 8e2fa5c30b71da58196c2033be847937b3d0ff0a |
| SHA256 | 2e7c6aa4daea6e14d3d74e01a021a33e063cf60d34632e51b4730a2c3f0d46b3 |
| SHA512 | 1bae7d1ccac0ed246539bbd99fa8912100170b0d928405abacc5332d55c027ca830c04772d5786535cf5aa9b5abe9723647d563e417c00ad1143b123cfeca268 |
C:\Users\Admin\mentalmentor\Qt5WebEngineWidgets.dll
| MD5 | 41a53eae6b03d8521b34b12ed71da21d |
| SHA1 | d4697400d43d2fba849cbe009bc7f26b0212df60 |
| SHA256 | c93c46c5669dbea6c9959b16f384df8e2d34bc87cd7f8a4df04d79cf1311295c |
| SHA512 | 0254f58f64f7ba935023f603240612f5aa5d37a92706e5f53b7ab18cc01feefc84baee6f3570e670f1227573b9e29b33b4505ad055600460d38bceb02b049e65 |
C:\Users\Admin\mentalmentor\Qt5Widgets.dll
| MD5 | 52f04479d290b5c2b4b17969f4c36b71 |
| SHA1 | 53b0758f5bf13283c4938bd17de7abfebe14c5ff |
| SHA256 | b424be233ae4ebacf3f51872e06645c4a04b7f5bf04aa73e3d3c4a60f57a0f7c |
| SHA512 | 8767a6a0938f72d75612bde89c1c1838e4fa17ab9ec65fb001d103f8894cadc0f5afd8d884e9dd32eb0c70444afc02be526c1fe949dd3b36d9e7bf10c433b8d8 |
C:\Users\Admin\mentalmentor\Qt5Widgets.dll
| MD5 | 7366cf9b69527d0d908d28d1644f9e17 |
| SHA1 | 200c0c8e566224a06d92f8b81ecb9ae1231b4405 |
| SHA256 | 67ab12aa1abcc696d4057a47807582fdd4be8728bbba1a3eebec2aa8e593c705 |
| SHA512 | ab560cd665860a40370fa434b84f291b3d5a91c34b38217f49e0daa27b9649e1b0fddb91da0383bf040d9cb7d9153a6253e035201164d48a63d19f5804f95dfb |
C:\Users\Admin\mentalmentor\Qt5WebEngineCore.dll
| MD5 | 6a5d4149d895edc5241e89dc3e87859e |
| SHA1 | 902fdfdec9b373edda7911e989f15f354d2b6bdd |
| SHA256 | 5cc194af116a265b703f36d43a94f3035b12661e36f611ee1f236aa11e9d193c |
| SHA512 | 2b54a144334f40385b14e7daabdc6f3cd71ae03776577d965a0916db37d3136bfa1f340500d4b9b1a07455e0743acaf80f98986c9b6d9f0b01c1709392743c4b |
memory/944-984-0x0000000000400000-0x0000000000717000-memory.dmp
memory/404-985-0x0000000002BA0000-0x0000000002BB0000-memory.dmp
memory/2808-986-0x0000000000400000-0x00000000004DC000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 84b2c5d5855a76d6cd8b0d97fe483b81 |
| SHA1 | 39306cb0d707e958174e8831471bb20a919cee0f |
| SHA256 | 320dae5484214587c89412a15536cf43676550b45eb143bc83d795dc06caaf65 |
| SHA512 | c8bde205d6528b938e8b1660a19a6b7d1d13180d9195566ee94771c3ef49707d565205d9537b7f8a24c2fba25a4c76c96f888ff21e4f030ce732b32c5bb5786a |
memory/4276-1011-0x0000000000AD0000-0x0000000000AD8000-memory.dmp
memory/4276-1012-0x0000000069760000-0x0000000069F11000-memory.dmp
memory/4276-1014-0x00000000056A0000-0x00000000056B0000-memory.dmp
memory/4276-1013-0x00000000054B0000-0x00000000054D2000-memory.dmp
memory/4276-1015-0x00000000056B0000-0x00000000056E8000-memory.dmp
memory/4276-1016-0x0000000005520000-0x000000000552E000-memory.dmp
memory/4276-1018-0x0000000069760000-0x0000000069F11000-memory.dmp
C:\ProgramData\BrightData\d1bab175a2a8d47f9b561f4c58dc046b93194db0\brd_sdk32_clr.dll
| MD5 | 5d9299cba510d80d033bea87295ffb14 |
| SHA1 | d422a5f80da5d6ef253d60a886045043d153f438 |
| SHA256 | 4975db58feedf38b0010b33d4370d3f0a19474891f3de625f0b5f65427bdcefc |
| SHA512 | fe07eab604d229d4cde004df41619900be008fba57bff6fd46b0035dc649c1533ec1ba409042e66e02b1e61eda526fff4c5ea77d1ecd5eaee13a3019ce7508dd |
memory/736-1048-0x0000000001180000-0x0000000001190000-memory.dmp
memory/736-1051-0x0000000069040000-0x00000000697F1000-memory.dmp
memory/736-1050-0x0000000005DC0000-0x00000000064E0000-memory.dmp
memory/736-1052-0x00000000064E0000-0x0000000006BEC000-memory.dmp
memory/736-1053-0x0000000001180000-0x0000000001190000-memory.dmp
memory/736-1054-0x0000000005B20000-0x0000000005B42000-memory.dmp
memory/736-1055-0x0000000006BF0000-0x0000000006F47000-memory.dmp
C:\ProgramData\BrightData\d1bab175a2a8d47f9b561f4c58dc046b93194db0\lum_sdk_install_id
| MD5 | e51908c75e6a66ae55b608aa362ee67f |
| SHA1 | d6b2aea050b5d2f3db6308a1ec7f54dbe4160ae1 |
| SHA256 | 9819bf9677c3b7ceb122c4bcd9e7066831f99fdece2c55830d9f6d855859f71f |
| SHA512 | 0b534c62c53a23ce5d8283c6739c29e63eb0079396fa8666ba5a98555aeecde04143b07630bb416bd32c21393e908bc352ad11a98d49697bfab76b803ea61b63 |
memory/736-1084-0x0000000007BF0000-0x000000000811C000-memory.dmp
memory/736-1094-0x0000000001180000-0x0000000001190000-memory.dmp
memory/736-1095-0x000000000A200000-0x000000000A208000-memory.dmp
memory/736-1096-0x000000000C550000-0x000000000C5E2000-memory.dmp
memory/736-1097-0x000000000D170000-0x000000000D2F8000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | b7d7f04d6e1ffa569198e4301dcee465 |
| SHA1 | ea60460f31c6262f277228cc5a20eeda12cc6383 |
| SHA256 | c72064ca320563ad9df03c863d1ef9f42d96f9bc115f97412daf8be2e763d876 |
| SHA512 | 3bcf2c1a0a4ff338ee1313ed33984a9904c903b384a82a28bbfc3e314a8f5932504e6bd72220498c2e2deb533ca2b002f26eb049e16fb85fcef3f6ccbe6b0beb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 0b66cb4c14dad6b7eec5451fdb00e470 |
| SHA1 | a28939b1ee945fbe2efa16371acbae9a953ce089 |
| SHA256 | 8663cddbda1c48149ce7f7adcb93d4e9ff114e029b60618324468daeab9712c9 |
| SHA512 | 1581cffe91c562db0595b24187be4fb819795c2feedeb2651378a669672568f9fd0cedb71479f89c83ea4642f328f9dc50fa176808f5f7369963106b53a53a5c |
memory/736-1129-0x0000000001180000-0x0000000001190000-memory.dmp
memory/736-1130-0x0000000069040000-0x00000000697F1000-memory.dmp
memory/736-1131-0x0000000001180000-0x0000000001190000-memory.dmp
C:\ProgramData\BrightData\d1bab175a2a8d47f9b561f4c58dc046b93194db0\lum_sdk_session_id:LUM
| MD5 | 7091aada970baa247262836084a5d170 |
| SHA1 | 24c5f093850fcd35cd6792adbd9d3a3f366777d5 |
| SHA256 | 624c0b5f4b56328a3b7861a17f460d8e77a78c4329fa5e4c8ab9780b5a47401b |
| SHA512 | 33d0fa9296248e01784730675a81ecc9bc1165e7a78b6132add6d53c1cd01b103d1f4b0751890f54509a54086968a25f0625d93d2e02785cf62c1d7afe48596a |
memory/736-1158-0x0000000069040000-0x00000000697F1000-memory.dmp
C:\Users\Admin\mentalmentor\settings\webengine\GPUCache\data_3
| MD5 | 41876349cb12d6db992f1309f22df3f0 |
| SHA1 | 5cf26b3420fc0302cd0a71e8d029739b8765be27 |
| SHA256 | e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c |
| SHA512 | e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e |
C:\Users\Admin\mentalmentor\settings\webengine\GPUCache\data_2
| MD5 | 0962291d6d367570bee5454721c17e11 |
| SHA1 | 59d10a893ef321a706a9255176761366115bedcb |
| SHA256 | ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7 |
| SHA512 | f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed |
C:\Users\Admin\mentalmentor\settings\webengine\GPUCache\data_1
| MD5 | ff60337a8b65ff063927e689ca6718b0 |
| SHA1 | 3b645a512d39e2f522497088125754baf19d77ec |
| SHA256 | a54331bce8745915205ea343392954445fe95c8e567835e368e19d58aad49790 |
| SHA512 | 85abef184a015322e8453b02c3371423f2923d3adfe4637de816a5b9ae1cc56ffdbe2d12db6bf589c1c6c71ee196470fcb117a03ad2d95ee1ffcd05e286a112b |
C:\Users\Admin\mentalmentor\settings\webengine\GPUCache\data_0
| MD5 | cf89d16bb9107c631daabf0c0ee58efb |
| SHA1 | 3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b |
| SHA256 | d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e |
| SHA512 | 8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0 |
C:\Users\Admin\mentalmentor\settings\webengine\8d80b9b8-a37b-428d-a54e-6b57a66dcb17.tmp
| MD5 | 285252a2f6327d41eab203dc2f402c67 |
| SHA1 | acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6 |
| SHA256 | 5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026 |
| SHA512 | 11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d |
C:\Users\Admin\mentalmentor\settings\webengine\Network Persistent State~RFe5a4a68.TMP
| MD5 | 32b9dc9cc81d0682e78627c873fdd651 |
| SHA1 | 46c486386d3e153c3e9b11d54cb52cf0064b71cf |
| SHA256 | 712196693e3527ac1131831f1a2108b6c0e5c68967b26d51a452611cdfb86e0c |
| SHA512 | f18bc37f8b72411548da247aa1394cc5ac03c3bbd98e82eb8ba290ef239ef5b8625cf4835bd41ce7c52766d0bc3bfe9150dd22dbf62f0f05992ddde5fbfdc811 |
C:\ProgramData\BrightData\d1bab175a2a8d47f9b561f4c58dc046b93194db0\20240222_205841_once_07_service_stop_1.429.308.log
| MD5 | 68b329da9893e34099c7d8ad5cb9c940 |
| SHA1 | adc83b19e793491b1c6ea0fd8b46cd9f32e592fc |
| SHA256 | 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b |
| SHA512 | be688838ca8686e5c90689bf2ab585cef1137c999b48c70b92f67a5c34dc15697b5d11c982ed6d71be1e1e7f7b4e0733884aa97c3f7a339a8ed03577cf74be09 |
memory/800-1242-0x0000000010000000-0x0000000010857000-memory.dmp
memory/1304-1253-0x0000000068BA0000-0x0000000069351000-memory.dmp
memory/800-1258-0x0000000068390000-0x0000000068B41000-memory.dmp
memory/800-1259-0x0000000002CF0000-0x0000000002D00000-memory.dmp
memory/800-1257-0x00000000058A0000-0x0000000005FC0000-memory.dmp
memory/800-1262-0x0000000002CF0000-0x0000000002D00000-memory.dmp
memory/800-1263-0x00000000062D0000-0x0000000006627000-memory.dmp
memory/800-1286-0x0000000008110000-0x00000000086B6000-memory.dmp
memory/800-1291-0x00000000080F0000-0x00000000080FA000-memory.dmp
C:\ProgramData\BrightData\d1bab175a2a8d47f9b561f4c58dc046b93194db0\idle_report.exe
| MD5 | ddb7556b90d6b912cbc5b96ade855ba1 |
| SHA1 | 1a6cd4dfb4549e94d2381827de64d58f4a49991c |
| SHA256 | db1b3dc9925acce3d02b620f1110a4ca8fc78813ac5079b3d40c95c56e686508 |
| SHA512 | 1bd48c043bc2aeb21d1937f92f4ffb3f02866ed74186b401c23af693b7c03ae3590c6ce8a5d1f3c597af36b00175ac9a88505295771e8ea98c4bb10516ed5b46 |
memory/1480-1305-0x0000000000890000-0x0000000000898000-memory.dmp
memory/1480-1306-0x0000000068390000-0x0000000068B41000-memory.dmp
memory/1480-1307-0x0000000005430000-0x0000000005440000-memory.dmp
memory/1480-1311-0x0000000068390000-0x0000000068B41000-memory.dmp
C:\ProgramData\BrightData\d1bab175a2a8d47f9b561f4c58dc046b93194db0\brightdata.exe
| MD5 | ad027044465902bc8a6e85056d3e2011 |
| SHA1 | d7ae22a4988b2453c123953e03d0f44a4f2eb9c1 |
| SHA256 | e7bc43667b3573755abbacb09e1b47168bff77b10387803b6f867d44645ed659 |
| SHA512 | 1a34d2a32b5146c9034d1cd08ddf6f250d1c81d3dd567094a138d8ff46ba18fcaa395f284e11ea565c24d48354ee125d231425ed870d2e848836a2d31ab80bf5 |
memory/804-1335-0x0000000000800000-0x0000000000B36000-memory.dmp
memory/804-1336-0x0000000068390000-0x0000000068B41000-memory.dmp
memory/804-1348-0x0000000005520000-0x0000000005530000-memory.dmp
memory/1304-1380-0x0000000068BA0000-0x0000000069351000-memory.dmp
memory/800-1381-0x0000000068390000-0x0000000068B41000-memory.dmp
C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TempState\SearchHoverUnifiedTileModelCache.dat
| MD5 | 82678367fa4297a26727ccc84e0b2f60 |
| SHA1 | 0c65ab90390566f7d2f5b4751b9027f6bac1d22a |
| SHA256 | fbf7356b28e05edc871dda40b318b147e6d07ece028da3d67c3cfbd30bfa0f29 |
| SHA512 | e5474444eecac25a06fe26a22dce9aa9311740dca264de1c824a36a7bc55216f301e934667fe0b9c3c7b062694f8a37e45ecce6b3889cb33bb47ecb9bd198db5 |